ruby-sslyze 0.1.0

data/spec/sslyze_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+require 'sslyze'
+
+describe SSLyze do
+  it "should have a VERSION constant" do
+    expect(subject.const_get('VERSION')).to_not be_empty
+  end
+end

data/spec/subject_public_key_info_spec.rb

@@ -0,0 +1,35 @@
+require 'spec_helper'
+require 'xml_examples'
+require 'sslyze/certificate'
+
+describe SSLyze::Certificate::SubjectPublicKeyInfo do
+  include_examples "XML specs"
+
+  subject { described_class.new(xml.at('/document/results/target/certinfo/certificateChain/certificate/subjectPublicKeyInfo')) }
+
+  describe "#public_key" do
+    it "should return a PublicKey object" do
+      expect(subject.public_key).to be_a(Certificate::PublicKey)
+    end
+
+    it "should parse the publicKey/modulus element" do
+      expect(subject.public_key.modulus).to be == %{00:b1:d4:dc:3c:af:fd:f3:4e:ed:c1:67:ad:e6:cb:22:e8:b7:e2:ab:28:f2:f7:dc:62:70:08:d1:0c:af:d6:16:6a:21:b0:36:4b:17:0d:36:63:04:ae:bf:ea:20:51:95:65:66:f2:bf:b9:4d:a4:0c:29:eb:f5:15:b1:e8:35:b3:70:10:94:d5:1b:59:b4:26:0f:d6:83:57:59:9d:e1:7c:09:dd:e0:13:ca:4d:6f:43:9b:cd:cf:87:3a:15:a7:85:dd:66:83:ed:93:0c:fe:2b:6d:38:1c:79:88:90:cf:ad:58:18:2d:51:d1:c2:a3:f2:47:8c:6f:38:09:b9:b8:ef:4c:93:0b:cb:83:94:87:ea:e0:a3:b5:d9:7b:9b:6b:0f:43:f9:ca:ee:80:0d:28:a7:76:f1:25:f4:c1:35:3c:f6:74:ad:de:6a:33:82:7b:dc:fd:4b:76:a7:c2:ee:f2:6a:bf:a9:24:a6:5f:e7:2e:7c:0e:db:c3:74:73:fa:7e:c6:d8:cf:60:eb:36:56:21:b6:c1:8a:b8:24:82:4d:78:24:ba:e9:1d:a1:8a:a7:87:be:66:25:69:bf:be:3b:72:6e:4f:e0:e4:85:25:08:b1:91:89:b8:d6:74:65:76:9b:2c:4f:62:1f:a1:fa:3a:be:9c:24:bf:9f:ca:b0:c5:c0:67:8d}
+    end
+
+    it "should parse the publicKey/exponent element" do
+      expect(subject.public_key.exponent).to be == 65537
+    end
+  end
+
+  describe "#public_key_algorithm" do
+    it "should parse the publicKeyAlgorithm element" do
+      expect(subject.public_key_algorithm).to be == 'rsaEncryption'
+    end
+  end
+
+  describe "#public_key_size" do
+    it "should parse the publicKeySize element" do
+      expect(subject.public_key_size).to be == 2048
+    end
+  end
+end

