Browse Source

Add details for ciphers

Aeris 2 years ago
parent
commit
1602a62674

+ 12
- 0
app/assets/stylesheets/application.scss View File

@@ -37,6 +37,18 @@ body {
37 37
 	background-color: #000;
38 38
 }
39 39
 
40
+table.center td {
41
+	text-align: center;
42
+}
43
+
44
+td.error {
45
+	background-color: #ddd;
46
+}
47
+
48
+td.primary {
49
+	background-color: $state-info-bg;
50
+}
51
+
40 52
 .progress-bar-default {
41 53
 	background-color: $label-default-bg;
42 54
 }

+ 93
- 4
app/helpers/check_helper.rb View File

@@ -3,6 +3,10 @@ module CheckHelper
3 3
 		"<span class=\"label label-#{color} %>\">#{value}</span>".html_safe
4 4
 	end
5 5
 
6
+	def cell(value, color)
7
+		"<td class=\"#{color}\">#{value}</td>".html_safe
8
+	end
9
+
6 10
 	def rank_color(rank)
7 11
 		case rank
8 12
 			when 'A+' then
@@ -59,7 +63,7 @@ module CheckHelper
59 63
 
60 64
 	def key_label(key)
61 65
 		return label('Aucune', :error) unless key
62
-		label "#{key.type.upcase} #{key[:size]} bits", color_key(key)
66
+		label "#{key.type.upcase} #{key[:size]} bits", key_color(key)
63 67
 	end
64 68
 
65 69
 	def key_labels(keys)
@@ -68,12 +72,13 @@ module CheckHelper
68 72
 	end
69 73
 
70 74
 	def cipher_size_label(cipher)
71
-		size = cipher.size
75
+		size = cipher.size if cipher.is_a? CryptCheck::Tls::Cipher
72 76
 		label "#{size} bits", cipher_color(size)
73 77
 	end
74 78
 
75
-	def color_key(key)
76
-		case key.rsa_size
79
+	def key_color(key)
80
+		case key&.rsa_size
81
+			when nil then :default
77 82
 			when 0...1024 then :error
78 83
 			when 1024...2048 then :danger
79 84
 			when 2048...4096 then :warning
@@ -83,6 +88,7 @@ module CheckHelper
83 88
 
84 89
 	def cipher_color(key)
85 90
 		case key
91
+			when nil then :default
86 92
 			when 0...112 then :error
87 93
 			when 112...128 then :danger
88 94
 			when 128...256 then :success
@@ -107,4 +113,87 @@ module CheckHelper
107 113
 		cipher.state.collect { |c, ls| ls.collect { |l| label l.upcase, c } }
108 114
 		.flatten(1).join("\n").html_safe
109 115
 	end
116
+
117
+	def cipher_kex_type_cell(kex)
118
+		color = case kex
119
+					when :ecdh then :primary
120
+					when :dh then :success
121
+					when :rsa then :warning
122
+					else :error
123
+				end
124
+		kex ||= 'None'
125
+		cell kex.to_s.upcase, color
126
+	end
127
+
128
+	def cipher_kex_size_cell(kex)
129
+		color = key_color kex
130
+		cell kex&.[](:size), color
131
+	end
132
+
133
+	def cipher_auth_type_cell(auth)
134
+		color = case auth
135
+					when :ecdsa then :primary
136
+					when :rsa then :default
137
+					else :error
138
+				end
139
+		auth ||= 'None'
140
+		cell auth.to_s.upcase, color
141
+	end
142
+
143
+	def cipher_auth_size_cell(auth)
144
+		color = key_color auth
145
+		cell auth&.[](:size), color
146
+	end
147
+
148
+	def cipher_enc_type_cell(enc)
149
+		color = case enc
150
+					when :chacha20 then :primary
151
+					when :aes then :success
152
+					when :camellia, :seed, :idea then :default
153
+					when :'3des' then :danger
154
+					else :error
155
+				end
156
+		enc ||= 'NONE'
157
+		cell enc.to_s.upcase, color
158
+	end
159
+
160
+	def cipher_enc_key_size_cell(enc)
161
+		enc ||= 0
162
+		color = cipher_color enc
163
+		cell enc, color
164
+	end
165
+
166
+	def cipher_enc_block_size_cell(enc)
167
+		return cell '', :default unless enc
168
+		color = cipher_color enc
169
+		cell enc, color
170
+	end
171
+
172
+	def cipher_enc_mode_cell(enc)
173
+		color = case enc
174
+					when :gcm, :ccm then :primary
175
+					when :cbc then :warning
176
+				end
177
+		enc ||= ''
178
+		cell enc.to_s.upcase, color
179
+	end
180
+
181
+	def cipher_mac_type_cell(mac)
182
+		color = case mac
183
+					when :poly1305 then :primary
184
+					when :sha384, :sha256 then :success
185
+					when :sha1 then :default
186
+					when :md5 then :error
187
+				end
188
+		cell mac.to_s.upcase, color
189
+	end
190
+
191
+	def cipher_mac_size_cell(mac)
192
+		cell mac, nil
193
+	end
194
+
195
+	def cipher_pfs_cell(pfs)
196
+		return cell 'PFS', :success if pfs
197
+		cell 'No PFS', :warning
198
+	end
110 199
 end

