ruby-sslyze 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d7ea99501fa0ae17845721682e514eba2e8215b8
4
- data.tar.gz: 7a644cac1658032cfb7db09aeeb6b1afe4b3dc70
3
+ metadata.gz: 25b21046df9d3e4510c71640035f1767dbe0c3f9
4
+ data.tar.gz: dc0dbc7fcb2630e9bb5e6c197fea5fb01c5a5c7e
5
5
  SHA512:
6
- metadata.gz: f2b5ee21ec3a517cf2ec415562a4f599973da3aa45b4575d4060cd876e9777a0f3ed8acec69ecc5c36e2535d1a0624d908294de61041415d2bf5f67d41b3a362
7
- data.tar.gz: 8e4d491aad4d6468b46c99c1e662201d1d9796d5febd4691f4cc253792de035e02ce986b5db616693a67b605c336428878a7f9c29d69f00ca80c07946bf652eb
6
+ metadata.gz: dfb62b940c461f7aec7174312d2ca590f85333fb946648929d1a5d15c925cb9ac89aae273a3f7b84d6f18b8e04fb09076aa3919e50060d8f1a01d742cb41341a
7
+ data.tar.gz: 28240232b1e5051e050b7e1945b4753d13ea1425de6f875eff3591daade88b0d0136f377cd6ff058ca81a1ef4caf830d384ca27ed7af56e8c386411828ac44ae
@@ -2,7 +2,7 @@ language: ruby
2
2
  sudo: false
3
3
  before_install:
4
4
  - pip install --upgrade --user pip setuptools
5
- - pip install --user sslyze
5
+ - pip install --upgrade --user nassl sslyze
6
6
 
7
7
  rvm:
8
8
  - 2.3
@@ -1,3 +1,12 @@
1
+ ### 1.1.0 / 2018-03-12
2
+
3
+ * Require [sslyze] >= 1.4.0
4
+ * Added {SSLyze::XML::InvalidTarget#target}.
5
+ * Added {SSLyze::XML::InvalidTarget#port}.
6
+ * Added the `--update_trust_stores` option.
7
+ * Added the `--robot` option.
8
+ * Replaced the `--timeout` and `--nb_retries` options with `--slow_connection`.
9
+
1
10
  ### 1.0.0 / 2018-03-06
2
11
 
3
12
  * Require [sslyze] >= 1.3.4.
data/README.md CHANGED
@@ -16,7 +16,7 @@ A Ruby interface to [sslyze] python utility.
16
16
 
17
17
  * Provides a Ruby interface to `sslyze.py`.
18
18
  * Provides a Parser for consuming the sslyze XML output.
19
- * Supports [sslyze] >= 1.3.4.
19
+ * Supports [sslyze] >= 1.4.0
20
20
 
21
21
  ## Examples
22
22
 
@@ -24,14 +24,13 @@ Analyze a domain:
24
24
 
25
25
  require 'sslyze'
26
26
 
27
- SSLyze::Program.analyze(targets: 'twitter.com', regular: true, timeout: 5)
27
+ SSLyze::Program.analyze(targets: 'twitter.com', regular: true)
28
28
 
29
29
  Analyze multiple domains:
30
30
 
31
31
  SSLyze::Program.analyze(
32
32
  targets: ['twitter.com', 'github.com'],
33
- regular: true,
34
- timeout: 5
33
+ regular: true
35
34
  )
36
35
 
37
36
  Output to XML:
@@ -39,7 +38,6 @@ Output to XML:
39
38
  SSLyze::Program.analyze(
40
39
  targets: 'twitter.com',
41
40
  regular: true,
42
- timeout: 5,
43
41
  xml_out: 'path/to/xml'
44
42
  )
45
43
 
@@ -51,7 +49,7 @@ Parsing sslyze XML output:
51
49
 
52
50
  * [rprogram] ~> 0.3
53
51
  * [nokogiri] ~> 1.8
54
- * [sslyze] >= 1.3.4
52
+ * [sslyze] >= 1.4.0
55
53
 
56
54
  ## Install
57
55
 
data/Rakefile CHANGED
@@ -19,5 +19,5 @@ YARD::Rake::YardocTask.new
19
19
  task :doc => :yard
20
20
 
21
21
  file 'spec/sslyze.xml' do
22
- sh 'sslyze --xml_out spec/sslyze.xml --regular --resum_rate --http_headers --timeout 5 twitter.com github.com:443 www.yahoo.com:443 foo bar'
22
+ sh 'sslyze --xml_out spec/sslyze.xml --regular --resum_rate --http_headers twitter.com github.com:443 www.yahoo.com:443 foo bar'
23
23
  end
@@ -11,6 +11,9 @@ module SSLyze
11
11
  long_option flag: '--help'
12
12
  long_option flag: '--regular'
13
13
 
14
+ # Trust stores options:
15
+ long_option flag: '--update_trust_stores'
16
+
14
17
  # Client certificate support:
15
18
  long_option flag: '--cert', equals: true
16
19
  long_option flag: '--key', equals: true
@@ -24,38 +27,25 @@ module SSLyze
24
27
  long_option flag: '--quiet'
25
28
 
26
29
  # Connectivity options:
27
- long_option flag: '--timeout', equals: true
28
- long_option flag: '--nb_retries', equals: true
30
+ long_option flag: '--slow_connection'
29
31
  long_option flag: '--https_tunnel', equals: true
30
32
  long_option flag: '--starttls', equals: true
31
33
  long_option flag: '--xmpp_to', equals: true
32
34
  long_option flag: '--sni', equals: true
33
35
 
36
+ # SessionResumptionPlugin:
37
+ long_option flag: '--resum'
38
+ long_option flag: '--resum_rate'
39
+
34
40
  # HeartbleedPlugin:
35
41
  long_option flag: '--heartbleed'
36
42
 
