ruby-sslyze 0.2.1 → 1.0.0

data/lib/sslyze/xml/invalid_target.rb

@@ -0,0 +1,33 @@
+require 'sslyze/xml/attributes/error'
+
+module SSLyze
+  class XML
+    #
+    # Represents the `<invalidTarget>` XML element.
+    #
+    class InvalidTarget
+
+      include Attributes::Error
+
+      #
+      # Initializes the invalid target.
+      #
+      # @param [Nokogiri::XML::Node] node
+      #   The `<invalid>` XML element.
+      #
+      def initialize(node)
+        @node = node
+      end
+
+      #
+      # The host name of the target.
+      #
+      # @return [String]
+      #
+      def host
+        @host ||= @node.inner_text
+      end
+
+    end
+  end
+end

data/lib/sslyze/xml/openssl_ccs.rb

@@ -0,0 +1,34 @@
+require 'sslyze/xml/plugin'
+
+module SSLyze
+  class XML
+    #
+    # Represents the `<openssl_ccs>` XML element.
+    #
+    # @since 1.0.0
+    #
+    class OpenSSLCCS < Plugin
+
+      #
+      # @return [OpenSSLCCSInjection]
+      #
+      def openssl_ccs_injection
+        @openssl_ccs_injection ||= OpenSSLCCSInjection.new(
+          @node.at_xpath('openSslCcsInjection')
+        )
+      end
+
+      alias injection openssl_ccs_injection
+
+      #
+      # @return [Boolean]
+      #
+      def is_vulnerable?
+        openssl_ccs_injection.is_vulnerable?
+      end
+
+      alias vulnerable? is_vulnerable?
+
+    end
+  end
+end

data/lib/sslyze/xml/openssl_ccs/openssl_ccs_injection.rb

@@ -0,0 +1,26 @@
+require 'sslyze/xml/plugin'
+require 'sslyze/xml/attributes/is_vulnerable'
+
+module SSLyze
+  class XML
+    class OpenSSLCCS < Plugin
+      #
+      # Represents the `<openSslCcsInjection />` XML element.
+      #
+      # @since 1.0.0
+      #
+      class OpenSSLCCSInjection
+
+        include Attributes::IsVulnerable
+
+        #
+        # Initializes the {OpenSSLCCSInjection} object.
+        #
+        def initialize(node)
+          @node = node
+        end
+
+      end
+    end
+  end
+end

data/lib/sslyze/xml/plugin.rb

@@ -0,0 +1,27 @@
+require 'sslyze/xml/attributes/title'
+require 'sslyze/xml/attributes/exception'
+
+module SSLyze
+  class XML
+    #
+    # Common base class for all plugin XML elements.
+    #
+    # @since 1.0.0
+    #
+    class Plugin
+
+      include Attributes::Title
+      include Attributes::Exception
+
+      #
+      # Initializes the plugin.
+      # 
+      # @param [Nokogiri::XML::Element] node
+      #
+      def initialize(node)
+        @node = node
+      end
+
+    end
+  end
+end

data/lib/sslyze/xml/protocol.rb

@@ -0,0 +1,143 @@
+require 'sslyze/xml/plugin'
+require 'sslyze/xml/types'
+require 'sslyze/xml/protocol/cipher_suite'
+
+module SSLyze
+  class XML
+    #
+    # Represents the `<sslv2>`, `<sslv3>`, `<tls1>`, `<tls1_1>`, `<tlsv1_2>`
+    # XML elements.
+    #
+    class Protocol < Plugin
+
+      include Types
+
+      # SSL protocol name.
+      #
+      # @return [Symbol]
+      attr_reader :name
+
+      #
+      # Initializes the protocol.
+      #
+      # @param [Nokogiri::XML::Node] node
+      #   The XML element.
+      #
+      def initialize(node)
+        @node = node
+        @name = @node.name.to_sym
+      end
+
+      #
+      # Determines whether the protocol is supported.
+      #
+      # @return [Boolean]
+      #   Specifies whether any cipher suite was accepted.
+      #
+      # @since 1.0.0
+      #
+      def is_protocol_supported?
+        Boolean[@node['isProtocolSupported']]
+      end
+
+      alias is_supported? is_protocol_supported?
+      alias supported? is_protocol_supported?
+
+      #
+      # Enumerates over every rejected cipher suite.
+      #
+      # @yield [cipher_suite]
+      #
+      # @yieldparam [CipherSuite] cipher_suite
+      #
+      # @return [Enumerator]
+      #
+      def each_rejected_cipher_suite
+        return enum_for(__method__) unless block_given?
+
+        @node.xpath('rejectedCipherSuites/cipherSuite').each do |cipher_suite|
+          yield CipherSuite.new(cipher_suite)
+        end
+      end
+
+      #
+      # The rejected cipher suites.
+      #
+      # @return [Array<CipherSuite>]
+      #
+      def rejected_cipher_suites
+        each_rejected_cipher_suite.to_a
+      end
+
+      #
+      # Enumerates over every accepted cipher suite.
+      #
+      # @yield [cipher_suite]
+      #
+      # @yieldparam [CipherSuite] cipher_suite
+      #
+      # @return [Enumerator]
+      #
+      def each_accepted_cipher_suite
+        return enum_for(__method__) unless block_given?
+
+        @node.xpath('acceptedCipherSuites/cipherSuite').each do |cipher_suite|
+          yield CipherSuite.new(cipher_suite)
+        end
+      end
+
+      #
+      # The accepted cipher suites.
+      #
+      # @return [Array<CipherSuite>]
+      #
+      def accepted_cipher_suites
+        each_accepted_cipher_suite.to_a
+      end
+
+      #
+      # The preferred cipher suite.
+      #
+      # @return [CipherSuite, nil]
+      #
+      # @since 1.0.0
+      #
+      def preferred_cipher_suite
+        @preferred_cipher_suite ||= if (element = @node.at_xpath('preferredCipherSuite/cipherSuite'))
+                                      CipherSuite.new(element)
+                                    end
+      end
+
+      #
+      # Enumerates over every errored cipher suite.
+      #
+      # @yield [cipher_suite]
+      #
+      # @yieldparam [CipherSuite] cipher_suite
+      #
+      # @return [Enumerator]
+      #
+      # @since 1.0.0
+      #
+      def each_error
+        return enum_for(__method__) unless block_given?
+
+        @node.xpath('errors/cipherSuite').each do |cipher_suite|
+          yield CipherSuite.new(cipher_suite)
+        end
+      end
+
+      #
+      # The errored cipher suites.
+      #
+      # @return [Array<CipherSuite>]
+      #
+      # @since 1.0.0
+      #
+      def errors
+        each_error.to_a
+      end
+
+    end
+  end
+end