+ 42
- 13
app/views/check/show.html.erb View File

@@ -75,29 +75,58 @@
75 75
 	</div>
76 76
 	<div class="row">
77 77
 		<div class="col-sm-12">
78
-			<table class="table table-bordered table-condensed table-striped">
78
+			<table class="table table-bordered table-condensed table-striped center">
79 79
 				<thead>
80 80
 					<tr>
81
-						<th class="col-sm-5">Algorithme</th>
82
-						<th class="col-sm-1">Clef</th>
83
-						<th class="col-sm-1">DH</th>
84
-						<th></th>
81
+						<th rowspan="2">Name</th>
82
+						<th colspan="2">Key exchange</th>
83
+						<th colspan="2">Authentification</th>
84
+						<th colspan="4">Encryption</th>
85
+						<th colspan="2">MAC</th>
86
+						<th rowspan="2">PFS</th>
87
+					</tr>
88
+					<tr>
89
+						<th>Type</th>
90
+						<th>Key size</th>
91
+						<th>Type</th>
92
+						<th>Key size</th>
93
+						<th>Type</th>
94
+						<th>Key size</th>
95
+						<th>Block size</th>
96
+						<th>Mode</th>
97
+						<th>Type</th>
98
+						<th>Size</th>
85 99
 					</tr>
86 100
 				</thead>
87 101
 				<tbody>
88
-					<% %w(TLSv1_2 TLSv1_1 TLSv1 SSLv3 SSLv2).each do |protocol|
89
-						ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol }
90
-								.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh })
102
+					<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol|
103
+						ciphers = CryptCheck::Tls::Cipher.sort(@result.ciphers.select { |c| c.protocol == protocol.to_s }
104
+								.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, @result[:key] })
91 105
 						unless ciphers.empty? %>
92 106
 					<tr>
93
-						<th colspan="3"><%= protocol_label protocol %></th>
107
+						<th colspan="12"><%= protocol_label protocol %></th>
94 108
 					</tr>
95
-						<% ciphers.each do |cipher| %>
109
+						<% ciphers.each do |cipher|
110
+							params = cipher.params
111
+							kex = params[:kex]
112
+							auth = params[:auth]
113
+							enc = params[:enc]
114
+							mac = params[:mac]
115
+							pfs = params[:pfs]
116
+						%>
96 117
 					<tr>
97 118
 						<th><%= cipher_name_label cipher %></th>
98
-						<td><%= cipher_size_label cipher %></td>
99
-						<td><%= key_label cipher.dh if cipher.dh %></td>
100
-						<td><%= cipher_labels cipher %></td>
119
+						<%= cipher_kex_type_cell kex&.first %>
120
+						<%= cipher_kex_size_cell kex&.last %>
121
+						<%= cipher_auth_type_cell auth&.first %>
122
+						<%= cipher_auth_size_cell auth&.last %>
123
+						<%= cipher_enc_type_cell enc&.first %>
124
+						<%= cipher_enc_key_size_cell enc&.[] 1 %>
125
+						<%= cipher_enc_block_size_cell enc&.[] 2 %>
126
+						<%= cipher_enc_mode_cell enc&.last %>
127
+						<%= cipher_mac_type_cell mac&.first %>
128
+						<%= cipher_mac_size_cell mac&.last %>
129
+						<%= cipher_pfs_cell pfs %>
101 130
 					</tr>
102 131
 					<% 	end end end %>
103 132
 				</tbody>

+ 32
- 7
app/views/site/ciphers.html.erb View File

@@ -1,19 +1,44 @@
1 1
 <div class="container">
2 2
 	<div class="row">
3
-		<table class="table-bordered table-condensed table-striped col-sm-12">
3
+		<table class="table table-bordered table-condensed table-striped center col-sm-12">
4 4
 			<thead>
5 5
 				<tr>
6
-					<th class="col-sm-6">Algorithme</th>
7
-					<th class="col-sm-1">Taille</th>
8
-					<td class="col-sm-5"></td>
6
+					<th rowspan="2">Name</th>
7
+					<th rowspan="2">Key exchange</th>
8
+					<th rowspan="2">Authentification</th>
9
+					<th colspan="4">Encryption</th>
10
+					<th colspan="2">MAC</th>
11
+					<th rowspan="2">PFS</th>
12
+				</tr>
13
+				<tr>
14
+					<th>Type</th>
15
+					<th>Key size</th>
16
+					<th>Block size</th>
17
+					<th>Mode</th>
18
+					<th>Type</th>
19
+					<th>Size</th>
9 20
 				</tr>
10 21
 			</thead>
11 22
 			<tbody>
12
-				<% CryptCheck::Tls::Cipher.list.each do |cipher| %>
23
+				<% CryptCheck::Tls::Cipher.list.each do |cipher|
24
+					params = cipher.params
25
+					kex = params[:kex]
26
+					auth = params[:auth]
27
+					enc = params[:enc]
28
+					mac = params[:mac]
29
+					pfs = params[:pfs]
30
+				%>
13 31
 				<tr>
14 32
 					<th><%= cipher_name_label cipher %></th>
15
-					<th><%= cipher_size_label cipher %></th>
16
-					<th><%= cipher_labels cipher %></th>
33
+					<%= cipher_kex_type_cell kex&.first %>
34
+					<%= cipher_auth_type_cell auth&.first %>
35
+					<%= cipher_enc_type_cell enc&.first %>
36
+					<%= cipher_enc_key_size_cell enc&.[] 1 %>
37
+					<%= cipher_enc_block_size_cell enc&.[] 2 %>
38
+					<%= cipher_enc_mode_cell enc&.last %>
39
+					<%= cipher_mac_type_cell mac&.first %>
40
+					<%= cipher_mac_size_cell mac&.last %>
41
+					<%= cipher_pfs_cell pfs %>
17 42
 				</tr>
18 43
 				<% end %>
19 44
 			</tbody>

