Skip to content

Commit

Permalink
chore: implement more x509 parsers (#6)
Browse files Browse the repository at this point in the history 
chore: implement more x509 parsers
  • Loading branch information
@moul
moul committed Aug 12, 2019
2 parents 550e9d8 + 0815d2a commit 9455646
Show file tree
Hide file tree
Showing 3 changed files with 297 additions and 40 deletions.
119 changes: 83 additions & 36 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,19 +16,57 @@
## Usage

```console
$ cryptoguess test/*
test/jwt-token.txt: JWT Token
test/pem-rsa-pubkey.txt: PEM encoded data
test/rsa-pubkey.txt: SSH RSA public key
test/ssh-rsa-authorized-key.txt: SSH authorized key
$ find test/ -type f | xargs cryptoguess
test/pem-rsa-pubkey.txt: potential candidates: PEM encoded data: x509: DER encoded public key, PEM encoded data
test/jwt-token.txt: JWT signed token
test/ssh-rsa-authorized-key.txt: SSH authorized key
test/rsa-pubkey.txt: potential candidates: BASE64 encoded data: x509: DER encoded public key, BASE64 encoded data
test/crypto-memory/D.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form
test/crypto-memory/E: PEM encoded data
test/crypto-memory/A.pub: SSH authorized key
test/crypto-memory/A: PEM encoded data
test/crypto-memory/B.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data
test/crypto-memory/B.pub: SSH authorized key
test/crypto-memory/D.with-password: PEM encoded data
test/crypto-memory/C.pub: SSH authorized key
test/crypto-memory/D: potential candidates: PEM encoded data: x509: PKCS#1 private key (RSA) in ASN.1 DER form, PEM encoded data
test/crypto-memory/D.pub: SSH authorized key
test/crypto-memory/A.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form
test/crypto-memory/B: PEM encoded data
test/crypto-memory/C: PEM encoded data
test/crypto-memory/B.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form
test/crypto-memory/F.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data
test/crypto-memory/D.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data
test/crypto-memory/F.pub: SSH authorized key
test/crypto-memory/A.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data
test/crypto-memory/F.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form
```

```console
$ file test/*
test/jwt-token.txt: ASCII text, with very long lines, with no line terminators
test/pem-rsa-pubkey.txt: ASCII text
test/rsa-pubkey.txt: ASCII text, with very long lines, with no line terminators
test/ssh-rsa-authorized-key.txt: OpenSSH RSA public key
$ find test/ -type f | xargs file
test/pem-rsa-pubkey.txt: ASCII text
test/jwt-token.txt: ASCII text, with very long lines, with no line terminators
test/ssh-rsa-authorized-key.txt: OpenSSH RSA public key
test/rsa-pubkey.txt: ASCII text, with very long lines, with no line terminators
test/crypto-memory/D.der: data
test/crypto-memory/E: OpenSSH private key
test/crypto-memory/A.pub: OpenSSH RSA public key
test/crypto-memory/A: OpenSSH private key
test/crypto-memory/B.pem: ASCII text
test/crypto-memory/B.pub: OpenSSH RSA public key
test/crypto-memory/D.with-password: PEM RSA private key
test/crypto-memory/C.pub: OpenSSH ED25519 public key
test/crypto-memory/D: PEM RSA private key
test/crypto-memory/D.pub: OpenSSH RSA public key
test/crypto-memory/A.der: data
test/crypto-memory/B: OpenSSH private key
test/crypto-memory/C: OpenSSH private key
test/crypto-memory/B.der: data
test/crypto-memory/F.pem: ASCII text
test/crypto-memory/D.pem: ASCII text
test/crypto-memory/F.pub: OpenSSH RSA public key
test/crypto-memory/A.pem: ASCII text
test/crypto-memory/F.der: data
```

---
Expand Down Expand Up @@ -66,32 +104,41 @@ GLOBAL OPTIONS:

