Browse Source

Better to not duplicate checks

new-scoring
aeris 2 years ago
parent
commit
c25c9f1636
4 changed files with 27 additions and 47 deletions
  1. 17
    2
      lib/cryptcheck/state.rb
  2. 1
    1
      lib/cryptcheck/tls/cert.rb
  3. 8
    0
      lib/cryptcheck/tls/curve.rb
  4. 1
    44
      lib/cryptcheck/tls/grade.rb

+ 17
- 2
lib/cryptcheck/state.rb View File

@@ -43,6 +43,11 @@ module CryptCheck
43 43
 			LEVELS.find_index(a.status) <=> LEVELS.find_index(b.status)
44 44
 		end
45 45
 
46
+		def performed_checks
47
+			self.states # Force internal resolution
48
+			@performed_checks
49
+		end
50
+
46 51
 		private
47 52
 		def self.convert(status)
48 53
 			status = [status] unless status.respond_to? :first
@@ -77,12 +82,22 @@ module CryptCheck
77 82
 		end
78 83
 
79 84
 		def personal_states
80
-			states = State.empty
81
-			checks.each do |check|
85
+			states           = State.empty
86
+			performed_checks = checks
87
+			performed_checks.each do |check|
82 88
 				level, name = perform_check check
83 89
 				next unless level
84 90
 				states[level] << name
85 91
 			end
92
+
93
+			performed_checks  = [
94
+					performed_checks
95
+							.collect { |n, _, l| [l, n] }
96
+							.group_by(&:first)
97
+							.map { |k, v| [k, v.collect(&:last)] }.to_h
98
+			] + children.collect(&:performed_checks)
99
+			@performed_checks = State.merge *performed_checks
100
+
86 101
 			states
87 102
 		end
88 103
 

+ 1
- 1
lib/cryptcheck/tls/cert.rb View File

@@ -107,7 +107,7 @@ module CryptCheck
107 107
 				@cert.issuer
108 108
 			end
109 109
 
110
-			include ::CryptCheck::State
110
+			include State
111 111
 
112 112
 			CHECKS = WEAK_SIGN.collect do |level, hashes|
113 113
 				hashes.collect do |hash|

+ 8
- 0
lib/cryptcheck/tls/curve.rb View File

@@ -39,6 +39,14 @@ module CryptCheck
39 39
 						@name == other.name
40 40
 				end
41 41
 			end
42
+
43
+			include State
44
+
45
+			CHECKS = [].freeze
46
+
47
+			def checks
48
+				CHECKS
49
+			end
42 50
 		end
43 51
 	end
44 52
 end

+ 1
- 44
lib/cryptcheck/tls/grade.rb View File

@@ -5,8 +5,8 @@ module CryptCheck
5 5
 
6 6
 			def initialize(server)
7 7
 				@server = server
8
-				@checks = checks
9 8
 				@states = @server.states
9
+				@checks = @server.performed_checks
10 10
 				Logger.info { '' }
11 11
 				Logger.ap :checks, @checks
12 12
 				Logger.ap :states, @states
@@ -33,42 +33,6 @@ module CryptCheck
33 33
 			end
34 34
 
35 35
 			private
36
-			CHECKS = {
37
-					best:     %i(
38
-
39
-							  ),
40
-					perfect:  %i(
41
-						tlsv1_2_only
42
-						pfs_only
43
-						ecdhe_only
44
-					),
45
-					good:     %i(
46
-						tlsv1_2
47
-						pfs
48
-						ecdhe
49
-						aead
50
-					),
51
-					warning:  %i(
52
-						weak_key
53
-						weak_dh
54
-						dhe
55
-					),
56
-					error:    %i(
57
-						weak_key
58
-						weak_dh
59
-					),
60
-					critical: %i(
61
-						mdc2_sign md2_sign md4_sign md5_sign sha_sign sha1_sign
62
-						weak_key
63
-						weak_dh
64
-						sslv2 sslv3
65
-					),
66
-			}.freeze
67
-
68
-			def checks
69
-				CHECKS
70
-			end
71
-
72 36
 			def calculate_grade
73 37
 				return 'V' unless @server.valid?
74 38
 				return 'T' unless @server.trusted?
@@ -94,13 +58,6 @@ module CryptCheck
94 58
 							Logger.info { "Missing #{type} : #{missed}" }
95 59
 							return score2
96 60
 						end
97
-
98
-						# I'm not error prone. The code yes.
99
-						additional = available - expected
100
-						unless additional.empty?
101
-							Logger.fatal { "Developper missed #{type} : #{additional}".colorize :critical }
102
-							exit -1
103
-						end
104 61
 					end
105 62
 				end
106 63
 

Loading…
Cancel
Save