Export result to hash

6 years ago · 971f05c524
parent 9cfea50107
commit 971f05c524
8 changed files with 79 additions and 15 deletions
--- a/lib/cryptcheck/tls/cert.rb
+++ b/lib/cryptcheck/tls/cert.rb
@ -107,6 +107,30 @@ module CryptCheck
 				@cert.issuer
 			end

+			def lifetime
+				{ not_before: @cert.not_before, not_after: @cert.not_after }
+			end
+
+			def to_h
+				{
+						subject:     self.subject.to_s,
+						serial:      self.serial.to_s,
+						issuer:      self.issuer.to_s,
+						lifetime:    self.lifetime,
+						fingerprint: self.fingerprint,
+						chain:       @chain.collect do |cert|
+							{
+									subject:  cert.subject.to_s,
+									serial:   cert.serial.to_s,
+									issuer:   cert.issuer.to_s,
+									lifetime: { not_before: cert.not_before, not_after: cert.not_after }
+							}
+						end,
+						key:         self.key.to_h,
+						states:      self.states
+				}
+			end
+
 			protected
 			include State

--- a/lib/cryptcheck/tls/cipher.rb
+++ b/lib/cryptcheck/tls/cipher.rb
@ -111,6 +111,15 @@ module CryptCheck
 				end
 			end

+			def to_h
+				hmac = self.hmac
+				{
+						protocol:   @method, name: self.name, key_exchange: self.kex, authentication: self.auth,
+						encryption: { name: self.encryption, mode: self.mode, block_size: self.block_size },
+						hmac:       { name: hmac.first, size: hmac.last }, states: self.states
+				}
+			end
+
 			def <=>(other)
 				compare = State.compare self, other
 				return compare unless compare == 0
--- a/lib/cryptcheck/tls/curve.rb
+++ b/lib/cryptcheck/tls/curve.rb
@ -29,6 +29,10 @@ module CryptCheck
 				@name
 			end

+			def to_h
+				{ name: @name, states: self.states }
+			end
+
 			def ==(other)
 				case other
 					when String
--- a/lib/cryptcheck/tls/engine.rb
+++ b/lib/cryptcheck/tls/engine.rb
@ -139,7 +139,7 @@ module CryptCheck
 			def fetch_dh
 				@dh = @supported_ciphers.collect do |_, ciphers|
 					ciphers.values.collect(&:tmp_key).select { |d| d.is_a? OpenSSL::PKey::DH }
-				end.flatten
+				end.flatten.uniq &:fingerprint
 			end

 			def fetch_ecdsa_certs
@ -455,21 +455,9 @@ module CryptCheck
 				@keys = @certs.collect &:key
 			end

-			def uniq_dh
-				dh, find = [], []
-				@dh.each do |k|
-					f = [k.type, k.size]
-					unless find.include? f
-						dh << k
-						find << f
-					end
-				end
-				@dh = dh
-			end
-
 			private
 			def uniq_supported_ciphers
-				@supported_ciphers.values.collect(&:keys).flatten.uniq
+				@uniq_supported_ciphers ||= @supported_ciphers.values.collect(&:keys).flatten.uniq
 			end
 		end
 	end
--- a/lib/cryptcheck/tls/fixture.rb
+++ b/lib/cryptcheck/tls/fixture.rb
@ -1,5 +1,11 @@
 require 'openssl'

+class ::OpenSSL::PKey::PKey
+	def fingerprint
+		::OpenSSL::Digest::SHA256.hexdigest self.to_der
+	end
+end
+
 class ::OpenSSL::PKey::EC
 	def type
 		:ecc
@ -17,6 +23,10 @@ class ::OpenSSL::PKey::EC
 		"ECC #{self.size} bits"
 	end

+	def to_h
+		{ type: :ecc, curve: self.curve, size: self.size, fingerprint: self.fingerprint, states: self.states }
+	end
+
 	protected
 	include ::CryptCheck::State

@ -51,6 +61,10 @@ class ::OpenSSL::PKey::RSA
 		"RSA #{self.size} bits"
 	end

+	def to_h
+		{ type: :rsa, size: self.size, fingerprint: self.fingerprint, states: self.states }
+	end
+
 	protected
 	include ::CryptCheck::State

@ -83,6 +97,10 @@ class ::OpenSSL::PKey::DSA
 		"DSA #{self.size} bits"
 	end

+	def to_h
+		{ type: :dsa, size: self.size, fingerprint: self.fingerprint, states: self.states }
+	end
+
 	include ::CryptCheck::State

 	CHECKS = [
@ -108,6 +126,10 @@ class ::OpenSSL::PKey::DH
 		"DH #{self.size} bits"
 	end

+	def to_h
+		{ size: self.size, fingerprint: self.fingerprint, states: self.states }
+	end
+
 	protected
 	include ::CryptCheck::State

--- a/lib/cryptcheck/tls/https/server.rb
+++ b/lib/cryptcheck/tls/https/server.rb
@ -48,6 +48,10 @@ module CryptCheck
 					hsts? and @hsts >= LONG_HSTS
 				end

+				def to_h
+					super.merge({ hsts: @hsts })
+				end
+
 				protected
 				def available_checks
 					super + [
--- a/lib/cryptcheck/tls/method.rb
+++ b/lib/cryptcheck/tls/method.rb
@ -27,6 +27,10 @@ module CryptCheck
 				super.colorize colors
 			end

+			def to_h
+				{ protocol: self.to_sym, states: self.states }
+			end
+
 			alias :to_sym :__getobj__

 			def <=>(other)
--- a/lib/cryptcheck/tls/server.rb
+++ b/lib/cryptcheck/tls/server.rb
@ -62,7 +62,16 @@ module CryptCheck
 			end

 			def to_h
-
+				{
+						certs:            @certs.collect(&:to_h),
+						dh:               @dh.collect(&:to_h),
+						protocols:        @supported_methods.collect(&:to_h),
+						ciphers:          uniq_supported_ciphers.collect(&:to_h),
+						cipher_suites:    @preferences.collect { |p, cs| { protocol: p, cipher_suite: cs.collect(&:name) } },
+						curves:           @supported_curves.collect(&:to_h),
+						curve_preference: @curves_preference.collect(&:name),
+						fallback_scsv:    @fallback_scsv
+				}
 			end

 			protected