From 2808ff53b6a9543a9cfcc39cd25da438d43be4ad Mon Sep 17 00:00:00 2001 From: Kraemii Date: Mon, 19 Aug 2024 07:46:57 +0200 Subject: [PATCH] Add: NASL bultin functions for certificate handling Added functions: cert_open, cert_query, cert_close --- rust/Cargo.lock | 359 +++++++++++++++--------- rust/Cargo.toml | 1 + rust/nasl-builtin-cert/Cargo.toml | 21 ++ rust/nasl-builtin-cert/README.md | 6 + rust/nasl-builtin-cert/src/lib.rs | 438 ++++++++++++++++++++++++++++++ rust/nasl-builtin-std/Cargo.toml | 1 + rust/nasl-builtin-std/src/lib.rs | 3 +- 7 files changed, 697 insertions(+), 132 deletions(-) create mode 100644 rust/nasl-builtin-cert/Cargo.toml create mode 100644 rust/nasl-builtin-cert/README.md create mode 100644 rust/nasl-builtin-cert/src/lib.rs diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 863b1c0c7..17829aa8f 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -17,6 +17,12 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" +[[package]] +name = "adler2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" + [[package]] name = "aead" version = "0.5.2" @@ -154,7 +160,7 @@ checksum = "6e0c28dcc82d7c8ead5cb13beb15405b57b8546e93215673ff8ca0349a028107" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -206,7 +212,7 @@ dependencies = [ "cc", "cfg-if", "libc", - "miniz_oxide", + "miniz_oxide 0.7.4", "object", "rustc-demangle", ] @@ -229,6 +235,16 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" +[[package]] +name = "bcder" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c627747a6774aab38beb35990d88309481378558875a41da1a4b2e373c906ef0" +dependencies = [ + "bytes", + "smallvec", +] + [[package]] name = "bindgen" version = "0.69.4" @@ -248,7 +264,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.72", + "syn 2.0.75", "which", ] @@ -321,9 +337,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "bytes" -version = "1.6.1" +version = "1.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a12916984aab3fa6e39d655a33e09c0071eb36d6ab3aea5c2d78551f1df6d952" +checksum = "8318a53db07bb3f8dca91a600466bdb3f2eaadeedfdbcf02e1accbad9271ba50" [[package]] name = "capnp" @@ -369,12 +385,13 @@ dependencies = [ [[package]] name = "cc" -version = "1.1.7" +version = "1.1.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26a5c3fd7bfa1ce3897a3a3501d362b2d87b7f2583ebcb4a949ec25911025cbc" +checksum = "72db2f7947ecee9b03b510377e8bb9077afa27176fdbff55c51027e976fdcc48" dependencies = [ "jobserver", "libc", + "shlex", ] [[package]] @@ -479,9 +496,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.11" +version = "4.5.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35723e6a11662c2afb578bcf0b88bf6ea8e21282a953428f240574fcc3a2b5b3" +checksum = "ed6719fffa43d0d87e5fd8caeab59be1554fb028cd30edc88fc4369b17971019" dependencies = [ "clap_builder", "clap_derive", @@ -489,9 +506,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.11" +version = "4.5.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49eb96cbfa7cfa35017b7cd548c75b14c3118c98b423041d70562665e07fb0fa" +checksum = "216aec2b177652e3846684cbfe25c9964d18ec45234f0f5da5157b207ed1aab6" dependencies = [ "anstream", "anstyle", @@ -501,14 +518,14 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.11" +version = "4.5.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d029b67f89d30bbb547c89fd5161293c0aec155fc691d7924b64550662db93e" +checksum = "501d359d5f3dcaf6ecdeee48833ae73ec6e42723a1e52419c79abf9507eec0a0" dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -530,9 +547,9 @@ dependencies = [ [[package]] name = "cmake" -version = "0.1.50" +version = "0.1.51" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a31c789563b815f77f4250caee12365734369f942439b7defd71e18a48197130" +checksum = "fb1e43aa7fd152b1f968787f7dbcdeb306d1867ff373c69955211876c053f91a" dependencies = [ "cc", ] @@ -577,15 +594,15 @@ dependencies = [ [[package]] name = "core-foundation-sys" -version = "0.8.6" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" [[package]] name = "cpufeatures" -version = "0.2.12" +version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53fe5e26ff1b7aef8bca9c6080520cfb8d9333c7568e1829cef191a9723e5504" +checksum = "51e852e6dc9a5bed1fae92dd2375037bf2b768725bf3be87811edee3249d09ad" dependencies = [ "libc", ] @@ -814,14 +831,14 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] name = "dunce" -version = "1.0.4" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56ce8c6da7551ec6c462cbaf3bfbc75131ebbfa1c944aeaa9dab51ca1c5f0c3b" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" [[package]] name = "dyn-clone" @@ -911,7 +928,7 @@ dependencies = [ "sha2", "storage", "thiserror", - "toml 0.8.17", + "toml 0.8.19", "tracing", ] @@ -931,12 +948,12 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "flate2" -version = "1.0.30" +version = "1.