@@ -37,6 +37,18 @@ body { | |||
background-color: #000; | |||
} | |||
table.center td { | |||
text-align: center; | |||
} | |||
td.error { | |||
background-color: #ddd; | |||
} | |||
td.primary { | |||
background-color: $state-info-bg; | |||
} | |||
.progress-bar-default { | |||
background-color: $label-default-bg; | |||
} |
@@ -3,6 +3,10 @@ module CheckHelper | |||
"<span class=\"label label-#{color} %>\">#{value}</span>".html_safe | |||
end | |||
def cell(value, color) | |||
"<td class=\"#{color}\">#{value}</td>".html_safe | |||
end | |||
def rank_color(rank) | |||
case rank | |||
when 'A+' then | |||
@@ -59,7 +63,7 @@ module CheckHelper | |||
def key_label(key) | |||
return label('Aucune', :error) unless key | |||
label "#{key.type.upcase} #{key[:size]} bits", color_key(key) | |||
label "#{key.type.upcase} #{key[:size]} bits", key_color(key) | |||
end | |||
def key_labels(keys) | |||
@@ -68,12 +72,13 @@ module CheckHelper | |||
end | |||
def cipher_size_label(cipher) | |||
size = cipher.size | |||
size = cipher.size if cipher.is_a? CryptCheck::Tls::Cipher | |||
label "#{size} bits", cipher_color(size) | |||
end | |||
def color_key(key) | |||
case key.rsa_size | |||
def key_color(key) | |||
case key&.rsa_size | |||
when nil then :default | |||
when 0...1024 then :error | |||
when 1024...2048 then :danger | |||
when 2048...4096 then :warning | |||
@@ -83,6 +88,7 @@ module CheckHelper | |||
def cipher_color(key) | |||
case key | |||
when nil then :default | |||
when 0...112 then :error | |||
when 112...128 then :danger | |||
when 128...256 then :success | |||
@@ -107,4 +113,87 @@ module CheckHelper | |||
cipher.state.collect { |c, ls| ls.collect { |l| label l.upcase, c } } | |||
.flatten(1).join("\n").html_safe | |||
end | |||
def cipher_kex_type_cell(kex) | |||
color = case kex | |||
when :ecdh then :primary | |||
when :dh then :success | |||
when :rsa then :warning | |||
else :error | |||
end | |||
kex ||= 'None' | |||
cell kex.to_s.upcase, color | |||
end | |||
def cipher_kex_size_cell(kex) | |||
color = key_color kex | |||
cell kex&.[](:size), color | |||
end | |||
def cipher_auth_type_cell(auth) | |||
color = case auth | |||
when :ecdsa then :primary | |||
when :rsa then :default | |||
else :error | |||
end | |||
auth ||= 'None' | |||
cell auth.to_s.upcase, color | |||
end | |||
def cipher_auth_size_cell(auth) | |||
color = key_color auth | |||
cell auth&.[](:size), color | |||
end | |||
def cipher_enc_type_cell(enc) | |||
color = case enc | |||
when :chacha20 then :primary | |||
when :aes then :success | |||
when :camellia, :seed, :idea then :default | |||
when :'3des' then :danger | |||
else :error | |||
end | |||
enc ||= 'NONE' | |||
cell enc.to_s.upcase, color | |||
end | |||
def cipher_enc_key_size_cell(enc) | |||
enc ||= 0 | |||
color = cipher_color enc | |||
cell enc, color | |||
end | |||
def cipher_enc_block_size_cell(enc) | |||
return cell '', :default unless enc | |||
color = cipher_color enc | |||
cell enc, color | |||
end | |||
def cipher_enc_mode_cell(enc) | |||
color = case enc | |||
when :gcm, :ccm then :primary | |||
when :cbc then :warning | |||
end | |||
enc ||= '' | |||
cell enc.to_s.upcase, color | |||
end | |||
def cipher_mac_type_cell(mac) | |||
color = case mac | |||
when :poly1305 then :primary | |||
when :sha384, :sha256 then :success | |||
when :sha1 then :default | |||
when :md5 then :error | |||
end | |||
cell mac.to_s.upcase, color | |||
end | |||
def cipher_mac_size_cell(mac) | |||
cell mac, nil | |||
end | |||
def cipher_pfs_cell(pfs) | |||
return cell 'PFS', :success if pfs | |||
cell 'No PFS', :warning | |||
end | |||
end |
@@ -75,29 +75,58 @@ | |||
</div> | |||
<div class="row"> | |||
<div class="col-sm-12"> | |||
<table class="table table-bordered table-condensed table-striped"> | |||
<table class="table table-bordered table-condensed table-striped center"> | |||
<thead> | |||
<tr> | |||
<th class="col-sm-5">Algorithme</th> | |||
<th class="col-sm-1">Clef</th> | |||
<th class="col-sm-1">DH</th> | |||
<th></th> | |||
<th rowspan="2">Name</th> | |||
<th colspan="2">Key exchange</th> | |||
<th colspan="2">Authentification</th> | |||
<th colspan="4">Encryption</th> | |||
<th colspan="2">MAC</th> | |||
<th rowspan="2">PFS</th> | |||
</tr> | |||
<tr> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Block size</th> | |||
<th>Mode</th> | |||
<th>Type</th> | |||
<th>Size</th> | |||
</tr> | |||
</thead> | |||
<tbody> | |||
<% %w(TLSv1_2 TLSv1_1 TLSv1 SSLv3 SSLv2).each do |protocol| | |||
ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol } | |||
.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh }) | |||
<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol| | |||
ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol.to_s } | |||
.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, @result[:key] }) | |||
unless ciphers.empty? %> | |||
<tr> | |||
<th colspan="3"><%= protocol_label protocol %></th> | |||
<th colspan="12"><%= protocol_label protocol %></th> | |||
</tr> | |||
<% ciphers.each do |cipher| %> | |||
<% ciphers.each do |cipher| | |||
params = cipher.params | |||
kex = params[:kex] | |||
auth = params[:auth] | |||
enc = params[:enc] | |||
mac = params[:mac] | |||
pfs = params[:pfs] | |||
%> | |||
<tr> | |||
<th><%= cipher_name_label cipher %></th> | |||
<td><%= cipher_size_label cipher %></td> | |||
<td><%= key_label cipher.dh if cipher.dh %></td> | |||
<td><%= cipher_labels cipher %></td> | |||
<%= cipher_kex_type_cell kex&.first %> | |||
<%= cipher_kex_size_cell kex&.last %> | |||
<%= cipher_auth_type_cell auth&.first %> | |||
<%= cipher_auth_size_cell auth&.last %> | |||
<%= cipher_enc_type_cell enc&.first %> | |||
<%= cipher_enc_key_size_cell enc&.[] 1 %> | |||
<%= cipher_enc_block_size_cell enc&.[] 2 %> | |||
<%= cipher_enc_mode_cell enc&.last %> | |||
<%= cipher_mac_type_cell mac&.first %> | |||
<%= cipher_mac_size_cell mac&.last %> | |||
<%= cipher_pfs_cell pfs %> | |||
</tr> | |||
<% end end end %> | |||
</tbody> |
@@ -1,19 +1,44 @@ | |||
<div class="container"> | |||
<div class="row"> | |||
<table class="table-bordered table-condensed table-striped col-sm-12"> | |||
<table class="table table-bordered table-condensed table-striped center col-sm-12"> | |||
<thead> | |||
<tr> | |||
<th class="col-sm-6">Algorithme</th> | |||
<th class="col-sm-1">Taille</th> | |||
<td class="col-sm-5"></td> | |||
<th rowspan="2">Name</th> | |||
<th rowspan="2">Key exchange</th> | |||
<th rowspan="2">Authentification</th> | |||
<th colspan="4">Encryption</th> | |||
<th colspan="2">MAC</th> | |||
<th rowspan="2">PFS</th> | |||
</tr> | |||
<tr> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Block size</th> | |||
<th>Mode</th> | |||
<th>Type</th> | |||
<th>Size</th> | |||
</tr> | |||
</thead> | |||
<tbody> | |||
<% CryptCheck::Tls::Cipher.list.each do |cipher| %> | |||
<% CryptCheck::Tls::Cipher.list.each do |cipher| | |||
params = cipher.params | |||
kex = params[:kex] | |||
auth = params[:auth] | |||
enc = params[:enc] | |||
mac = params[:mac] | |||
pfs = params[:pfs] | |||
%> | |||
<tr> | |||
<th><%= cipher_name_label cipher %></th> | |||
<th><%= cipher_size_label cipher %></th> | |||
<th><%= cipher_labels cipher %></th> | |||
<%= cipher_kex_type_cell kex&.first %> | |||
<%= cipher_auth_type_cell auth&.first %> | |||
<%= cipher_enc_type_cell enc&.first %> | |||
<%= cipher_enc_key_size_cell enc&.[] 1 %> | |||
<%= cipher_enc_block_size_cell enc&.[] 2 %> | |||
<%= cipher_enc_mode_cell enc&.last %> | |||
<%= cipher_mac_type_cell mac&.first %> | |||
<%= cipher_mac_size_cell mac&.last %> | |||
<%= cipher_pfs_cell pfs %> | |||
</tr> | |||
<% end %> | |||
</tbody> |
@@ -5,11 +5,24 @@ | |||
</div> | |||
</div> | |||
<div class="row"> | |||
<table class="table-bordered table-condensed table-striped col-sm-12"> | |||
<table class="table table-bordered table-condensed table-striped col-sm-12"> | |||
<thead> | |||
<tr> | |||
<th class="col-sm-4">Navigateur</th> | |||
<th class="col-sm-8" colspan="3">Cipher</th> | |||
<th rowspan="2">Navigateur</th> | |||
<th rowspan="2">Name</th> | |||
<th rowspan="2">Key exchange</th> | |||
<th rowspan="2">Authentification</th> | |||
<th colspan="4">Encryption</th> | |||
<th colspan="2">MAC</th> | |||
<th rowspan="2">PFS</th> | |||
</tr> | |||
<tr> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Block size</th> | |||
<th>Mode</th> | |||
<th>Type</th> | |||
<th>Size</th> | |||
</tr> | |||
</thead> | |||
<tbody> | |||
@@ -17,16 +30,31 @@ | |||
iana_ciphers = Hash[@ciphers.collect { |c| [Rails.application.config.openssl_ciphers[c.name], c] }] | |||
Rails.application.config.user_agents_ciphers.each do |ua, support| | |||
cipher = (support['ciphers'].collect(&:first) & iana_ciphers.keys).first | |||
cipher = iana_ciphers[cipher] if cipher | |||
if cipher | |||
cipher = iana_ciphers[cipher] | |||
params = cipher.params | |||
kex = params[:kex] | |||
auth = params[:auth] | |||
enc = params[:enc] | |||
mac = params[:mac] | |||
pfs = params[:pfs] | |||
end | |||
%> | |||
<tr> | |||
<th><%= ua %></th> | |||
<% if cipher %> | |||
<td><%= cipher_name_label cipher %></td> | |||
<td><%= cipher_size_label cipher %></td> | |||
<td><%= cipher_labels cipher %></td> | |||
<th><%= cipher_name_label cipher %></th> | |||
<%= cipher_kex_type_cell kex&.first %> | |||
<%= cipher_auth_type_cell auth&.first %> | |||
<%= cipher_enc_type_cell enc&.first %> | |||
<%= cipher_enc_key_size_cell enc&.[] 1 %> | |||
<%= cipher_enc_block_size_cell enc&.[] 2 %> | |||
<%= cipher_enc_mode_cell enc&.last %> | |||
<%= cipher_mac_type_cell mac&.first %> | |||
<%= cipher_mac_size_cell mac&.last %> | |||
<%= cipher_pfs_cell pfs %> | |||
<% else %> | |||
<td colspan="3"><%= label('Non supporté', :error) %></td> | |||
<td colspan="10"><%= label('Non supporté', :error) %></td> | |||
<% end %> | |||
</tr> | |||
<% end %> | |||
@@ -35,23 +63,48 @@ | |||
</div> | |||
<br/> | |||
<div class="row"> | |||
<table class="table-bordered table-condensed table-striped col-sm-12"> | |||
<table class="table table-bordered table-condensed table-striped center col-sm-12"> | |||
<thead> | |||
<tr> | |||
<th class="col-sm-4">Algorithme</th> | |||
<th class="col-sm-1">Taille</th> | |||
<td class="col-sm-7"></td> | |||
</tr> | |||
<tr> | |||
<th rowspan="2">Name</th> | |||
<th rowspan="2">Key exchange</th> | |||
<th rowspan="2">Authentification</th> | |||
<th colspan="4">Encryption</th> | |||
<th colspan="2">MAC</th> | |||
<th rowspan="2">PFS</th> | |||
</tr> | |||
<tr> | |||
<th>Type</th> | |||
<th>Key size</th> | |||
<th>Block size</th> | |||
<th>Mode</th> | |||
<th>Type</th> | |||
<th>Size</th> | |||
</tr> | |||
</thead> | |||
<tbody> | |||
<% @ciphers.each do |cipher| %> | |||
<% @ciphers.each do |cipher| | |||
params = cipher.params | |||
kex = params[:kex] | |||
auth = params[:auth] | |||
enc = params[:enc] | |||
mac = params[:mac] | |||
pfs = params[:pfs] | |||
%> | |||
<tr> | |||
<th><%= cipher_name_label cipher %></th> | |||
<th><%= cipher_size_label cipher %></th> | |||
<th><%= cipher_labels cipher %></th> | |||
<%= cipher_kex_type_cell kex&.first %> | |||
<%= cipher_auth_type_cell auth&.first %> | |||
<%= cipher_enc_type_cell enc&.first %> | |||
<%= cipher_enc_key_size_cell enc&.[] 1 %> | |||
<%= cipher_enc_block_size_cell enc&.[] 2 %> | |||
<%= cipher_enc_mode_cell enc&.last %> | |||
<%= cipher_mac_type_cell mac&.first %> | |||
<%= cipher_mac_size_cell mac&.last %> | |||
<%= cipher_pfs_cell pfs %> | |||
</tr> | |||
<% end %> | |||
</tbody> | |||
<% end %> | |||
</tbody> | |||
</table> | |||
</div> | |||
</div> |