@@ -85,8 +85,8 @@ module CryptCheck | |||
{ | |||
success: %i(pfs).select { |n| ok.call n }, | |||
warning: %i().select { |n| ok.call n }, | |||
danger: %i(des3).select { |n| ok.call n }, | |||
error: %i(dss md5 psk srp anonymous null export des rc2 rc4).select { |n| ok.call n } | |||
danger: %i().select { |n| ok.call n }, | |||
error: %i(dss md5 psk srp anonymous null export des des3 rc2 rc4 idea).select { |n| ok.call n } | |||
} | |||
end | |||
@@ -46,7 +46,7 @@ module CryptCheck | |||
end | |||
@grade = [@grade, 'B'].max if !@server.tlsv1_2? or @server.key_size < 2048 | |||
@grade = [@grade, 'C'].max if @server.des3? | |||
@grade = [@grade, 'F'].max unless @error.empty? | |||
@grade = [@grade, 'F'].max unless @error.empty? | |||
@grade = 'M' unless @server.cert_valid | |||
@@ -58,27 +58,30 @@ module CryptCheck | |||
def calculate_states | |||
ok = Proc.new { |n| @server.send "#{n}?" } | |||
state = { | |||
success: %i().select { |n| ok.call n }, | |||
warning: %i(sha1_sig).select { |n| ok.call n }, | |||
danger: %i(des3).select { |n| ok.call n }, | |||
error: %i(md5_sig md5 sslv2 sslv3 anonymous dss null export des rc4).select { |n| ok.call n } | |||
success: all_success.select { |n| ok.call n }, | |||
warning: all_warning.select { |n| ok.call n }, | |||
danger: all_danger.select { |n| ok.call n }, | |||
error: all_error.select { |n| ok.call n } | |||
} | |||
state[:success] << :pfs if @server.pfs_only? | |||
@success, @warning, @danger, @error = state[:success], state[:warning], state[:danger], state[:error] | |||
end | |||
ALL_ERROR = %i(md5_sig md5 anonymous dss null export des rc4) | |||
ALL_ERROR = %i(md5_sig md5 anonymous dss null export des des3 rc4) | |||
def all_error | |||
ALL_ERROR | |||
end | |||
ALL_WARNING = %i(sha1_sig des3) | |||
ALL_DANGER = %i() | |||
def all_danger | |||
ALL_DANGER | |||
end | |||
ALL_WARNING = %i(sha1_sig) | |||
def all_warning | |||
ALL_WARNING | |||
end | |||
ALL_SUCCESS = %i(pfs) | |||
ALL_SUCCESS = %i(pfs_only) | |||
def all_success | |||
ALL_SUCCESS | |||
end | |||
@@ -2,13 +2,6 @@ module CryptCheck | |||
module Tls | |||
module Https | |||
class Grade < Tls::Grade | |||
private | |||
def calculate_states | |||
super | |||
@success << :hsts if @server.hsts? | |||
@success << :hsts_long if @server.hsts_long? | |||
end | |||
def all_success | |||
super + %i(hsts hsts_long) | |||
end | |||
@@ -2,11 +2,6 @@ module CryptCheck | |||
module Tls | |||
module Xmpp | |||
class Grade < Tls::Grade | |||
def calculate_states | |||
super | |||
@success << :required if @server.required? | |||
end | |||
def all_success | |||
super + %i(required) | |||
end | |||
@@ -66,8 +66,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="critical">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
<td class="info">HSTS</td> | |||
@@ -89,7 +89,7 @@ | |||
when 'A+' then :info | |||
when 'A', 'A-' then :success | |||
when 'B', 'C' then :warning | |||
when 'T', 'M' then :critical | |||
when 'F', 'T', 'M' then :critical | |||
else :danger | |||
end | |||
%> | |||
@@ -136,13 +136,13 @@ | |||
<%= s.sha1? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.sha1? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= (s.rc4? or s.des?) ? :critical : :success %>"> | |||
<%= (s.rc4? or s.des?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.rc4? or s.des?) ? '☹' : '☺' %>)</span> | |||
<td class="<%= s.rc4? ? :critical : :success %>"> | |||
<%= s.rc4? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.rc4? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.des3? ? :danger : :success %>"> | |||
<%= s.des3? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.des3? ? '☹' : '☺' %>)</span> | |||
<td class="<%= (s.des? or s.des3?) ? :critical : :success %>"> | |||
<%= (s.des? or s.des3?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.des? or s.des3?) ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.pfs? ? (s.pfs_only? ? :info : :success) : :danger %>"> | |||
@@ -171,8 +171,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="critical">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
<td class="info">HSTS</td> | |||
@@ -66,8 +66,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="critical">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
</tr> | |||
@@ -88,7 +88,7 @@ | |||
when 'A+' then :info | |||
when 'A', 'A-' then :success | |||
when 'B', 'C' then :warning | |||
when 'T', 'M' then :critical | |||
when 'F', 'T', 'M' then :critical | |||
else :danger | |||
end | |||
%> | |||
@@ -138,13 +138,13 @@ | |||
<%= s.sha1? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.sha1? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= (s.rc4? or s.des?) ? :critical : :success %>"> | |||
<%= (s.rc4? or s.des?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.rc4? or s.des?) ? '☹' : '☺' %>)</span> | |||
<td class="<%= s.rc4? ? :critical : :success %>"> | |||
<%= s.rc4? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.rc4? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.des3? ? :danger : :success %>"> | |||
<%= s.des3? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.des3? ? '☹' : '☺' %>)</span> | |||
<td class="<%= (s.des? or s.des3?) ? :critical : :success %>"> | |||
<%= (s.des? or s.des3?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.des? or s.des3?) ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.pfs? ? (s.pfs_only? ? :info : :success) : :danger %>"> | |||
@@ -169,8 +169,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="critical">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
</tr> | |||
@@ -66,8 +66,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="critical">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
<td class="success">Required</td> | |||
@@ -88,7 +88,7 @@ | |||
when 'A+' then :info | |||
when 'A', 'A-' then :success | |||
when 'B', 'C' then :warning | |||
when 'T', 'M' then :critical | |||
when 'F', 'T', 'M' then :critical | |||
else :danger | |||
end %> | |||
<td class="<%= rank_color %>"> | |||
@@ -134,13 +134,13 @@ | |||
<%= s.sha1? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.sha1? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= (s.rc4? or s.des?) ? :critical : :success %>"> | |||
<%= (s.rc4? or s.des?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.rc4? or s.des?) ? '☹' : '☺' %>)</span> | |||
<td class="<%= s.rc4? ? :critical : :success %>"> | |||
<%= s.rc4? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.rc4? ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.des3? ? :danger : :success %>"> | |||
<%= s.des3? ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= s.des3? ? '☹' : '☺' %>)</span> | |||
<td class="<%= (s.des? or s.des3?) ? :critical : :success %>"> | |||
<%= (s.des? or s.des3?) ? '✓' : '✗' %> | |||
<span class="sr-only">(<%= (s.des? or s.des3?) ? '☹' : '☺' %>)</span> | |||
</td> | |||
<td class="<%= s.pfs? ? (s.pfs_only? ? :info : :success) : :danger %>"> | |||
@@ -174,8 +174,8 @@ | |||
<td>Strength (bits)</td> | |||
<td class="critical">MD5</td> | |||
<td class="warning">SHA1</td> | |||
<td class="critical">DES/RC4</td> | |||
<td class="danger">3DES</td> | |||
<td class="critical">RC4</td> | |||
<td class="danger">DES/3DES</td> | |||
<td class="info">PFS</td> | |||
<td class="success">Required</td> | |||