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f54427cfd1c7829e2a139fcefea601bf088ebca651d2bf53ebc600eac295dae" +checksum = "9c0596c1eac1f9e04ed902702e9878208b336edc9d6fddc8a48387349bab3666" dependencies = [ "crc32fast", - "miniz_oxide", + "miniz_oxide 0.8.0", ] [[package]] @@ -1041,7 +1058,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -1149,9 +1166,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.4.5" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa82e28a107a8cc405f0839610bdc9b15f1e25ec7d696aa5cf173edbcb1486ab" +checksum = "524e8ac6999421f49a846c2d4411f337e53497d8ec55d67753beffa43c5d9205" dependencies = [ "atomic-waker", "bytes", @@ -1194,6 +1211,12 @@ version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" +[[package]] +name = "hermit-abi" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbf6a919d6cf397374f7dfeeea91d974c7c0a7221d0d0f4f20d859d329e53fcc" + [[package]] name = "hex" version = "0.4.3" @@ -1319,7 +1342,7 @@ dependencies = [ "bytes", "futures-channel", "futures-util", - "h2 0.4.5", + "h2 0.4.6", "http 1.1.0", "http-body 1.0.1", "httparse", @@ -1366,9 +1389,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.6" +version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ab92f4f49ee4fb4f997c784b7a2e0fa70050211e0b6a287f898c3c9785ca956" +checksum = "cde7055719c54e36e95e8719f95883f22072a48ede39db7fc17a4e1d5281e9b9" dependencies = [ "bytes", "futures-channel", @@ -1522,7 +1545,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -1549,9 +1572,9 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.6" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +checksum = "93ead53efc7ea8ed3cfb0c79fc8023fbb782a5432b52830b6518941cebe6505c" dependencies = [ "equivalent", "hashbrown", @@ -1599,11 +1622,11 @@ dependencies = [ [[package]] name = "is-terminal" -version = "0.4.12" +version = "0.4.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f23ff5ef2b80d608d61efee834934d862cd92461afc0560dedf493e4c033738b" +checksum = "261f68e344040fbd0edea105bef17c66edf46f984ddb1115b775ce31be948f4b" dependencies = [ - "hermit-abi", + "hermit-abi 0.4.0", "libc", "windows-sys 0.52.0", ] @@ -1658,9 +1681,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.69" +version = "0.3.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" +checksum = "1868808506b929d7b0cfa8f75951347aa71bb21144b7791bae35d9bccfcfe37a" dependencies = [ "wasm-bindgen", ] @@ -1723,7 +1746,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -1740,9 +1763,9 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" -version = "0.2.155" +version = "0.2.158" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" +checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439" [[package]] name = "libgcrypt-sys" @@ -1804,9 +1827,9 @@ dependencies = [ [[package]] name = "libz-sys" -version = "1.1.18" +version = "1.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c15da26e5af7e25c90b37a2d75cdbf940cf4a55316de9d84c679c9b8bfabf82e" +checksum = "fdc53a7799a7496ebc9fd29f31f7df80e83c9bda5299768af5f9e59eeea74647" dependencies = [ "cc", "libc", @@ -1912,13 +1935,22 @@ dependencies = [ "adler", ] +[[package]] +name = "miniz_oxide" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1" +dependencies = [ + "adler2", +] + [[package]] name = "mio" -version = "1.0.1" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4569e456d394deccd22ce1c1913e6ea0e54519f577285001215d33557431afe4" +checksum = "80e04d1dcff3aae0704555fe5fee3bcfaf3d1fdf8a7e521d5b9d2b42acb52cec" dependencies = [ - "hermit-abi", + "hermit-abi 0.3.9", "libc", "wasi", "windows-sys 0.52.0", @@ -1942,6 +1974,22 @@ dependencies = [ "uuid", ] +[[package]] +name = "nasl-builtin-cert" +version = "0.1.0" +dependencies = [ + "nasl-builtin-string", + "nasl-builtin-utils", + "nasl-function-proc-macro", + "nasl-interpreter", + "nasl-syntax", + "sha1", + "sha2", + "storage", + "time", + "x509-certificate", +] + [[package]] name = "nasl-builtin-cryptographic" version = "0.1.0" @@ -1992,14 +2040,14 @@ dependencies = [ name = "nasl-builtin-http" version = "0.1.0" dependencies = [ - "h2 0.4.5", + "h2 0.4.6", "http 1.1.0", "nasl-builtin-utils", "nasl-function-proc-macro", "nasl-interpreter", "nasl-syntax", "rustls 0.23.12", - "rustls-pemfile 2.1.2", + "rustls-pemfile 2.1.3", "storage", "tokio", "tokio-rustls 0.26.0", @@ -2039,7 +2087,7 @@ dependencies = [ "pcap", "pkcs8", "rustls 0.23.12", - "rustls-pemfile 2.1.2", + "rustls-pemfile 2.1.3", "storage", ] @@ -2080,6 +2128,7 @@ name = "nasl-builtin-std" version = "0.1.0" dependencies = [ "models", + "nasl-builtin-cert", "nasl-builtin-cryptographic", "nasl-builtin-description", "nasl-builtin-host", @@ -2133,7 +2182,7 @@ version = "0.1.