data/spec/subject_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'xml_examples'
+require 'sslyze/certificate'
+
+describe SSLyze::Certificate::Subject do
+  include_examples "XML specs"
+
+  subject { described_class.new(xml.at('/document/results/target/certinfo/certificateChain/certificate/subject')) }
+
+  describe "#organizational_unit_name" do
+    pending "need data"
+  end
+
+  describe "#organization_name" do
+    it "should parse the organizationName element" do
+      expect(subject.organization_name).to be == 'GitHub, Inc.'
+    end
+  end
+
+  describe "#business_category" do
+    it "should parse the businessCategory element" do
+      expect(subject.business_category).to be == 'Private Organization'
+    end
+  end
+
+  describe "#serial_number" do
+    it "should parse the serialNumber element" do
+      expect(subject.serial_number).to be == 5157550
+    end
+  end
+
+  describe "#common_name" do
+    it "should parse the commonName element" do
+      expect(subject.common_name.name).to be == 'github.com'
+    end
+  end
+
+  describe "#state_or_province_name" do
+    it "should parse the stateOrProvinceName element" do
+      expect(subject.state_or_province_name).to be == 'California'
+    end
+  end
+
+  describe "#country_name" do
+    it "should parse the countryName element" do
+      expect(subject.country_name).to be == 'US'
+    end
+  end
+
+  describe "#street_address" do
+    it "should parse the streetAddress element" do
+      expect(subject.street_address).to be == '548 4th Street'
+    end
+  end
+
+  describe "#locality_name" do
+    it "should parse the localityName element" do
+      expect(subject.locality_name).to be == 'San Francisco'
+    end
+  end
+
+  describe "#postal_code" do
+    it "should parse the postalCode element" do
+      expect(subject.postal_code).to be == '94107'
+    end
+  end
+end

data/spec/target_spec.rb

@@ -0,0 +1,176 @@
+require 'spec_helper'
+require 'xml_examples'
+require 'sslyze/target'
+
+describe SSLyze::Target do
+  include_examples "XML specs"
+
+  subject { described_class.new(xml.at('/document/results/target')) }
+
+  describe "#host" do
+    it "must parse the host attribute" do
+      expect(subject.host).to be == 'github.com'
+    end
+  end
+
+  describe "#ip" do
+    it "must parse the ip attribute" do
+      expect(subject.ip).to be == '192.30.252.130'
+    end
+  end
+
+  describe "#port" do
+    it "must parse the port attribute" do
+      expect(subject.port).to be == 443
+    end
+  end
+
+  describe "#cert_info" do
+    it "must return a CertInfo object" do
+      expect(subject.cert_info).to be_kind_of(CertInfo)
+    end
+  end
+
+  describe "#compression" do
+    it "must parse the compressionMethod elements into a Hash" do
+      expect(subject.compression).to be == {deflate: false}
+    end
+  end
+
+  describe "#heartbleed?" do
+    it "must query isVulnerable attribute within heartbleed" do
+      expect(subject.heartbleed?).to be == false
+    end
+  end
+
+  describe "#session_renegotiation" do
+    it "should return a SessionRenegotiation object" do
+      expect(subject.session_renegotiation).to be_kind_of(described_class::SessionRenegotiation)
+    end
+
+    it "should parse the canBeClientInitiated attribute" do
+      expect(subject.session_renegotiation.client_initiated).to be(false)
+    end
+
+    it "should parse the isSecure attribute" do
+      expect(subject.session_renegotiation.secure).to be(true)
+    end
+  end
+
+  describe "#sslv2" do
+    it "must return a Protocol object" do
+      expect(subject.sslv2).to be_kind_of(Protocol)
+    end
+  end
+
+  describe "#sslv3" do
+    it "must return a Protocol object" do
+      expect(subject.sslv3).to be_kind_of(Protocol)
+    end
+  end
+
+  describe "#tlsv1" do
+    it "must return a Protocol object" do
+      expect(subject.tlsv1).to be_kind_of(Protocol)
+    end
+  end
+
+  describe "#tlsv1_1" do
+    it "must return a Protocol object" do
+      expect(subject.tlsv1_1).to be_kind_of(Protocol)
+    end
+  end
+
+  describe "#tlsv1_2" do
+    it "must return a Protocol object" do
+      expect(subject.tlsv1_2).to be_kind_of(Protocol)
+    end
+  end
+
+  describe "#each_ssl_protocol" do
+    context "when a block is given" do
+      it "should yield sslv2 and sslv3" do
+        expect { |b|
+          subject.each_ssl_protocol(&b)
+        }.to yield_successive_args(subject.sslv2, subject.sslv3)
+      end
+    end
+
+    context "when no block is given" do
+      it "should return an Enumerator" do
+        expect(subject.each_ssl_protocol).to be_kind_of(Enumerator)
+      end
+    end
+  end
+
+  describe "#ssl_protocols" do
+    it "should return sslv2 and sslv3" do
+      expect(subject.ssl_protocols).to be == [subject.sslv2, subject.sslv3]
+    end
+  end
+
+  describe "#each_tls_protocol" do
+    context "when a block is given" do
+      it "should yield tlsv1, tlsv1_1 and tlsv1_2" do
+        expect { |b|
+          subject.each_tls_protocol(&b)
+        }.to yield_successive_args(
+          subject.tlsv1,
+          subject.tlsv1_1,
+          subject.tlsv1_2
+        )
+      end
+    end
+
+    context "when no block is given" do
+      it "should return an Enumerator" do
+        expect(subject.each_tls_protocol).to be_kind_of(Enumerator)
+      end
+    end
+  end
+
+  describe "#tls_protocols" do
+    it "should return tlsv1, tlsv1_1 and tlsv1_2" do
+      expect(subject.tls_protocols).to be == [
+        subject.tlsv1,
+        subject.tlsv1_1,
+        subject.tlsv1_2
+      ]
+    end
+  end
+
+  describe "#each_protocol" do
+    context "when a block is given" do
+      it "should yield sslv2, sslv3, tlsv1, tlsv1_1 and tlsv1_2" do
+        expect { |b|
+          subject.each_protocol(&b)
+        }.to yield_successive_args(
+          subject.sslv2,
+          subject.sslv3,
+          subject.tlsv1,
+          subject.tlsv1_1,
+          subject.tlsv1_2
+        )
+      end
+    end
+
+    context "when no block is given" do
+      it "should return an Enumerator" do
+        expect(subject.each_protocol).to be_kind_of(Enumerator)
+      end
+    end
+  end
+
+  describe "#protocols" do
+    it "should return sslv2, sslv3, tlsv1, tlsv1_1 and tlsv1_2" do
+      expect(subject.protocols).to be == [
+        subject.sslv2,
+        subject.sslv3,
+        subject.tlsv1,
+        subject.tlsv1_1,
+        subject.tlsv1_2
+      ]
+    end
+  end
+
+end

data/spec/xml_examples.rb

@@ -0,0 +1,9 @@
+require 'rspec'
+require 'sslyze/xml'
+
+shared_examples_for "XML specs" do
+  let(:path) { File.expand_path('spec/sslyze.xml') }
+  let(:xml)  { Nokogiri::XML(open(path)) }
+
+  subject { SSLyze::XML.new(xml) }
+end

data/spec/xml_spec.rb

@@ -0,0 +1,72 @@
+require 'spec_helper'
+require 'xml_examples'
+require 'sslyze/xml'
+
+describe SSLyze::XML do
+  include_examples "XML specs"
+
+  describe ".parse" do
+    it "should parse the contents of the file" do
+    end
+  end
+
+  describe ".open" do
+    it "should open the XML file" do
+    end
+  end
+
+  describe "#version" do
+    it "must parse the SSLyzeVersion attribute" do
+      expect(subject.version).to be == "0.12.0"
+    end
+  end
+
+  describe "#default_timeout" do
+    it "must parse the defaultTimeout attribute" do
+      expect(subject.default_timeout).to be == 5
+    end
+  end
+
+  describe "#https_tunnel" do
+    it "must parse the httpsTunnel attribute" do
+      expect(subject.https_tunnel).to be nil
+    end
+  end
+
+  describe "#start_tls" do
+    it "must parse the startTLS attribute" do
+      expect(subject.start_tls).to be nil
+    end
+  end
+
+  describe "#total_scan_time" do
+    it "must parse the totalScanTime attribute" do
+      expect(subject.total_scan_time).to be_kind_of(Float)
+      expect(subject.total_scan_time).to be > 0.0
+    end
+  end
+
+  describe "#invalid_targets" do
+    pending "need data"
+  end
+
+  describe "#each_target" do
+    it "should iterate over each target element under results" do
+      expect { |b|
+        subject.each_target(&b)
+      }.to yield_successive_args(Target, Target, Target)
+    end
+  end
+
+  describe "#targets" do
+    it "should return an Array of Targets" do
+      expect(subject.targets).to be_an(Array).and(all(be_a(Target)))
+    end
+  end
+
+  describe "#target" do
+    it "should return the first target" do
+      expect(subject.target.host).to be == subject.targets.first.host
+    end
+  end
+end

