Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: ssl-cert.nse - print length RSA key
From: David Fifield <david () bamsoftware com>
Date: Sun, 13 Jun 2010 17:34:25 -0600

On Tue, Jun 01, 2010 at 02:13:04PM +0200, Rafał Stanilewicz wrote:
 I'd like to see length of RSA public key used in signing the
 certificate (modulus), especially if it is 512 bit or weaker (some
 embedded devices has even 384 bits!).

 Is any way to see it in current (as of nmap 5.30) version of
 ssl-cert.nse script, or should I patch it somehow? I couldn't find
 documentation of get_ssl_certificate function, maybe you know how to
 do this in fast and clean way?

I don't think there is a way to do it with ssl-cert.nse now. The
get_ssl_certificate function is defined by the C function
l_get_ssl_certificate in nse_ssl_cert.cc. If you want to make a patch
that makes the key lengths easily accessible, it will be welcomed.

The documentation of get_ssl_certificate is at
http://nmap.org/nsedoc/lib/nmap.html#get_ssl_certificate or in the
source code at nselib/nmap.luadoc.

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]