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -2238,15 +2287,15 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ - "hermit-abi", + "hermit-abi 0.3.9", "libc", ] [[package]] name = "object" -version = "0.36.2" +version = "0.36.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f203fa8daa7bb185f760ae12bd8e097f63d17041dcdcaf675ac54cdf863170e" +checksum = "27b64972346851a39438c60b341ebc01bba47464ae329e55cf343eb93964efd9" dependencies = [ "memchr", ] @@ -2292,7 +2341,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -2466,6 +2515,16 @@ dependencies = [ "windows-sys 0.36.1", ] +[[package]] +name = "pem" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" +dependencies = [ + "base64 0.22.1", + "serde", +] + [[package]] name = "pem-rfc7468" version = "0.7.0" @@ -2517,7 +2576,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -2714,12 +2773,11 @@ checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" [[package]] name = "ppv-lite86" -version = "0.2.19" +version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2288c0e17cc8d342c712bb43a257a80ebffce59cdb33d5000d8348f3ec02528b" +checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" dependencies = [ "zerocopy", - "zerocopy-derive", ] [[package]] @@ -2735,7 +2793,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -2854,9 +2912,9 @@ dependencies = [ [[package]] name = "redox_users" -version = "0.4.5" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd283d9651eeda4b2a83a43c1c91b266c40fd76ecd39a50a8c630ae69dc72891" +checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43" dependencies = [ "getrandom", "libredox", @@ -2865,9 +2923,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.10.5" +version = "1.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" +checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619" dependencies = [ "aho-corasick", "memchr", @@ -3062,12 +3120,12 @@ dependencies = [ [[package]] name = "rustls-native-certs" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a88d6d420651b496bdd98684116959239430022a115c1240e6c3993be0b15fba" +checksum = "04182dffc9091a404e0fc069ea5cd60e5b866c3adf881eff99a32d048242dffa" dependencies = [ "openssl-probe", - "rustls-pemfile 2.1.2", + "rustls-pemfile 2.1.3", "rustls-pki-types", "schannel", "security-framework", @@ -3084,9 +3142,9 @@ dependencies = [ [[package]] name = "rustls-pemfile" -version = "2.1.2" +version = "2.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29993a25686778eb88d4189742cd713c9bce943bc54251a33509dc63cbacf73d" +checksum = "196fe16b00e106300d3e45ecfcb764fa292a535d7326a29a5875c579c7417425" dependencies = [ "base64 0.22.1", "rustls-pki-types", @@ -3094,9 +3152,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.7.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d" +checksum = "fc0a2ce646f8655401bb81e7927b812614bd5d91dbc968696be50603510fcaf0" [[package]] name = "rustls-webpki" @@ -3167,7 +3225,7 @@ dependencies = [ "serde", "serde_json", "storage", - "toml 0.8.17", + "toml 0.8.19", "tracing", "tracing-subscriber", "walkdir", @@ -3291,29 +3349,29 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.204" +version = "1.0.208" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc76f558e0cbb2a839d37354c575f1dc3fdc6546b5be373ba43d95f231bf7c12" +checksum = "cff085d2cb684faa248efb494c39b68e522822ac0de72ccf08109abde717cfb2" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.204" +version = "1.0.208" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0cd7e117be63d3c3678776753929474f3b04a43a080c744d6b0ae2a8c28e222" +checksum = "24008e81ff7613ed8e5ba0cfaf24e2c2f1e5b8a0495711e44fcd4882fca62bcf" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] name = "serde_json" -version = "1.0.121" +version = "1.0.125" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ab380d7d9f22ef3f21ad3e6c1ebe8e4fc7a2000ccba2e4d71fc96f15b2cb609" +checksum = "83c8e735a073ccf5be70aa8066aa984eaf2fa000db6c8d0100ae605b366d31ed" dependencies = [ "itoa", "memchr", @@ -3404,6 +3462,15 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "rand_core", +] + [[package]] name = "siphasher" version = "0.3.11" @@ -3530,9 +3597,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.72" +version = "2.