Class: Ciphersurfer::Score

Inherits:
Object
  • Object
show all
Defined in:
lib/ciphersurfer/score.rb

Class Method Summary collapse

Class Method Details

.evaluate(score) ⇒ Object

Gives the final evaluation given the final score

Parameters:

  • the

    score obtained in the previous steps



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/ciphersurfer/score.rb', line 8

def self.evaluate(score)
  return "F" unless score > 0

  case score

  when 0...20
    ret = "F"
  when 20...35
    ret = "E"
  when 35...50
    ret = "D"
  when 50...65
    ret = "C"
  when 65...80
    ret = "B"
  else
    ret = "A"
  end

  return ret
end

.evaluate_ciphers(ciphers) ⇒ Object

Parameters:

  • an

    Array of supported ciphers bit



61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/ciphersurfer/score.rb', line 61

def self.evaluate_ciphers(ciphers)
  best  = -1
  worst = 999999999999999999999999999999999999

  #[0, 24, 1024]
  ciphers.each do |c|
    if (c == 0)
      worst = 0
      best = 0 unless best != -1
    end
    if (c < 128) && (c!=0)
      worst = 20 unless worst < 20
      best = 20 unless best > 20
    end

    if (c < 256) && (c>=128)
      worst = 80 unless worst < 80
      best = 80 unless best > 80
    end

    if (c >= 256)
      worst = 100 unless worst < 100
      best = 100
    end

  end
  (best + worst) / 2
end

.evaluate_key(key_length) ⇒ Object

FIXME: How can I test Weak key (Debian OpenSSL flaw)?



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/ciphersurfer/score.rb', line 92

def self.evaluate_key(key_length)
  case (key_length)
  when 0
    return 0
  when 1...512
    return 20
  when 512...1024
    return 40
  when 1024...2048
    return 80
  when 2048...4096
    return 90
  else
    return 100
  end
end

.evaluate_protocols(protocols) ⇒ Object 



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/ciphersurfer/score.rb', line 31

def self.evaluate_protocols(protocols)
  best  = -1
  worst = -1

  if (protocols.include?(:SSLv2))
    best = 20
    worst = 20
  end
  if (protocols.include?(:SSLv3))
    best = 80
    (worst = 80) unless worst != -1
  end
  if (protocols.include?(:TLSv1))
    best = 90
    (worst = 90) unless worst != -1
  end
  if (protocols.include?(:TLSv11))
    best = 95
    (worst = 95) unless worst != -1
  end
  if (protocols.include?(:TLSv12))
    best = 100
    (worst = 100) unless worst != -1
  end

  (best + worst) / 2

end

.score(proto, key, ciphers) ⇒ Object 



109
110
111
 
# File 'lib/ciphersurfer/score.rb', line 109

def self.score(proto, key, ciphers)
  return ((0.3*proto) + (0.3*key) + (0.4*ciphers))
end