37
- # OpenSslCcsInjectionPlugin:
38
- long_option flag: '--openssl_ccs'
39
-
40
- # FallbackScsvPlugin:
41
- long_option flag: '--fallback'
42
-
43
- # SessionRenegotiationPlugin:
44
- long_option flag: '--reneg'
45
-
46
43
  # CertificateInfoPlugin:
47
44
  long_option flag: '--certinfo'
48
45
  long_option flag: '--ca_file', equals: true
49
46
 
50
- # HttpHeadersPlugin:
51
- long_option flag: '--http_headers'
52
-
53
- # SessionResumptionPlugin:
54
- long_option flag: '--resum'
55
- long_option flag: '--resum_rate'
56
-
57
- # CompressionPlugin:
58
- long_option flag: '--compression'
47
+ # SessionRenegotiationPlugin:
48
+ long_option flag: '--reneg'
59
49
 
60
50
  # OpenSslCipherSuitesPlugin:
61
51
  long_option flag: '--sslv2'
@@ -66,6 +56,21 @@ module SSLyze
66
56
  long_option flag: '--http_get'
67
57
  long_option flag: '--hide_rejected_ciphers'
68
58
 
59
+ # HttpHeadersPlugin:
60
+ long_option flag: '--http_headers'
61
+
62
+ # CompressionPlugin:
63
+ long_option flag: '--compression'
64
+
65
+ # RobotPlugin:
66
+ long_option flag: '--robot'
67
+
68
+ # FallbackScsvPlugin:
69
+ long_option flag: '--fallback'
70
+
71
+ # OpenSslCcsInjectionPlugin:
72
+ long_option flag: '--openssl_ccs'
73
+
69
74
  non_option name: :targets, tailing: true
70
75
 
71
76
  end
@@ -1,4 +1,4 @@
1
1
  module SSLyze
2
2
  # ruby-sslyze version
3
- VERSION = '1.0.0'
3
+ VERSION = '1.1.0'
4
4
  end
@@ -67,7 +67,9 @@ module SSLyze
67
67
  # @since 1.0.0
68
68
  #
69
69
  def network_timeout
70
- @default_time ||= @doc.at_xpath('/document/results/@networkTimeout').value.to_i
70
+ @default_time ||= if (attr = @doc.at_xpath('/document/results/@networkTimeout'))
71
+ attr.value.to_i
72
+ end
71
73
  end
72
74
 
73
75
  #
@@ -20,14 +20,37 @@ module SSLyze
20
20
  end
21
21
 
22
22
  #
23
- # The host name of the target.
23
+ # The target name.
24
+ #
25
+ # @return [String]
26
+ #
27
+ # @since 1.1.0
28
+ #
29
+ def target
30
+ @target ||= @node.inner_text
31
+ end
32
+
33
+ #
34
+ # The host component of the target.
24
35
  #
25
36
  # @return [String]
26
37
  #
27
38
  def host
28
- @host ||= @node.inner_text
39
+ @host ||= target.split(':',2).first
29
40
  end
30
41
 
42
+ #
43
+ # The port component of the target.
44
+ #
45
+ # @return [Integer]
46
+ #
47
+ # @since 1.1.0
48
+ #
49
+ def port
50
+ @port ||= target.split(':',2).last.to_i
51
+ end
52
+
53
+
31
54
  end
32
55
  end
33
56
  end
@@ -17,7 +17,7 @@ Gem::Specification.new do |gem|
17
17
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
18
18
  gem.require_paths = ['lib']
19
19
 
20
- gem.requirements << 'sslyze >= 1.3.4'
20
+ gem.requirements << 'sslyze >= 1.4.0'
21
21
 