+ 72
- 19
app/views/site/suite.html.erb View File

@@ -5,11 +5,24 @@
5 5
 		</div>
6 6
 	</div>
7 7
 	<div class="row">
8
-		<table class="table-bordered table-condensed table-striped col-sm-12">
8
+		<table class="table table-bordered table-condensed table-striped col-sm-12">
9 9
 			<thead>
10 10
 				<tr>
11
-					<th class="col-sm-4">Navigateur</th>
12
-					<th class="col-sm-8" colspan="3">Cipher</th>
11
+					<th rowspan="2">Navigateur</th>
12
+					<th rowspan="2">Name</th>
13
+					<th rowspan="2">Key exchange</th>
14
+					<th rowspan="2">Authentification</th>
15
+					<th colspan="4">Encryption</th>
16
+					<th colspan="2">MAC</th>
17
+					<th rowspan="2">PFS</th>
18
+				</tr>
19
+				<tr>
20
+					<th>Type</th>
21
+					<th>Key size</th>
22
+					<th>Block size</th>
23
+					<th>Mode</th>
24
+					<th>Type</th>
25
+					<th>Size</th>
13 26
 				</tr>
14 27
 			</thead>
15 28
 			<tbody>
@@ -17,16 +30,31 @@
17 30
 			   iana_ciphers = Hash[@ciphers.collect { |c| [Rails.application.config.openssl_ciphers[c.name], c] }]
18 31
 			   Rails.application.config.user_agents_ciphers.each do |ua, support|
19 32
 				   cipher = (support['ciphers'].collect(&:first) & iana_ciphers.keys).first
20
-				   cipher = iana_ciphers[cipher] if cipher
33
+				   if cipher
34
+					   cipher = iana_ciphers[cipher]
35
+					   params = cipher.params
36
+					   kex = params[:kex]
37
+					   auth = params[:auth]
38
+					   enc = params[:enc]
39
+					   mac = params[:mac]
40
+					   pfs = params[:pfs]
41
+				   end
21 42
 			%>
22 43
 				<tr>
23 44
 					<th><%= ua %></th>
24 45
 					<% if cipher %>
25
-					<td><%= cipher_name_label cipher %></td>
26
-					<td><%= cipher_size_label cipher %></td>
27
-					<td><%= cipher_labels cipher %></td>
46
+					<th><%= cipher_name_label cipher %></th>
47
+					<%= cipher_kex_type_cell kex&.first %>
48
+					<%= cipher_auth_type_cell auth&.first %>
49
+					<%= cipher_enc_type_cell enc&.first %>
50
+					<%= cipher_enc_key_size_cell enc&.[] 1 %>
51
+					<%= cipher_enc_block_size_cell enc&.[] 2 %>
52
+					<%= cipher_enc_mode_cell enc&.last %>
53
+					<%= cipher_mac_type_cell mac&.first %>
54
+					<%= cipher_mac_size_cell mac&.last %>
55
+					<%= cipher_pfs_cell pfs %>
28 56
 					<% else %>
29
-					<td colspan="3"><%= label('Non supporté', :error) %></td>
57
+					<td colspan="10"><%= label('Non supporté', :error) %></td>
30 58
 					<% end %>
31 59
 				</tr>
32 60
 			<% end %>
@@ -35,23 +63,48 @@
35 63
 	</div>
36 64
 	<br/>
37 65
 	<div class="row">
38
-		<table class="table-bordered table-condensed table-striped col-sm-12">
66
+		<table class="table table-bordered table-condensed table-striped center col-sm-12">
39 67
 			<thead>
40
-			<tr>
41
-				<th class="col-sm-4">Algorithme</th>
42
-				<th class="col-sm-1">Taille</th>
43
-				<td class="col-sm-7"></td>
44
-			</tr>
68
+				<tr>
69
+					<th rowspan="2">Name</th>
70
+					<th rowspan="2">Key exchange</th>
71
+					<th rowspan="2">Authentification</th>
72
+					<th colspan="4">Encryption</th>
73
+					<th colspan="2">MAC</th>
74
+					<th rowspan="2">PFS</th>
75
+				</tr>
76
+				<tr>
77
+					<th>Type</th>
78
+					<th>Key size</th>
79
+					<th>Block size</th>
80
+					<th>Mode</th>
81
+					<th>Type</th>
82
+					<th>Size</th>
83
+				</tr>
45 84
 			</thead>
46 85
 			<tbody>
47
-			<% @ciphers.each do |cipher| %>
86
+				<% @ciphers.each do |cipher|
87
+					params = cipher.params
88
+					kex = params[:kex]
89
+					auth = params[:auth]
90
+					enc = params[:enc]
91
+					mac = params[:mac]
92
+					pfs = params[:pfs]
93
+				%>
48 94
 				<tr>
49 95
 					<th><%= cipher_name_label cipher %></th>
50
-					<th><%= cipher_size_label cipher %></th>
51
-					<th><%= cipher_labels cipher %></th>
96
+					<%= cipher_kex_type_cell kex&.first %>
97
+					<%= cipher_auth_type_cell auth&.first %>
98
+					<%= cipher_enc_type_cell enc&.first %>
99
+					<%= cipher_enc_key_size_cell enc&.[] 1 %>
100
+					<%= cipher_enc_block_size_cell enc&.[] 2 %>
101
+					<%= cipher_enc_mode_cell enc&.last %>
102
+					<%= cipher_mac_type_cell mac&.first %>
103
+					<%= cipher_mac_size_cell mac&.last %>
104
+					<%= cipher_pfs_cell pfs %>
52 105
 				</tr>
53
-			<% end %>
54
-			</tbody>
106
+				<% end %>
107
+				</tbody>
55 108
 		</table>
56 109
 	</div>
57 110
 </div>

Loading…
Cancel
Save