Class: SslscanWrapper::Report

Inherits:

Object

• Object
• SslscanWrapper::Report

Defined in:

lib/sslscan_wrapper/report.rb

Instance Attribute Summary

• #body ⇒ Object readonly

  The content body of the report.

• #doc ⇒ Object readonly

  The nokogiri document object.

Instance Method Summary

• #altnames ⇒ Object

  Subject alternative names of the certificate.

• #cipher_supported?(cipher) ⇒ Boolean

  Is the cipher supported?.

• #ciphers ⇒ Object

  Returns a list of supported ciphers.

• #compression_supported? ⇒ Boolean

  Is ssl compression supported on target?.

• #expired? ⇒ Boolean

  Is the certificate expired?.

• #heartbleed_vulnerable? ⇒ Boolean

  Are there any heartblead vulnerable SSL/TLS protocol versions?.

• #heartbleed_vulnerable_sslversions ⇒ Object

  Returns a list of SSL/TLS protocol versions vulnerable to heartbleed.

• #host ⇒ Object

  The hostname of the scanned host.

• #initialize(output) ⇒ Report constructor

  Initialize a new report object.

• #issuer ⇒ Object

  Issuer of the certificate.

• #not_after ⇒ Object

  Time the certificate is no longer valid.

• #not_before ⇒ Object

  Time the certificate starts to be valid.

• #port ⇒ Object

  The port of the scan report.

• #preferred_ciphers ⇒ Object

  Returns a list of preferred ciphers.

• #renegotiation_secure? ⇒ Boolean
• #renegotiation_supported? ⇒ Boolean

  Does the target support TLS renegotiation?.

• #self_signed? ⇒ Boolean

  Is the certificate a self-signed certificate?.

• #signature_algorithm ⇒ Object

  Signature algorithm used in the certificate.

• #subject ⇒ Object

  Subject of the certificate.

Constructor Details

#initialize(output) ⇒ Report

Initialize a new report object

Examples

content = File.read('report.xml')
SslscanWrapper::Report.new(content)

Returns a new SslscanWrapper::Report

# File 'lib/sslscan_wrapper/report.rb', line 18

def initialize(output)
  @body = output
  @doc = Nokogiri::XML(@body)
end

Instance Attribute Details

#body ⇒ Object (readonly)

The content body of the report

# File 'lib/sslscan_wrapper/report.rb', line 7

def body
  @body
end

#doc ⇒ Object (readonly)

The nokogiri document object

# File 'lib/sslscan_wrapper/report.rb', line 9

def doc
  @doc
end

Instance Method Details

#altnames ