Documentation
¶
Index ¶
- Constants
- Variables
- func CheckSetup() error
- func IsValidAuthentication(auth Authentication) bool
- func IsValidEncryption(enc Encryption) bool
- func IsValidEncryptionMode(encMode EncryptionMode) bool
- func IsValidKeyExchange(k KeyExchange) bool
- func IsValidMac(m Mac) bool
- func IsValidPrf(p Prf) bool
- func IsValidProtocol(p Protocol) bool
- func LoadCiphers(logger utils.Logger)
- func Setup(logger utils.Logger) error
- type Authentication
- type Certificate
- type Chain
- type Cipher
- type CipherInfo
- type Curve
- type Curves
- type Data
- type EllipticCurve
- type Encryption
- type EncryptionMode
- type Issues
- type KeyExchange
- type Mac
- type Prf
- type Protocol
- type PublicKey
- type Result
- type Scanner
- type Settings
- type SignatureAlgorithm
- type SignatureHash
Constants ¶
View Source
const ( CipherPreferenceClient = "client" CipherPreferenceServer = "server" )
Cipher preferences
View Source
const Label = "Ssl"
Variables ¶
View Source
var StartTlsPorts = map[int]string{
433: "",
25: "smtp",
465: "",
587: "smtp",
143: "imap",
220: "imap",
993: "",
109: "pop3",
110: "pop3",
995: "",
5222: "xmpp",
5223: "",
5280: "xmpp",
5298: "xmpp",
5269: "xmpp_server",
21: "ftp",
990: "",
989: "",
389: "ldap",
3268: "ldap",
7389: "ldap",
636: "",
3269: "",
7636: "",
3389: "rdp",
5432: "postgres",
}
StartTlsPorts maps common port numbers to their respective protocols: smtp, xmpp, xmpp_server, pop3, ftp, imap, ldap, rdp, postgres, auto. More (unofficial) ports from this list: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Functions ¶
func CheckSetup ¶
func CheckSetup() error
CheckSetup checks whether Setup() executed accordingly. Scan arguments should be checked by the scanner.
func IsValidAuthentication ¶
func IsValidAuthentication(auth Authentication) bool
func IsValidEncryption ¶
func IsValidEncryption(enc Encryption) bool
func IsValidEncryptionMode ¶
func IsValidEncryptionMode(encMode EncryptionMode) bool
func IsValidKeyExchange ¶
func IsValidKeyExchange(k KeyExchange) bool
func IsValidMac ¶
func IsValidPrf ¶
func IsValidProtocol ¶
func LoadCiphers ¶
Types ¶
type Authentication ¶
type Authentication uint8
Algorithms used to authenticate the server and (optionally) client.
const ( AUTH_NONE Authentication = iota + 1 // No authentication AUTH_TLSv1_3 // RSA / ECDSA / RSA-PSS / EdDSA / PSK AUTH_DSS // DSS AUTH_ECDSA // ECDSA AUTH_ECNRA // ECNRA AUTH_FORTEZZA_KEA // FORTEZZA_KEA AUTH_GOSTR341001 // GOST R 34.10.2001 AUTH_GOSTR341094 // GOST R 34.10.1994 AUTH_KRB5 // KRB5 AUTH_PSK // PSK AUTH_RSA // RSA AUTH_SRP_SHA // SRP_SHA )
AUTH_GOSTR341001: elliptic curve version
func (Authentication) String ¶
func (i Authentication) String() string
type Certificate ¶
type Certificate struct {
Type string // 'leaf' / 'intermediate' / 'root'
Version int // Version of the X.509 standard.
Serial big.Int // Serial number chosen by the CA (not necessarily globally unique / random).
Subject []string // Object Identifiers (OIDs) of the subject.
SubjectCN string // Subject's common name.
Issuer []string // Object Identifiers (OIDs) of the issuer.
IssuerCN string // Issuer's common name.
AlternativeNames []string // Subject's alternative names.
ValidFrom time.Time // The initial date at which the certificate is valid.
ValidTo time.Time // The expiration date of the certificate.
PublicKeyAlgorithm PublicKey // The algorithm corresponding to the public key.
PublicKeyInfo string // Some additional info on the public key, depending on the public key's type.
PublicKeyBits uint64 // The public key's bit-size.
PublicKeyStrength int // The public key's strength corresponding to the key size.
SignatureAlgorithm SignatureAlgorithm // The signature algorithm.
SignatureHashAlgorithm SignatureHash // The signature hash algorithm.