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc4b9b9bf2add8093d3f2c0204471e951b2285580335de42f9d2534f3ae7a8af" +checksum = "f6af063034fc1935ede7be0122941bafa9bacb949334d090b77ca98b5817c7d9" dependencies = [ "proc-macro2", "quote", @@ -3553,7 +3620,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -3594,14 +3661,15 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.10.1" +version = "3.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85b77fafb263dd9d05cbeac119526425676db3784113aa9295c88498cbf8bff1" +checksum = "04cbcdd0c794ebb0d4cf35e88edd2f7d2c4c3e9a5a6dab322839b321c6a87a64" dependencies = [ "cfg-if", "fastrand", + "once_cell", "rustix", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -3632,7 +3700,7 @@ checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -3721,9 +3789,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.39.2" +version = "1.39.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "daa4fb1bc778bd6f04cbfc4bb2d06a7396a8f299dc33ea1900cedaa316f467b1" +checksum = "9babc99b9923bfa4804bd74722ff02c0381021eafa4db9949217e3be8e84fff5" dependencies = [ "backtrace", "bytes", @@ -3745,7 +3813,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -3808,14 +3876,14 @@ dependencies = [ [[package]] name = "toml" -version = "0.8.17" +version = "0.8.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a44eede9b727419af8095cb2d72fab15487a541f54647ad4414b34096ee4631" +checksum = "a1ed1f98e3fdc28d6d910e6737ae6ab1a93bf1985935a1193e68f93eeb68d24e" dependencies = [ "serde", "serde_spanned", "toml_datetime", - "toml_edit 0.22.18", + "toml_edit 0.22.20", ] [[package]] @@ -3842,15 +3910,15 @@ dependencies = [ [[package]] name = "toml_edit" -version = "0.22.18" +version = "0.22.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1490595c74d930da779e944f5ba2ecdf538af67df1a9848cbd156af43c1b7cf0" +checksum = "583c44c02ad26b0c3f3066fe629275e50627026c51ac2e595cca4c230ce1ce1d" dependencies = [ "indexmap", "serde", "serde_spanned", "toml_datetime", - "winnow 0.6.16", + "winnow 0.6.18", ] [[package]] @@ -3870,15 +3938,15 @@ dependencies = [ [[package]] name = "tower-layer" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0" +checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e" [[package]] name = "tower-service" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" +checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" [[package]] name = "tracing" @@ -3899,7 +3967,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -3959,7 +4027,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04659ddb06c87d233c566112c1c9c5b9e98256d9af50ec3bc9c8327f873a7568" dependencies = [ "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -3997,9 +4065,9 @@ dependencies = [ [[package]] name = "unicode-xid" -version = "0.2.4" +version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" +checksum = "229730647fbc343e3a80e463c1db7f78f3855d3f3739bee0dda773c9a037c90a" [[package]] name = "universal-hash" @@ -4108,34 +4176,35 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.92" +version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" +checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5" dependencies = [ "cfg-if", + "once_cell", "wasm-bindgen-macro", ] [[package]] name = "wasm-bindgen-backend" -version = "0.2.92" +version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" +checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.42" +version = "0.4.43" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76bc14366121efc8dbb487ab05bcc9d346b3b5ec0eaa76e46594cabbe51762c0" +checksum = "61e9300f63a621e96ed275155c108eb6f843b6a26d053f122ab69724559dc8ed" dependencies = [ "cfg-if", "js-sys", @@ -4145,9 +4214,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.92" +version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" +checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -4155,28 +4224,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.92" +version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" +checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.92" +version = "0.2.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" +checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" [[package]] name = "web-sys" -version = "0.3.69" +version = "0.3.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77afa9a11836342370f4817622a2f0f418b134426d91a82dfb48f532d2ec13ef" +checksum = "26fdeaafd9bd129f65e7c031593c24d62186301e0c72c8978fa1678be7d532c0" dependencies = [ "js-sys", "wasm-bindgen", @@ -4218,11 +4287,11 @@ checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" [[package]] name = "winapi-util" -version = "0.1.8" +version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d4cc384e1e73b93bafa6fb4f1df8c41695c8a91cf9c4c64358067d15a7b6c6b" +checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -4281,6 +4350,15 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + [[package]] name = "windows-targets" version = "0.48.5" @@ -4443,9 +4521,9 @@ dependencies = [ [[package]] name = "winnow" -version = "0.6.16" +version = "0.6.