diff --git a/README.md b/README.md index 67e06cb..2bc78b8 100644 --- a/README.md +++ b/README.md @@ -16,19 +16,57 @@ ## Usage ```console -$ cryptoguess test/* -test/jwt-token.txt: JWT Token -test/pem-rsa-pubkey.txt: PEM encoded data -test/rsa-pubkey.txt: SSH RSA public key -test/ssh-rsa-authorized-key.txt: SSH authorized key +$ find test/ -type f | xargs cryptoguess +test/pem-rsa-pubkey.txt: potential candidates: PEM encoded data: x509: DER encoded public key, PEM encoded data +test/jwt-token.txt: JWT signed token +test/ssh-rsa-authorized-key.txt: SSH authorized key +test/rsa-pubkey.txt: potential candidates: BASE64 encoded data: x509: DER encoded public key, BASE64 encoded data +test/crypto-memory/D.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form +test/crypto-memory/E: PEM encoded data +test/crypto-memory/A.pub: SSH authorized key +test/crypto-memory/A: PEM encoded data +test/crypto-memory/B.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data +test/crypto-memory/B.pub: SSH authorized key +test/crypto-memory/D.with-password: PEM encoded data +test/crypto-memory/C.pub: SSH authorized key +test/crypto-memory/D: potential candidates: PEM encoded data: x509: PKCS#1 private key (RSA) in ASN.1 DER form, PEM encoded data +test/crypto-memory/D.pub: SSH authorized key +test/crypto-memory/A.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form +test/crypto-memory/B: PEM encoded data +test/crypto-memory/C: PEM encoded data +test/crypto-memory/B.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form +test/crypto-memory/F.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data +test/crypto-memory/D.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data +test/crypto-memory/F.pub: SSH authorized key +test/crypto-memory/A.pem: potential candidates: PEM encoded data: x509: PKCS#1 public key (RSA) in ASN.1 DER form, PEM encoded data +test/crypto-memory/F.der: x509: PKCS#1 public key (RSA) in ASN.1 DER form ``` ```console -$ file test/* -test/jwt-token.txt: ASCII text, with very long lines, with no line terminators -test/pem-rsa-pubkey.txt: ASCII text -test/rsa-pubkey.txt: ASCII text, with very long lines, with no line terminators -test/ssh-rsa-authorized-key.txt: OpenSSH RSA public key +$ find test/ -type f | xargs file +test/pem-rsa-pubkey.txt: ASCII text +test/jwt-token.txt: ASCII text, with very long lines, with no line terminators +test/ssh-rsa-authorized-key.txt: OpenSSH RSA public key +test/rsa-pubkey.txt: ASCII text, with very long lines, with no line terminators +test/crypto-memory/D.der: data +test/crypto-memory/E: OpenSSH private key +test/crypto-memory/A.pub: OpenSSH RSA public key +test/crypto-memory/A: OpenSSH private key +test/crypto-memory/B.pem: ASCII text +test/crypto-memory/B.pub: OpenSSH RSA public key +test/crypto-memory/D.with-password: PEM RSA private key +test/crypto-memory/C.pub: OpenSSH ED25519 public key +test/crypto-memory/D: PEM RSA private key +test/crypto-memory/D.pub: OpenSSH RSA public key +test/crypto-memory/A.der: data +test/crypto-memory/B: OpenSSH private key +test/crypto-memory/C: OpenSSH private key +test/crypto-memory/B.der: data +test/crypto-memory/F.pem: ASCII text +test/crypto-memory/D.pem: ASCII text +test/crypto-memory/F.pub: OpenSSH RSA public key +test/crypto-memory/A.pem: ASCII text +test/crypto-memory/F.der: data ``` --- @@ -66,32 +104,41 @@ GLOBAL OPTIONS: ## Decoders -| Encoding | Status | Recursive | -|-------------------|--------------------|--------------------| -| aes | :red_circle: | :red_circle: | -| ascii85 | :red_circle: | :red_circle: | -| asn1 | :red_circle: | :red_circle: | -| base32 | :red_circle: | :red_circle: | -| base64 | :white_check_mark: | :white_check_mark: | -| cipher | :red_circle: | :red_circle: | -| csv | :red_circle: | :red_circle: | -| des | :red_circle: | :red_circle: | -| dsa | :red_circle: | :red_circle: | -| ecdsa | :red_circle: | :red_circle: | -| elliptic | :red_circle: | :red_circle: | -| encodings (utf-8) | :red_circle: | :red_circle: | -| encrypted jwt | :red_circle: | :red_circle: | -| gob | :red_circle: | :red_circle: | -| gzip,lzw,... | :red_circle: | :red_circle: | -| json | :red_circle: | :red_circle: | -| pem | :white_check_mark: | :white_check_mark: | -| rsa | :red_circle: | :red_circle: | -| signed jwt | :white_check_mark: | :red_circle: | -| ssh | :white_check_mark: | :red_circle: | -| tls | :red_circle: | :red_circle: | -| url escaped | :red_circle: | :red_circle: | -| x509 | :white_check_mark: | :red_circle: | -| xml | :red_circle: | :red_circle: | +| Encoding | Status | Recursive | +|----------------------------------|--------------------|--------------------| +| aes | :red_circle: | :red_circle: | +| ascii85 | :red_circle: | :red_circle: | +| asn1 | :red_circle: | :red_circle: | +| base32 | :red_circle: | :red_circle: | +| base64 | :white_check_mark: | :white_check_mark: | +| cipher | :red_circle: | :red_circle: | +| csv | :red_circle: | :red_circle: | +| des | :red_circle: | :red_circle: | +| dsa | :red_circle: | :red_circle: | +| ecdsa | :red_circle: | :red_circle: | +| elliptic | :red_circle: | :red_circle: | +| encodings (utf-8) | :red_circle: | :red_circle: | +| encrypted jwt | :red_circle: | :red_circle: | +| gob | :red_circle: | :red_circle: | +| gzip,lzw,... | :red_circle: | :red_circle: | +| json | :red_circle: | :red_circle: | +| pem | :white_check_mark: | :white_check_mark: | +| rsa | :red_circle: | :red_circle: | +| signed jwt | :white_check_mark: | :red_circle: | +| ssh | :white_check_mark: | :red_circle: | +| tls | :red_circle: | :red_circle: | +| url escaped | :red_circle: | :red_circle: | +| x509: DER certificate list | :white_check_mark: | n/a | +| x509: Elliptic Curve private key | :white_check_mark: | n/a | +| x509: PKCS#1 RSA private key | :white_check_mark: | n/a | +| x509: PKCS#8 private key | :white_check_mark: | n/a | +| x509: PKCS#8 public key | :white_check_mark: | n/a | +| x509: PKIX public key | :white_check_mark: | n/a | +| x509: certificate | :white_check_mark: | n/a | +| x509: certificate list | :white_check_mark: | n/a | +| x509: certificate request | :white_check_mark: | n/a | +| x509: certificates | :white_check_mark: | n/a | +| xml | :red_circle: | :red_circle: | ## Install diff --git a/cryptoguess/guess_x509.go b/cryptoguess/guess_x509.go index b88d125..caae028 100644 --- a/cryptoguess/guess_x509.go +++ b/cryptoguess/guess_x509.go @@ -4,14 +4,26 @@ import "crypto/x509" func init() { AvailableExperiments = append(AvailableExperiments, NewX509PKIXPublicKey) + AvailableExperiments = append(AvailableExperiments, NewX509PKCS8PrivateKey) + AvailableExperiments = append(AvailableExperiments, NewX509PKCS1PublicKey) + AvailableExperiments = append(AvailableExperiments, NewX509PKCS1PrivateKey) + AvailableExperiments = append(AvailableExperiments, NewX509ECPrivateKey) + AvailableExperiments = append(AvailableExperiments, NewX509DERCRL) + AvailableExperiments = append(AvailableExperiments, NewX509Certificate) + AvailableExperiments = append(AvailableExperiments, NewX509Certificates) + AvailableExperiments = append(AvailableExperiments, NewX509CertificateRequest) } +// +// PKIXPublicKey +// + type X509PKIXPublicKey struct{ *baseExperiment } func runX509PKIXPublicKey(exp Experiment) []Result { result := &baseResult{exp: exp} result.data, result.err = x509.ParsePKIXPublicKey(exp.Input()) - // FIXME: name: RSA/ECDSA/... + // FIXME: name: RSA/DA/ECDSA/... return []Result{result} } @@ -19,8 +31,206 @@ func NewX509PKIXPublicKey(input []byte) Experiment { return &X509PKIXPublicKey{ baseExperiment: &baseExperiment{ input: input, - name: "x509 DER encoded public key", + name: "x509: DER encoded public key", run: runX509PKIXPublicKey, }, } } + +// +// PKCS8PrivateKey +// + +type X509PKCS8PrivateKey struct{ *baseExperiment } + +func runX509PKCS8PrivateKey(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParsePKCS8PrivateKey(exp.Input()) + return []Result{result} +} + +func NewX509PKCS8PrivateKey(input []byte) Experiment { + return &X509PKCS8PrivateKey{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: unencrypted PKCS#8 private key", + run: runX509PKCS8PrivateKey, + }, + } +} + +// +// PKCS1PublicKey +// + +type X509PKCS1PublicKey struct{ *baseExperiment } + +func runX509PKCS1PublicKey(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParsePKCS1PublicKey(exp.Input()) + return []Result{result} +} + +func NewX509PKCS1PublicKey(input []byte) Experiment { + return &X509PKCS1PublicKey{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: PKCS#1 public key (RSA) in ASN.1 DER form", + run: runX509PKCS1PublicKey, + }, + } +} + +// +// PKCS1PrivateKey +// + +type X509PKCS1PrivateKey struct{ *baseExperiment } + +func runX509PKCS1PrivateKey(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParsePKCS1PrivateKey(exp.Input()) + return []Result{result} +} + +func NewX509PKCS1PrivateKey(input []byte) Experiment { + return &X509PKCS1PrivateKey{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: PKCS#1 private key (RSA) in ASN.1 DER form", + run: runX509PKCS1PrivateKey, + }, + } +} + +// +// ECPrivateKey +// + +type X509ECPrivateKey struct{ *baseExperiment } + +func runX509ECPrivateKey(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseECPrivateKey(exp.Input()) + return []Result{result} +} + +func NewX509ECPrivateKey(input []byte) Experiment { + return &X509ECPrivateKey{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: ASN.1 Elliptic Curve private key", + run: runX509ECPrivateKey, + }, + } +} + +// +// DERCRL +// + +type X509DERCRL struct{ *baseExperiment } + +func runX509DERCRL(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseDERCRL(exp.Input()) + return []Result{result} +} + +func NewX509DERCRL(input []byte) Experiment { + return &X509DERCRL{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: DER encoded CRL (pkix certificate list)", + run: runX509DERCRL, + }, + } +} + +// +// CRL +// + +type X509CRL struct{ *baseExperiment } + +func runX509CRL(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseCRL(exp.Input()) + return []Result{result} +} + +func NewX509CRL(input []byte) Experiment { + return &X509CRL{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: CRL (pkix certificate list)", + run: runX509CRL, + }, + } +} + +// +// Certificate +// + +type X509Certificate struct{ *baseExperiment } + +func runX509Certificate(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseCertificate(exp.Input()) + return []Result{result} +} + +func NewX509Certificate(input []byte) Experiment { + return &X509Certificate{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: ASN.1 DER certificate", + run: runX509Certificate, + }, + } +} + +// +// Certificates +// + +type X509Certificates struct{ *baseExperiment } + +func runX509Certificates(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseCertificates(exp.Input()) + return []Result{result} +} + +func NewX509Certificates(input []byte) Experiment { + return &X509Certificates{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: ASN.1 DER certificate", + run: runX509Certificates, + }, + } +} + +// +// CertificateRequest +// + +type X509CertificateRequest struct{ *baseExperiment } + +func runX509CertificateRequest(exp Experiment) []Result { + result := &baseResult{exp: exp} + result.data, result.err = x509.ParseCertificateRequest(exp.Input()) + return []Result{result} +} + +func NewX509CertificateRequest(input []byte) Experiment { + return &X509CertificateRequest{ + baseExperiment: &baseExperiment{ + input: input, + name: "x509: ASN.1 DER certificate request", + run: runX509CertificateRequest, + }, + } +} diff --git a/cryptoguess/guess_x509_test.go b/cryptoguess/guess_x509_test.go index fae7799..85e3c74 100644 --- a/cryptoguess/guess_x509_test.go +++ b/cryptoguess/guess_x509_test.go @@ -25,12 +25,12 @@ AIU+2GKjyT3iMuzZxxFxPFMCAwEAAQ== experiment := NewX509PKIXPublicKey(block.Bytes) experiment.Run() fmt.Println(experiment.String()) - // Output: - x509 DER encoded public key: *rsa.PublicKey: &{608306305637925796091751781912442202795683837080520039301522018599439471659350929129047641600014219325768030296625424424345448069328375537097656264726872409669346964631973169088061068456644801547206592340239258807863914253613496344410768210694037962571766118343861315323684256007940397868833247575637775332458247093703506688405094111650106757090455436430116545278572444268308518814399325068421795179779154776544483060305921707389366982780625572375062677808785374136435412820035834031972253361392848622755078064481496629846759926136289522486108922454312015140092203833352973278691362374496694051958883486816981498108038162601522808412224573435547318218332467974418426290024000729037299062720016251706252245691191531968379259424268761139372144924021186347356192038449842702607942990619778520030774483248942866999156530759187345407296334294992294697537874595373096228689277826995922909616024893893083086622170950733804265273320908045376212718531890144840341838709366205409245406814550340900430806361508644473289694271880520086363787049600744919598020494076506686596308552173179749407600927060687430580477162742989412335721907576120509336456000464431105614240090531626536958109202417157669870271270127509090280837018845155202819024829523 65537} + // Output: - x509: DER encoded public key: *rsa.PublicKey: &{608306305637925796091751781912442202795683837080520039301522018599439471659350929129047641600014219325768030296625424424345448069328375537097656264726872409669346964631973169088061068456644801547206592340239258807863914253613496344410768210694037962571766118343861315323684256007940397868833247575637775332458247093703506688405094111650106757090455436430116545278572444268308518814399325068421795179779154776544483060305921707389366982780625572375062677808785374136435412820035834031972253361392848622755078064481496629846759926136289522486108922454312015140092203833352973278691362374496694051958883486816981498108038162601522808412224573435547318218332467974418426290024000729037299062720016251706252245691191531968379259424268761139372144924021186347356192038449842702607942990619778520030774483248942866999156530759187345407296334294992294697537874595373096228689277826995922909616024893893083086622170950733804265273320908045376212718531890144840341838709366205409245406814550340900430806361508644473289694271880520086363787049600744919598020494076506686596308552173179749407600927060687430580477162742989412335721907576120509336456000464431105614240090531626536958109202417157669870271270127509090280837018845155202819024829523 65537} } func ExampleX509PKIXPublicKey_Invalid() { experiment := NewX509PKIXPublicKey([]byte(`lorem ipsum`)) experiment.Run() fmt.Println(experiment.String()) - // Output: - x509 DER encoded public key: err: asn1: structure error: tags don't match (16 vs {class:1 tag:12 length:111 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2 + // Output: - x509: DER encoded public key: err: asn1: structure error: tags don't match (16 vs {class:1 tag:12 length:111 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2 }