22
22
  gem.add_dependency 'rprogram', '~> 0.3'
23
23
  gem.add_dependency 'nokogiri', '~> 1.8'
@@ -1,7 +1,7 @@
1
1
  <?xml version="1.0" encoding="utf-8"?>
2
- <document SSLyzeVersion="1.3.4" SSLyzeWeb="https://github.com/nabla-c0d3/sslyze" title="SSLyze Scan Results">
3
- <results networkMaxRetries="3" networkTimeout="5" totalScanTime="7.40024709702">
4
- <target host="github.com" ip="192.30.255.113" port="443" tlsWrappedProtocol="https">
2
+ <document SSLyzeVersion="1.4.0" SSLyzeWeb="https://github.com/nabla-c0d3/sslyze" title="SSLyze Scan Results">
3
+ <results totalScanTime="8.4713280201">
4
+ <target host="github.com" ip="192.30.255.112" port="443" tlsWrappedProtocol="https">
5
5
  <certinfo title="Certificate Information">
6
6
  <receivedCertificateChain containsAnchorCertificate="False" hasMustStapleExtension="False" includedSctsCount="3" isChainOrderValid="True" suppliedServerNameIndication="github.com">
7
7
  <certificate hpkpSha256Pin="pL1+qb9HTMRZJmuC/bB/ZI9d302BYrrqiVuRyW+DGrU=" sha1Fingerprint="d79f076110b39293e349ac89845b0380c19e2f8b">
@@ -101,11 +101,11 @@ oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn
101
101
  </receivedCertificateChain>
102
102
  <certificateValidation>
103
103
  <hostnameValidation certificateMatchesServerHostname="True" serverHostname="github.com"/>
104
- <pathValidation trustStoreVersion="8.1.0_r7" usingTrustStore="Android" validationResult="ok"/>
104
+ <pathValidation trustStoreVersion="8.1.0_r9" usingTrustStore="Android" validationResult="ok"/>
105
105
  <pathValidation trustStoreVersion="11" usingTrustStore="iOS" validationResult="ok"/>
106
106
  <pathValidation trustStoreVersion="High Sierra" usingTrustStore="macOS" validationResult="ok"/>
107
107
  <pathValidation isExtendedValidationCertificate="True" trustStoreVersion="2018-01-14" usingTrustStore="Mozilla" validationResult="ok"/>
108
- <pathValidation trustStoreVersion="2017-12-28" usingTrustStore="Windows" validationResult="ok"/>
108
+ <pathValidation trustStoreVersion="2018-02-09" usingTrustStore="Windows" validationResult="ok"/>
109
109
  <verifiedCertificateChain hasMustStapleExtension="False" hasSha1SignedCertificate="False" includedSctsCount="3" successfulTrustStore="Windows" suppliedServerNameIndication="github.com">
110
110
  <certificate hpkpSha256Pin="pL1+qb9HTMRZJmuC/bB/ZI9d302BYrrqiVuRyW+DGrU=" sha1Fingerprint="d79f076110b39293e349ac89845b0380c19e2f8b">
111
111
  <asPEM>-----BEGIN CERTIFICATE-----
@@ -673,10 +673,10 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
673
673
  </cipherSuite>
674
674
  </preferredCipherSuite>
675
675
  <acceptedCipherSuites>
676
- <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_RSA_WITH_AES_256_CBC_SHA256"/>
677
676
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA">
678
677
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
679
678
  </cipherSuite>
679
+ <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_RSA_WITH_AES_256_CBC_SHA256"/>
680
680
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384">
681
681
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
682
682
  </cipherSuite>
@@ -692,8 +692,8 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
692
692
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
693
693
  </cipherSuite>
694
694
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_CBC_SHA"/>
695
- <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_GCM_SHA256"/>
696
695
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_CBC_SHA256"/>
696
+ <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_GCM_SHA256"/>
697
697
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256">
698
698
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
699
699
  </cipherSuite>
@@ -800,7 +800,7 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
800
800
  <errors/>
801
801
  </tlsv1_3>
802
802
  </target>
803
- <target host="www.yahoo.com" ip="206.190.39.42" port="443" tlsWrappedProtocol="https">
803
+ <target host="www.yahoo.com" ip="206.190.39.43" port="443" tlsWrappedProtocol="https">
804
804
  <certinfo title="Certificate Information">
805
805
  <receivedCertificateChain containsAnchorCertificate="False" hasMustStapleExtension="False" includedSctsCount="2" isChainOrderValid="True" suppliedServerNameIndication="www.yahoo.com">
806
806
  <certificate hpkpSha256Pin="Zp964pqQpx94buKz5C8LxtmtQQWq2ZcWnLzrmt187go=" sha1Fingerprint="ae699d5ebddce6ed574111262f19bb18efbe73b0">
@@ -951,11 +951,11 @@ cPUeybQ=
951
951
  </receivedCertificateChain>
952
952
  <certificateValidation>
953
953
  <hostnameValidation certificateMatchesServerHostname="True" serverHostname="www.yahoo.com"/>
954
- <pathValidation trustStoreVersion="8.1.0_r7" usingTrustStore="Android" validationResult="ok"/>
954
+ <pathValidation trustStoreVersion="8.1.0_r9" usingTrustStore="Android" validationResult="ok"/>
955
955
  <pathValidation trustStoreVersion="11" usingTrustStore="iOS" validationResult="ok"/>
956
956
  <pathValidation trustStoreVersion="High Sierra" usingTrustStore="macOS" validationResult="ok"/>
957
957
  <pathValidation trustStoreVersion="2018-01-14" usingTrustStore="Mozilla" validationResult="ok"/>
958