data/lib/sslyze/xml/protocol/cipher_suite.rb

@@ -0,0 +1,93 @@
+require 'sslyze/xml/plugin'
+require 'sslyze/xml/types'
+require 'sslyze/xml/protocol/cipher_suite/key_exchange'
+require 'sslyze/cipher_suites'
+
+module SSLyze
+  class XML
+    class Protocol < Plugin
+      #
+      # Represents the `<cipherSuite>` XML element.
+      #
+      class CipherSuite
+
+        include Types
+
+        #
+        # Initializes the cipher suite.
+        #
+        # @param [Nokogiri::XML::Node] node
+        #   The `<cipherSuite>` XML element.
+        #
+        def initialize(node)
+          @node = node
+        end
+
+        #
+        # The cipher suite name.
+        #
+        # @return [String]
+        #
+        def name
+          @name ||= @node['name']
+        end
+
+        alias rfc_name name
+
+        #
+        # Maps the RFC cipher name to it's OpenSSL name.
+        #
+        # @return [String, nil]
+        #
+        # @since 1.0.0
+        #
+        def openssl_name
+          CipherSuites::OPENSSL_NAMES[rfc_name]
+        end
+
+        #
+        # The connection status when the cipher suite was used.
+        #
+        # @return [String]
+        #
+        def connection_status
+          @connection_status ||= @node['connectionStatus']
+        end
+
+        #
+        # @return [Boolean]
+        #
+        def anonymous?
+          Boolean[@node['anonymous']]
+        end
+
+        #
+        # The key size required by the cipher suite.
+        #
+        # @return [Integer, nil]
+        #
+        # @since 1.0.0
+        #
+        def key_size
+          @key_size ||= if (value = @node['keySize'])
+                          value.to_i
+                        end
+        end
+
+        #
+        # Key exchange information.
+        #
+        # @return [KeyExchange, nil]
+        #
+        def key_exchange
+          @key_exchange ||= if (element = @node.at_xpath('keyExchange'))
+                              KeyExchange.new(element)
+                            end
+        end
+
+        alias to_s name
+
+      end
+    end
+  end
+end

data/lib/sslyze/xml/protocol/cipher_suite/key_exchange.rb

@@ -0,0 +1,127 @@
+require 'sslyze/xml/plugin'
+
+module SSLyze
+  class XML
+    class Protocol < Plugin
+      class CipherSuite
+        #
+        # Key exchange information.
+        #
+        class KeyExchange
+
+          #
+          # Initializes the key exchange information.
+          #
+          # @param [Nokogiri::XML::Node] node
+          #   The `<keyExchange>` information.
+          #
+          def initialize(node)
+            @node = node
+          end
+
+          #
+          # @return [String, nil]
+          #
+          def a
+            @a ||= @node['A']
+          end
+
+          #
+          # @return [String, nil]
+          #
+          def b
+            @b ||= @node['B']
+          end
+
+          #
+          # @return [Integer, nil]
+          #
+          def cofactor
+            @cofactor ||= if (value = @node['Cofactor'])
+                            value.to_i
+                          end
+          end
+
+          #
+          # @return [String, nil]
+          #
+          def field_type
+            @field_type ||= @node['Field_Type']
+          end
+
+          #
+          # @return [String]
+          #
+          def generator
+            @generator ||= @node['Generator']
+          end
+
+          #
+          # @return [Symbol, nil]
+          #
+          def generator_type
+            @generator_type ||= if (value = @node['GeneratorType'])
+                                  value.to_sym
+                                end
+          end
+
+          #
+          # @return [Integer]
+          #
+          def group_size
+            @group_size ||= @node['GroupSize'].to_i
+          end
+
+          #
+          # @return [String, nil]
+          #
+          # @since 1.0.0
+          #
+          def order
+            @order ||= @node['Order']
+          end
+
+          #
+          # @return [String, nil]
+          #
+          def prime
+            @prime ||= @node['Prime']
+          end
+
+          #
+          # @return [String, nil]
+          #
+          def seed
+            @seed ||= @node['Seed']
+          end
+
+          #
+          # @return [Symbol]
+          #
+          def type
+            @type ||= @node['Type'].to_sym
+          end
+
+          #
+          # Determines if DH key exchange was used.
+          #
+          # @return [Boolean]
+          #
+          def dh?
+            type == :DH
+          end
+
+          #
+          # Determines if ECDHE key exchange was used.
+          #
+          # @return [Boolean]
+          #
+          def ecdhe?
+            type == :ECDHE
+          end
+
+        end
+      end
+    end
+  end
+end