4 changed files with 27 additions and 47 deletions
+ 17
- 2
lib/cryptcheck/state.rb
View File
| @@ -43,6 +43,11 @@ module CryptCheck | |||
| LEVELS.find_index(a.status) <=> LEVELS.find_index(b.status) | |||
| end | |||
| def performed_checks | |||
| self.states # Force internal resolution | |||
| @performed_checks | |||
| end | |||
| private | |||
| def self.convert(status) | |||
| status = [status] unless status.respond_to? :first | |||
| @@ -77,12 +82,22 @@ module CryptCheck | |||
| end | |||
| def personal_states | |||
| states = State.empty | |||
| checks.each do |check| | |||
| states = State.empty | |||
| performed_checks = checks | |||
| performed_checks.each do |check| | |||
| level, name = perform_check check | |||
| next unless level | |||
| states[level] << name | |||
| end | |||
| performed_checks = [ | |||
| performed_checks | |||
| .collect { |n, _, l| [l, n] } | |||
| .group_by(&:first) | |||
| .map { |k, v| [k, v.collect(&:last)] }.to_h | |||
| ] + children.collect(&:performed_checks) | |||
| @performed_checks = State.merge *performed_checks | |||
| states | |||
| end | |||
+ 1
- 1
lib/cryptcheck/tls/cert.rb
View File
| @@ -107,7 +107,7 @@ module CryptCheck | |||
| @cert.issuer | |||
| end | |||
| include ::CryptCheck::State | |||
| include State | |||
| CHECKS = WEAK_SIGN.collect do |level, hashes| | |||
| hashes.collect do |hash| | |||
+ 8
- 0
lib/cryptcheck/tls/curve.rb
View File
| @@ -39,6 +39,14 @@ module CryptCheck | |||
| @name == other.name | |||
| end | |||
| end | |||
| include State | |||
| CHECKS = [].freeze | |||
| def checks | |||
| CHECKS | |||
| end | |||
| end | |||
| end | |||
| end | |||
+ 1
- 44
lib/cryptcheck/tls/grade.rb
View File
| @@ -5,8 +5,8 @@ module CryptCheck | |||
| def initialize(server) | |||
| @server = server | |||
| @checks = checks | |||
| @states = @server.states | |||
| @checks = @server.performed_checks | |||
| Logger.info { '' } | |||
| Logger.ap :checks, @checks | |||
| Logger.ap :states, @states | |||
| @@ -33,42 +33,6 @@ module CryptCheck | |||
| end | |||
| private | |||
| CHECKS = { | |||
| best: %i( | |||
| ), | |||
| perfect: %i( | |||
| tlsv1_2_only | |||
| pfs_only | |||
| ecdhe_only | |||
| ), | |||
| good: %i( | |||
| tlsv1_2 | |||
| pfs | |||
| ecdhe | |||
| aead | |||
| ), | |||
| warning: %i( | |||
| weak_key | |||
| weak_dh | |||
| dhe | |||
| ), | |||
| error: %i( | |||
| weak_key | |||
| weak_dh | |||
| ), | |||
| critical: %i( | |||
| mdc2_sign md2_sign md4_sign md5_sign sha_sign sha1_sign | |||
| weak_key | |||
| weak_dh | |||
| sslv2 sslv3 | |||
| ), | |||
| }.freeze | |||
| def checks | |||
| CHECKS | |||
| end | |||
| def calculate_grade | |||
| return 'V' unless @server.valid? | |||
| return 'T' unless @server.trusted? | |||
| @@ -94,13 +58,6 @@ module CryptCheck | |||
| Logger.info { "Missing #{type} : #{missed}" } | |||
| return score2 | |||
| end | |||
| # I'm not error prone. The code yes. | |||
| additional = available - expected | |||
| unless additional.empty? | |||
| Logger.fatal { "Developper missed #{type} : #{additional}".colorize :critical } | |||
| exit -1 | |||
| end | |||
| end | |||
| end | |||
Loading…