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b480ae9340fc261e6be3e95a1ba86d54ae3f9171132a73ce8d4bbaf68339507c" +checksum = "68a9bda4691f099d435ad181000724da8e5899daa10713c2d432552b9ccd3a6f" dependencies = [ "memchr", ] @@ -4472,6 +4550,25 @@ version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51" +[[package]] +name = "x509-certificate" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66534846dec7a11d7c50a74b7cdb208b9a581cad890b7866430d438455847c85" +dependencies = [ + "bcder", + "bytes", + "chrono", + "der", + "hex", + "pem", + "ring", + "signature", + "spki", + "thiserror", + "zeroize", +] + [[package]] name = "xxhash-rust" version = "0.8.12" @@ -4498,7 +4595,7 @@ checksum = "28cc31741b18cb6f1d5ff12f5b7523e3d6eb0852bbbad19d73905511d9849b95" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", "synstructure", ] @@ -4520,7 +4617,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -4540,7 +4637,7 @@ checksum = "0ea7b4a3637ea8669cedf0f1fd5c286a17f3de97b8dd5a70a6c167a1730e63a5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", "synstructure", ] @@ -4561,7 +4658,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] [[package]] @@ -4583,5 +4680,5 @@ checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.72", + "syn 2.0.75", ] diff --git a/rust/Cargo.toml b/rust/Cargo.toml index 7a49dceed..cb0c5e0ae 100644 --- a/rust/Cargo.toml +++ b/rust/Cargo.toml @@ -1,6 +1,7 @@ [workspace] resolver = "2" members = [ + "nasl-builtin-cert", "nasl-builtin-knowledge-base", "nasl-builtin-raw-ip", "nasl-builtin-cryptographic", diff --git a/rust/nasl-builtin-cert/Cargo.toml b/rust/nasl-builtin-cert/Cargo.toml new file mode 100644 index 000000000..0e7c21a39 --- /dev/null +++ b/rust/nasl-builtin-cert/Cargo.toml @@ -0,0 +1,21 @@ +[package] +name = "nasl-builtin-cert" +version = "0.1.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +nasl-builtin-utils = { path = "../nasl-builtin-utils" } +nasl-builtin-string = { path = "../nasl-builtin-string" } +nasl-function-proc-macro = { path = "../nasl-function-proc-macro" } +nasl-syntax = { path = "../nasl-syntax" } +storage = { path = "../storage" } + +x509-certificate = "0" +time = { version = "0", features = ["parsing"] } +sha1 = "0" +sha2 = "0" + +[dev-dependencies] +nasl-interpreter = { path = "../nasl-interpreter" } diff --git a/rust/nasl-builtin-cert/README.md b/rust/nasl-builtin-cert/README.md new file mode 100644 index 000000000..82117fdce --- /dev/null +++ b/rust/nasl-builtin-cert/README.md @@ -0,0 +1,6 @@ +## Implements +- cert_close +- cert_open +- cert_query + +## Missing diff --git a/rust/nasl-builtin-cert/src/lib.rs b/rust/nasl-builtin-cert/src/lib.rs new file mode 100644 index 000000000..b2b5df6d7 --- /dev/null +++ b/rust/nasl-builtin-cert/src/lib.rs @@ -0,0 +1,438 @@ +// SPDX-FileCopyrightText: 2024 Greenbone AG +// +// SPDX-License-Identifier: GPL-2.0-or-later + +use std::sync::RwLock; + +use nasl_builtin_string::encode_hex; +use nasl_builtin_utils::error::FunctionErrorKind; +use nasl_builtin_utils::{Context, Register}; +use nasl_function_proc_macro::nasl_function; +use nasl_syntax::NaslValue; +use x509_certificate::X509Certificate; + +#[derive(Default)] +struct Handles { + certs: Vec>, + closed_fd: Vec, +} + +#[derive(Default)] +pub struct NaslCerts(RwLock); + +type NaslCertFunction = fn(&NaslCerts, &Register, &Context) -> Result; + +fn sign_alg_oid_to_name(oid: &str) -> String { + match oid { + "1.2.840.10040.4.1" => "id-dsa".to_string(), + "1.2.840.10046.2.1" => "dhpublicnumber".to_string(), + "2.16.840.1.101.2.1.1.22" => "id-keyExchangeAlgorithm".to_string(), + "1.2.840.10045.1.1" => "prime-field".to_string(), + "1.2.840.10045.2.1" => "id-ecPublicKey".to_string(), + "1.2.840.10045.4.1" => "ecdsa-with-SHA1".to_string(), + "1.2.840.10045.4.3.1" => "ecdsa-with-SHA224".to_string(), + "1.2.840.10045.4.3.2" => "ecdsa-with-SHA256".to_string(), + "1.2.840.10045.4.3.3" => "ecdsa-with-SHA384".to_string(), + "1.2.840.10045.4.3.4" => "ecdsa-with-SHA512".to_string(), + "1.3.132.1.12" => "id-ecDH".to_string(), + "1.2.840.10045.2.13" => "id-ecMQV".to_string(), + "1.2.840.113549.1.1.10" => "id-RSASSA-PSS".to_string(), + "1.2.840.113549.1.1.11" => "sha256WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