2 years ago · 971f05c524
--- a/lib/cryptcheck/tls/cert.rb
+++ b/lib/cryptcheck/tls/cert.rb
@@ -107,6 +107,30 @@ module CryptCheck
 				@cert.issuer
 			end

 			def lifetime
 				{ not_before: @cert.not_before, not_after: @cert.not_after }
 			end

 			def to_h
 				{
 						subject:     self.subject.to_s,
 						serial:      self.serial.to_s,
 						issuer:      self.issuer.to_s,
 						lifetime:    self.lifetime,
 						fingerprint: self.fingerprint,
 						chain:       @chain.collect do |cert|
 							{
 									subject:  cert.subject.to_s,
 									serial:   cert.serial.to_s,
 									issuer:   cert.issuer.to_s,
 									lifetime: { not_before: cert.not_before, not_after: cert.not_after }
 							}
 						end,
 						key:         self.key.to_h,
 						states:      self.states
 				}
 			end

 			protected
 			include State

--- a/lib/cryptcheck/tls/cipher.rb
+++ b/lib/cryptcheck/tls/cipher.rb
@@ -111,6 +111,15 @@ module CryptCheck
 				end
 			end

 			def to_h
 				hmac = self.hmac
 				{
 						protocol:   @method, name: self.name, key_exchange: self.kex, authentication: self.auth,
 						encryption: { name: self.encryption, mode: self.mode, block_size: self.block_size },
 						hmac:       { name: hmac.first, size: hmac.last }, states: self.states
 				}
 			end

 			def <=>(other)
 				compare = State.compare self, other
 				return compare unless compare == 0
--- a/lib/cryptcheck/tls/curve.rb
+++ b/lib/cryptcheck/tls/curve.rb
@@ -29,6 +29,10 @@ module CryptCheck
 				@name
 			end

 			def to_h
 				{ name: @name, states: self.states }
 			end

 			def ==(other)
 				case other
 					when String
--- a/lib/cryptcheck/tls/engine.rb
+++ b/lib/cryptcheck/tls/engine.rb
@@ -139,7 +139,7 @@ module CryptCheck
 			def fetch_dh
 				@dh = @supported_ciphers.collect do |_, ciphers|
 					ciphers.values.collect(&:tmp_key).select { |d| d.is_a? OpenSSL::PKey::DH }
 				end.flatten
 				end.flatten.uniq &:fingerprint
 			end

 			def fetch_ecdsa_certs
@@ -455,21 +455,9 @@ module CryptCheck
 				@keys = @certs.collect &:key
 			end

 			def uniq_dh
 				dh, find = [], []
 				@dh.each do |k|
 					f = [k.type, k.size]
 					unless find.include? f
 						dh << k
 						find << f
 					end
 				end
 				@dh = dh
 			end

 			private
 			def uniq_supported_ciphers
 				@supported_ciphers.values.collect(&:keys).flatten.uniq
 				@uniq_supported_ciphers ||= @supported_ciphers.values.collect(&:keys).flatten.uniq
 			end
 		end
 	end
--- a/lib/cryptcheck/tls/fixture.rb
+++ b/lib/cryptcheck/tls/fixture.rb
@@ -1,5 +1,11 @@
 require 'openssl'

 class ::OpenSSL::PKey::PKey
 	def fingerprint
 		::OpenSSL::Digest::SHA256.hexdigest self.to_der
 	end
 end

 class ::OpenSSL::PKey::EC
 	def type
 		:ecc
@@ -17,6 +23,10 @@ class ::OpenSSL::PKey::EC
 		"ECC #{self.size} bits"
 	end

 	def to_h
 		{ type: :ecc, curve: self.curve, size: self.size, fingerprint: self.fingerprint, states: self.states }
 	end

 	protected
 	include ::CryptCheck::State

@@ -51,6 +61,10 @@ class ::OpenSSL::PKey::RSA
 		"RSA #{self.size} bits"
 	end

 	def to_h
 		{ type: :rsa, size: self.size, fingerprint: self.fingerprint, states: self.states }
 	end

 	protected
 	include ::CryptCheck::State

@@ -83,6 +97,10 @@ class ::OpenSSL::PKey::DSA
 		"DSA #{self.size} bits"
 	end

 	def to_h
 		{ type: :dsa, size: self.size, fingerprint: self.fingerprint, states: self.states }
 	end

 	include ::CryptCheck::State

 	CHECKS = [
@@ -108,6 +126,10 @@ class ::OpenSSL::PKey::DH
 		"DH #{self.size} bits"
 	end

 	def to_h
 		{ size: self.size, fingerprint: self.fingerprint, states: self.states }
 	end

 	protected
 	include ::CryptCheck::State

--- a/lib/cryptcheck/tls/https/server.rb
+++ b/lib/cryptcheck/tls/https/server.rb
@@ -48,6 +48,10 @@ module CryptCheck
 					hsts? and @hsts >= LONG_HSTS
 				end

 				def to_h
 					super.merge({ hsts: @hsts })
 				end

 				protected
 				def available_checks
 					super + [
--- a/lib/cryptcheck/tls/method.rb
+++ b/lib/cryptcheck/tls/method.rb
@@ -27,6 +27,10 @@ module CryptCheck
 				super.colorize colors
 			end

 			def to_h
 				{ protocol: self.to_sym, states: self.states }
 			end

 			alias :to_sym :__getobj__

 			def <=>(other)
--- a/lib/cryptcheck/tls/server.rb
+++ b/lib/cryptcheck/tls/server.rb
@@ -62,7 +62,16 @@ module CryptCheck
 			end

 			def to_h

 				{
 						certs:            @certs.collect(&:to_h),
 						dh:               @dh.collect(&:to_h),
 						protocols:        @supported_methods.collect(&:to_h),
 						ciphers:          uniq_supported_ciphers.collect(&:to_h),
 						cipher_suites:    @preferences.collect { |p, cs| { protocol: p, cipher_suite: cs.collect(&:name) } },
 						curves:           @supported_curves.collect(&:to_h),
 						curve_preference: @curves_preference.collect(&:name),
 						fallback_scsv:    @fallback_scsv
 				}
 			end

 			protected