- <pathValidation trustStoreVersion="2017-12-28" usingTrustStore="Windows" validationResult="ok"/>
958
+ <pathValidation trustStoreVersion="2018-02-09" usingTrustStore="Windows" validationResult="ok"/>
959
959
  <verifiedCertificateChain hasMustStapleExtension="False" hasSha1SignedCertificate="False" includedSctsCount="2" successfulTrustStore="Windows" suppliedServerNameIndication="www.yahoo.com">
960
960
  <certificate hpkpSha256Pin="Zp964pqQpx94buKz5C8LxtmtQQWq2ZcWnLzrmt187go=" sha1Fingerprint="ae699d5ebddce6ed574111262f19bb18efbe73b0">
961
961
  <asPEM>-----BEGIN CERTIFICATE-----
@@ -1140,7 +1140,7 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
1140
1140
  <ocspStapling isSupported="True">
1141
1141
  <ocspResponse isTrustedByMozillaCAStore="True" status="SUCCESSFUL">
1142
1142
  <responderID>5168FF90AF0207753CCCD9656462A212B859723B</responderID>
1143
- <producedAt>Feb 28 19:34:58 2018 GMT</producedAt>
1143
+ <producedAt>Mar 12 12:34:51 2018 GMT</producedAt>
1144
1144
  </ocspResponse>
1145
1145
  </ocspStapling>
1146
1146
  </certinfo>
@@ -1184,7 +1184,7 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
1184
1184
  <sessionResumptionWithTLSTickets isSupported="True"/>
1185
1185
  </resum>
1186
1186
  <resum_rate title="Resumption Rate">
1187
- <sessionResumptionWithSessionIDs errors="0" failedAttempts="97" isSupported="False" successfulAttempts="3" totalAttempts="100"/>
1187
+ <sessionResumptionWithSessionIDs errors="0" failedAttempts="100" isSupported="False" successfulAttempts="0" totalAttempts="100"/>
1188
1188
  </resum_rate>
1189
1189
  <robot title="ROBOT Attack">
1190
1190
  <robotAttack resultEnum="NOT_VULNERABLE_NO_ORACLE"/>
@@ -1745,59 +1745,55 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
1745
1745
  <errors/>
1746
1746
  </tlsv1_3>
1747
1747
  </target>
1748
- <target host="twitter.com" ip="104.244.42.129" port="443" tlsWrappedProtocol="https">
1748
+ <target host="twitter.com" ip="104.244.42.193" port="443" tlsWrappedProtocol="https">
1749
1749
  <certinfo title="Certificate Information">
1750
- <receivedCertificateChain containsAnchorCertificate="False" hasMustStapleExtension="False" includedSctsCount="3" isChainOrderValid="True" suppliedServerNameIndication="twitter.com">
1751
- <certificate hpkpSha256Pin="PS12nvydU5dSxolqCn3V11wWF5Z12JRhXT2dhyawT4M=" sha1Fingerprint="235a79b3270d790505e0bea2cf5c149f9038821b">
1750
+ <receivedCertificateChain containsAnchorCertificate="False" hasMustStapleExtension="False" includedSctsCount="2" isChainOrderValid="True" suppliedServerNameIndication="twitter.com">
1751
+ <certificate hpkpSha256Pin="TfHW/l4khWKX6OE4Jra+u3onnsH4IfzWgHPJGE88rEo=" sha1Fingerprint="265c85f65b044dc830645c6fb9cfa7d28f28bc1b">
1752
1752
  <asPEM>-----BEGIN CERTIFICATE-----
1753
- MIIHnTCCBoWgAwIBAgIQB3a13cqDpLnKWY9ddx+eRjANBgkqhkiG9w0BAQsFADB1
1753
+ MIIG6DCCBdCgAwIBAgIQDmdXKeZyRvcaXeXGF6L5UTANBgkqhkiG9w0BAQsFADB1
1754
1754
  MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
1755
1755
  d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
1756
- IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE2MDMwOTAwMDAwMFoXDTE4MDMxNDEy
1757
- MDAwMFowggEhMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGCysG
1758
- AQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhEZWxhd2FyZTEQMA4GA1UE
1759
- BRMHNDMzNzQ0NjESMBAGA1UECRMJU3VpdGUgOTAwMRcwFQYDVQQJEw4xMzU1IE1h
1760
- cmtldCBTdDEOMAwGA1UEERMFOTQxMDMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD
1761
- YWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0
1762
- dGVyLCBJbmMuMRkwFwYDVQQLExBUd2l0dGVyIFNlY3VyaXR5MRQwEgYDVQQDEwt0
1763
- d2l0dGVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIImPpn
1764
- AAVVtgthDhrXtYrBzAO+PBf7lPfZ+kyfRmCcaq19OuU0WhKwsguq7JbhWIEvrWCr
1765
- R5Np44R1U8H5D7lGq57qqxiYjGhUCFFlQxphlydcXg8V6c0Wq91RW3Yv/NMRmZ3S
1766
- pj2HAnXmJJbiBD4UnPp+uHFCNwC1sIriM5WL2j/7Y003YtUcAuowftwNU9XUC7ij
1767
- EBNtH4mUC2qURGcpgq3m1bBS/JVXBtbRImaE05IqAseUVt9VP8IT8nwWeDOhU/d3
1768
- l1y3lgXVRPS/74MiXXrmj+Ss3zSetg8KU/Aa23E3aZL2FKkcdWVyRSQJOyxq17lp
1769
- pdzfbZxr/MaiWzECAwEAAaOCA3kwggN1MB8GA1UdIwQYMBaAFD3TUKXWoK3u80pg
1770
- CmXTIdT4+NYPMB0GA1UdDgQWBBSfYnuyiA7uG3ngaSTluj9HpgsC8DAnBgNVHREE
1771
- IDAeggt0d2l0dGVyLmNvbYIPd3d3LnR3aXR0ZXIuY29tMA4GA1UdDwEB/wQEAwIF
1772
- oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKg
1773
- MIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcxLmNy
1774
- bDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVy
1775
- LWcxLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxo
1776
- dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcB
1777
- AQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggr
1778
- BgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hB
1779
- MkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIB
1780
- fAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
1781
- 37jjd80OyA3cEAAAAVNdgFLZAAAEAwBHMEUCICZCA9wZjkyHJRy3UTCYnwI21m/U
1782
- XKRXWc7US9arx68qAiEAtK1UZMDl2wRt/o1OxInzFdQCQ+2QTIvLbHe5slXu6boA
1783
- dQBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVNdgFKcAAAEAwBG
1784
- MEQCIGF6AFQ8TKA8AqktUZ/45JJuKYHCIFIkqcPWIIDLWIZmAiA5PVUV5BBCM2AK
1785
- ce/CeXCyim1y140g/4RxghYW6sNCNwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFc
1786
