Protos and data structures for CERT functions used by NASL scripts.
More...
Go to the source code of this file.
Protos and data structures for CERT functions used by NASL scripts.
This file contains the protos for nasl_cert.c
◆ nasl_cert_close()
Release a certificate object.
- NASL Function: cert_close
Takes a cert identifier as returned by cert_open and releases the associated resources.
- NASL Unnamed Parameters:
- Object id of the certificate. 0 acts as a NOP.
- NASL Returns:
- none
- Parameters
-
[in] | lexic | Lexical context of the NASL interpreter. |
- Returns
- none
◆ nasl_cert_open()
Create a certificate object.
- NASL Function: cert_open
Takes a string/data as unnamed argument and returns an identifier used with the other cert functions. The data is usually the BER encoded certificate but the function will also try a PEM encoding on failure to parse BER encoded one.
- NASL Unnamed Parameters:
- String/data object with the certificate. Either binary or PEM encoded.
- NASL Named Parameters:
- errorvar Name of a variable used on error to return an error description.
- NASL Returns:
- An integer used as an id for the certificate; on error 0 is returned.
- Parameters
-
[in] | lexic | Lexical context of the NASL interpreter. |
- Returns
- On success the function returns a tree-cell with a non-zero object identifier for use with other cert functions; zero is returned on error.
◆ nasl_cert_query()
Query a certificate object.
- NASL Function: cert_query
Takes a cert identifier as first unnamed argument and a command string as second argument. That command is used to select specific information from the certificate. For certain commands the named argument idx is used as well. Depending on this command the return value may be a number, a string, or an array of strings. Supported commands are:
- serial The serial number of the certificate as a hex string.
- issuer Returns the issuer. The returned value is a string in rfc-2253 format.
- subject Returns the subject. The returned value is a string in rfc-2253 format. To query the subjectAltName the named parameters idx with values starting at 1 can be used. In this case the format is either an rfc2253 string as used above, an rfc2822 mailbox name indicated by the first character being a left angle bracket or an S-expression in advanced format for all other types of subjectAltnames which is indicated by an opening parentheses.
- not-before The notBefore time as UTC value in ISO time format (e.g. "20120930T143521").
- not-after The notAfter time as UTC value in ISO time format (e.g. "20280929T143520").
- all Return all available information in a human readable format. Not yet implemented.
- hostnames Return an array with all hostnames listed in the certificates, i.e. the CN part of the subject and all dns-name type subjectAltNames.
- fpr-sha-256 The SHA-256 fingerprint of the certificate. The fingerprint is, as usual, computed over the entire DER encode certificate.
- fpr-sha-1 The SHA-1 fingerprint of the certificate. The fingerprint is, as usual, computed over the entire DER encode certificate.
- image Return the entire certificate as binary data.
- NASL Unnamed Parameters:
- Object id of the certificate.
- A string with the command to select what to return; see above.
- NASL Named Parameters:
- idx Used by certain commands to select the n-th value of a set of values. If not given 0 is assumed.
- NASL Returns:
- A NASL type depending on the used command. NULL is returned on error.
- Parameters
-
[in] | lexic | Lexical context of the NASL interpreter. |
- Returns
- none