You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

82 lines
2.2KB

  1. module CryptCheck
  2. module Tls
  3. class Grade
  4. attr_reader :server, :score, :grade, :error, :danger, :warning, :success
  5. def initialize(server)
  6. @server = server
  7. calculate_states
  8. calculate_grade
  9. end
  10. def display
  11. color = case self.grade
  12. when 'A+' then :blue
  13. when 'A' then :green
  14. when 'B', 'C' then :yellow
  15. when 'E', 'F' then :red
  16. when 'M', 'T' then { color: :white, background: :red }
  17. end
  18. Logger.info { "Grade : #{self.grade.colorize color }" }
  19. Logger.info { '' }
  20. Logger.info { "Errors : #{self.error.join(' ').colorize :red }" } unless self.error.empty?
  21. Logger.info { "Warnings : #{self.warning.join(' ').colorize :yellow }" } unless self.warning.empty?
  22. Logger.info { "Best practices : #{self.success.join(' ').colorize :green }" } unless self.success.empty?
  23. end
  24. private
  25. def calculate_grade
  26. @grade = case @score
  27. when 0...20 then 'F'
  28. when 20...35 then 'E'
  29. when 35...50 then 'D'
  30. when 50...65 then 'C'
  31. when 65...80 then 'B'
  32. else 'A'
  33. end
  34. @grade = [@grade, 'B'].max if !@server.tlsv1_2? or %i(error warning).include? @server.key.status
  35. @grade = [@grade, 'F'].max unless @error.empty?
  36. @grade = [@grade, 'F'].max unless @error.empty?
  37. @grade = 'M' unless @server.cert_valid
  38. @grade = 'T' unless @server.cert_trusted
  39. @grade = 'A+' if @grade == 'A' and @error.empty? and @warning.empty? and (all_success & @success) == all_success
  40. end
  41. def calculate_states
  42. ok = Proc.new { |n| @server.send "#{n}?" }
  43. state = {
  44. success: all_success.select { |n| ok.call n },
  45. warning: all_warning.select { |n| ok.call n },
  46. danger: all_danger.select { |n| ok.call n },
  47. error: all_error.select { |n| ok.call n }
  48. }
  49. @success, @warning, @danger, @error = state[:success], state[:warning], state[:danger], state[:error]
  50. end
  51. ALL_ERROR = %i(md5_sig md5 anonymous dss null export des des3 rc4)
  52. def all_error
  53. ALL_ERROR
  54. end
  55. ALL_DANGER = %i()
  56. def all_danger
  57. ALL_DANGER
  58. end
  59. ALL_WARNING = %i(sha1_sig)
  60. def all_warning
  61. ALL_WARNING
  62. end
  63. ALL_SUCCESS = %i(pfs_only)
  64. def all_success
  65. ALL_SUCCESS
  66. end
  67. end
  68. end
  69. end