Class: TLSmap::App::Extended
- Inherits:
-
Object
- Object
- TLSmap::App::Extended
- Defined in:
- lib/tls_map/ciphersuiteinfo.rb
Overview
Partial wrapper around ciphersuite.info API to get extra info about a cipher
Documentation:
Constant Summary collapse
- ROOT =
Root URL of Cipher Suite Info
'https://ciphersuite.info/'
- API_ROOT =
Root URL of Cipher Suite Info API
"#{ROOT}api/"
- VULN_DATA =
URL of the data file containig vulnerabilities information
'https://raw.githubusercontent.com/hcrudolph/ciphersuite.info/master/directory/fixtures/00_vulnerabilities.yaml'
- TECH_DATA =
URL of the data file containig technologies information
'https://raw.githubusercontent.com/hcrudolph/ciphersuite.info/master/directory/fixtures/01_technologies.yaml'
- DICO =
Hash mapping API key and display name for CLI
{ 'tls_version' => 'TLS Version(s)', 'protocol_version' => 'Protocol', 'kex_algorithm' => 'Key Exchange', 'auth_algorithm' => 'Authentication', 'enc_algorithm' => 'Encryption', 'hash_algorithm' => 'Hash', 'security' => 'Security', 'url' => 'More info', 'vulns' => 'Vulnerabilities' }.freeze
- VULN_SEVERITY =
Hash mapping the severity number used by the API and the severity text and color for the CLI
{ 0 => { title: 'Low', color: :yellow }, 1 => { title: 'Medium', color: 'orange' }, 2 => { title: 'High', color: :red } }.freeze
Instance Method Summary collapse
-
#extend(iana_name) ⇒ Hash
Retrieve advanced about a cipher on Cipher Suite Info API and enhanced it.
-
#find_vuln(tech) ⇒ Array<Hash>
Find vulnerabilities related to a technology.
-
#initialize ⇒ Extended
constructor
Will automatically fetch source files and parse them.
-
#translate_acronym(term) ⇒ String
Translate cipher related acronyms.
Constructor Details
Instance Method Details
#extend(iana_name) ⇒ Hash
Retrieve advanced about a cipher on Cipher Suite Info API and enhanced it
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/tls_map/ciphersuiteinfo.rb', line 61 def extend(iana_name) # rubocop:disable Metrics/MethodLength obj = Net::HTTP.get(URI("#{API_ROOT}cs/#{iana_name}/")) out = JSON.parse(obj)[iana_name] out.store('vulns', []) %w[openssl_name gnutls_name hex_byte_1 hex_byte_2].each do |key| out.delete(key) end out.each_value do |v| out['vulns'].push(find_vuln(v)) if @tech.keys.include?(v) end out['vulns'].flatten! out['vulns'].uniq! out.store('url', "#{ROOT}cs/#{iana_name}/") # Add upstream URL out end |
#find_vuln(tech) ⇒ Array<Hash>
Find vulnerabilities related to a technology
111 112 113 114 115 |
# File 'lib/tls_map/ciphersuiteinfo.rb', line 111 def find_vuln(tech) return @tech[tech][:vulnerabilities].map { |vuln| @vuln[vuln] } unless @tech[tech][:vulnerabilities].nil? nil end |
#translate_acronym(term) ⇒ String
Translate cipher related acronyms
102 103 104 105 106 |
# File 'lib/tls_map/ciphersuiteinfo.rb', line 102 def translate_acronym(term) return @tech[term][:long_name] unless @tech[term].nil? nil end |