.12" => "sha384WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.13" => "sha512WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.14" => "sha224WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.8" => "id-mgf1".to_string(), + "1.2.840.113549.2.2" => "md2".to_string(), + "1.2.840.113549.2.4" => "md4".to_string(), + "1.2.840.113549.2.5" => "md5".to_string(), + "1.2.840.113549.1.1.1" => "rsaEncryption".to_string(), + "1.2.840.113549.1.1.2" => "md2WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.3" => "md4WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.4" => "md5WithRSAEncryption".to_string(), + "1.2.840.113549.1.1.6" => "rsaOAEPEncryptionSET".to_string(), + "1.2.840.10045.3.1.1" => "secp192r1".to_string(), + "1.3.132.0.1" => "sect163k1".to_string(), + "1.3.132.0.15" => "sect163r2".to_string(), + "1.3.132.0.33" => "secp224r1".to_string(), + "1.3.132.0.26" => "sect233k1".to_string(), + "1.3.132.0.27" => "sect233r1".to_string(), + "1.2.840.10045.3.1.7" => "secp256r1".to_string(), + "1.3.132.0.16" => "sect283k1".to_string(), + "1.3.132.0.17" => "sect283r1".to_string(), + "1.3.132.0.34" => "secp384r1".to_string(), + "1.3.132.0.36" => "sect409k1".to_string(), + "1.3.132.0.37" => "sect409r1".to_string(), + "1.3.132.0.35" => "sect521r1".to_string(), + "1.3.132.0.38" => "sect571k1".to_string(), + "1.3.132.0.39" => "sect571r1".to_string(), + "2.16.840.1.101.3.4.3.1" => "id-dsa-with-sha224".to_string(), + "2.16.840.1.101.3.4.3.2" => "id-dsa-with-sha256".to_string(), + "2.16.840.1.101.3.4.2.1" => "sha256".to_string(), + "2.16.840.1.101.3.4.2.2" => "sha384".to_string(), + "2.16.840.1.101.3.4.2.3" => "sha512".to_string(), + "2.16.840.1.101.3.4.2.4" => "sha224".to_string(), + _ => "unknown".to_string(), + } +} + +fn pub_key_alg_oid_to_name(name: &str) -> String { + match name { + "1.2.840.113549.1.1.1" => "RSA".to_string(), + "2.5.8.1.1" => "RSA (X.509)".to_string(), + "1.2.840.113549.1.1.4" => "RSA (MD5)".to_string(), + "1.2.840.113549.1.1.5" => "RSA (SHA1)".to_string(), + "1.2.840.10040.4.1" => "DSA".to_string(), + "1.2.643.2.2.19" => "GOST R 34.10-2001".to_string(), + "1.2.643.2.2.20" => "GOST R 34.10-94".to_string(), + "1.2.840.10045.2.1" => "EC".to_string(), + _ => "unknown".to_string(), + } +} + +fn subject_oid_to_name(oid: &str) -> String { + match oid { + "2.5.4.6" => "C".to_string(), + "2.5.4.8" => "ST".to_string(), + "2.5.4.7" => "L".to_string(), + "2.5.4.10" => "O".to_string(), + "2.5.4.3" => "CN".to_string(), + "2.5.4.11" => "OU".to_string(), + "2.5.4.12" => "T".to_string(), + "2.5.4.42" => "GN".to_string(), + "2.5.4.43" => "I".to_string(), + "2.5.4.4" => "SN".to_string(), + _ => oid.to_string(), + } +} + +impl NaslCerts { + /// Create a certificate object. + /// + /// Takes a string/data as unnamed argument and returns an identifier + /// used with the other cert functions. The data is usually the BER + /// encoded certificate but the function will also try a PEM encoding + /// on failure to parse BER encoded one. + /// + /// On success the function returns a cert identifier that can be used + /// for further operations. + #[nasl_function] + fn cert_open(self, cert: &[u8]) -> Result { + if let Ok(cert) = x509_certificate::X509Certificate::from_der(cert) { + let mut handle = self.0.write().unwrap(); + if let Some(fd) = handle.closed_fd.pop() { + handle.certs[fd] = Some(cert); + return Ok(fd); + } + handle.certs.push(Some(cert)); + return Ok(handle.certs.len() - 1); + } + + Err(FunctionErrorKind::WrongArgument( + "The given string is not a valid DER encoded X.509 certificate.".to_string(), + )) + } + + /// Release a certificate object. + /// + /// Takes a cert identifier as returned by cert_open and releases the + /// associated resources. + #[nasl_function] + fn cert_close(self, fd: usize) -> Result<(), FunctionErrorKind> { + let mut handle = self.0.write().unwrap(); + match handle.certs.get(fd) { + Some(Some(_)) => { + handle.certs[fd] = None; + handle.closed_fd.push(fd); + } + Some(None) => { + return Err(FunctionErrorKind::WrongArgument( + "The given file descriptor is already closed.".to_string(), + )); + } + None => { + return Err(FunctionErrorKind::WrongArgument( + "The given file descriptor is not valid.".to_string(), + )); + } + }; + Ok(()) + } + + /// Query a certificate object. + /// + /// Takes a cert identifier as first unnamed argument and a command + /// string as second argument. That command is used to select specific + /// information from the certificate. For certain commands the named + /// argument @a idx is used as well. Depending on