cryptcheck/test.rb

80 lines
3.7 KiB
Ruby
Executable File

#!/usr/bin/env ruby
#ENV['LD_LIBRARY_PATH'] = '/home/aeris/Workspace/external/sslscan/openssl'
require 'logging'
$:.unshift 'lib'
require 'sslcheck'
Logging.logger.root.appenders = Logging.appenders.stdout
Logging.logger.root.level = :debug
# Server = Class.new SSLCheck::Server do
# def initialize
# @key = OpenSSL::PKey::RSA.new 2048
# name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
# @cert = OpenSSL::X509::Certificate.new
# @cert.version = 3
# @cert.serial = 0
# @cert.not_before = Time.now
# @cert.not_after = Time.now + 3600
# @cert.public_key = @key.public_key
# @cert.subject = name
#
# @supported_ciphers =
# {SSLv3: [], TLSv1: [['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]], TLSv1_1: [['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]], TLSv1_2: [['ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES256-SHA384', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA256', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128], ['ECDHE-RSA-AES128-SHA256', 'TLSv1/SSLv3', 128, 128], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA256', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]]}
# @prefered_ciphers = {SSLv3: nil, TLSv1: ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], TLSv1_1: ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], TLSv1_2: ['ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128]}
#
# @hsts = 31536000
# end
# end
#server = Server.new
#server = SSLCheck::Server.new 'www.cjn.justice.gouv.fr'
#server = SSLCheck::Server.new 'www.capitainetrain.com'
server = SSLCheck::Server.new 'matlink.fr'
p SSLCheck::Grade.new server
exit
hostname, port = ['www.cjn.justice.gouv.fr', 443]
tcp_client = TCPSocket.new hostname, port
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client
ssl_client.hostname = hostname
p ssl_client.connect
#hostname = 'provaping.com'
#compressions = {}
# existing_methods.each do |method|
# next unless supported_methods.include? method
# socket_context = OpenSSL::SSL::SSLContext.new method
# socket_context.ciphers = %w(ALL:COMPLEMENTOFALL)
# tcp_client = TCPSocket.new hostname, port
# ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client, socket_context
# ssl_client.hostname = hostname
# begin
# ssl = ssl_client.connect
# data = OpenSSL::ASN1.decode(ssl.session.to_der).value.find { |a| a.tag == 11 }
# compression = !data.nil?
# compressions[method] = compression
# rescue OpenSSL::SSL::SSLError => e
# end
# end
#p "Compressions", compressions
#hostname = 'espaceclient.groupama.fr' # not supported
# hostname = 'ameli.moncompte.mobi'
# renegociations = {}
# existing_methods.each do |method|
# next unless supported_methods.include? method
# socket_context = OpenSSL::SSL::SSLContext.new method
# socket_context.ciphers = %w(ALL:COMPLEMENTOFALL)
# tcp_client = TCPSocket.new hostname, port
# ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client, socket_context
# ssl_client.hostname = hostname
# begin
# ssl = ssl_client.connect
# p ssl
# #data = OpenSSL::ASN1.decode(ssl.session.to_der).value.find { |a| a.tag == 11 }
# rescue OpenSSL::SSL::SSLError => e
# end
# end
# p "Renegociations", renegociations