parent
7753d023a2
commit
67b2654e22
@ -1,21 +1,2 @@ |
||||
source 'https://rubygems.org' |
||||
|
||||
gem 'rake' |
||||
gem 'httparty' |
||||
gem 'nokogiri' |
||||
gem 'net-ssh', '>= 2.9.2.beta' |
||||
gem 'net-scp' |
||||
gem 'tcp_timeout' |
||||
gem 'parallel' |
||||
gem 'ruby-progressbar' |
||||
gem 'logging' |
||||
#gem 'activerecord' |
||||
#gem 'sqlite3' |
||||
gem 'colorize' |
||||
|
||||
group :test do |
||||
gem 'rspec' |
||||
gem 'webmock' |
||||
end |
||||
|
||||
gem 'debase' |
||||
gemspec |
||||
|
@ -0,0 +1,38 @@ |
||||
# coding: utf-8 |
||||
lib = File.expand_path('../lib', __FILE__) |
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) |
||||
|
||||
Gem::Specification.new do |spec| |
||||
spec.name = 'cryptcheck' |
||||
spec.version = '1.0.0' |
||||
spec.authors = ['Aeris'] |
||||
spec.email = ['aeris+tls@imirhil.fr'] |
||||
|
||||
spec.summary = %q{Check best practices on crypto-stack implementation} |
||||
spec.description = %q{Verify if best practices are well implemented on current crypto-stack (TLS & SSH) protocol (HTTPS, SMTP, XMPP, SSH & VPN)} |
||||
spec.homepage = 'https://tls.imirhil.fr' |
||||
spec.license = 'AGPLv3+' |
||||
|
||||
if spec.respond_to?(:metadata) |
||||
spec.metadata['allowed_push_host'] = 'TODO: Set to "http://mygemserver.com"' |
||||
else |
||||
raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.' |
||||
end |
||||
|
||||
spec.files = { '*.rb' => %w(lib) } |
||||
.collect_concat { |e, ds| ds.collect_concat { |d| Dir[File.join d, '**', e] } } |
||||
# spec.bindir = 'bin' |
||||
# spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } |
||||
# spec.test_files = spec.files.grep(%r{^spec/}) |
||||
spec.require_paths = %w(lib) |
||||
|
||||
spec.add_development_dependency 'bundler', '~> 1.9', '>= 1.9.8' |
||||
spec.add_development_dependency 'rake', '~> 10.4', '>= 10.4.2' |
||||
spec.add_development_dependency 'rspec', '~> 3.2', '>= 3.2.0' |
||||
|
||||
spec.add_dependency 'httparty', '~> 0.13', '>= 0.13.3' |
||||
spec.add_dependency 'nokogiri', '~> 1.6', '>= 1.6.6' |
||||
spec.add_dependency 'parallel', '~> 1.3', '>= 1.3.4' |
||||
spec.add_dependency 'ruby-progressbar', '~> 1.7', '>= 1.7.1' |
||||
spec.add_dependency 'colorize', '~> 0.7', '>= 0.7.7' |
||||
end |
@ -0,0 +1,69 @@ |
||||
module CryptCheck |
||||
module Tls |
||||
class Cipher |
||||
TYPES = { |
||||
md5: %w(MD5), |
||||
sha1: %w(SHA), |
||||
|
||||
psk: %w(PSK), |
||||
srp: %w(SRP), |
||||
anonymous: %w(ADH AECDH), |
||||
|
||||
dss: %w(DSS), |
||||
|
||||
null: %w(NULL), |
||||
export: %w(EXP), |
||||
des: %w(DES-CBC), |
||||
rc2: %w(RC2), |
||||
rc4: %w(RC4), |
||||
des3: %w(3DES DES-CBC3), |
||||
|
||||
pfs: %w(DHE EDH ECDHE ECDH) |
||||
} |
||||
|
||||
attr_reader :protocol, :name, :size, :dh |
||||
|
||||
def initialize(protocol, cipher, dh) |
||||
@protocol, @dh = protocol, dh |
||||
@name, _, @size = cipher |
||||
end |
||||
|
||||
TYPES.each do |name, ciphers| |
||||
class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 |
||||
def self.#{name}?(cipher) |
||||
#{ciphers}.any? { |c| /(^|-)#\{c\}(-|$)/ =~ cipher } |
||||
end |
||||
def #{name}? |
||||
#{ciphers}.any? { |c| /(^|-)#\{c\}(-|$)/ =~ @name } |
||||
end |
||||
RUBY_EVAL |
||||
end |
||||
|
||||
def ssl? |
||||
sslv2? or sslv3? |
||||
end |
||||
|
||||
def tls? |
||||
tlsv1? or tlsv1_1? or tlsv1_2? |
||||
end |
||||
|
||||
def colorize |
||||
colors = case |
||||
when dss?, |
||||
anonymous?, |
||||
null?, |
||||
export?, |
||||
md5?, |
||||
des?, |
||||
rc4? |
||||
{ color: :white, background: :red } |
||||
when des3? |
||||
{ color: :yellow } |
||||
when pfs? |
||||
{ color: :green } |
||||
end |
||||
@name.colorize colors |
||||
end |
||||
end |
||||
end |
||||
end |
Loading…
Reference in new issue