this command the + /// return value may be a number, a string, or an array of strings. + /// Supported commands are: + /// + /// - serial The serial number of the certificate as a hex string. + /// + /// - issuer Returns the issuer. The returned value is a string in + /// rfc-2253 format. + + /// - subject Returns the subject. The returned value is a string in + /// rfc-2253 format. To query the subjectAltName the + /// named parameters @a idx with values starting at 1 can + /// be used. In this case the format is either an rfc2253 + /// string as used above, an rfc2822 mailbox name + /// indicated by the first character being a left angle + /// bracket or an S-expression in advanced format for all + /// other types of subjectAltnames which is indicated by + /// an opening parentheses. + /// + /// - not-before The notBefore time as UTC value in ISO time format + /// (e.g. "20120930T143521"). + /// + /// - not-after The notAfter time as UTC value in ISO time format + /// (e.g. "20280929T143520"). + /// + /// - all Return all available information in a human readable + /// format. Not yet implemented. + /// + /// - hostnames Return an array with all hostnames listed in the + /// certificates, i.e. the CN part of the subject and all dns-name + /// type subjectAltNames. + /// + /// - fpr-sha-256 The SHA-256 fingerprint of the certificate. The + /// fingerprint is, as usual, computed over the entire + /// DER encode certificate. + /// + /// - fpr-sha-1 The SHA-1 fingerprint of the certificate. The + /// fingerprint is, as usual, computed over the entire + /// DER encode certificate. + /// + /// - image Return the entire certificate as binary data. + /// + /// - algorithm-name Same as signature-algorithm-name. TODO: Remove it and + /// leave only signature-algorithm-name. + /// + /// - signature-algorithm-name Return the algorithm name used to sign the + /// certificate. Get the OID of the digest + /// algorithm and translated to a name from a + /// list from Wireshark. + /// See epan/dissectors/packet-pkcs1.c + /// + /// - public-key-algorithm-name Return the algorithm name of the public key. + /// + /// - modulus Return the RSA public key's modulus found in the + /// structure of the given cert. + /// + /// - exponent Return the RSA public key's exponent found in + /// the structure of the given cert. + /// + /// - key-size Return the size to hold the parameters size in bits. + /// For RSA the bits returned is the modulus. + /// For DSA the bits returned are of the public exponent. + /// + /// + /// The following arguments are required: + /// - pos(0): Object id of the certificate. + /// + /// - pos(1): A string with the command to select what to return; see above. + /// + /// The following arguments are optional: + /// - idx Used by certain commands to select the n-th value of a set + /// of values. If not given 0 is assumed. + /// + /// A NASL type depending on the used command. + #[nasl_function(named(idx))] + fn cert_query( + self, + fd: usize, + query: &str, + idx: Option, + ) -> Result { + let idx = idx.unwrap_or(0); + let handle = self.0.read().unwrap(); + if fd >= handle.certs.len() { + return Err(FunctionErrorKind::WrongArgument( + "The given file descriptor is not valid.".to_string(), + )); + } + if let Some(cert) = &handle.certs[fd] { + match query { + "serial" => { + let serial = cert.serial_number_asn1().clone().into_bytes(); + Ok(NaslValue::String(encode_hex(&serial))) + } + "subject" => { + let subject = cert.subject_name(); + if let Some(entry) = subject.get(idx) { + let mut fields = vec![]; + for val in entry.iter() { + if let Ok(value) = val.value.to_string() { + fields.push(format!( + "{}={}", + subject_oid_to_name(&val.typ.to_string()), + value + )); + } + } + return Ok(NaslValue::String(fields.join(","))); + } + Ok(NaslValue::String("".to_string())) + } + "issuer" => { + let subject = cert.issuer_name(); + if let Some(entry) = subject.get(idx) { + let mut fields = vec![]; + for val in entry.iter() { + if let Ok(value) = val.value.to_string() { + fields.push(format!