aeris
/
cryptcheck
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Better to not duplicate checks

new-scoring
aeris 2 years ago
parent
26cd78912c
commit
c25c9f1636
4 changed files with 27 additions and 47 deletions
Split View Show Diff Stats
  1. 17
    2
      lib/cryptcheck/state.rb
  2. 1
    1
      lib/cryptcheck/tls/cert.rb
  3. 8
    0
      lib/cryptcheck/tls/curve.rb
  4. 1
    44
      lib/cryptcheck/tls/grade.rb

+ 17
- 2
lib/cryptcheck/state.rb View File 

@@ -43,6 +43,11 @@ module CryptCheck
43 43 
 			LEVELS.find_index(a.status) <=> LEVELS.find_index(b.status)
44 44 
 		end
45 45
46 
+		def performed_checks
47 
+			self.states # Force internal resolution
48 
+			@performed_checks
49 
+		end
50 
+
46 51 
 		private
47 52 
 		def self.convert(status)
48 53 
 			status = [status] unless status.respond_to? :first
 
@@ -77,12 +82,22 @@ module CryptCheck
77 82 
 		end
78 83
79 84 
 		def personal_states
80 
-			states = State.empty
81 
-			checks.each do |check|
85 
+			states           = State.empty
86 
+			performed_checks = checks
87 
+			performed_checks.each do |check|
82 88 
 				level, name = perform_check check
83 89 
 				next unless level
84 90 
 				states[level] << name
85 91 
 			end
92 
+
93 
+			performed_checks  = [
94 
+					performed_checks
95 
+							.collect { |n, _, l| [l, n] }
96 
+							.group_by(&:first)
97 
+							.map { |k, v| [k, v.collect(&:last)] }.to_h
98 
+			] + children.collect(&:performed_checks)
99 
+			@performed_checks = State.merge *performed_checks
100 
+
86 101 
 			states
87 102 
 		end
88 103

+ 1
- 1
lib/cryptcheck/tls/cert.rb View File 

@@ -107,7 +107,7 @@ module CryptCheck
107 107 
 				@cert.issuer
108 108 
 			end
109 109
110 
-			include ::CryptCheck::State
110 
+			include State
111 111
112 112 
 			CHECKS = WEAK_SIGN.collect do |level, hashes|
113 113 
 				hashes.collect do |hash|

+ 8
- 0
lib/cryptcheck/tls/curve.rb View File 

@@ -39,6 +39,14 @@ module CryptCheck
39 39 
 						@name == other.name
40 40 
 				end
41 41 
 			end
42 
+
43 
+			include State
44 
+
45 
+			CHECKS = [].freeze
46 
+
47 
+			def checks
48 
+				CHECKS
49 
+			end
42 50 
 		end
43 51 
 	end
44 52 
 end

+ 1
- 44
lib/cryptcheck/tls/grade.rb View File 

@@ -5,8 +5,8 @@ module CryptCheck
5 5
6 6 
 			def initialize(server)
7 7 
 				@server = server
8 
-				@checks = checks
9 8 
 				@states = @server.states
9 
+				@checks = @server.performed_checks
10 10 
 				Logger.info { '' }
11 11 
 				Logger.ap :checks, @checks
12 12 
 				Logger.ap :states, @states
 
@@ -33,42 +33,6 @@ module CryptCheck
33 33 
 			end
34 34
35 35 
 			private
36 
-			CHECKS = {
37 
-					best:     %i(
38 
-
39 
-							  ),
40 
-					perfect:  %i(
41 
-						tlsv1_2_only
42 
-						pfs_only
43 
-						ecdhe_only
44 
-					),
45 
-					good:     %i(
46 
-						tlsv1_2
47 
-						pfs
48 
-						ecdhe
49 
-						aead
50 
-					),
51 
-					warning:  %i(
52 
-						weak_key
53 
-						weak_dh
54 
-						dhe
55 
-					),
56 
-					error:    %i(
57 
-						weak_key
58 
-						weak_dh
59 
-					),
60 
-					critical: %i(
61 
-						mdc2_sign md2_sign md4_sign md5_sign sha_sign sha1_sign
62 
-						weak_key
63 
-						weak_dh
64 
-						sslv2 sslv3
65 
-					),
66 
-			}.freeze
67 
-
68 
-			def checks
69 
-				CHECKS
70 
-			end
71 
-
72 36 
 			def calculate_grade
73 37 
 				return 'V' unless @server.valid?
74 38 
 				return 'T' unless @server.trusted?
 
@@ -94,13 +58,6 @@ module CryptCheck
94 58 
 							Logger.info { "Missing #{type} : #{missed}" }
95 59 
 							return score2
96 60 
 						end
97 
-
98 
-						# I'm not error prone. The code yes.
99 
-						additional = available - expected
100 
-						unless additional.empty?
101 
-							Logger.fatal { "Developper missed #{type} : #{additional}".colorize :critical }
102 
-							exit -1
103 
-						end
104 61 
 					end
105 62 
 				end
106 63

Write Preview
Loading…
Cancel
Save