CrlUrls []string // URL(s) for the certificate revocation list.
OcspUrls []string // URL(s) for the online certificate status protocol
KeyUsage []string // Key usage flags set in the certificate.
ExtendedKeyUsage []string // Extended key usage flags set in the certificate.
BasicConstraintsValid bool // Indicates whether Ca and MaxPathLen is valid. All three fields belong to the "basic constraint extension"
Ca bool // Indicates whether the certificate is of a CA.
MaxPathLength int // Maximum number of non-self-issued intermediate certificates that follow this certificate (leaf certificate not counting). See also: http://www.pkiglobe.org/
Sha1Fingerprint string // SHA1 fingerprint of the certificate.
}
type Chain ¶ added in v1.0.3
type Chain struct {
Certificates []*Certificate // Certificates of this specific deployment
ValidatedBy []string // Name(s) of the trust store(s) that successfully validated this deployment
HasValidOrder bool // Indicates whether the certificate chain was sent in valid order
}
type Cipher ¶
type Cipher struct {
Id string
IanaName string
OpensslName string
Protocol Protocol // SSL/TLS version used.
KeyExchange KeyExchange // The key exchange algorithm.
KeyExchangeBits int // The encryption's key bit-size - only set if ephemeral key exchange or export cipher.
KeyExchangeStrength int // The encryption's strength corresponding to the key size - only set if ephemeral key exchange or export cipher.
KeyExchangeInfo []string // Additional info on the key exchange - only set if ephemeral key exchange
ForwardSecrecy bool // Set if the key exchange algorithm supports forward secrecy.
Authentication Authentication // The authentication algorithm.
Encryption Encryption // The encryption algorithm.
EncryptionMode EncryptionMode // The encryption's mode.
EncryptionBits int // The encryption's key bit-size.
EncryptionStrength int // The encryption's strength corresponding to the key size.
BlockCipher bool // Indicates whether the encryption method is a block cipher.
BlockSize int // The encryption's block size if it is a block cipher.
StreamCipher bool // Indicates whether the encryption method is a stream cipher.
Mac Mac // The message authentication code algorithm.
MacBits int // The mac's digest size in bits.
MacStrength int // The mac's strength corresponding to the digest size.
Prf Prf // The pseudo-random function family algorithm (if any).
PrfBits int // The prf's digest size in bits.
PrfStrength int // The prf's strength corresponding to the digest size.
Export bool // Indicates whether the cipher suite is an old export cipher suite.
Draft bool // Indicates whether the cipher suite is a draft.
}
type CipherInfo ¶
type CipherInfo struct {
Id string `json:"cipher_suite"` // Cipher suite id
OpensslName string `json:"openssl_name"` // OpenSSL name of the cipher (SSLyze uses it)
IanaName string `json:"iana_name"` // IANA name
Kx KeyExchange `json:"kx"` // Key exchange protocol
Au Authentication `json:"au"` // Key exchange authentication
Enc Encryption `json:"enc"` // (Bulk) encryption algorithm
EncBits int `json:"enc_bits"` //
EncMode EncryptionMode `json:"enc_mode"` //
Mac Mac `json:"mac"` // Message authentication code algorithm
Prf Prf `json:"prf"` // Pseudorandom function family if existing
Export bool `json:"export"` // export indicator, if the string is not empty it's an exportable cipher
}
Struct used for our cipher suite mapping.
type Curve ¶
type Curve string
Curves used for elliptic curve cryptography (ECDHE, ECDSA). see http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 This custom type is not transformed to an integer type as we only have one significant method declared for it and we only get a string from SSLyze. Therefore we'd have to create a mapping to our type in order to use a integer representation.
