Browse Source

Please… Help !

new-scoring
aeris 2 years ago
parent
commit
62b9bfb07c

+ 38
- 0
app/assets/stylesheets/application.scss View File

@@ -49,6 +49,10 @@ td.primary {
49 49
 	background-color: $state-info-bg;
50 50
 }
51 51
 
52
+.translation_missing {
53
+	border: 1px solid red;
54
+}
55
+
52 56
 .progress-bar-default {
53 57
 	background-color: $label-default-bg;
54 58
 }
@@ -62,3 +66,37 @@ td.primary {
62 66
 #tls_check {
63 67
 	margin-top: 100px;
64 68
 }
69
+
70
+.label-state-critical {
71
+  //background-color: #800000;
72
+  background-color: #ff0000;
73
+}
74
+
75
+.label-state-error {
76
+  //background-color: #803300;
77
+  background-color: #ff6600;
78
+}
79
+
80
+.label-state-warning {
81
+  //background-color: #806600;
82
+  background-color: #ffcc00;
83
+  color: $text-color;
84
+}
85
+
86
+.label-state-good {
87
+  //background-color: #668000;
88
+  background-color: #cbff00;
89
+  color: $text-color;
90
+}
91
+
92
+.label-state-great {
93
+  //background-color: #338000;
94
+  background-color: #65ff00;
95
+}
96
+
97
+.label-state-best {
98
+  //background-color: #008000;
99
+  background-color: #00ff00;
100
+}
101
+
102
+

+ 5
- 1
app/controllers/check_controller.rb View File

@@ -59,6 +59,10 @@ class CheckController < ApplicationController
59 59
 			return false
60 60
 		end
61 61
 		@port = @port.to_i if @port
62
-		@result = Datastore.host self.type, @host, @port
62
+
63
+		# @result = Datastore.host self.type, @host, @port
64
+		file = File.join Rails.root, 'config/host.dump'
65
+		# open(file, 'wb') { |f| f.write Marshal.dump @result }
66
+		@result = Marshal.load File.read file
63 67
 	end
64 68
 end

+ 117
- 53
app/helpers/check_helper.rb View File

@@ -1,12 +1,36 @@
1 1
 module CheckHelper
2
+	private def __label(value, color)
3
+		"<span class=\"label label-#{color} %>\">#{value}</span>"
4
+	end
2 5
 	def label(value, color)
3
-		"<span class=\"label label-#{color} %>\">#{value}</span>".html_safe
6
+		__label(value, color).html_safe
4 7
 	end
5 8
 
6 9
 	def cell(value, color)
7 10
 		"<td class=\"#{color}\">#{value}</td>".html_safe
8 11
 	end
9 12
 
13
+	def labels(level, states)
14
+		states.each_pair.collect do |name, value|
15
+			color = if value.nil?
16
+						:default
17
+					elsif ::CryptCheck::State.bad? level
18
+						value ? :danger : :success
19
+					else
20
+						value ? :success : :danger
21
+					end
22
+			__label name, color
23
+		end.join(' ').html_safe
24
+	end
25
+
26
+	def states(states)
27
+		::CryptCheck::State.collect do |level|
28
+			states[level].each_pair.select { |_, v| v == true }.collect do |name, _|
29
+				__label name, "state-#{level}"
30
+			end
31
+		end.flatten(1).join(' ').html_safe
32
+	end
33
+
10 34
 	def rank_color(rank)
11 35
 		case rank
12 36
 			when 'A+' then
@@ -30,12 +54,18 @@ module CheckHelper
30 54
 
31 55
 	def progress_color(percentage)
32 56
 		case percentage
33
-			when 0...20 then :error
34
-			when 20...40 then :danger
35
-			when 40...60 then :warning
36
-			when 60...80 then :default
37
-			when 80...90 then :success
38
-			else :primary
57
+			when 0...20 then
58
+				:error
59
+			when 20...40 then
60
+				:danger
61
+			when 40...60 then
62
+				:warning
63
+			when 60...80 then
64
+				:default
65
+			when 80...90 then
66
+				:success
67
+			else
68
+				:primary
39 69
 		end
40 70
 	end
41 71
 
@@ -50,9 +80,12 @@ module CheckHelper
50 80
 
51 81
 	def protocol_label(protocol)
52 82
 		color = case protocol.to_s
53
-					when 'TLSv1_2' then :success
54
-					when 'SSLv3', 'SSLv2' then :error
55
-					else :default
83
+					when 'TLSv1_2' then
84
+						:success
85
+					when 'SSLv3', 'SSLv2' then
86
+						:error
87
+					else
88
+						:default
56 89
 				end
57 90
 		label protocol, color
58 91
 	end
@@ -63,12 +96,12 @@ module CheckHelper
63 96
 
64 97
 	def key_label(key)
65 98
 		return label('Aucune', :error) unless key
66
-		label "#{key.type.upcase} #{key[:size]} bits", key_color(key)
99
+		label "#{key[:type].upcase} #{key[:size]} bits", key_color(key)
67 100
 	end
68 101
 
69 102
 	def key_labels(keys)
70 103
 		return label('Aucune', :error) if keys.empty?
71
-		keys.sort { |a, b| -1 * (a.rsa_size <=> b.rsa_size) }.collect { |k| key_label k }.join("\n").html_safe
104
+		keys.sort { |a, b| -1 * (a[:size] <=> b[:size]) }.collect { |k| key_label k }.join("\n").html_safe
72 105
 	end
73 106
 
74 107
 	def cipher_size_label(cipher)
@@ -77,33 +110,48 @@ module CheckHelper
77 110
 	end
78 111
 
79 112
 	def key_color(key)
80
-		case key&.rsa_size
81
-			when nil then :default
82
-			when 0...1024 then :error
83
-			when 1024...2048 then :danger
84
-			when 2048...4096 then :warning
85
-			else :success
113
+		case key[:size]
114
+			when nil then
115
+				:default
116
+			when 0...1024 then
117
+				:error
118
+			when 1024...2048 then
119
+				:danger
120
+			when 2048...4096 then
121
+				:warning
122
+			else
123
+				:success
86 124
 		end
87 125
 	end
88 126
 
89 127
 	def cipher_color(key)
90 128
 		case key
91
-			when nil then :default
92
-			when 0...112 then :error
93
-			when 112...128 then :danger
94
-			when 128...256 then :success
95
-			else :primary
129
+			when nil then
130
+				:default
131
+			when 0...128 then
132
+				:error
133
+			when 112...128 then
134
+				:danger
135
+			when 128...256 then
136
+				:success
137
+			else
138
+				:primary
96 139
 		end
97 140
 	end
98 141
 
99 142
 	def cipher_name_label(cipher)
100
-		state = cipher.state
143
+		state = cipher[:state]
101 144
 		color = case
102
-					when !state[:error].empty? then :error
103
-					when !state[:danger].empty? then :danger
104
-					when !state[:warning].empty? then :warning
105
-					when !state[:success].empty? then :success
106
-					else :default
145
+					when !state[:error].empty? then
146
+						:error
147
+					when !state[:danger].empty? then
148
+						:danger
149
+					when !state[:warning].empty? then
150
+						:warning
151
+					when !state[:success].empty? then
152
+						:success
153
+					else
154
+						:default
107 155
 				end
108 156
 		color = :primary if color == :success and cipher.size >= 256
109 157
 		label("&nbsp;", color) + "&nbsp;#{cipher.name}".html_safe
@@ -111,17 +159,21 @@ module CheckHelper
111 159
 
112 160
 	def cipher_labels(cipher)
113 161
 		cipher.state.collect { |c, ls| ls.collect { |l| label l.upcase, c } }
114
-		.flatten(1).join("\n").html_safe
162
+				.flatten(1).join("\n").html_safe
115 163
 	end
116 164
 
117 165
 	def cipher_kex_type_cell(kex)
118 166
 		color = case kex
119
-					when :ecdh then :primary
120
-					when :dh then :success
121
-					when :rsa then :warning
122
-					else :error
167
+					when :ecdh then
168
+						:primary
169
+					when :dh then
170
+						:success
171
+					when :rsa then
172
+						:warning
173
+					else
174
+						:error
123 175
 				end
124
-		kex ||= 'None'
176
+		kex   ||= 'None'
125 177
 		cell kex.to_s.upcase, color
126 178
 	end
127 179
 
@@ -132,11 +184,14 @@ module CheckHelper
132 184
 
133 185
 	def cipher_auth_type_cell(auth)
134 186
 		color = case auth
135
-					when :ecdsa then :primary
136
-					when :rsa then :default
137
-					else :error
187
+					when :ecdsa then
188
+						:primary
189
+					when :rsa then
190
+						:default
191
+					else
192
+						:error
138 193
 				end
139
-		auth ||= 'None'
194
+		auth  ||= 'None'
140 195
 		cell auth.to_s.upcase, color
141 196
 	end
142 197
 
@@ -147,18 +202,21 @@ module CheckHelper
147 202
 
148 203
 	def cipher_enc_type_cell(enc)
149 204
 		color = case enc
150
-					when :chacha20 then :primary
151
-					when :aes then :success
152
-					when :camellia, :seed, :idea then :default
153
-					when :'3des' then :danger
154
-					else :error
205
+					when :chacha20 then
206
+						:primary
207
+					when :aes then
208
+						:success
209
+					when :camellia, :seed then
210
+						:default
211
+					else
212
+						:error
155 213
 				end
156
-		enc ||= 'NONE'
214
+		enc   ||= 'NONE'
157 215
 		cell enc.to_s.upcase, color
158 216
 	end
159 217
 
160 218
 	def cipher_enc_key_size_cell(enc)
161
-		enc ||= 0
219
+		enc   ||= 0
162 220
 		color = cipher_color enc
163 221
 		cell enc, color
164 222
 	end
@@ -171,19 +229,25 @@ module CheckHelper
171 229
 
172 230
 	def cipher_enc_mode_cell(enc)
173 231
 		color = case enc
174
-					when :gcm, :ccm then :primary
175
-					when :cbc then :warning
232
+					when :gcm, :ccm then
233
+						:primary
234
+					when :cbc then
235
+						:danger
176 236
 				end
177
-		enc ||= ''
237
+		enc   ||= ''
178 238
 		cell enc.to_s.upcase, color
179 239
 	end
180 240
 
181 241
 	def cipher_mac_type_cell(mac)
182 242
 		color = case mac
183
-					when :poly1305 then :primary
184
-					when :sha384, :sha256 then :success
185
-					when :sha1 then :default
186
-					when :md5 then :error
243
+					when :poly1305 then
244
+						:primary
245
+					when :sha384, :sha256 then
246
+						:success
247
+					when :sha1 then
248
+						:warning
249
+					when :md5 then
250
+						:error
187 251
 				end
188 252
 		cell mac.to_s.upcase, color
189 253
 	end

+ 1
- 1
app/views/check/processing.html.erb View File

@@ -9,7 +9,7 @@
9 9
 				[<%= self.type.to_s.upcase %>] <%= t 'Currently analysing %{host}', host: @host  %>
10 10
 			</h1>
11 11
 			<p class="small">
12
-				<%= t 'Start of analysis: %{date}', date: l(@result.date) %>
12
+				<%= t 'Start of analysis: %{date}', date: l(@result[:date]) %>
13 13
 			</p>
14 14
 			<p class="pull-right">
15 15
 				<%= t('Please wait…') %>

+ 75
- 140
app/views/check/show.html.erb View File

@@ -6,151 +6,86 @@
6 6
 			</h1>
7 7
 		</div>
8 8
 		<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
9
-		<div class="col-sm-1">
10
-			<%= link_to t('Refresh'), {action: :refresh}, class: %i(btn btn-default) %>
11
-		</div>
9
+			<div class="col-sm-1">
10
+				<%= link_to t('Refresh'), { action: :refresh }, class: %i(btn btn-default) %>
11
+			</div>
12 12
 		<% end %>
13 13
 	</div>
14
-	<%
15
-		@result.hosts.each do |host|
16
-			if host.error
17
-				error, host = host.error, host.host
18
-	%>
19
-	<div class="row">
20
-		<div class="col-sm-12">
21
-			<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
22
-			<%= t 'Error during analysis:' %>
23
-			<span class="label label-error"><%= error %></span>
24
-		</div>
25
-	</div>
26
-	<%
27
-			else
28
-				host, grade, handshake = host.host, host.grade, host.handshake
29
-	%>
30
-	<div class="row">
31
-		<div class="col-sm-12">
32
-			<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
14
+
15
+	<% @result.hosts.each do |host| %>
16
+		<div class="row">
17
+			<div class="col-sm-12">
18
+				<h2>
19
+					<%= rank_label host.grade %>
20
+					<%= host.ip %> : <%= host.port %>
21
+					<span class="small">(<%= host.hostname %>)</span></h2>
22
+			</div>
33 23
 		</div>
34
-	</div>
35
-	<div class="row">
36
-		<div class="col-sm-6">
37
-			<table class="table table-bordered table-condensed table-striped">
38
-				<thead>
39
-					<tr>
40
-						<th colspan="2">
41
-							Scores
42
-							<%= rank_label grade.rank %>
43
-						</th>
44
-					</tr>
45
-				</thead>
46
-				<tbody>
47
-					<%
48
-					   { 'Protocol' => 'protocol',
49
-						 'Key exchange' => 'key_exchange',
50
-						 'Cipher' => 'cipher_strengths',
51
-						 'Overall' => 'score'}.each do |name, v| %>
52
-					<tr>
53
-						<th class="col-sm-4"><%= t name %></th>
54
-						<td class="col-sm-8"><%= score_progress grade.details[v] %></td>
55
-					</tr>
24
+
25
+		<div class="row">
26
+			<div class="col-sm-12">
27
+				<h3><%= t 'Checks' %></h3>
28
+				<table class="table table-bordered table-condensed table-striped">
29
+					<thead>
30
+					<th><%= t 'Severity' %></th>
31
+					<td></td>
32
+					</thead>
33
+					<tbody>
34
+					<% ::CryptCheck::State.each do |level| %>
35
+						<tr>
36
+							<th><%= label level, "state-#{level}" %></th>
37
+							<td><%= labels level, host.states[level] %></td>
38
+						</tr>
56 39
 					<% end %>
57
-				</tbody>
58
-			</table>
40
+					</tbody>
41
+				</table>
42
+			</div>
59 43
 		</div>
60
-		<div class="col-sm-6">
61
-			<table class="table table-bordered table-condensed table-striped">
62
-				<tbody>
63
-					<tr>
64
-						<th class="col-sm-4"><%= t 'Protocols' %></th>
65
-						<td class="col-sm-8"><%= protocol_labels handshake.protocols %></td>
66
-					</tr>
67
-					<tr>
68
-						<th><%= t 'Keys' %></th>
69
-						<td>
70
-							<p><%= t 'Certificates:' %> <%= key_label handshake[:key] %></p>
71
-							<p>Diffie Hellman : <%= key_labels handshake.dh %></p>
72
-						</td>
73
-					</tr>
74
-					<% { 'Good practices' => :success,
75
-					 'Warning' => :warning,
76
-					 'Critical' => :danger,
77
-					 'Fatal' => :error }.each do |name, color|
78
-						names = grade[color]
79
-						next if names.nil? or names.empty?
80
-					%>
81
-					<tr>
82
-						<th><%= t name %></th>
83
-						<td>
84
-							<% names.each do |name| %>
85
-							<span class="label label-<%= color %>"><%= name.upcase %></span>
44
+
45
+		<div class="row">
46
+			<div class="col-sm-12">
47
+				<h3><%= t 'Certificates' %></h3>
48
+				<table class="table table-bordered table-condensed table-striped">
49
+					<thead>
50
+						<tr>
51
+							<th>
52
+								<%= t 'Subject' %>
53
+								<span class="small">[<%= t 'Serial' %>]</span>
54
+								<div class="small"><%= t 'Fingerprint' %></div>
55
+							</th>
56
+							<td><%= t 'Issuer' %></td>
57
+							<td><%= t 'Not before' %></td>
58
+							<td><%= t 'Not after' %></td>
59
+							<th></th>
60
+						</tr>
61
+					</thead>
62
+					<tbody>
63
+						<% host.handshakes.certs.each do |cert| %>
64
+						<tr>
65
+							<th>
66
+								<%= cert.subject %> [<%= cert.serial %>]
67
+								<div class="small"><%= cert.fingerprint %></div>
68
+							</th>
69
+							<td><%= cert.issuer %></td>
70
+							<td><%= l cert.lifetime.not_before %></td>
71
+							<td><%= l cert.lifetime.not_after %></td>
72
+							<td><%= states cert.states %></td>
73
+						</tr>
74
+							<% cert.chain.each do |cert| %>
75
+						<tr>
76
+							<th>
77
+								<%= cert.subject %> [<%= cert.serial %>]
78
+								<div class="small"><%= cert.fingerprint %></div>
79
+							</th>
80
+							<td><%= cert.issuer %></td>
81
+							<td><%= l cert.lifetime.not_before %></td>
82
+							<td><%= l cert.lifetime.not_after %></td>
83
+						</tr>
86 84
 							<% end %>
87
-						</td>
88
-					</tr>
89
-				<% end %>
90
-				</tbody>
91
-			</table>
85
+						<% end %>
86
+					</tbody>
87
+				</table>
88
+			</div>
92 89
 		</div>
93
-	</div>
94
-	<div class="row">
95
-		<div class="col-sm-12">
96
-			<table class="table table-bordered table-condensed table-striped center">
97
-				<thead>
98
-					<tr>
99
-						<th rowspan="2"><%= t 'Name' %></th>
100
-						<th colspan="2"><%= t 'Key exchange' %></th>
101
-						<th colspan="2"><%= t 'Authentication' %></th>
102
-						<th colspan="4"><%= t 'Encryption' %></th>
103
-						<th colspan="2"><%= t 'MAC' %></th>
104
-						<th rowspan="2"><%= t 'PFS' %></th>
105
-					</tr>
106
-					<tr>
107
-						<th><%= t 'Type' %></th>
108
-						<th><%= t 'Key size' %></th>
109
-						<th><%= t 'Type' %></th>
110
-						<th><%= t 'Key size' %></th>
111
-						<th><%= t 'Type' %></th>
112
-						<th><%= t 'Key size' %></th>
113
-						<th><%= t 'Block size' %></th>
114
-						<th><%= t 'Mode' %></th>
115
-						<th><%= t 'Type' %></th>
116
-						<th><%= t 'Size' %></th>
117
-					</tr>
118
-				</thead>
119
-				<tbody>
120
-					<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol|
121
-						ciphers = CryptCheck::Tls::Cipher.sort(handshake.ciphers.select { |c| c.protocol == protocol.to_s }
122
-								.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, handshake[:key] })
123
-						unless ciphers.empty? %>
124
-					<tr>
125
-						<th colspan="12"><%= protocol_label protocol %></th>
126
-					</tr>
127
-						<% ciphers.each do |cipher|
128
-							params = cipher.params
129
-							kex = params[:kex]
130
-							auth = params[:auth]
131
-							enc = params[:enc]
132
-							mac = params[:mac]
133
-							pfs = params[:pfs]
134
-						%>
135
-					<tr>
136
-						<th><%= cipher_name_label cipher %></th>
137
-						<%= cipher_kex_type_cell kex&.first %>
138
-						<%= cipher_kex_size_cell kex&.last %>
139
-						<%= cipher_auth_type_cell auth&.first %>
140
-						<%= cipher_auth_size_cell auth&.last %>
141
-						<%= cipher_enc_type_cell enc&.first %>
142
-						<%= cipher_enc_key_size_cell enc&.[] 1 %>
143
-						<%= cipher_enc_block_size_cell enc&.[] 2 %>
144
-						<%= cipher_enc_mode_cell enc&.last %>
145
-						<%= cipher_mac_type_cell mac&.first %>
146
-						<%= cipher_mac_size_cell mac&.last %>
147
-						<%= cipher_pfs_cell pfs %>
148
-					</tr>
149
-					<% 	end end end %>
150
-				</tbody>
151
-			</table>
152
-		</div>
153
-	</div>
154
-	<% end
155
-	   end %>
90
+	<% end %>
156 91
 </div>

+ 1
- 1
app/views/site/suite.html.erb View File

@@ -54,7 +54,7 @@
54 54
 					<%= cipher_mac_size_cell mac&.last %>
55 55
 					<%= cipher_pfs_cell pfs %>
56 56
 					<% else %>
57
-					<td colspan="10"><%= label('Non supporté', :error) %></td>
57
+					<td colspan="10"><%= label t('Not supported'), :error %></td>
58 58
 					<% end %>
59 59
 				</tr>
60 60
 			<% end %>

BIN
config/host.dump View File


+ 2
- 0
config/locales/en.yml View File

@@ -44,3 +44,5 @@ en:
44 44
   Size: Size
45 45
 
46 46
   Not supported: Not supported
47
+
48
+  "Serial: %{serial}": "Serial: %{serial}"

+ 12
- 0
config/locales/fr.yml View File

@@ -45,6 +45,18 @@ fr:
45 45
 
46 46
   Not supported: Non supporté
47 47
 
48
+  Checks: Vérifications
49
+  Severity: Sévèrité
50
+
51
+  Certificates: Certificats
52
+  Subject: Sujet
53
+  Serial: Numéro de série
54
+  Issuer: Émetteur
55
+  Not before: Pas avant
56
+  Not after: Pas après
57
+  Fingerprint: Empreinte
58
+  "Fingerprint: %{fingerprint}": "Empreinte : %{fingerprint}"
59
+
48 60
   date:
49 61
     abbr_day_names:
50 62
     - dim

Loading…
Cancel
Save