Add details for ciphers
parent
18c204509f
commit
1602a62674
|
@ -37,6 +37,18 @@ body {
|
|||
background-color: #000;
|
||||
}
|
||||
|
||||
table.center td {
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
td.error {
|
||||
background-color: #ddd;
|
||||
}
|
||||
|
||||
td.primary {
|
||||
background-color: $state-info-bg;
|
||||
}
|
||||
|
||||
.progress-bar-default {
|
||||
background-color: $label-default-bg;
|
||||
}
|
||||
|
|
|
@ -3,6 +3,10 @@ module CheckHelper
|
|||
"<span class=\"label label-#{color} %>\">#{value}</span>".html_safe
|
||||
end
|
||||
|
||||
def cell(value, color)
|
||||
"<td class=\"#{color}\">#{value}</td>".html_safe
|
||||
end
|
||||
|
||||
def rank_color(rank)
|
||||
case rank
|
||||
when 'A+' then
|
||||
|
@ -59,7 +63,7 @@ module CheckHelper
|
|||
|
||||
def key_label(key)
|
||||
return label('Aucune', :error) unless key
|
||||
label "#{key.type.upcase} #{key[:size]} bits", color_key(key)
|
||||
label "#{key.type.upcase} #{key[:size]} bits", key_color(key)
|
||||
end
|
||||
|
||||
def key_labels(keys)
|
||||
|
@ -68,12 +72,13 @@ module CheckHelper
|
|||
end
|
||||
|
||||
def cipher_size_label(cipher)
|
||||
size = cipher.size
|
||||
size = cipher.size if cipher.is_a? CryptCheck::Tls::Cipher
|
||||
label "#{size} bits", cipher_color(size)
|
||||
end
|
||||
|
||||
def color_key(key)
|
||||
case key.rsa_size
|
||||
def key_color(key)
|
||||
case key&.rsa_size
|
||||
when nil then :default
|
||||
when 0...1024 then :error
|
||||
when 1024...2048 then :danger
|
||||
when 2048...4096 then :warning
|
||||
|
@ -83,6 +88,7 @@ module CheckHelper
|
|||
|
||||
def cipher_color(key)
|
||||
case key
|
||||
when nil then :default
|
||||
when 0...112 then :error
|
||||
when 112...128 then :danger
|
||||
when 128...256 then :success
|
||||
|
@ -107,4 +113,87 @@ module CheckHelper
|
|||
cipher.state.collect { |c, ls| ls.collect { |l| label l.upcase, c } }
|
||||
.flatten(1).join("\n").html_safe
|
||||
end
|
||||
|
||||
def cipher_kex_type_cell(kex)
|
||||
color = case kex
|
||||
when :ecdh then :primary
|
||||
when :dh then :success
|
||||
when :rsa then :warning
|
||||
else :error
|
||||
end
|
||||
kex ||= 'None'
|
||||
cell kex.to_s.upcase, color
|
||||
end
|
||||
|
||||
def cipher_kex_size_cell(kex)
|
||||
color = key_color kex
|
||||
cell kex&.[](:size), color
|
||||
end
|
||||
|
||||
def cipher_auth_type_cell(auth)
|
||||
color = case auth
|
||||
when :ecdsa then :primary
|
||||
when :rsa then :default
|
||||
else :error
|
||||
end
|
||||
auth ||= 'None'
|
||||
cell auth.to_s.upcase, color
|
||||
end
|
||||
|
||||
def cipher_auth_size_cell(auth)
|
||||
color = key_color auth
|
||||
cell auth&.[](:size), color
|
||||
end
|
||||
|
||||
def cipher_enc_type_cell(enc)
|
||||
color = case enc
|
||||
when :chacha20 then :primary
|
||||
when :aes then :success
|
||||
when :camellia, :seed, :idea then :default
|
||||
when :'3des' then :danger
|
||||
else :error
|
||||
end
|
||||
enc ||= 'NONE'
|
||||
cell enc.to_s.upcase, color
|
||||
end
|
||||
|
||||