## Decoders

| Encoding | Status | Recursive |
|-------------------|--------------------|--------------------|
| aes | :red_circle: | :red_circle: |
| ascii85 | :red_circle: | :red_circle: |
| asn1 | :red_circle: | :red_circle: |
| base32 | :red_circle: | :red_circle: |
| base64 | :white_check_mark: | :white_check_mark: |
| cipher | :red_circle: | :red_circle: |
| csv | :red_circle: | :red_circle: |
| des | :red_circle: | :red_circle: |
| dsa | :red_circle: | :red_circle: |
| ecdsa | :red_circle: | :red_circle: |
| elliptic | :red_circle: | :red_circle: |
| encodings (utf-8) | :red_circle: | :red_circle: |
| encrypted jwt | :red_circle: | :red_circle: |
| gob | :red_circle: | :red_circle: |
| gzip,lzw,... | :red_circle: | :red_circle: |
| json | :red_circle: | :red_circle: |
| pem | :white_check_mark: | :white_check_mark: |
| rsa | :red_circle: | :red_circle: |
| signed jwt | :white_check_mark: | :red_circle: |
| ssh | :white_check_mark: | :red_circle: |
| tls | :red_circle: | :red_circle: |
| url escaped | :red_circle: | :red_circle: |
| x509 | :white_check_mark: | :red_circle: |
| xml | :red_circle: | :red_circle: |
| Encoding | Status | Recursive |
|----------------------------------|--------------------|--------------------|
| aes | :red_circle: | :red_circle: |
| ascii85 | :red_circle: | :red_circle: |
| asn1 | :red_circle: | :red_circle: |
| base32 | :red_circle: | :red_circle: |
| base64 | :white_check_mark: | :white_check_mark: |
| cipher | :red_circle: | :red_circle: |
| csv | :red_circle: | :red_circle: |
| des | :red_circle: | :red_circle: |
| dsa | :red_circle: | :red_circle: |
| ecdsa | :red_circle: | :red_circle: |
| elliptic | :red_circle: | :red_circle: |
| encodings (utf-8) | :red_circle: | :red_circle: |
| encrypted jwt | :red_circle: | :red_circle: |
| gob | :red_circle: | :red_circle: |
| gzip,lzw,... | :red_circle: | :red_circle: |
| json | :red_circle: | :red_circle: |
| pem | :white_check_mark: | :white_check_mark: |
| rsa | :red_circle: | :red_circle: |
| signed jwt | :white_check_mark: | :red_circle: |
| ssh | :white_check_mark: | :red_circle: |
| tls | :red_circle: | :red_circle: |
| url escaped | :red_circle: | :red_circle: |
| x509: DER certificate list | :white_check_mark: | n/a |
| x509: Elliptic Curve private key | :white_check_mark: | n/a |
| x509: PKCS#1 RSA private key | :white_check_mark: | n/a |
| x509: PKCS#8 private key | :white_check_mark: | n/a |
| x509: PKCS#8 public key | :white_check_mark: | n/a |
| x509: PKIX public key | :white_check_mark: | n/a |
| x509: certificate | :white_check_mark: | n/a |
| x509: certificate list | :white_check_mark: | n/a |
| x509: certificate request | :white_check_mark: | n/a |
| x509: certificates | :white_check_mark: | n/a |
| xml | :red_circle: | :red_circle: |


## Install
Expand Down
214 changes: 212 additions & 2 deletions cryptoguess/guess_x509.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,23 +4,233 @@ import "crypto/x509"

func init() {
AvailableExperiments = append(AvailableExperiments, NewX509PKIXPublicKey)
AvailableExperiments = append(AvailableExperiments, NewX509PKCS8PrivateKey)
AvailableExperiments = append(AvailableExperiments, NewX509PKCS1PublicKey)
AvailableExperiments = append(AvailableExperiments, NewX509PKCS1PrivateKey)
AvailableExperiments = append(AvailableExperiments, NewX509ECPrivateKey)
AvailableExperiments = append(AvailableExperiments, NewX509DERCRL)
AvailableExperiments = append(AvailableExperiments, NewX509Certificate)
AvailableExperiments = append(AvailableExperiments, NewX509Certificates)
AvailableExperiments = append(AvailableExperiments, NewX509CertificateRequest)
}

//
// PKIXPublicKey
//

type X509PKIXPublicKey struct{ *baseExperiment }

func runX509PKIXPublicKey(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParsePKIXPublicKey(exp.Input())
// FIXME: name: RSA/ECDSA/...
// FIXME: name: RSA/DA/ECDSA/...
return []Result{result}
}

func NewX509PKIXPublicKey(input []byte) Experiment {
return &X509PKIXPublicKey{
baseExperiment: &baseExperiment{
input: input,
name: "x509 DER encoded public key",
name: "x509: DER encoded public key",
run: runX509PKIXPublicKey,
},
}
}

//
// PKCS8PrivateKey
//

type X509PKCS8PrivateKey struct{ *baseExperiment }

func runX509PKCS8PrivateKey(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParsePKCS8PrivateKey(exp.Input())
return []Result{result}
}

func NewX509PKCS8PrivateKey(input []byte) Experiment {
return &X509PKCS8PrivateKey{
baseExperiment: &baseExperiment{
input: input,
name: "x509: unencrypted PKCS#8 private key",
run: runX509PKCS8PrivateKey,
},
}
}

//
// PKCS1PublicKey
//

type X509PKCS1PublicKey struct{ *baseExperiment }

func runX509PKCS1PublicKey(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParsePKCS1PublicKey(exp.Input())
return []Result{result}
}

func NewX509PKCS1PublicKey(input []byte) Experiment {
return &X509PKCS1PublicKey{
baseExperiment: &baseExperiment{
input: input,
name: "x509: PKCS#1 public key (RSA) in ASN.1 DER form",
run: runX509PKCS1PublicKey,
},
}
}

//
// PKCS1PrivateKey
//

type X509PKCS1PrivateKey struct{ *baseExperiment }

func runX509PKCS1PrivateKey(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParsePKCS1PrivateKey(exp.Input())
return []Result{result}
}

func NewX509PKCS1PrivateKey(input []byte) Experiment {
return &X509PKCS1PrivateKey{
baseExperiment: &baseExperiment{
input: input,
name: "x509: PKCS#1 private key (RSA) in ASN.1 DER form",
run: runX509PKCS1PrivateKey,
},
}
}

//
// ECPrivateKey
//

type X509ECPrivateKey struct{ *baseExperiment }

func runX509ECPrivateKey(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseECPrivateKey(exp.Input())
return []Result{result}
}

func NewX509ECPrivateKey(input []byte) Experiment {
return &X509ECPrivateKey{
baseExperiment: &baseExperiment{
input: input,
name: "x509: ASN.1 Elliptic Curve private key",
run: runX509ECPrivateKey,
},
}
}

//
// DERCRL
//

type X509DERCRL struct{ *baseExperiment }

func runX509DERCRL(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseDERCRL(exp.Input())
return []Result{result}
}

func NewX509DERCRL(input []byte) Experiment {
return &X509DERCRL{
baseExperiment: &baseExperiment{
input: input,
name: "x509: DER encoded CRL (pkix certificate list)",
run: runX509DERCRL,
},
}
}

//
// CRL
//

type X509CRL struct{ *baseExperiment }

func runX509CRL(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseCRL(exp.Input())
return []Result{result}
}

func NewX509CRL(input []byte) Experiment {
return &X509CRL{
baseExperiment: &baseExperiment{
input: input,
name: "x509: CRL (pkix certificate list)",
run: runX509CRL,
},
}
}

//
// Certificate
//

type X509Certificate struct{ *baseExperiment }

func runX509Certificate(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseCertificate(exp.Input())
return []Result{result}
}

func NewX509Certificate(input []byte) Experiment {
return &X509Certificate{
baseExperiment: &baseExperiment{
input: input,
name: "x509: ASN.1 DER certificate",
run: runX509Certificate,
},
}
}

//
// Certificates
//

type X509Certificates struct{ *baseExperiment }

func runX509Certificates(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseCertificates(exp.Input())
return []Result{result}
}

func NewX509Certificates(input []byte) Experiment {
return &X509Certificates{
baseExperiment: &baseExperiment{
input: input,
name: "x509: ASN.1 DER certificate",
run: runX509Certificates,
},
}
}

//
// CertificateRequest
//

type X509CertificateRequest struct{ *baseExperiment }

func runX509CertificateRequest(exp Experiment) []Result {
result := &baseResult{exp: exp}
result.data, result.err = x509.ParseCertificateRequest(exp.Input())
return []Result{result}
}

func NewX509CertificateRequest(input []byte) Experiment {
return &X509CertificateRequest{
baseExperiment: &baseExperiment{
input: input,
name: "x509: ASN.1 DER certificate request",
run: runX509CertificateRequest,
},
}
}
4 changes: 2 additions & 2 deletions cryptoguess/guess_x509_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ AIU+2GKjyT3iMuzZxxFxPFMCAwEAAQ==
experiment := NewX509PKIXPublicKey(block.Bytes)
experiment.Run()
fmt.Println(experiment.String())
// Output: - x509 DER encoded public key: *rsa.PublicKey: &{608306305637925796091751781912442202795683837080520039301522018599439471659350929129047641600014219325768030296625424424345448069328375537097656264726872409669346964631973169088061068456644801547206592340239258807863914253613496344410768210694037962571766118343861315323684256007940397868833247575637775332458247093703506688405094111650106757090455436430116545278572444268308518814399325068421795179779154776544483060305921707389366982780625572375062677808785374136435412820035834031972253361392848622755078064481496629846759926136289522486108922454312015140092203833352973278691362374496694051958883486816981498108038162601522808412224573435547318218332467974418426290024000729037299062720016251706252245691191531968379259424268761139372144924021186347356192038449842702607942990619778520030774483248942866999156530759187345407296334294992294697537874595373096228689277826995922909616024893893083086622170950733804265273320908045376212718531890144840341838709366205409245406814550340900430806361508644473289694271880520086363787049600744919598020494076506686596308552173179749407600927060687430580477162742989412335721907576120509336456000464431105614240090531626536958109202417157669870271270127509090280837018845155202819024829523 65537}
// Output: - x509: DER encoded public key: *rsa.PublicKey: &{608306305637925796091751781912442202795683837080520039301522018599439471659350929129047641600014219325768030296625424424345448069328375537097656264726872409669346964631973169088061068456644801547206592340239258807863914253613496344410768210694037962571766118343861315323684256007940397868833247575637775332458247093703506688405094111650106757090455436430116545278572444268308518814399325068421795179779154776544483060305921707389366982780625572375062677808785374136435412820035834031972253361392848622755078064481496629846759926136289522486108922454312015140092203833352973278691362374496694051958883486816981498108038162601522808412224573435547318218332467974418426290024000729037299062720016251706252245691191531968379259424268761139372144924021186347356192038449842702607942990619778520030774483248942866999156530759187345407296334294992294697537874595373096228689277826995922909616024893893083086622170950733804265273320908045376212718531890144840341838709366205409245406814550340900430806361508644473289694271880520086363787049600744919598020494076506686596308552173179749407600927060687430580477162742989412335721907576120509336456000464431105614240090531626536958109202417157669870271270127509090280837018845155202819024829523 65537}
}

func ExampleX509PKIXPublicKey_Invalid() {
experiment := NewX509PKIXPublicKey([]byte(`lorem ipsum`))
experiment.Run()
fmt.Println(experiment.String())
// Output: - x509 DER encoded public key: err: asn1: structure error: tags don't match (16 vs {class:1 tag:12 length:111 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2
// Output: - x509: DER encoded public key: err: asn1: structure error: tags don't match (16 vs {class:1 tag:12 length:111 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2
}

0 comments on commit 9455646

Please sign in to comment.