Esempio n. 1
0
func testCertificates(ch <-chan []byte, wg *sync.WaitGroup) {
	var h detectcoll.Hash

	if *md5 {
		h = detectcoll.NewMD5()
	} else {
		if *thorough {
			h = detectcoll.NewSHA1Thorough()
		} else {
			h = detectcoll.NewSHA1()
		}
	}

	for blob := range ch {
		cert, err := x509.ParseCertificate(blob)
		if err != nil {
			// log.Printf("Error in cert %v: %s", err, base64.StdEncoding.EncodeToString(blob))
			continue
		}
		h.Write(cert.RawTBSCertificate)
		if sum, ok := h.DetectSum(nil); !ok {
			log.Printf("Certificate has possible collision (hash=%x)", sum)
			log.Print(base64.StdEncoding.EncodeToString(blob))
		}
		h.Reset()
	}
	wg.Done()
}
Esempio n. 2
0
func printModuli(ch <-chan []byte) {
	smallest := big.NewInt(65537)
	for blob := range ch {
		cert, err := x509.ParseCertificate(blob)
		if err != nil {
			log.Printf("Error in cert %v: %s", err, base64.StdEncoding.EncodeToString(blob))
			continue
		}
		if cert.PublicKeyAlgorithm != x509.RSA {
			log.Printf("Skipping non-RSA certificate")
			continue
		}
		pk := cert.PublicKey.(*rsa.PublicKey)
		if pk.N.Cmp(smallest) < 1 {
			log.Printf("Skipping small/negative modulus")
			continue
		}
		fmt.Printf("%x,%s\n", pk.N, base64.StdEncoding.EncodeToString(cert.Raw))
	}
}