mozkeeler/analysis.js Secret

## analysis.js
var atob = require("atob");
var fs = require("fs");
var lintx509 = require("./lintx509.js");

if (process.argv.length < 3) {
  console.error(`usage: ${process.argv[0]} ${process.argv[1]} <filename>`);
  process.exit(1);
}

function findCAIssuersAIA(cert) {
  if (!cert.tbsCertificate.extensions) {
    return false;
  }
  for (let extension of cert.tbsCertificate.extensions) {
    if (extension.extnID.toString() == "id-pe-authorityInfoAccess") {
      for (let description of extension.extnValue.accessDescriptions) {
        if (description.accessMethod.toString() == "id-ad-caIssuers") {
          return true;
        }
      }
    }
  }
  return false;
}

function processCert(cert, count) {
  let result = { hasCAIssuersAIA: findCAIssuersAIA(cert),
                 volume: parseInt(count, 10) };
  return result;
}

function analyzeResults(results) {
  let numCAIssuersAIAs = 0;
  let weightedNumCAIssuersAIAs = 0;
  let totalWeight = 0;
  results.forEach((result) => {
    totalWeight += result.volume;
    if (result.hasCAIssuersAIA) {
      numCAIssuersAIAs++;
      weightedNumCAIssuersAIAs += result.volume;
    }
  });
  let unweightedPercentage = (100 * numCAIssuersAIAs / results.length).toFixed(2);
  let weightedPercentage = (100 * weightedNumCAIssuersAIAs / totalWeight).toFixed(2);
  console.log(`${numCAIssuersAIAs} out of ${results.length} have CA issuer AIA`);
  console.log(`unweighted: ${unweightedPercentage}%`);
  console.log(`weighted: ${weightedPercentage}%`);
}

var input = process.argv[2];
fs.readFile(input, "utf-8", (err, data) => {
  if (err) {
    console.error(err);
    return;
  }

  let results = [];
  let errorCount = 0;
  let lines = data.split("\n");
  for (let line of lines) {
    if (line.length == 0) {
      continue;
    }
    let [b64, count] = line.split(" ");
    try {
      let bin = atob(b64);
      let bytes = [];
      for (let i = 0; i < bin.length; i++) {
        bytes.push(bin.charCodeAt(i));
      }
      let der = new lintx509.DER(bytes);
      let cert = new lintx509.Certificate(der);
      cert.parse();
      results.push(processCert(cert, count));
    } catch (e) {
      console.error(e);
      errorCount++;
    }
  }
  console.log(`${errorCount} errors`);
  analyzeResults(results);
});

## output
0 errors
1656 out of 83583 have CA issuer AIA
unweighted: 1.98%
weighted: 5.88%
	var atob = require("atob");
	var fs = require("fs");
	var lintx509 = require("./lintx509.js");

	if (process.argv.length < 3) {
	console.error(`usage: ${process.argv[0]} ${process.argv[1]} <filename>`);
	process.exit(1);
	}

	function findCAIssuersAIA(cert) {
	if (!cert.tbsCertificate.extensions) {
	return false;
	}
	for (let extension of cert.tbsCertificate.extensions) {
	if (extension.extnID.toString() == "id-pe-authorityInfoAccess") {
	for (let description of extension.extnValue.accessDescriptions) {
	if (description.accessMethod.toString() == "id-ad-caIssuers") {
	return true;
	}
	}
	}
	}
	return false;
	}

	function processCert(cert, count) {
	let result = { hasCAIssuersAIA: findCAIssuersAIA(cert),
	volume: parseInt(count, 10) };
	return result;
	}

	function analyzeResults(results) {
	let numCAIssuersAIAs = 0;
	let weightedNumCAIssuersAIAs = 0;
	let totalWeight = 0;
	results.forEach((result) => {
	totalWeight += result.volume;
	if (result.hasCAIssuersAIA) {
	numCAIssuersAIAs++;
	weightedNumCAIssuersAIAs += result.volume;
	}
	});
	let unweightedPercentage = (100 * numCAIssuersAIAs / results.length).toFixed(2);
	let weightedPercentage = (100 * weightedNumCAIssuersAIAs / totalWeight).toFixed(2);
	console.log(`${numCAIssuersAIAs} out of ${results.length} have CA issuer AIA`);
	console.log(`unweighted: ${unweightedPercentage}%`);
	console.log(`weighted: ${weightedPercentage}%`);
	}

	var input = process.argv[2];
	fs.readFile(input, "utf-8", (err, data) => {
	if (err) {
	console.error(err);
	return;
	}

	let results = [];
	let errorCount = 0;
	let lines = data.split("\n");
	for (let line of lines) {
	if (line.length == 0) {
	continue;
	}
	let [b64, count] = line.split(" ");
	try {
	let bin = atob(b64);
	let bytes = [];
	for (let i = 0; i < bin.length; i++) {
	bytes.push(bin.charCodeAt(i));
	}
	let der = new lintx509.DER(bytes);
	let cert = new lintx509.Certificate(der);
	cert.parse();
	results.push(processCert(cert, count));
	} catch (e) {
	console.error(e);
	errorCount++;
	}
	}
	console.log(`${errorCount} errors`);
	analyzeResults(results);
	});
	0 errors
	1656 out of 83583 have CA issuer AIA
	unweighted: 1.98%
	weighted: 5.88%