From 6b23bbc7e833a19b155a0ecb9ef3bed5d68f48ae Mon Sep 17 00:00:00 2001 From: Eric Lawrence Date: Mon, 30 Jan 2023 10:18:50 -0600 Subject: [PATCH] Add lightweight info on server cert chain --- FiddlerImportNetlog/FiddlerInterface.cs | 2 +- FiddlerImportNetlog/Importer.cs | 41 +++++++++++++++---- .../Properties/AssemblyInfo.cs | 5 ++- 3 files changed, 38 insertions(+), 10 deletions(-) diff --git a/FiddlerImportNetlog/FiddlerInterface.cs b/FiddlerImportNetlog/FiddlerInterface.cs index 794a8cb..48a707e 100644 --- a/FiddlerImportNetlog/FiddlerInterface.cs +++ b/FiddlerImportNetlog/FiddlerInterface.cs @@ -9,7 +9,7 @@ namespace FiddlerImportNetlog { [ProfferFormat("NetLog JSON", - "Chromium's JSON-based event log format (v1.3.4.3). See https://textslashplain.com/2020/01/17/capture-network-logs-from-edge-and-chrome/ for more info.", + "Chromium's JSON-based event log format (v1.3.4.4). See https://textslashplain.com/2020/01/17/capture-network-logs-from-edge-and-chrome/ for more info.", // We handle import of JSON files, whether uncompressed, or compressed with ZIP or GZ. I'm not completely sure I remember the implications // of declaring .gz here, nor why .zip isn't mentioned. Is this about the drag/drop import feature? ".json;.gz" diff --git a/FiddlerImportNetlog/Importer.cs b/FiddlerImportNetlog/Importer.cs index a5c810c..c329923 100644 --- a/FiddlerImportNetlog/Importer.cs +++ b/FiddlerImportNetlog/Importer.cs @@ -711,20 +711,45 @@ private void GenerateSocketListSession(Dictionary> dictSock { StringBuilder sbCertsReceived = new StringBuilder(); ArrayList alCerts = htParams["certificates"] as ArrayList; + if (alCerts.Count < 1) continue; - // Try to promote the SubjectCN to the title of this node + Hashtable htParsedCerts = new Hashtable(alCerts.Count); try { - if (String.IsNullOrEmpty(sSubjectCNinFirstCert) && alCerts.Count > 0) + for (int i = 0; i < alCerts.Count; i++) { - var FirstCert = new X509Certificate2(); - string sCertInfo = alCerts[0] as string; - FirstCert.Import(Encoding.ASCII.GetBytes(sCertInfo)); - sSubjectCNinFirstCert = (" - " + FirstCert.GetNameInfo(X509NameType.SimpleName, false)).ToLower(); + var htThisCert = new Hashtable(); + htParsedCerts.Add(i.ToString(), htThisCert); + var certItem = new X509Certificate2(); + + certItem.Import(Encoding.ASCII.GetBytes(alCerts[i] as string)); + + // Try to promote the SubjectCN to the title of this Socket. + if (String.IsNullOrEmpty(sSubjectCNinFirstCert)) + { + sSubjectCNinFirstCert = (" - " + certItem.GetNameInfo(X509NameType.SimpleName, false)).ToLower(); + } + + htThisCert.Add("Parsed", new ArrayList + { + "Subject: " + certItem.GetNameInfo(X509NameType.SimpleName, false), + "Issuer: " + certItem.Issuer, + "Expires: " + certItem.NotAfter.ToString("yyyy-MM-dd") + }); + + htThisCert.Add("RAW", new ArrayList + { + alCerts[i] + }); } + htThisSocket.Add("Server Certificates", htParsedCerts); } - catch { } - htThisSocket.Add("Server Certificates", alCerts); + catch (Exception ex) + { + FiddlerApplication.Log.LogString(ex.Message); + htThisSocket.Add("Server Certificates", alCerts); + } + continue; } diff --git a/FiddlerImportNetlog/Properties/AssemblyInfo.cs b/FiddlerImportNetlog/Properties/AssemblyInfo.cs index 1bc8cdb..7f60852 100644 --- a/FiddlerImportNetlog/Properties/AssemblyInfo.cs +++ b/FiddlerImportNetlog/Properties/AssemblyInfo.cs @@ -6,7 +6,7 @@ [assembly: AssemblyCopyright("Copyright ©2023 Eric Lawrence")] [assembly: System.Resources.NeutralResourcesLanguage("en-US")] [assembly: ComVisible(false)] -[assembly: AssemblyVersion("1.3.4.3")] // ALWAYS UPDATE THE VERSION in the [ProfferFormat] attribute in FiddlerInterface.cs to match! +[assembly: AssemblyVersion("1.3.4.4")] // ALWAYS UPDATE THE VERSION in the [ProfferFormat] attribute in FiddlerInterface.cs to match! [assembly: Fiddler.RequiredVersion("4.6.0.0")] @@ -20,6 +20,9 @@ HTTP_STREAM_JOB has a binding between the request and the socket. Hook them up s --> source_dependency = 1701 (URL_REQUEST) */ +// v1.3.4.4 +// Add lightweight breakout of server certinfo + // v1.3.4.3 // Set oTimers' values for ClientBeginResponse, ClientDoneResponse, and ServerDoneResponse so Timeline view works better.