const ( SECT163K1 Curve = "sect163k1" SECT163R1 Curve = "sect163r1" SECT163R2 Curve = "sect163r2" SECT193R1 Curve = "sect193r1" SECT193R2 Curve = "sect193r2" SECT233K1 Curve = "sect233k1" SECT233R1 Curve = "sect233r1" SECT239K1 Curve = "sect239k1" SECT283K1 Curve = "sect283k1" SECT283R1 Curve = "sect283r1" SECT409K1 Curve = "sect409k1" SECT409R1 Curve = "sect409r1" SECT571K1 Curve = "sect571k1" SECT571R1 Curve = "sect571r1" SECP160K1 Curve = "secp160k1" SECP160R1 Curve = "secp160r1" SECP160R2 Curve = "secp160r2" SECP192K1 Curve = "secp192k1" SECP192R1 Curve = "secp192r1" SECP224K1 Curve = "secp224k1" SECP224R1 Curve = "secp224r1" SECP256K1 Curve = "secp256k1" SECP256R1 Curve = "secp256r1" SECP384R1 Curve = "secp384r1" SECP521R1 Curve = "secp521r1" BRAINPOOLP256R1 Curve = "brainpoolP256r1" BRAINPOOLP384R1 Curve = "brainpoolP384r1" BRAINPOOLP512R1 Curve = "brainpoolP512r1" ECDH_X25519 Curve = "ecdh_x25519" )
func (Curve) IsValidCurve ¶
type Curves ¶ added in v1.0.3
type Curves struct {
SupportedCurves []EllipticCurve // The curves that the target accepts
RejectedCurves []EllipticCurve // The curves that the target rejects
SupportEcdhKeyExchange bool // Indicates whether the target supports ECDH Key Exchange
}
type Data ¶
type Data struct {
Vhost string // The target's hostname
Ciphers map[string]*Cipher // The target's supported cipher suites. Key format: "protocol|cipher_id"
Chains []*Chain // The target's certificate chains
Settings *Settings // The target's SSL/TLS configuration details
Issues *Issues // The target's identified security concerns and vulnerabilities
Curves *Curves // The target's supported or rejected elliptic curves
}
type EllipticCurve ¶
type Encryption ¶
type Encryption uint8
Encryption algorithms
const ( ENC_NONE Encryption = iota + 1 // No encryption ENC_DES // DES ENC_RC2 // RC2 ENC_TRIPLE_DES // 3DES ENC_SKIPJACK // FORTEZZA ENC_SEED // SEED ENC_IDEA // IDEA ENC_CAMELLIA // Camellia ENC_ARIA // ARIA ENC_GOST28147 // GOST 28147 ENC_AES // AES // Stream ciphers ENC_RC4 // RC4 ENC_CHACHA20 // ChaCha20 )
func (Encryption) String ¶
func (i Encryption) String() string
type EncryptionMode ¶
type EncryptionMode uint8
Modes of operation for block ciphers.
const ( ENC_M_NONE EncryptionMode = iota + 1 // No encryption mode ENC_M_CBC // CBC ENC_M_CCM // CCM ENC_M_CCM_8 // CCM8 ENC_M_GCM // GCM ENC_M_POLY1305 // Poly1305 ENC_M_CNT // CNT )
CNT mode for GOST ciphers, see https://tools.ietf.org/html/rfc5830#page-6
func (EncryptionMode) String ¶
func (i EncryptionMode) String() string
type Issues ¶
type Issues struct {
// Any 'true' value indicates a vulnerability, they all should be false!
LowEncryptionStrength bool // Indicates whether the minimum of encryption strength is lower than 128 bit.
AnyChainInvalid bool // Indicates whether any certificate chain is invalid.
AnyChainInvalidOrder bool // Indicates whether any certificate chain has an invalid order.
ClientRenegotiationDos bool // Indicates whether the server is vulnerable to client renegotiation DOS.
CcsInjection bool // (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224)
EarlyDataSupported bool // Early data can have a negative impact if session management is not implemented carefully.
NoPerfectForwardSecrecy bool // If this is set, the server supports at least one cipher suite that does not provide prefect forward secrecy.
Sslv2Enabled bool // Indicates the presence of at least one SSLv2 cipher suite.
Sslv3Enabled bool // Indicates the presence of at least one SSLv3 cipher suite.
Tlsv1_0Enabled bool // Indicates the presence of at least one TLS 1.0 cipher suite.
Tlsv1_1Enabled bool // Indicates the presence of at least one TLS 1.1 cipher suite.
ExportSuite bool // Indicates whether the server supports an export cipher suite.
DraftSuite bool // Indicates whether the server supports a draft cipher suite.
Md2Enabled bool // Indicates the presence of at least one cipher suite with MD2 mac (/prf).
Md5Enabled bool // Indicates the presence of at least one cipher suite with MD5 mac (/prf).
Rc4Enabled bool // Indicates the presence of at least one cipher suite with RC4 encryption.
Sha1Enabled bool // Indicates the presence of at least one cipher suite with SHA1 mac (/prf).