- wO+UmFXWidDdAAABU12AU6YAAAQDAEYwRAIgXUM1kBRW2bTGAqVvy/aDoYTrdKvM
1787
- I6x5p0FF2S+jGmkCIFmAWDXHV/YBi4thS8HGZc3iVCh5wwaCGM3kztEaUYmQMA0G
1788
- CSqGSIb3DQEBCwUAA4IBAQC7+PUbZaNQAx8YEMg1Uy+cih5Iar3l5ljJ0eih/KsD
1789
- Qo9Y8woYppEuwVC3cN0V2q0I8RXSRE105BgrZbYF2fn32CRs21/sbH0/v6VMonNo
1790
- OEJBzeL20fjYidN1Sr39q02e7kjJNCPVg8yTlRREpSXlsfwXWFOnACSBwpRzmD43
1791
- bRKVH6zjIPiy2wmxXP6ibb3p0ITHnosxLsf3pWXjL/YeWqQq6mUDMRKmeCRR3k1E
1792
- 03kXQyxV4AD4hccLqP4K6m17dOkpWbKWNN+/wxWy/ApMuP0hNPgoZSLQBaMidNzh
1793
- Y63izHj1KcOdLNg8VVCCEPoEX8IlbLMIY/YTfN5XAFjs
1756
+ IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDIyMzAwMDAwMFoXDTE5MDQwODEy
1757
+ MDAwMFowgeQxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
1758
+ BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
1759
+ Ewc0MzM3NDQ2MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
1760
+ A1UEBxMNU2FuIEZyYW5jaXNjbzEWMBQGA1UEChMNVHdpdHRlciwgSW5jLjEZMBcG
1761
+ A1UECxMQVHdpdHRlciBTZWN1cml0eTEUMBIGA1UEAxMLdHdpdHRlci5jb20wggEi
1762
+ MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRDIxB2Cj0SQtIOuWHjdzO5XKD
1763
+ lqUEFW69HmazatAWqN0Up9jel/8GMzfwMso650IRBBrhvJTPc3TdHn/JEscGAcnp
1764
+ IRrZkbTtpKMIJeNuWiACQosREt0Ur8gGLce4PJlt2BqMRJJ++SE8eV9Ryyl2Sgm+
1765
+ kqY65SML27IecrOkNmMuZKIUw/gLpt8msOnxy5JJWsjA3z9ND6FAx2DCbZ5GDIpt
1766
+ gK07FIV2z+cg1MStpf1TbgZ93pmmX9hnFk4F7VDS6Uf2K5YsPdsI0SwpW9HiG3TK
1767
+ 9oz2GvsXffU6HGGM9Vcrpi5WhlaYHT1xCQ13caOduBxCkwhRZY2AFdyCR2MpAgMB
1768
+ AAGjggMCMIIC/jAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNV
1769
+ HQ4EFgQUjI1wmILOVLL4dplPJjT+dTMjsUUwJwYDVR0RBCAwHoILdHdpdHRlci5j
1770
+ b22CD3d3dy50d2l0dGVyLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
1771
+ KwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwz
1772
+ LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6
1773
+ Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0g
1774
+ BEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
1775
+ aWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUF
1776
+ BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6
1777
+ Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlk
1778
+ YXRpb25TZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIE
1779
+ gfYEgfMA8QB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABYcBN
1780
+ gy8AAAQDAEgwRgIhAOW65zPD/WuWN0kNEKx0LZBxTqLrQSkh6G7db+TT+FQcAiEA
1781
+ o9jTxePOzkuDoq+kO/FY8wKYp+/RWLXj2VbL8wKI/SkAdgBWFAaaL9fC7NP14b1E
1782
+ sj7HRna5vJkRXMDvlJhV1onQ3QAAAWHATYOxAAAEAwBHMEUCIQCUWpCOm+ejKxg1
1783
+ LyfPlxMEyTqmEyrajGx8PbTaBet8XwIgUKQXhoLMKb66Cvs4goSt3wWLDkX4WmFW
1784
+ DPcR9Mbq87gwDQYJKoZIhvcNAQELBQADggEBAJlV+Uez02kinJi7AHiYujgJ5j1k
1785
+ icieSrL+qspP6CMv6OCAa353vrVc95+iwDWimE9ovJZrANWpW2bNHClLb/R4pjlc
1786
+ yDpzXdCzrQzkqUXmIZZ95hU7SxC56fC3ybINy2e2YqOjUPxBoZjZjWBa20opMMxg
1787
+ ntG1ZqcZ9mZE7JJbOqfCyFbe5eyszpujATD3K24IVW5IXdzWd1udumbL5jUdYA56
1788
+ TjnyBCxlBjjLdQt2IWOiMATp+IlslwEpNScMl/gSLEX5b550/tn/5MaIY7cPNG38
1789
+ WNiLTkomw//7coTN6HdctcTSojOWQqjl8PLzcG+UxZd3vFe7Kf07VFBHav4=
1794
1790
  -----END CERTIFICATE-----
1795
1791
  </asPEM>
1796
- <subject>businessCategory=Private Organization, jurisdictionCountryName=US, jurisdictionStateOrProvinceName=Delaware, serialNumber=4337446, streetAddress=Suite 900, streetAddress=1355 Market St, postalCode=94103, countryName=US, stateOrProvinceName=California, localityName=San Francisco, organizationName=Twitter, Inc., organizationalUnitName=Twitter Security, commonName=twitter.com</subject>
1792
+ <subject>businessCategory=Private Organization, jurisdictionCountryName=US, jurisdictionStateOrProvinceName=Delaware, serialNumber=4337446, countryName=US, stateOrProvinceName=California, localityName=San Francisco, organizationName=Twitter, Inc., organizationalUnitName=Twitter Security, commonName=twitter.com</subject>
1797
1793
  <issuer>countryName=US, organizationName=DigiCert Inc, organizationalUnitName=www.digicert.com, commonName=DigiCert SHA2 Extended Validation Server CA</issuer>
1798
- <serialNumber>9920975688038816536871498077062536774</serialNumber>
1799
- <notBefore>2016-03-09 00:00:00</notBefore>
1800
- <notAfter>2018-03-14 12:00:00</notAfter>
1794
+ <serialNumber>19145766406727795172801612582821755217</serialNumber>
1795
+ <notBefore>2018-02-23 00:00:00</notBefore>
1796
+ <notAfter>2019-04-08 12:00:00</notAfter>
1801
1797
  <signatureAlgorithm>sha256</signatureAlgorithm>
1802
1798
  <publicKey algorithm="RSA" exponent="65537" size="2048"/>
1803
1799
  <subjectAlternativeName>
@@ -1846,62 +1842,58 @@ oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn
1846
1842
  </receivedCertificateChain>
1847
1843
  <certificateValidation>
1848
1844
  <hostnameValidation certificateMatchesServerHostname="True" serverHostname="twitter.com"/>
1849
- <pathValidation trustStoreVersion="8.1.0_r7" usingTrustStore="Android" validationResult="ok"/>
1845
+ <pathValidation trustStoreVersion="8.1.0_r9" usingTrustStore="Android" validationResult="ok"/>
1850
1846
  <pathValidation trustStoreVersion="11" usingTrustStore="iOS" validationResult="ok"/>
1851
1847
  <pathValidation trustStoreVersion="High Sierra" usingTrustStore="macOS" validationResult="ok"/>
1852
1848
