aeris
/
cryptcheck
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
130 Commits
2 Branches
Tree: 8d3c33d516
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8d3c33d516'
${ noResults }
cryptcheck/lib/cryptcheck/tls/fixture.rb

fixture.rb 2.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. require 'openssl'

  2. 

  3. class ::OpenSSL::PKey::PKey

  4. 	def fingerprint

  5. 		::OpenSSL::Digest::SHA256.hexdigest self.to_der

  6. 	end

  7. end

  8. 

  9. class ::OpenSSL::PKey::EC

  10. 	def type

  11. 		:ecc

  12. 	end

  13. 

  14. 	def size

  15. 		self.group.degree

  16. 	end

  17. 

  18. 	def curve

  19. 		self.group.curve_name

  20. 	end

  21. 

  22. 	def to_s

  23. 		"ECC #{self.size} bits"

  24. 	end

  25. 

  26. 	def to_h

  27. 		{ type: :ecc, curve: self.curve, size: self.size, fingerprint: self.fingerprint, states: self.states }

  28. 	end

  29. 

  30. 	protected

  31. 	include ::CryptCheck::State

  32. 

  33. 	CHECKS = [

  34. 			[:ecc, %i(critical error warning), -> (s) do

  35. 				case s.size

  36. 					when 0...160

  37. 						:critical

  38. 					when 160...192

  39. 						:error

  40. 					when 192...256

  41. 						:warning

  42. 				end

  43. 			end]

  44. 	].freeze

  45. 

  46. 	def available_checks

  47. 		CHECKS

  48. 	end

  49. end

  50. 

  51. class ::OpenSSL::PKey::RSA

  52. 	def type

  53. 		:rsa

  54. 	end

  55. 

  56. 	def size

  57. 		self.n.num_bits

  58. 	end

  59. 

  60. 	def to_s

  61. 		"RSA #{self.size} bits"

  62. 	end

  63. 

  64. 	def to_h

  65. 		{ type: :rsa, size: self.size, fingerprint: self.fingerprint, states: self.states }

  66. 	end

  67. 

  68. 	protected

  69. 	include ::CryptCheck::State

  70. 

  71. 	CHECKS = [

  72. 			[:rsa, %i(critical error), -> (s) do

  73. 				case s.size

  74. 					when 0...1024

  75. 						:critical

  76. 					when 1024...2048

  77. 						:error

  78. 				end

  79. 			end]

  80. 	].freeze

  81. 

  82. 	def available_checks

  83. 		CHECKS

  84. 	end

  85. end

  86. 

  87. class ::OpenSSL::PKey::DSA

  88. 	def type

  89. 		:dsa

  90. 	end

  91. 

  92. 	def size

  93. 		self.p.num_bits

  94. 	end

  95. 

  96. 	def to_s

  97. 		"DSA #{self.size} bits"

  98. 	end

  99. 

  100. 	def to_h

  101. 		{ type: :dsa, size: self.size, fingerprint: self.fingerprint, states: self.states }

  102. 	end

  103. 

  104. 	include ::CryptCheck::State

  105. 

  106. 	CHECKS = [

  107. 			[:dsa, :critical, -> (_) { true }]

  108. 	].freeze

  109. 

  110. 	protected

  111. 	def available_checks

  112. 		CHECKS

  113. 	end

  114. end

  115. 

  116. class ::OpenSSL::PKey::DH

  117. 	def type

  118. 		:dh

  119. 	end

  120. 

  121. 	def size

  122. 		self.p.num_bits

  123. 	end

  124. 

  125. 	def to_s

  126. 		"DH #{self.size} bits"

  127. 	end

  128. 

  129. 	def to_h

  130. 		{ size: self.size, fingerprint: self.fingerprint, states: self.states }

  131. 	end

  132. 

  133. 	protected

  134. 	include ::CryptCheck::State

  135. 

  136. 	CHECKS = [

  137. 			[:dh, %i(critical error), -> (s) do

  138. 				case s.size

  139. 					when 0...1024

  140. 						:critical

  141. 					when 1024...2048

  142. 						:error

  143. 				end

  144. 			end]

  145. 	].freeze

  146. 

  147. 	protected

  148. 	def available_checks

  149. 		CHECKS

  150. 	end

  151. end

  152. 

  153. class ::OpenSSL::X509::Certificate

  154. 	def fingerprint

  155. 		::OpenSSL::Digest::SHA256.hexdigest self.to_der

  156. 	end

  157. end

  158. 

  159. class ::OpenSSL::X509::Store

  160. 	def add_chains(chains)

  161. 		chains = [chains] unless chains.is_a? Enumerable

  162. 		chains.each do |chain|

  163. 			case chain

  164. 				when ::OpenSSL::X509::Certificate

  165. 					self.add_cert chain

  166. 				else

  167. 					if File.directory?(chain)

  168. 						Dir.entries(chain)

  169. 								.collect { |e| File.join chain, e }

  170. 								.select { |e| File.file? e }

  171. 								.each { |f| self.add_file f }

  172. 					else

  173. 						self.add_file chain

  174. 					end

  175. 			end

  176. 		end

  177. 	end

  178. end