Beast bool // (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389)
Crime bool // True if TLS compression is supported by the server, thereby enabling the CRIME attack. (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929)
Drown bool // https://drownattack.com/ (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800)
Freak bool // https://freakattack.com (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204)
Heartbleed bool // http://heartbleed.com/ (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160)
Logjam bool // https://weakdh.org/logjam.html (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000) (Currently only export ciphers are tested)
Lucky13 bool // (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169)
Poodle bool // (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8730)
Robot bool // https://robotattack.org/
Sweet32 bool // https://sweet32.info/ (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183)
}
type KeyExchange ¶
type KeyExchange uint8
Algorithms used for the key exchange.
const ( KEX_DH KeyExchange = iota + 1 // DH KEX_DHE // DHE KEX_ECDH // ECDH KEX_ECDHE // ECDHE KEX_ECMQV // ECMQV KEX_ECCPWD // ECCPWD KEX_FORTEZZA_KEA // FORTEZZA_KEA KEX_GOSTR341001 // GOST R 34.10-2001 KEX_GOSTR341094 // GOST R 34.10.1994 KEX_KRB5 // KRB5 KEX_PSK // PSK KEX_RSA // RSA KEX_SRP_SHA // SRP_SHA KEX_TLSv1_3 // (EC)DHE / PSK / PSK + (EC)DHE )
KEX_ECMQV: https://tools.ietf.org/html/draft-campagna-tls-ecmqv-ecqv-01 KEX_GOSTR341001: elliptic curve version
func (KeyExchange) String ¶
func (i KeyExchange) String() string
type Mac ¶
type Mac uint8
Hash algorithms
const ( MAC_AEAD Mac = iota + 1 // AEAD MAC_MD2 // MD2 MAC_MD5 // MD5 MAC_SHA1 // SHA1 MAC_SHA224 // SHA224 MAC_SHA256 // SHA256 MAC_SHA384 // SHA384 MAC_SHA512 // SHA512 MAC_RIPEMD160 // RMD MAC_GOSTR341194 // GOSTR341194 MAC_GOST28147 // GOST28147 MAC_STREEBOG256 // Streeborg256 MAC_BLAKE2B // BLAKE2b MAC_BLAKE2S // BLAKE2s )
type Scanner ¶
type Scanner struct {
Label string
Started time.Time
Finished time.Time
// contains filtered or unexported fields
}
type Settings ¶ added in v1.0.3
type Settings struct {
// Any 'false' value indicates place for improvement, ideally they would be true!
LowestProtocol Protocol // The lowest SSL / TLS version that is supported by the server.
MinStrength int // The minimum of EncryptionStrength, MacStrength(/PrfStrength) and PublicKeyStrength across all ciphers and certificates.
Ems bool // Extended Master Secret to prevent triple handshake and related TLS attacks
TlsFallbackScsv bool // TLS_FALLBACK_SCSV mechanism to prevent downgrade attacks
SecureRenegotiation bool // Indicates whether the server supports secure renegotiation.
SessionResumptionWithId bool // If set a session resumption using IDs is possible.
SessionResumptionWithTickets bool // If set a session resumption using session tickets is possible.
IsCompliantToMozillaConfig bool // https://ssl-config.mozilla.org/ Check if the server's SSL config complies with the recommended one from Mozilla
}
type SignatureAlgorithm ¶
type SignatureAlgorithm uint8
const ( SIG_A_Unknown SignatureAlgorithm = iota // SIG_A_RSA // RSA SIG_A_DSA // DSA SIG_A_ECDSA // ECDSA SIG_A_RSAPSS // RSAPSS )
func (SignatureAlgorithm) IsValidSignatureAlgo ¶
func (a SignatureAlgorithm) IsValidSignatureAlgo() bool
func (SignatureAlgorithm) String ¶
func (i SignatureAlgorithm) String() string
type SignatureHash ¶
type SignatureHash uint8
Signature hash algorithms
const ( SIG_H_Unknown SignatureHash = iota // SIG_H_None // None SIG_H_MD2 // MD2 SIG_H_MD5 // MD5 SIG_H_SHA1 // SHA1 SIG_H_SHA224 // SHA224 SIG_H_SHA256 // SHA256 SIG_H_SHA384 // SHA384 SIG_H_SHA512 // SHA512 SIG_H_RIPEMD160 // RMD SIG_H_GOSTR3411 // GOSTR3411 SIG_H_BLAKE2B // BLAKE2b SIG_H_BLAKE2S // BLAKE2s )
BLAKE2*: has a variable digest size, 512 is the maximum. SIG_H_None happen if the signature does not use a separate hash (ED25519, ED448).
func (SignatureHash) IsValidSignatureHash ¶
func (h SignatureHash) IsValidSignatureHash() bool
func (SignatureHash) String ¶
func (i SignatureHash) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.