diff options
| author | lishu <[email protected]> | 2021-07-27 16:40:00 +0800 |
|---|---|---|
| committer | lishu <[email protected]> | 2021-07-27 16:40:00 +0800 |
| commit | 44bcfa8f2c26050d248e195405de0a3167b214e8 (patch) | |
| tree | 4322eb60b64272dc7ec565ea4c645a5334e38b4f /src | |
| parent | 1389716db417a4b52f54fc4a72efb1a578e2ac46 (diff) | |
add subject and issuer = commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryNamev2.0.3
Diffstat (limited to 'src')
| -rw-r--r-- | src/SSL_Analyze.c | 3 | ||||
| -rw-r--r-- | src/SSL_Certificate.c | 27 | ||||
| -rw-r--r-- | src/ssl.h | 29 | ||||
| -rw-r--r-- | src/tool/test_cert/test_cert.c | 35 |
4 files changed, 72 insertions, 22 deletions
diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c index 5b5d63f..1367d03 100644 --- a/src/SSL_Analyze.c +++ b/src/SSL_Analyze.c @@ -43,7 +43,7 @@ extern "C" ssl_prog_runtime_parameter_t g_ssl_prog_para; -int SSL_VERSION_1_20210529 = 0; +int SSL_VERSION_1_20210727 = 0; void ssl_history() { @@ -101,6 +101,7 @@ void ssl_history() //2021-04-17 V0.2 support esni //2021-04-28 V0.2 add certlen for each cert //2021-05-29 V0.2 add SSLSerialNumLen +//2021-07-27 V0.2 add subject and issuer = commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryName diff --git a/src/SSL_Certificate.c b/src/SSL_Certificate.c index de7312b..aa10790 100644 --- a/src/SSL_Certificate.c +++ b/src/SSL_Certificate.c @@ -1074,13 +1074,22 @@ UCHAR fn_pGetSSLInfo(char *pcCert, int iLen, ssl_stream *a_ssl_stream, struct { X509_NAME_get_text_by_NID(issuer, NID_commonName, a_ssl_stream->stSSLCert->SSLIssuerCN, sizeof(a_ssl_stream->stSSLCert->SSLIssuerCN)); X509_NAME_get_text_by_NID(issuer, NID_organizationName, a_ssl_stream->stSSLCert->SSLIssuerO, sizeof(a_ssl_stream->stSSLCert->SSLIssuerO)); + X509_NAME_get_text_by_NID(issuer, NID_organizationalUnitName, a_ssl_stream->stSSLCert->SSLIssuerU, sizeof(a_ssl_stream->stSSLCert->SSLIssuerU)); + X509_NAME_get_text_by_NID(issuer, NID_localityName, a_ssl_stream->stSSLCert->SSLIssuerL, sizeof(a_ssl_stream->stSSLCert->SSLIssuerL)); + X509_NAME_get_text_by_NID(issuer, NID_streetAddress, a_ssl_stream->stSSLCert->SSLIssuerS, sizeof(a_ssl_stream->stSSLCert->SSLIssuerS)); + X509_NAME_get_text_by_NID(issuer, NID_stateOrProvinceName, a_ssl_stream->stSSLCert->SSLIssuerP, sizeof(a_ssl_stream->stSSLCert->SSLIssuerP)); X509_NAME_get_text_by_NID(issuer, NID_countryName, a_ssl_stream->stSSLCert->SSLIssuerC, sizeof(a_ssl_stream->stSSLCert->SSLIssuerC)); + snprintf(a_ssl_stream->stSSLCert->SSLIssuer, sizeof(a_ssl_stream->stSSLCert->SSLIssuer), - "%s;%s;%s", + "%s;%s;%s;%s;%s;%s;%s", a_ssl_stream->stSSLCert->SSLIssuerCN, a_ssl_stream->stSSLCert->SSLIssuerO, + a_ssl_stream->stSSLCert->SSLIssuerU, + a_ssl_stream->stSSLCert->SSLIssuerL, + a_ssl_stream->stSSLCert->SSLIssuerS, + a_ssl_stream->stSSLCert->SSLIssuerP, a_ssl_stream->stSSLCert->SSLIssuerC); } @@ -1092,11 +1101,25 @@ UCHAR fn_pGetSSLInfo(char *pcCert, int iLen, ssl_stream *a_ssl_stream, struct X509_NAME_get_text_by_NID(subject, NID_organizationName, a_ssl_stream->stSSLCert->SSLSubO, sizeof(a_ssl_stream->stSSLCert->SSLSubO)); X509_NAME_get_text_by_NID(subject, NID_countryName, a_ssl_stream->stSSLCert->SSLSubC, sizeof(a_ssl_stream->stSSLCert->SSLSubC)); + + X509_NAME_get_text_by_NID(subject, NID_commonName, a_ssl_stream->stSSLCert->SSLSubCN, sizeof(a_ssl_stream->stSSLCert->SSLSubCN)); + X509_NAME_get_text_by_NID(subject, NID_organizationName, a_ssl_stream->stSSLCert->SSLSubO, sizeof(a_ssl_stream->stSSLCert->SSLSubO)); + X509_NAME_get_text_by_NID(subject, NID_organizationalUnitName, a_ssl_stream->stSSLCert->SSLSubU, sizeof(a_ssl_stream->stSSLCert->SSLSubU)); + X509_NAME_get_text_by_NID(subject, NID_localityName, a_ssl_stream->stSSLCert->SSLSubL, sizeof(a_ssl_stream->stSSLCert->SSLSubL)); + X509_NAME_get_text_by_NID(subject, NID_streetAddress, a_ssl_stream->stSSLCert->SSLSubS, sizeof(a_ssl_stream->stSSLCert->SSLSubS)); + X509_NAME_get_text_by_NID(subject, NID_stateOrProvinceName, a_ssl_stream->stSSLCert->SSLSubP, sizeof(a_ssl_stream->stSSLCert->SSLSubP)); + X509_NAME_get_text_by_NID(subject, NID_countryName, a_ssl_stream->stSSLCert->SSLSubC, sizeof(a_ssl_stream->stSSLCert->SSLSubC)); + + snprintf(a_ssl_stream->stSSLCert->SSLSub, sizeof(a_ssl_stream->stSSLCert->SSLSub), - "%s;%s;%s", + "%s;%s;%s;%s;%s;%s;%s", a_ssl_stream->stSSLCert->SSLSubCN, a_ssl_stream->stSSLCert->SSLSubO, + a_ssl_stream->stSSLCert->SSLSubU, + a_ssl_stream->stSSLCert->SSLSubL, + a_ssl_stream->stSSLCert->SSLSubS, + a_ssl_stream->stSSLCert->SSLSubP, a_ssl_stream->stSSLCert->SSLSubC); } @@ -5,7 +5,7 @@ #include <stdio.h> #include <string.h> -#define SSH_H_VERSION_20210529_SSLSerialNumLen 0 +#define SSH_H_VERSION_20210727_subject 0 #define SSL_KEY 3 #define SSL_TRUE 1 @@ -198,22 +198,33 @@ typedef struct _st_cert_t char SSLVersion[10]; char SSLSerialNum[128]; char SSLAgID [64]; - char SSLIssuer[512]; - char SSLSub[512]; + char SSLIssuer[512]; //commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryName + char SSLSub[512]; //commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryName char SSLFrom[80]; char SSLTo[80]; char SSLFPAg[32]; - char SSLIssuerC[64]; //country - char SSLIssuerO[64]; //organize - char SSLIssuerCN[64];//cname - char SSLSubC[64]; //country - char SSLSubO[64]; //organize - char SSLSubCN[64];//cname + char SSLIssuerC[64]; //countryName + char SSLIssuerO[64]; //organizationName + char SSLIssuerCN[64];//commonName + char SSLSubC[64]; //countryName + char SSLSubO[64]; //organizationName + char SSLSubCN[64];//commonName st_san_t* SSLSubAltName; uint8_t cert_type; unsigned char* SSLSubKey; int SSLSubKeyLen; uint8_t SSLSerialNumLen; + + char SSLIssuerP[64];//stateOrProvinceName + char SSLIssuerS[64];//streetAddress + char SSLIssuerL[64];//localityName + char SSLIssuerU[64];//organizationalUnitName + + char SSLSubP[64];//stateOrProvinceName + char SSLSubS[64];//streetAddress + char SSLSubL[64];//localityName + char SSLSubU[64];//organizationalUnitName + }st_cert_t; //#############################################certificate end diff --git a/src/tool/test_cert/test_cert.c b/src/tool/test_cert/test_cert.c index 1a660eb..45f1d32 100644 --- a/src/tool/test_cert/test_cert.c +++ b/src/tool/test_cert/test_cert.c @@ -45,24 +45,39 @@ typedef struct _st_cert_t { int totallen; int certlen; - char SSLVersion[10]; + char SSLVersion[10]; char SSLSerialNum[128]; char SSLAgID [64]; - char SSLIssuer[512]; - char SSLSub[512]; + char SSLIssuer[512]; //commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryName + char SSLSub[512]; //commonName + organizationName + organizationalUnitName + localityName + streetAddress + stateOrProvinceName + countryName char SSLFrom[80]; char SSLTo[80]; char SSLFPAg[32]; - char SSLIssuerC[64]; //country - char SSLIssuerO[64]; //organize - char SSLIssuerCN[64];//cname - char SSLSubC[64]; //country - char SSLSubO[64]; //organize - char SSLSubCN[64];//cname + char SSLIssuerC[64]; //countryName + char SSLIssuerO[64]; //organizationName + char SSLIssuerCN[64];//commonName + char SSLSubC[64]; //countryName + char SSLSubO[64]; //organizationName + char SSLSubCN[64];//commonName st_san_t* SSLSubAltName; - uint8_t cert_type; + uint8_t cert_type; + unsigned char* SSLSubKey; + int SSLSubKeyLen; + uint8_t SSLSerialNumLen; + + char SSLIssuerP[64];//stateOrProvinceName + char SSLIssuerS[64];//streetAddress + char SSLIssuerL[64];//localityName + char SSLIssuerU[64];//organizationalUnitName + + char SSLSubP[64];//stateOrProvinceName + char SSLSubS[64];//streetAddress + char SSLSubL[64];//localityName + char SSLSubU[64];//organizationalUnitName + }st_cert_t; + int BtoL3BytesNum(char *pcData) { int uiLength = 0; |