  <pathValidation isExtendedValidationCertificate="True" trustStoreVersion="2018-01-14" usingTrustStore="Mozilla" validationResult="ok"/>
1853
- <pathValidation trustStoreVersion="2017-12-28" usingTrustStore="Windows" validationResult="ok"/>
1854
- <verifiedCertificateChain hasMustStapleExtension="False" hasSha1SignedCertificate="False" includedSctsCount="3" successfulTrustStore="Windows" suppliedServerNameIndication="twitter.com">
1855
- <certificate hpkpSha256Pin="PS12nvydU5dSxolqCn3V11wWF5Z12JRhXT2dhyawT4M=" sha1Fingerprint="235a79b3270d790505e0bea2cf5c149f9038821b">
1849
+ <pathValidation trustStoreVersion="2018-02-09" usingTrustStore="Windows" validationResult="ok"/>
1850
+ <verifiedCertificateChain hasMustStapleExtension="False" hasSha1SignedCertificate="False" includedSctsCount="2" successfulTrustStore="Windows" suppliedServerNameIndication="twitter.com">
1851
+ <certificate hpkpSha256Pin="TfHW/l4khWKX6OE4Jra+u3onnsH4IfzWgHPJGE88rEo=" sha1Fingerprint="265c85f65b044dc830645c6fb9cfa7d28f28bc1b">
1856
1852
  <asPEM>-----BEGIN CERTIFICATE-----
1857
- MIIHnTCCBoWgAwIBAgIQB3a13cqDpLnKWY9ddx+eRjANBgkqhkiG9w0BAQsFADB1
1853
+ MIIG6DCCBdCgAwIBAgIQDmdXKeZyRvcaXeXGF6L5UTANBgkqhkiG9w0BAQsFADB1
1858
1854
  MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
1859
1855
  d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
1860
- IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE2MDMwOTAwMDAwMFoXDTE4MDMxNDEy
1861
- MDAwMFowggEhMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGCysG
1862
- AQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhEZWxhd2FyZTEQMA4GA1UE
1863
- BRMHNDMzNzQ0NjESMBAGA1UECRMJU3VpdGUgOTAwMRcwFQYDVQQJEw4xMzU1IE1h
1864
- cmtldCBTdDEOMAwGA1UEERMFOTQxMDMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD
1865
- YWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0
1866
- dGVyLCBJbmMuMRkwFwYDVQQLExBUd2l0dGVyIFNlY3VyaXR5MRQwEgYDVQQDEwt0
1867
- d2l0dGVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIImPpn
1868
- AAVVtgthDhrXtYrBzAO+PBf7lPfZ+kyfRmCcaq19OuU0WhKwsguq7JbhWIEvrWCr
1869
- R5Np44R1U8H5D7lGq57qqxiYjGhUCFFlQxphlydcXg8V6c0Wq91RW3Yv/NMRmZ3S
1870
- pj2HAnXmJJbiBD4UnPp+uHFCNwC1sIriM5WL2j/7Y003YtUcAuowftwNU9XUC7ij
1871
- EBNtH4mUC2qURGcpgq3m1bBS/JVXBtbRImaE05IqAseUVt9VP8IT8nwWeDOhU/d3
1872
- l1y3lgXVRPS/74MiXXrmj+Ss3zSetg8KU/Aa23E3aZL2FKkcdWVyRSQJOyxq17lp
1873
- pdzfbZxr/MaiWzECAwEAAaOCA3kwggN1MB8GA1UdIwQYMBaAFD3TUKXWoK3u80pg
1874
- CmXTIdT4+NYPMB0GA1UdDgQWBBSfYnuyiA7uG3ngaSTluj9HpgsC8DAnBgNVHREE
1875
- IDAeggt0d2l0dGVyLmNvbYIPd3d3LnR3aXR0ZXIuY29tMA4GA1UdDwEB/wQEAwIF
1876
- oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKg
1877
- MIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcxLmNy
1878
- bDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVy
1879
- LWcxLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxo
1880
- dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcB
1881
- AQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggr
1882
- BgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hB
1883
- MkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIB
1884
- fAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
1885
- 37jjd80OyA3cEAAAAVNdgFLZAAAEAwBHMEUCICZCA9wZjkyHJRy3UTCYnwI21m/U
1886
- XKRXWc7US9arx68qAiEAtK1UZMDl2wRt/o1OxInzFdQCQ+2QTIvLbHe5slXu6boA
1887
- dQBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVNdgFKcAAAEAwBG
1888
- MEQCIGF6AFQ8TKA8AqktUZ/45JJuKYHCIFIkqcPWIIDLWIZmAiA5PVUV5BBCM2AK
1889
- ce/CeXCyim1y140g/4RxghYW6sNCNwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFc
1890
- wO+UmFXWidDdAAABU12AU6YAAAQDAEYwRAIgXUM1kBRW2bTGAqVvy/aDoYTrdKvM
1891
- I6x5p0FF2S+jGmkCIFmAWDXHV/YBi4thS8HGZc3iVCh5wwaCGM3kztEaUYmQMA0G
1892
- CSqGSIb3DQEBCwUAA4IBAQC7+PUbZaNQAx8YEMg1Uy+cih5Iar3l5ljJ0eih/KsD
1893
- Qo9Y8woYppEuwVC3cN0V2q0I8RXSRE105BgrZbYF2fn32CRs21/sbH0/v6VMonNo
1894
- OEJBzeL20fjYidN1Sr39q02e7kjJNCPVg8yTlRREpSXlsfwXWFOnACSBwpRzmD43
1895
- bRKVH6zjIPiy2wmxXP6ibb3p0ITHnosxLsf3pWXjL/YeWqQq6mUDMRKmeCRR3k1E
1896
- 03kXQyxV4AD4hccLqP4K6m17dOkpWbKWNN+/wxWy/ApMuP0hNPgoZSLQBaMidNzh
1897
- Y63izHj1KcOdLNg8VVCCEPoEX8IlbLMIY/YTfN5XAFjs
1856
+ IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDIyMzAwMDAwMFoXDTE5MDQwODEy
1857
+ MDAwMFowgeQxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
1858
+ BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
1859
+ Ewc0MzM3NDQ2MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
1860
+ A1UEBxMNU2FuIEZyYW5jaXNjbzEWMBQGA1UEChMNVHdpdHRlciwgSW5jLjEZMBcG
1861
+ A1UECxMQVHdpdHRlciBTZWN1cml0eTEUMBIGA1UEAxMLdHdpdHRlci5jb20wggEi
1862
+ MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRDIxB2Cj0SQtIOuWHjdzO5XKD
1863
+ lqUEFW69HmazatAWqN0Up9jel/8GMzfwMso650IRBBrhvJTPc3TdHn/JEscGAcnp
1864
+ IRrZkbTtpKMIJeNuWiACQosREt0Ur8gGLce4PJlt2BqMRJJ++SE8eV9Ryyl2Sgm+
1865
+ kqY65SML27IecrOkNmMuZKIUw/gLpt8msOnxy5JJWsjA3z9ND6FAx2DCbZ5GDIpt
1866
+ gK07FIV2z+cg1MStpf1TbgZ93pmmX9hnFk4F7VDS6Uf2K5YsPdsI0SwpW9HiG3TK
1867
+ 9oz2GvsXffU6HGGM9Vcrpi5WhlaYHT1xCQ13caOduBxCkwhRZY2AFdyCR2MpAgMB
1868
+ AAGjggMCMIIC/jAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNV
1869
+ HQ4EFgQUjI1wmILOVLL4dplPJjT+dTMjsUUwJwYDVR0RBCAwHoILdHdpdHRlci5j
1870
+ b22CD3d3dy50d2l0dGVyLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
1871
+ KwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwz
1872
+ LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6
1873
+ Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0g
1874
+ BEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
1875
+ aWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUF
1876
+ BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6
1877
+ Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlk
1878
+ YXRpb25TZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIE
1879
+ gfYEgfMA8QB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABYcBN
1880
+ gy8AAAQDAEgwRgIhAOW65zPD/WuWN0kNEKx0LZBxTqLrQSkh6G7db+TT+FQcAiEA
1881
+ o9jTxePOzkuDoq+kO/FY8wKYp+/RWLXj2VbL8wKI/SkAdgBWFAaaL9fC7NP14b1E
1882
+ sj7HRna5vJkRXMDvlJhV1onQ3QAAAWHATYOxAAAEAwBHMEUCIQCUWpCOm+ejKxg1
1883
+ LyfPlxMEyTqmEyrajGx8PbTaBet8XwIgUKQXhoLMKb66Cvs4goSt3wWLDkX4WmFW
1884
+ DPcR9Mbq87gwDQYJKoZIhvcNAQELBQADggEBAJlV+Uez02kinJi7AHiYujgJ5j1k
1885
+ icieSrL+qspP6CMv6OCAa353vrVc95+iwDWimE9ovJZrANWpW2bNHClLb/R4pjlc
1886
+ yDpzXdCzrQzkqUXmIZZ95hU7SxC56fC3ybINy2e2YqOjUPxBoZjZjWBa20opMMxg
1887
+ ntG1ZqcZ9mZE7JJbOqfCyFbe5eyszpujATD3K24IVW5IXdzWd1udumbL5jUdYA56
1888
+ TjnyBCxlBjjLdQt2IWOiMATp+IlslwEpNScMl/gSLEX5b550/tn/5MaIY7cPNG38
1889
+ WNiLTkomw//7coTN6HdctcTSojOWQqjl8PLzcG+UxZd3vFe7Kf07VFBHav4=
1898
1890
  -----END CERTIFICATE-----
1899
1891
  </asPEM>
1900
- <subject>businessCategory=Private Organization, jurisdictionCountryName=US, jurisdictionStateOrProvinceName=Delaware, serialNumber=4337446, streetAddress=Suite 900, streetAddress=1355 Market St, postalCode=94103, countryName=US, stateOrProvinceName=California, localityName=San Francisco, organizationName=Twitter, Inc., organizationalUnitName=Twitter Security, commonName=twitter.com</subject>
1892
+ <subject>businessCategory=Private Organization, jurisdictionCountryName=US, jurisdictionStateOrProvinceName=Delaware, serialNumber=4337446, countryName=US, stateOrProvinceName=California, localityName=San Francisco, organizationName=Twitter, Inc., organizationalUnitName=Twitter Security, commonName=twitter.com</subject>
1901
1893
  <issuer>countryName=US, organizationName=DigiCert Inc, organizationalUnitName=www.digicert.com, commonName=DigiCert SHA2 Extended Validation Server CA</issuer>
1902
- <serialNumber>9920975688038816536871498077062536774</serialNumber>
1903
- <notBefore>2016-03-09 00:00:00</notBefore>
1904
- <notAfter>2018-03-14 12:00:00</notAfter>
1894
+ <serialNumber>19145766406727795172801612582821755217</serialNumber>
1895
+ <notBefore>2018-02-23 00:00:00</notBefore>
1896
+ <notAfter>2019-04-08 12:00:00</notAfter>
1905
1897
  <signatureAlgorithm>sha256</signatureAlgorithm>
1906
1898
  <publicKey algorithm="RSA" exponent="65537" size="2048"/>
1907
1899
  <subjectAlternativeName>
@@ -2451,8 +2443,8 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
2451
2443
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384">
2452
2444
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
2453
2445
  </cipherSuite>
2454
- <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_RSA_WITH_AES_256_GCM_SHA384"/>
2455
2446
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_RSA_WITH_AES_256_CBC_SHA"/>
2447
+ <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="256" name="TLS_RSA_WITH_AES_256_GCM_SHA384"/>
2456
2448
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA">
2457
2449
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
2458
2450
  </cipherSuite>
@@ -2460,8 +2452,8 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
2460
2452
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
2461
2453
  </cipherSuite>
2462
2454
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_CBC_SHA"/>
2463
- <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_GCM_SHA256"/>
2464
2455
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_CBC_SHA256"/>
2456
+ <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_RSA_WITH_AES_128_GCM_SHA256"/>
2465
2457
  <cipherSuite anonymous="False" connectionStatus="HTTP 200 OK" keySize="128" name="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256">
2466
2458
  <keyExchange A="0x00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc" B="0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b" Cofactor="1" Field_Type="prime-field" Generator="0x046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" GeneratorType="uncompressed" GroupSize="256" Order="0x00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" Prime="0x00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff" Seed="0xc49d360886e704936a6678e1139d26b7819f7e90" Type="ECDH"/>
2467
2459
  </cipherSuite>
@@ -2572,7 +2564,7 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
2572
2564
  </target>
2573
2565
  </results>
2574
2566
  <invalidTargets>
2575
- <invalidTarget error="Could not resolve foo">foo</invalidTarget>
2576
- <invalidTarget error="Could not resolve bar">bar</invalidTarget>
2567
+ <invalidTarget error="Could not resolve hostname">foo:443</invalidTarget>
2568
+ <invalidTarget error="Could not resolve hostname">bar:443</invalidTarget>
2577
2569
  </invalidTargets>
2578
2570
  </document>
@@ -50,7 +50,7 @@ describe SSLyze::XML::Certinfo::OCSPStapling::OCSPResponse do
50
50
  end
51
51
 
52
52
  describe "#produced_at" do
53
- let(:expected_time) { 'Feb 28 19:34:58 2018 GMT' }
53
+ let(:expected_time) { 'Mar 12 12:34:51 2018 GMT' }
54
54
 
55
55
  let(:xpath) { "#{super()}[producedAt/text()='#{expected_time}']" }
56
56
 
@@ -5,19 +5,34 @@ require 'sslyze/xml/invalid_target'
5
5
  describe SSLyze::XML::InvalidTarget do
6
6
  include_examples "XML specs"
7
7
 
8
- let(:xpath) { '/document/invalidTargets/invalidTarget' }
8
+ let(:host) { 'foo' }
9
+ let(:port) { 443 }
10
+ let(:target) { "#{host}:#{port}" }
11
+ let(:xpath) { "/document/invalidTargets/invalidTarget[text()='#{target}']" }
9
12
 
10
13
  subject { described_class.new(xml.at(xpath)) }
11
14
 
15
+ describe "#target" do
16
+ it "must return the target text" do
17
+ expect(subject.target).to be == target
18
+ end
19
+ end
20
+
12
21
  describe "#host" do
13
- it "must parse the host attribute" do
14
- expect(subject.host).to be == 'foo'
22
+ it "must return the host component of the target" do
23
+ expect(subject.host).to be == host
24
+ end
25
+ end
26
+
27
+ describe "#port" do
28
+ it "must return the port component of the target" do
29
+ expect(subject.port).to be port
15
30
  end
16
31
  end
17
32
 
18
33
  describe "#error" do
19
34
  it "must parse the ip attribute" do
20
- expect(subject.error).to be == 'Could not resolve foo'
35
+ expect(subject.error).to be == 'Could not resolve hostname'
21
36
  end
22
37
  end
23
38
  end
@@ -6,6 +6,7 @@ describe SSLyze::XML::Target do
6
6
  include_examples "XML specs"
7
7
 
8
8
  let(:xpath) { '/document/results/target' }
9
+ let(:expected_ip) { '192.30.255.112' }
9
10
 
10
11
  subject { described_class.new(xml.at(xpath)) }
11
12
 
@@ -20,8 +21,6 @@ describe SSLyze::XML::Target do
20
21
  end
21
22
 
22
23
  describe "#ip" do
23
- let(:expected_ip) { '192.30.255.113' }
24
-
25
24
  let(:xpath) { "#{super()}[@ip='#{expected_ip}']" }
26
25
 
27
26
  it "must parse the ip attribute" do
@@ -30,7 +29,6 @@ describe SSLyze::XML::Target do
30
29
  end
31
30
 
32
31
  describe "#ipaddr" do
33
- let(:expected_ip) { '192.30.255.113' }
34
32
  let(:xpath) { "#{super()}[@ip='#{expected_ip}']" }
35
33
 
36
34
  it "must parse the ip attribute" do
@@ -21,12 +21,6 @@ describe SSLyze::XML do
21
21
  end
22
22
  end
23
23
 
24
- describe "#network_timeout" do
25
- it "must parse the networkTimeout attribute" do
26
- expect(subject.network_timeout).to be == 5
27
- end
28
- end
29
-
30
24
  describe "#total_scan_time" do
31
25
  it "must parse the totalScanTime attribute" do
32
26
  expect(subject.total_scan_time).to be_kind_of(Float)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-sslyze
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Hal Brodigan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-03-07 00:00:00.000000000 Z
11
+ date: 2018-03-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rprogram
@@ -190,7 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
190
190
  - !ruby/object:Gem::Version
191
191
  version: '0'
192
192
  requirements:
193
- - sslyze >= 1.3.4
193
+ - sslyze >= 1.4.0
194
194
  rubyforge_project:
195
195
  rubygems_version: 2.6.14
196
196
  signing_key: