adding path constraint to content analysis

author: josef <josef.gson@gmail.com> 2015-11-26 13:47:52 +0100
committer: josef <josef.gson@gmail.com> 2015-11-26 13:47:52 +0100
commit: 90c3d69f226c7de86ffdad7091780fed40bb49d3 (patch)
tree: 34e420983152c455632a133f9490901dede5e839
parent: c33b74898059df71f408163db020a6da7dd55447 (diff)
2 files changed, 7 insertions, 3 deletions
diff --git a/monitor/josef_experimental.py b/monitor/josef_experimental.py
index 6d1102e..9bda083 100755
--- a/monitor/josef_experimental.py
+++ b/monitor/josef_experimental.py
@@ -156,6 +156,7 @@ def parse_entry(e, idx, log):
     s += sep + e["not_after"] # valid to
     s += sep + e["validation"] # EV?
     s += sep + e["in_mozilla"] # chains to mozilla root?
+    s += sep + e["ca"]
 
     return s
 
diff --git a/monitor/josef_lib.py b/monitor/josef_lib.py
index 1a9085f..3e641ee 100644
--- a/monitor/josef_lib.py
+++ b/monitor/josef_lib.py
@@ -109,7 +109,7 @@ def check_domain(raw_entry, log=None):
 def check_domain_extended(raw_entry, log=None):
     orig_entry = extract_original_entry(raw_entry)
     # try:
-    cert_info = my_get_more_cert_info(orig_entry[0][0])
+    cert_info = my_get_more_cert_info(orig_entry[0][2])
     # except:
     #     print "Error in my_get_more_cert_info"
     #     return None
@@ -262,6 +262,7 @@ def my_get_more_cert_info(s):
         raise Exception
     result = {}
     result["policy"] = []
+    result["ca"] = ""
     result["keylength"] = "N/A" # Default value
     prev = ""
     for line in parsed[0].split("\n"):
@@ -283,10 +284,8 @@ def my_get_more_cert_info(s):
             result["SAN"] = line.lstrip()
         if "Serial Number:" in prev:
             if prev.split("Serial Number:")[1] == "":
-                # print prev, prev.split("Serial Number:")
                 result["serial"] = line.lstrip()
             else:
-                # print prev, prev.split("Serial Number:")
                 result["serial"] = prev.split("Serial Number: ")[1]
         if "Not After" in line:
             result["not_after"] = line.split(": ")[1]
@@ -294,6 +293,10 @@ def my_get_more_cert_info(s):
             result["not_before"] = line.split(": ")[1]
         if "Policy:" in line:
             result["policy"].append(line.split("Policy: ")[1])
+        if "CA:TRUE" in line:
+            # print line.lstrip()
+            result["ca"] = line.lstrip()
+
         prev = line
     return result
author	josef <josef.gson@gmail.com>	2015-11-26 13:47:52 +0100
committer	josef <josef.gson@gmail.com>	2015-11-26 13:47:52 +0100
commit	90c3d69f226c7de86ffdad7091780fed40bb49d3 (patch)
tree	34e420983152c455632a133f9490901dede5e839
parent	c33b74898059df71f408163db020a6da7dd55447 (diff)