[Bro-Dev] [JIRA] (BIT-1150) X509 updates

Bernhard Amann (JIRA) jira at bro-tracker.atlassian.net
Mon Mar 31 14:41:53 PDT 2014

    [ https://bro-tracker.atlassian.net/browse/BIT-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16005#comment-16005 ] 

Bernhard Amann commented on BIT-1150:

Does this work as a short summary? I think it should be the gist of it...

Rework and move X509 certificate processing from the SSL protocol analyzer to a dedicated file analyzer. This will allow us to examine X509 certificates from sources other than SSL in the future. Furthermore, we now parse more fields and extensions from the certificates (e.g. elliptic curve information, subject alternative names, basic constraints). Certificate validation also was improved, should be easier to use and exposes information like the full verified certificate chain.
Note - this update changes the output of ssl.log, adds a new x509.log with certificate information. Furthermore all x509 events and handling functions changed.

> X509 updates
> ------------
>                 Key: BIT-1150
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1150
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>            Reporter: Robin Sommer
>            Assignee: Robin Sommer
>             Fix For: 2.3
>         Attachments: signature.asc

This message was sent by Atlassian JIRA

More information about the bro-dev mailing list