Another thing I just though of that may or may not apply to you: check if the certificate used to sign the report is trusted on the openvas server (gpg --homedir=/etc/openvas/gnupg/ --check-sigs ; gpg --homedir=/etc/openvas/gnupg/ --lsign KEY_ID ). Depends on where you are signing the report and which key you are using for that.
and the content of create_report_import.sh from my last email since I foolishly added it as an attachment and not inline
---- #!/bin/bash #------------------------------------------------------------------------------- # Some basic information about the report #------------------------------------------------------------------------------- NAME='HTML Plus' EXTENSION='html' CONTENT_TYPE='text/html' SUMMARY='Extended HTML'DESCRIPTION="Generate a nice HTML output better suited for stand-alone viewing on wide monitors, uses some javascript and adds host information"
# Files to include, add everything required to generate the report
FILELIST="generate extended-html.xsl fetch_ip_info.sh"
# this is the file you will want to import into OpenVAS
IMPORTFILE="extended-html.xml"
gpgopts='--homedir=/etc/openvas/gnupg'
#-------------------------------------------------------------------------------
# base64 and xml voodoo happens here
#-------------------------------------------------------------------------------
UUID=$(uuid)
{
# OpenVAS 4:
# echo -n
"${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0"
# OpenVAS 5:
echo -n "${UUID}${EXTENSION}${CONTENT_TYPE}0"
for FILE in $(ls -1 ${FILELIST})
do
echo -n "${FILE}$(base64 -w 0 ${FILE})"
done
echo
} > ${UUID}
gpg ${gpgopts} --detach-sign --armor ${UUID}
{
echo -n '<get_report_formats_response status="200"
status_text="OK"><report_format
id="'$UUID'"><name>'$NAME'</name><extension>'$EXTENSION'</extension><content_type>'$CONTENT_TYPE'</content_type><summary>'$SUMMARY'</summary><description>'$DESCRIPTION'</description><global>0</global>'
for FILE in $(ls -1 ${FILELIST})
do
echo -n "<file name=\"${FILE}\">$(base64 -w 0 ${FILE})</file>"
done
echo -n '<signature>'
cat ${UUID}.asc
echo -n '</signature>'
echo '</report_format></get_report_formats_response>'
} > ${IMPORTFILE}
gpg ${gpgopts} --verify ${UUID}.asc ${UUID}
rm ${UUID} ${UUID}.asc
On 2/19/2014 6:35 PM, Ryan Schulze wrote:
Hi Greg,I believe the beginning of your ${UUID} file is incorrect for the current version of OpenVAS.${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0 seems to still be the format used with OpenVAS 4, as of OpenVAS 5 it was changed to ${UUID}${EXTENSION}${CONTENT_TYPE}0I attached the create_report_import.sh we use for one of our custom reports, heope that helps you out. I remember having fun digging through the debugging and temp files when that changed ;-)Regards, Ryan --- On 2/19/2014 3:28 PM, Greg Etling wrote:I'm about at the end of my knowledge and am sure I'm missing something right in front of my face while trying to set up a new report format.I have set up keys on our Openvas server (as per http://www.openvas.org/trusted-nvts.html) created a new report format, grabbed the create_report_import from SVN and modified as seen below, ran it and uploaded the results as a new report, activated it with omp and everything seems fine, except openvas refuses to trust the report...I'm thinking its somewhere in the signing process that I am going wrong, because gpg will verify (gpg --homedir=/etc/openvas/gnupg --verify ${UUID}.asc ${UUID}) as created...but that signing procedure seems off to me, I'm just not sure how.--- NAME="PDF Detailed Report" UUID=`uuid` EXTENSION=pdf CONTENT_TYPE="application/pdf" SUMMARY="Customized PDF report to replace default" DESCRIPTION="Customized scan PDF report." # Names must be in alphabetical order. FNAME1=generate FILE1=`base64 -w 0 generate` FNAME2=latex.xsl FILE2=`base64 -w 0 latex.xsl`echo ${UUID}${NAME}${EXTENSION}${CONTENT_TYPE}${SUMMARY}${DESCRIPTION}0${FNAME1}${FILE1}${FNAME2}${FILE2} > ${UUID}gpg --homedir=/etc/openvas/gnupg --detach-sign --armor ${UUID} rm ${UUID}echo -n '<get_report_formats_response status="200" status_text="OK"><report_format id="'$UUID'"><name>'$NAME'</name><extension>'$EXTENSION'</extension><content_type>'$CONTENT_TYPE'</content_type><summary>'$SUMMARY'</summary><description>'$DESCRIPTION'</description><file name="'$FNAME1'">'$FILE1'</file><file name="'$FNAME2'">'$FILE2'</file><signature>' > custom_detail_pdf.xmlcat ${UUID}.asc >> custom_detail_pdf.xmlecho '</signature></report_format></get_report_formats_response>' >> custom_detail_pdf.xml--- I'm grateful for any and all input that might help. Thanks, Greg -- Greg Etling [email protected] <mailto:[email protected]> Systems Administrator Stern IT Enterprise Operations NYU Stern School of Business _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
