diff --git a/report/onionscanreport.go b/report/onionscanreport.go index 16b98eb..7960bef 100644 --- a/report/onionscanreport.go +++ b/report/onionscanreport.go @@ -16,6 +16,12 @@ type ExifImage struct { ExifTags []ExifTag `json:"exifTags"` } +type PGPKey struct { + ArmoredKey string `json:"armoredKey"` + Identity string `json:"identity"` + FingerPrint string `json:"fingerprint"` +} + type OnionScanReport struct { WebDetected bool `json:"webDetected"` SSHDetected bool `json:"sshDetected"` @@ -40,7 +46,7 @@ type OnionScanReport struct { ExifImages []ExifImage `json:"exifImages"` InterestingFiles []string `json:"interestingFiles"` PageReferencedDirectories []string `json:"pageReferencedDirectories"` - PGPKeys []string `json:"pgpKeys"` + PGPKeys []PGPKey `json:"pgpKeys"` Hashes []string `json:"hashes"` SSHKey string `json:"sshKey"` @@ -93,9 +99,9 @@ func (osr *OnionScanReport) AddInternalPage(site string) { utils.RemoveDuplicates(&osr.InternalPages) } -func (osr *OnionScanReport) AddPGPKey(key string) { - osr.PGPKeys = append(osr.PGPKeys, key) - utils.RemoveDuplicates(&osr.PGPKeys) +func (osr *OnionScanReport) AddPGPKey(armoredKey, identity, fingerprint string) { + osr.PGPKeys = append(osr.PGPKeys, PGPKey{armoredKey, identity, fingerprint}) + //TODO map of fingerprint:PGPKeys? and utils.RemoveDuplicates(&osr.PGPKeys) } func (osr *OnionScanReport) AddResponseHeader(name string, value string) { diff --git a/scans/pgp_content_scan.go b/scans/pgp_content_scan.go index 85d8375..5ba0af6 100644 --- a/scans/pgp_content_scan.go +++ b/scans/pgp_content_scan.go @@ -3,12 +3,10 @@ package scans import ( "github.com/s-rah/onionscan/report" "golang.org/x/crypto/openpgp" - "golang.org/x/crypto/openpgp/armor" - //pgpPacket "golang.org/x/crypto/openpgp/packet" "log" "regexp" "strings" - "bytes" + "fmt" ) type PGPContentScan struct { @@ -19,46 +17,24 @@ func (cs *PGPContentScan) ScanContent(content string, report *report.OnionScanRe pgpRegexp := regexp.MustCompile("-----BEGIN PGP PUBLIC KEY BLOCK-----((?s).*)-----END PGP PUBLIC KEY BLOCK-----") foundPGP := pgpRegexp.FindAllString(content, -1) for _, keyString := range foundPGP { - log.Printf("\tFound key: %s\n", keyString) - - buf := bytes.NewBuffer([]byte(keyString)) - block, err := armor.Decode(buf) - if err != nil { - log.Printf("error decoding: %s\n", err) - } else { - log.Printf("Block: %s\n", block) - log.Printf("body: %s\n", block.Body) - - - //packet, err := pgpPacket.Read(block.Body) - /*if err != nil { - log.Printf("Read error: %s", err) - }*/ - /*pk, ok := packet.(*pgpPacket.PublicKeyV3) - if !ok { - log.Printf("failed to parse, got: %s", packet) - }*/ - //log.Printf("fingerprint: %s\n", pk.Fingerprint) - } - keys, err := openpgp.ReadArmoredKeyRing(strings.NewReader(keyString)); if err != nil { log.Printf("ERROR: %s\n", err) continue } - if len(keys) != 1 || len(keys[0].Subkeys) != 1 { + if len(keys) < 1 || len(keys[0].Subkeys) < 1 || len(keys[0].Identities) < 1{ log.Printf("ERROR: failed to accept key\n") continue } - for name, identity := range keys[0].Identities { - log.Printf("identity: %s,%s,%s\n", name, identity.Name, identity.UserId) + var identity string + for identity, _ = range keys[0].Identities { + break } + var fingerprint string + fingerprint = fmt.Sprintf("%X", keys[0].Subkeys[0].PublicKey.Fingerprint) + log.Printf("\tFound PGP Key fingerprint: %s belonging to %s", fingerprint, identity) - pubkey := keys[0].Subkeys[0].PublicKey - log.Printf("pubkey: %X", pubkey.Fingerprint) - //pk3 := pubkey.(*pgpPacket.PublicKeyV3) - - report.AddPGPKey(keyString) + report.AddPGPKey(keyString, identity, fingerprint) } }