OpenVAS Libraries  9.0.1
Functions
nasl_cert.h File Reference

Protos and data structures for CERT functions used by NASL scripts. More...

Go to the source code of this file.

Functions

tree_cellnasl_cert_open (lex_ctxt *lexic)
 Create a certificate object. More...
 
tree_cellnasl_cert_close (lex_ctxt *lexic)
 Release a certificate object. More...
 
tree_cellnasl_cert_query (lex_ctxt *lexic)
 Query a certificate object. More...
 

Detailed Description

Protos and data structures for CERT functions used by NASL scripts.

This file contains the protos for nasl_cert.c

Function Documentation

◆ nasl_cert_close()

tree_cell* nasl_cert_close ( lex_ctxt lexic)

Release a certificate object.

NASL Function: cert_close

Takes a cert identifier as returned by cert_open and releases the associated resources.

NASL Unnamed Parameters:
  • Object id of the certificate. 0 acts as a NOP.
NASL Returns:
none
Parameters
[in]lexicLexical context of the NASL interpreter.
Returns
none

◆ nasl_cert_open()

tree_cell* nasl_cert_open ( lex_ctxt lexic)

Create a certificate object.

NASL Function: cert_open

Takes a string/data as unnamed argument and returns an identifier used with the other cert functions. The data is usually the BER encoded certificate but the function will also try a PEM encoding on failure to parse BER encoded one.

NASL Unnamed Parameters:
  • String/data object with the certificate. Either binary or PEM encoded.
NASL Named Parameters:
  • errorvar Name of a variable used on error to return an error description.
NASL Returns:
An integer used as an id for the certificate; on error 0 is returned.
Parameters
[in]lexicLexical context of the NASL interpreter.
Returns
On success the function returns a tree-cell with a non-zero object identifier for use with other cert functions; zero is returned on error.

◆ nasl_cert_query()

tree_cell* nasl_cert_query ( lex_ctxt lexic)

Query a certificate object.

NASL Function: cert_query

Takes a cert identifier as first unnamed argument and a command string as second argument. That command is used to select specific information from the certificate. For certain commands the named argument idx is used as well. Depending on this command the return value may be a number, a string, or an array of strings. Supported commands are:

  • serial The serial number of the certificate as a hex string.
  • issuer Returns the issuer. The returned value is a string in rfc-2253 format.
  • subject Returns the subject. The returned value is a string in rfc-2253 format. To query the subjectAltName the named parameters idx with values starting at 1 can be used. In this case the format is either an rfc2253 string as used above, an rfc2822 mailbox name indicated by the first character being a left angle bracket or an S-expression in advanced format for all other types of subjectAltnames which is indicated by an opening parentheses.
  • not-before The notBefore time as UTC value in ISO time format (e.g. "20120930T143521").
  • not-after The notAfter time as UTC value in ISO time format (e.g. "20280929T143520").
  • all Return all available information in a human readable format. Not yet implemented.
  • hostnames Return an array with all hostnames listed in the certificates, i.e. the CN part of the subject and all dns-name type subjectAltNames.
  • fpr-sha-256 The SHA-256 fingerprint of the certificate. The fingerprint is, as usual, computed over the entire DER encode certificate.
  • fpr-sha-1 The SHA-1 fingerprint of the certificate. The fingerprint is, as usual, computed over the entire DER encode certificate.
  • image Return the entire certificate as binary data.
NASL Unnamed Parameters:
  • Object id of the certificate.
  • A string with the command to select what to return; see above.
NASL Named Parameters:
  • idx Used by certain commands to select the n-th value of a set of values. If not given 0 is assumed.
NASL Returns:
A NASL type depending on the used command. NULL is returned on error.
Parameters
[in]lexicLexical context of the NASL interpreter.
Returns
none