def cipher_enc_key_size_cell(enc)
|
||||
enc ||= 0
|
||||
color = cipher_color enc
|
||||
cell enc, color
|
||||
end
|
||||
|
||||
def cipher_enc_block_size_cell(enc)
|
||||
return cell '', :default unless enc
|
||||
color = cipher_color enc
|
||||
cell enc, color
|
||||
end
|
||||
|
||||
def cipher_enc_mode_cell(enc)
|
||||
color = case enc
|
||||
when :gcm, :ccm then :primary
|
||||
when :cbc then :warning
|
||||
end
|
||||
enc ||= ''
|
||||
cell enc.to_s.upcase, color
|
||||
end
|
||||
|
||||
def cipher_mac_type_cell(mac)
|
||||
color = case mac
|
||||
when :poly1305 then :primary
|
||||
when :sha384, :sha256 then :success
|
||||
when :sha1 then :default
|
||||
when :md5 then :error
|
||||
end
|
||||
cell mac.to_s.upcase, color
|
||||
end
|
||||
|
||||
def cipher_mac_size_cell(mac)
|
||||
cell mac, nil
|
||||
end
|
||||
|
||||
def cipher_pfs_cell(pfs)
|
||||
return cell 'PFS', :success if pfs
|
||||
cell 'No PFS', :warning
|
||||
end
|
||||
end
|
||||
|
|
|
@ -75,29 +75,58 @@
|
|||
</div>
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<table class="table table-bordered table-condensed table-striped">
|
||||
<table class="table table-bordered table-condensed table-striped center">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="col-sm-5">Algorithme</th>
|
||||
<th class="col-sm-1">Clef</th>
|
||||
<th class="col-sm-1">DH</th>
|
||||
<th></th>
|
||||
<th rowspan="2">Name</th>
|
||||
<th colspan="2">Key exchange</th>
|
||||
<th colspan="2">Authentification</th>
|
||||
<th colspan="4">Encryption</th>
|
||||
<th colspan="2">MAC</th>
|
||||
<th rowspan="2">PFS</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Block size</th>
|
||||
<th>Mode</th>
|
||||
<th>Type</th>
|
||||
<th>Size</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<% %w(TLSv1_2 TLSv1_1 TLSv1 SSLv3 SSLv2).each do |protocol|
|
||||
ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol }
|
||||
.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh })
|
||||
<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol|
|
||||
ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol.to_s }
|
||||
.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, @result[:key] })
|
||||
unless ciphers.empty? %>
|
||||
<tr>
|
||||
<th colspan="3"><%= protocol_label protocol %></th>
|
||||
<th colspan="12"><%= protocol_label protocol %></th>
|
||||
</tr>
|
||||
<% ciphers.each do |cipher| %>
|
||||
<% ciphers.each do |cipher|
|
||||
params = cipher.params
|
||||
kex = params[:kex]
|
||||
auth = params[:auth]
|
||||
enc = params[:enc]
|
||||
mac = params[:mac]
|
||||
pfs = params[:pfs]
|
||||
%>
|
||||
<tr>
|
||||
<th><%= cipher_name_label cipher %></th>
|
||||
<td><%= cipher_size_label cipher %></td>
|
||||
<td><%= key_label cipher.dh if cipher.dh %></td>
|
||||
<td><%= cipher_labels cipher %></td>
|
||||
<%= cipher_kex_type_cell kex&.first %>
|
||||
<%= cipher_kex_size_cell kex&.last %>
|
||||
<%= cipher_auth_type_cell auth&.first %>
|
||||
<%= cipher_auth_size_cell auth&.last %>
|
||||
<%= cipher_enc_type_cell enc&.first %>
|
||||
<%= cipher_enc_key_size_cell enc&.[] 1 %>
|
||||
<%= cipher_enc_block_size_cell enc&.[] 2 %>
|
||||
<%= cipher_enc_mode_cell enc&.last %>
|
||||
<%= cipher_mac_type_cell mac&.first %>
|
||||
<%= cipher_mac_size_cell mac&.last %>
|
||||
<%= cipher_pfs_cell pfs %>
|
||||
</tr>
|
||||
<% end end end %>
|
||||
</tbody>
|
||||
|
|
|
@ -1,19 +1,44 @@
|
|||
<div class="container">
|
||||
<div class="row">
|
||||
<table class="table-bordered table-condensed table-striped col-sm-12">
|
||||
<table class="table table-bordered table-condensed table-striped center col-sm-12">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="col-sm-6">Algorithme</th>
|
||||
<th class="col-sm-1">Taille</th>
|
||||
<td class="col-sm-5"></td>
|
||||
<th rowspan="2">Name</th>
|
||||
<th rowspan="2">Key exchange</th>
|
||||
<th rowspan="2">Authentification</th>
|
||||
<th colspan="4">Encryption</th>
|
||||
<th colspan="2">MAC</th>
|
||||
<th rowspan="2">PFS</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Block size</th>
|
||||
<th>Mode</th>
|
||||
<th>Type</th>
|
||||
<th>Size</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<% CryptCheck::Tls::Cipher.list.each do |cipher| %>
|
||||
<% CryptCheck::Tls::Cipher.list.each do |cipher|
|
||||
params = cipher.params
|
||||
kex = params[:kex]
|
||||
auth = params[:auth]
|
||||
enc = params[:enc]
|
||||
mac = params[:mac]
|
||||
pfs = params[:pfs]
|
||||
%>
|
||||
<tr>
|
||||
<th><%= cipher_name_label cipher %></th>
|
||||
<th><%= cipher_size_label cipher %></th>
|
||||
<th><%= cipher_labels cipher %></th>
|
||||
<%= cipher_kex_type_cell kex&.first %>
|
||||
<%= cipher_auth_type_cell auth&.first %>
|
||||
<%= cipher_enc_type_cell enc&.first %>
|
||||
<%= cipher_enc_key_size_cell enc&.[] 1 %>
|
||||
<%= cipher_enc_block_size_cell enc&.[] 2 %>
|
||||
<%= cipher_enc_mode_cell enc&.last %>
|
||||
<%= cipher_mac_type_cell mac&.first %>
|
||||
<%= cipher_mac_size_cell mac&.last %>
|
||||
<%= cipher_pfs_cell pfs %>
|
||||
</tr>
|
||||
<% end %>
|
||||
</tbody>
|
||||
|
|
|
@ -5,11 +5,24 @@
|
|||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<table class="table-bordered table-condensed table-striped col-sm-12">
|
||||
<table class="table table-bordered table-condensed table-striped col-sm-12">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="col-sm-4">Navigateur</th>
|
||||
<th class="col-sm-8" colspan="3">Cipher</th>
|
||||
<th rowspan="2">Navigateur</th>
|
||||
<th rowspan="2">Name</th>
|
||||
<th rowspan="2">Key exchange</th>
|
||||
<th rowspan="2">Authentification</th>
|
||||
<th colspan="4">Encryption</th>
|
||||
<th colspan="2">MAC</th>
|
||||
<th rowspan="2">PFS</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Block size</th>
|
||||
<th>Mode</th>
|
||||
<th>Type</th>
|
||||
<th>Size</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
@ -17,16 +30,31 @@
|
|||
iana_ciphers = Hash[@ciphers.collect { |c| [Rails.application.config.openssl_ciphers[c.name], c] }]
|
||||
Rails.application.config.user_agents_ciphers.each do |ua, support|
|
||||
cipher = (support['ciphers'].collect(&:first) & iana_ciphers.keys).first
|
||||
cipher = iana_ciphers[cipher] if cipher
|
||||
if cipher
|
||||
cipher = iana_ciphers[cipher]
|
||||
params = cipher.params
|
||||
kex = params[:kex]
|
||||
auth = params[:auth]
|
||||
enc = params[:enc]
|
||||
mac = params[:mac]
|
||||
pfs = params[:pfs]
|
||||
end
|
||||
%>
|
||||
<tr>
|
||||
<th><%= ua %></th>
|
||||
<% if cipher %>
|
||||
<td><%= cipher_name_label cipher %></td>
|
||||
<td><%= cipher_size_label cipher %></td>
|
||||
<td><%= cipher_labels cipher %></td>
|
||||
<th><%= cipher_name_label cipher %></th>
|
||||
<%= cipher_kex_type_cell kex&.first %>
|
||||
<%= cipher_auth_type_cell auth&.first %>
|
||||
<%= cipher_enc_type_cell enc&.first %>
|
||||
<%= cipher_enc_key_size_cell enc&.[] 1 %>
|
||||
<%= cipher_enc_block_size_cell enc&.[] 2 %>
|
||||
<%= cipher_enc_mode_cell enc&.last %>
|
||||
<%= cipher_mac_type_cell mac&.first %>
|
||||
<%= cipher_mac_size_cell mac&.last %>
|
||||
<%= cipher_pfs_cell pfs %>
|
||||
<% else %>
|
||||
<td colspan="3"><%= label('Non supporté', :error) %></td>
|
||||
<td colspan="10"><%= label('Non supporté', :error) %></td>
|
||||
<% end %>
|
||||
</tr>
|
||||
<% end %>
|
||||
|
@ -35,23 +63,48 @@
|
|||
</div>
|
||||
<br/>
|
||||
<div class="row">
|
||||
<table class="table-bordered table-condensed table-striped col-sm-12">
|
||||
<table class="table table-bordered table-condensed table-striped center col-sm-12">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="col-sm-4">Algorithme</th>
|
||||
<th class="col-sm-1">Taille</th>
|
||||
<td class="col-sm-7"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th rowspan="2">Name</th>
|
||||
<th rowspan="2">Key exchange</th>
|
||||
<th rowspan="2">Authentification</th>
|
||||
<th colspan="4">Encryption</th>
|
||||
<th colspan="2">MAC</th>
|
||||
<th rowspan="2">PFS</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Type</th>
|
||||
<th>Key size</th>
|
||||
<th>Block size</th>
|
||||
<th>Mode</th>
|
||||
<th>Type</th>
|
||||
<th>Size</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<% @ciphers.each do |cipher| %>
|
||||
<% @ciphers.each do |cipher|
|
||||
params = cipher.params
|
||||
kex = params[:kex]
|
||||
auth = params[:auth]
|
||||
enc = params[:enc]
|
||||
mac = params[:mac]
|
||||
pfs = params[:pfs]
|
||||
%>
|
||||
<tr>
|
||||
<th><%= cipher_name_label cipher %></th>
|
||||
<th><%= cipher_size_label cipher %></th>
|
||||
<th><%= cipher_labels cipher %></th>
|
||||
<%= cipher_kex_type_cell kex&.first %>
|
||||
<%= cipher_auth_type_cell auth&.first %>
|
||||
<%= cipher_enc_type_cell enc&.first %>
|
||||
<%= cipher_enc_key_size_cell enc&.[] 1 %>
|
||||
<%= cipher_enc_block_size_cell enc&.[] 2 %>
|
||||
<%= cipher_enc_mode_cell enc&.last %>
|
||||
<%= cipher_mac_type_cell mac&.first %>
|
||||
<%= cipher_mac_size_cell mac&.last %>
|
||||
<%= cipher_pfs_cell pfs %>
|
||||
</tr>
|
||||
<% end %>
|
||||
</tbody>
|
||||
<% end %>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue