Browse Source

Separate ECC from RSA for key status

master
aeris 3 years ago
parent
commit
28e1c8c2e3
2 changed files with 43 additions and 22 deletions
  1. 6
    7
      lib/cryptcheck/tls.rb
  2. 37
    15
      lib/cryptcheck/tls/fixture.rb

+ 6
- 7
lib/cryptcheck/tls.rb View File

@@ -16,16 +16,15 @@ module CryptCheck
end

def self.key_to_s(key)
size = key.rsa_equivalent_size
type_color = case key.type
when :ecc then { color: :green }
when :dsa then { color: :yellow }
end
size_color = case size
when 0...1024 then { color: :white, background: :red }
when 1024...2048 then { color: :yellow }
when 4096...::Float::INFINITY then { color: :green }
when :dsa then { color: :red }
end
size_color = case key.status
when :error then { color: :white, background: :red }
when :warning then { color: :yellow }
when :success then { color: :green }
end
"#{key.type.to_s.upcase.colorize type_color} #{key.size.to_s.colorize size_color} bits"
end
end

+ 37
- 15
lib/cryptcheck/tls/fixture.rb View File

@@ -24,18 +24,26 @@ class ::OpenSSL::PKey::EC

def rsa_equivalent_size
case self.size
when 160 then 1024
when 224 then 2048
when 256 then 3072
when 384 then 7680
when 521 then 15360
when 571 then 21000
when 160 then 1024
when 224 then 2048
when 256 then 3072
when 384 then 7680
when 521 then 15360
when 571 then 21000
end
end

def to_s
"ECC #{self.size} bits"
end

def status
case self.size
when 0...160 then :error
when 160...256 then :warning
when 384...::Float::INFINITY then :success
end
end
end

class ::OpenSSL::PKey::RSA
@@ -47,13 +55,19 @@ class ::OpenSSL::PKey::RSA
self.n.num_bits
end

def rsa_equivalent_size
self.size
end
alias :rsa_equivalent_size :size

def to_s
"RSA #{self.size} bits"
end

def status
case self.size
when 0...1024 then :error
when 1024...2048 then :warning
when 4096...::Float::INFINITY then :success
end
end
end

class ::OpenSSL::PKey::DSA
@@ -65,13 +79,15 @@ class ::OpenSSL::PKey::DSA
self.p.num_bits
end

def rsa_equivalent_size
self.size
end
alias :rsa_equivalent_size :size

def to_s
"DSA #{self.size} bits"
end

def status
return :critical
end
end

class ::OpenSSL::PKey::DH
@@ -83,11 +99,17 @@ class ::OpenSSL::PKey::DH
self.p.num_bits
end

def rsa_equivalent_size
self.size
end
alias :rsa_equivalent_size :size

def to_s
"DH #{self.size} bits"
end

def status
case self.size
when 0...1024 then :error
when 1024...2048 then :warning
when 4096...::Float::INFINITY then :success
end
end
end

Loading…
Cancel
Save