Browse Source

Fetch ciphers from cipher suite

master
Aeris 3 years ago
parent
commit
f5bedc0e8f
3 changed files with 10 additions and 3 deletions
  1. 1
    1
      lib/cryptcheck/ssh/server.rb
  2. 7
    0
      lib/cryptcheck/tls/cipher.rb
  3. 2
    2
      lib/cryptcheck/tls/server.rb

+ 1
- 1
lib/cryptcheck/ssh/server.rb View File

@@ -89,7 +89,7 @@ module CryptCheck
'ssh-dss-cert-v00@openssh.com' => :red, # DSA
}

def initialize(hostname, port)
def initialize(hostname, port=22)
@hostname, @port = hostname, port

Logger.info { "#{hostname}:#{port}".colorize :blue }

+ 7
- 0
lib/cryptcheck/tls/cipher.rb View File

@@ -106,6 +106,13 @@ module CryptCheck
a.name <=> b.name
end
end

def self.list(cipher_suite = 'ALL:COMPLEMENTOFALL', protocol: :TLSv1_2)
context = OpenSSL::SSL::SSLContext.new protocol
context.ciphers = cipher_suite
ciphers = context.ciphers.collect { |c| self.new protocol, c }
self.sort ciphers
end
end
end
end

+ 2
- 2
lib/cryptcheck/tls/server.rb View File

@@ -280,8 +280,8 @@ module CryptCheck
store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
store.set_default_paths

%w(cacert mozilla).each do |directory|
::Dir.glob(::File.join '/usr/share/ca-certificates', directory, '*').each do |file|
%w(/etc/ssl/certs).each do |directory|
::Dir.glob(::File.join directory, '*.pem').each do |file|
cert = ::OpenSSL::X509::Certificate.new ::File.read file
begin
store.add_cert cert

Loading…
Cancel
Save