Skip to content

Commit

Permalink
topdown/crypto: Add RawURIs field to JSON certs
Browse files Browse the repository at this point in the history 
Fixes #6416

Signed-off-by: Charlie Egan <[email protected]>
  • Loading branch information
@charlieegan3
charlieegan3 committed Nov 20, 2023
1 parent d46bc9d commit 70a3a87
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
14 changes: 14 additions & 0 deletions ...cases/testdata/cryptox509parsecertificates/test-cryptox509parsecertificates-raw-uris.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
cases:
- data:
modules:
- |
package generated
certs = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUIxekNDQVh5Z0F3SUJBZ0lJZGxpT1dVY1NXM3N3Q2dZSUtvWkl6ajBFQXdJd1BURUxNQWtHQTFVRUJoTUMKUjBJeEVEQU9CZ05WQkFvVEIwVjRZVzF3YkdVeEhEQWFCZ05WQkFVVEV6RTFPREV4TnpnNU56UTJPRFkxTmpneQpOalF3SUJjTk1qTXhNVEl3TVRZMU5USTRXaGdQTWpFeU1qRXdNamN4TmpVMU1qaGFNRDB4Q3pBSkJnTlZCQVlUCkFrZENNUkF3RGdZRFZRUUtFd2RGZUdGdGNHeGxNUnd3R2dZRFZRUUZFeE00TlRJM056SXlOREE0TlRJeE5qVXoKTVRFMU1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRXp0UDNrQnNpQXY4UUF5eWxUalJZSFlWegpjWTB5YmpBdC9VbWpZb3Fxb0o4SEtIdXF1ckRaUmVwa05qUXdwV3pmZndZZ0xaNk42SisyVUlPdlZ0TDZEcU5rCk1HSXdEZ1lEVlIwUEFRSC9CQVFEQWdlQU1CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRkJ3TUNCZ2dyQmdFRkJRY0QKQVRBTUJnTlZIUk1CQWY4RUFqQUFNQ01HQTFVZEVRUWNNQnFHR0hOd2FXWm1aVG92TDJWNFlXMXdiR1V1WTI5dApMMjl3WVRBS0JnZ3Foa2pPUFFRREFnTkpBREJHQWlFQXlRNDhPd25lTHkzMjZqYitEUjd5RjJhcS94Wnl1cW9qCitUU3ZLVVB5NEU0Q0lRQ0VMUlp3K0dWTjhJR0drVGV4MGxxTDNxY21mWldJbm15VitrbnQ0d3p3L3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
raw_uris = crypto.x509.parse_certificates(certs)[0].RawURIs
note: cryptox509parsecertificates/invalid DER or PEM data, string
query: data.generated.raw_uris = x
want_result:
- x:
- spiffe://example.com/opa
18 changes: 17 additions & 1 deletion topdown/crypto.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,23 @@ func builtinCryptoX509ParseCertificates(_ BuiltinContext, operands []*ast.Term,
return err
}

v, err := ast.InterfaceToValue(certs)
// add a field to certs containing the RAW URIs
processedCerts := make([]struct {
x509.Certificate
RawURIs []string `json:"RawURIs"`
}, len(certs))

for i, cert := range certs {
processedCerts[i].Certificate = *cert
if cert.URIs != nil {
processedCerts[i].RawURIs = make([]string, len(cert.URIs))
for j, uri := range cert.URIs {
processedCerts[i].RawURIs[j] = uri.String()
}
}
}

v, err := ast.InterfaceToValue(processedCerts)
if err != nil {
return err
}
Expand Down

0 comments on commit 70a3a87

Please sign in to comment.