cryptcheck/test.rb

#!/usr/bin/env ruby
#ENV['LD_LIBRARY_PATH'] = '/home/aeris/Workspace/external/sslscan/openssl'
require 'logging'
$:.unshift 'lib'
require 'sslcheck'

Logging.logger.root.appenders = Logging.appenders.stdout
Logging.logger.root.level = :debug

# Server = Class.new SSLCheck::Server do
# 	def initialize
# 		@key = OpenSSL::PKey::RSA.new 2048
# 		name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
# 		@cert = OpenSSL::X509::Certificate.new
# 		@cert.version = 3
# 		@cert.serial = 0
# 		@cert.not_before = Time.now
# 		@cert.not_after = Time.now + 3600
# 		@cert.public_key = @key.public_key
# 		@cert.subject = name
#
# 		@supported_ciphers =
# 		{SSLv3: [], TLSv1: [['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]], TLSv1_1: [['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]], TLSv1_2: [['ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES256-SHA384', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA256', 'TLSv1/SSLv3', 256, 256], ['DHE-RSA-AES256-SHA', 'TLSv1/SSLv3', 256, 256], ['ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128], ['ECDHE-RSA-AES128-SHA256', 'TLSv1/SSLv3', 128, 128], ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA256', 'TLSv1/SSLv3', 128, 128], ['DHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128]]}
# 	 	@prefered_ciphers = {SSLv3: nil, TLSv1: ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], TLSv1_1: ['ECDHE-RSA-AES128-SHA', 'TLSv1/SSLv3', 128, 128], TLSv1_2: ['ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1/SSLv3', 128, 128]}
#
# 		@hsts = 31536000
# 	end
# end
#server = Server.new
#server = SSLCheck::Server.new 'www.cjn.justice.gouv.fr'
#server = SSLCheck::Server.new 'www.capitainetrain.com'
server = SSLCheck::Server.new 'matlink.fr'
p SSLCheck::Grade.new server
exit

hostname, port = ['www.cjn.justice.gouv.fr', 443]
tcp_client = TCPSocket.new hostname, port
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client
ssl_client.hostname = hostname
p ssl_client.connect


#hostname = 'provaping.com'
#compressions = {}
# existing_methods.each do |method|
# 	next unless supported_methods.include? method
# 	socket_context = OpenSSL::SSL::SSLContext.new method
# 	socket_context.ciphers = %w(ALL:COMPLEMENTOFALL)
# 	tcp_client = TCPSocket.new hostname, port
# 	ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client, socket_context
# 	ssl_client.hostname = hostname
# 	begin
# 		ssl = ssl_client.connect
# 		data = OpenSSL::ASN1.decode(ssl.session.to_der).value.find { |a| a.tag == 11 }
# 		compression = !data.nil?
# 		compressions[method] = compression
# 	rescue OpenSSL::SSL::SSLError => e
# 	end
# end
#p "Compressions", compressions

#hostname = 'espaceclient.groupama.fr' # not supported
# hostname = 'ameli.moncompte.mobi'
# renegociations = {}
# existing_methods.each do |method|
# 	next unless supported_methods.include? method
# 	socket_context = OpenSSL::SSL::SSLContext.new method
# 	socket_context.ciphers = %w(ALL:COMPLEMENTOFALL)
# 	tcp_client = TCPSocket.new hostname, port
# 	ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client, socket_context
# 	ssl_client.hostname = hostname
# 	begin
# 		ssl = ssl_client.connect
# 		p ssl
# 		#data = OpenSSL::ASN1.decode(ssl.session.to_der).value.find { |a| a.tag == 11 }
# 	rescue OpenSSL::SSL::SSLError => e
# 	end
# end
# p "Renegociations", renegociations