metadata

@@ -0,0 +1,162 @@
+--- !ruby/object:Gem::Specification
+name: ruby-sslyze
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Hal Brodigan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-10-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rprogram
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: A ruby interface to the sslyze python utility
+email: hal@trailofbits.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".document"
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- ".yardopts"
+- ChangeLog.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/sslyze.rb
+- lib/sslyze/cert_info.rb
+- lib/sslyze/certificate.rb
+- lib/sslyze/certificate/domain_name.rb
+- lib/sslyze/certificate/extensions.rb
+- lib/sslyze/certificate/extensions/authority_information_access.rb
+- lib/sslyze/certificate/extensions/extension.rb
+- lib/sslyze/certificate/extensions/x509v3_basic_constraints.rb
+- lib/sslyze/certificate/extensions/x509v3_certificate_policies.rb
+- lib/sslyze/certificate/extensions/x509v3_crl_distribution_points.rb
+- lib/sslyze/certificate/extensions/x509v3_extended_key_usage.rb
+- lib/sslyze/certificate/extensions/x509v3_key_usage.rb
+- lib/sslyze/certificate/extensions/x509v3_subject_alternative_name.rb
+- lib/sslyze/certificate/issuer.rb
+- lib/sslyze/certificate/public_key.rb
+- lib/sslyze/certificate/subject.rb
+- lib/sslyze/certificate/subject_public_key_info.rb
+- lib/sslyze/certificate/validity.rb
+- lib/sslyze/certificate_chain.rb
+- lib/sslyze/certificate_validation.rb
+- lib/sslyze/cipher_suite.rb
+- lib/sslyze/key_exchange.rb
+- lib/sslyze/ocsp_response.rb
+- lib/sslyze/program.rb
+- lib/sslyze/protocol.rb
+- lib/sslyze/target.rb
+- lib/sslyze/task.rb
+- lib/sslyze/types.rb
+- lib/sslyze/version.rb
+- lib/sslyze/xml.rb
+- ruby-sslyze.gemspec
+- spec/cert_info_spec.rb
+- spec/certificate/subject_name_spec.rb
+- spec/certificate_chain_spec.rb
+- spec/certificate_spec.rb
+- spec/certificate_validation_spec.rb
+- spec/cipher_suite_spec.rb
+- spec/issuer_spec.rb
+- spec/key_exchange_spec.rb
+- spec/ocsp_response_spec.rb
+- spec/protocol_spec.rb
+- spec/spec_helper.rb
+- spec/sslyze.xml
+- spec/sslyze_spec.rb
+- spec/subject_public_key_info_spec.rb
+- spec/subject_spec.rb
+- spec/target_spec.rb
+- spec/xml_examples.rb
+- spec/xml_spec.rb
+homepage: https://github.com/trailofbits/ruby-sslyze#readme
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Ruby interface to sslyze
+test_files:
+- spec/cert_info_spec.rb
+- spec/certificate/subject_name_spec.rb
+- spec/certificate_chain_spec.rb
+- spec/certificate_spec.rb
+- spec/certificate_validation_spec.rb
+- spec/cipher_suite_spec.rb
+- spec/issuer_spec.rb
+- spec/key_exchange_spec.rb
+- spec/ocsp_response_spec.rb
+- spec/protocol_spec.rb
+- spec/spec_helper.rb
+- spec/sslyze.xml
+- spec/sslyze_spec.rb
+- spec/subject_public_key_info_spec.rb
+- spec/subject_spec.rb
+- spec/target_spec.rb
+- spec/xml_examples.rb
+- spec/xml_spec.rb