( + "{}={}", + subject_oid_to_name(&val.typ.to_string()), + value + )); + } + } + return Ok(NaslValue::String(fields.join(","))); + } + Ok(NaslValue::String("".to_string())) + } + "not-before" => { + let not_before = cert.validity_not_before().format("%Y%m%dT%H%M%S"); + Ok(NaslValue::String(not_before.to_string())) + } + "not-after" => { + let not_after = cert.validity_not_after().format("%Y%m%dT%H%M%S"); + Ok(NaslValue::String(not_after.to_string())) + } + "fpr-sha-256" => { + let mut result = Vec::new(); + match cert.sha256_fingerprint() { + Ok(fpr) => result.extend_from_slice(fpr.as_ref()), + Err(_) => { + return Err(FunctionErrorKind::Diagnostic( + "Unable to calculate SHA256 fingerprint".to_string(), + None, + )) + } + }; + Ok(NaslValue::String(encode_hex(&result))) + } + "fpr-sha-1" => { + let mut result = Vec::new(); + match cert.sha1_fingerprint() { + Ok(fpr) => result.extend_from_slice(fpr.as_ref()), + Err(_) => { + return Err(FunctionErrorKind::Diagnostic( + "Unable to calculate SHA256 fingerprint".to_string(), + None, + )) + } + }; + Ok(NaslValue::String(encode_hex(&result))) + } + "all" => { + todo!(); + } + "hostnames" => { + let mut ret = vec![]; + if let Some(cn) = cert.subject_common_name() { + ret.push(NaslValue::String(cn)); + } + + Ok(NaslValue::Array(ret)) + } + "image" => Ok(NaslValue::Data(cert.encode_der().unwrap_or_default())), + "algorithm-name" | "signature-algorithm-name" => { + let signature_algorithm = + sign_alg_oid_to_name(&cert.signature_algorithm_oid().to_string()); + Ok(NaslValue::String(signature_algorithm)) + } + "public-key-algorithm-name" => { + let public_key_algorithm = + pub_key_alg_oid_to_name(&cert.key_algorithm_oid().to_string()); + Ok(NaslValue::String(public_key_algorithm)) + } + "modulus" => { + if let Ok(data) = cert.rsa_public_key_data() { + Ok(NaslValue::Data(data.modulus.into_bytes().to_vec())) + } else { + Ok(NaslValue::Null) + } + } + "exponent" => { + if let Ok(data) = cert.rsa_public_key_data() { + Ok(NaslValue::Data(data.public_exponent.into_bytes().to_vec())) + } else { + Ok(NaslValue::Null) + } + } + "key-size" => { + if let Some(algorithm) = cert.key_algorithm() { + match algorithm { + x509_certificate::KeyAlgorithm::Rsa => { + if let Ok(data) = cert.rsa_public_key_data() { + Ok(NaslValue::Number( + ((data.modulus.into_bytes().len() - 1) * 8) as i64, + )) + } else { + Ok(NaslValue::Null) + } + } + _ => { + if let Ok(data) = cert.rsa_public_key_data() { + Ok(NaslValue::Number( + (data.public_exponent.into_bytes().len() * 8) as i64, + )) + } else { + Ok(NaslValue::Null) + } + } + } + } else { + Ok(NaslValue::Null) + } + } + _ => Err(FunctionErrorKind::WrongArgument( + "The given query is not valid.".to_string(), + )), + } + } else { + Err(FunctionErrorKind::WrongArgument( + "The given file descriptor is not valid.".to_string(), + )) + } + } + + /// Returns found function for key or None when not found + fn lookup(key: &str) -> Option { + match key { + "cert_open" => Some(Self::cert_open), + "cert_close" => Some(Self::cert_close), + "cert_query" => Some(Self::cert_query), + _ => None, + } + } +} + +impl nasl_builtin_utils::NaslFunctionExecuter for NaslCerts { + fn nasl_fn_cache_clear(&self) -> Option { + let mut handle = self.0.write().unwrap(); + if handle.certs.is_empty() { + return None; + } + let result = handle.certs.len(); + handle.certs.clear(); + handle.certs.shrink_to_fit(); + handle.closed_fd.clear(); + handle.closed_fd.shrink_to_fit(); + Some(result) + } + + fn nasl_fn_execute( + &self, + name: &str, + register: &Register, + context: &Context, + ) -> Option { + NaslCerts::lookup(name).map(|x| x(self, register, context)) + } + + fn nasl_fn_defined(&self, name: &str) -> bool { + NaslCerts::lookup(name).is_some() + } +} diff --git a/rust/nasl-builtin-std/Cargo.toml b/rust/nasl-builtin-std/Cargo.toml index 2c2b0e5fd..174930f5a 100644 --- a/rust/nasl-builtin-std/Cargo.toml +++ b/rust/nasl-builtin-std/Cargo.toml @@ -15,6 +15,7 @@ nasl-builtin-http = { version = "0.1.0", path = "../nasl-builtin-http" } nasl-builtin-description = { path = "../nasl-builtin-description" } nasl-builtin-network = { path = "../nasl-builtin-network" } nasl-builtin-misc = { path = "../nasl-builtin-misc" } +nasl-builtin-cert = { path = "../nasl-builtin-cert" } nasl-function-proc-macro = { path = "../nasl-function-proc-macro" } storage = { path = "../storage" } models = { path = "../models" } diff --git a/rust/nasl-builtin-std/src/lib.rs b/rust/nasl-builtin-std/src/lib.rs index 458ebd80b..80c3a45da 100644 --- a/rust/nasl-builtin-std/src/lib.rs +++ b/rust/nasl-builtin-std/src/lib.rs @@ -79,7 +79,8 @@ pub fn nasl_std_functions() -> nasl_builtin_utils::NaslFunctionRegister { .push_register(nasl_builtin_http::NaslHttp::default()) .push_register(nasl_builtin_network::socket::NaslSockets::default()) .push_register(nasl_builtin_cryptographic::Cryptographic) - .push_register(nasl_builtin_description::Description); + .push_register(nasl_builtin_description::Description) + .push_register(nasl_builtin_cert::NaslCerts::default()); builder = add_ssh(builder); builder = add_raw_ip(builder);