Update `user_ssh_keys` with additional details for OpenSSL-style keys by kcreyts · Pull Request #8314 · osquery/osquery
Conversation
This PR introduces additional columns which use OpenSSL macros to get additional details about PEM keys in user .ssh/ directories.
- "key_length" uses OpenSSL's EVP_PKEY_bits to get the cryptographic length of the cryptosystem to which the private key belongs, in bits. Definition of cryptographic length is specific to cryptosystem.
- "key_security_bits" uses OpenSSL's EVP_PKEY_security_bits to get the number of security bits of the given key (bits of security as defined in NIST SP800-57).
- "key_group_name" uses OpenSSL's EVP_PKEY_get_group_name to get the group of the private key. Supported for a subset of key_types implemented by OpenSSL.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems simple, nice. Can you add this to the table integration tests?
extended integration testing.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems okay to me. Thank you so much!
directionless
changed the title
add additional details for OpenSSL-style keys
Update user_ssh_keys with additional details for OpenSSL-style keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters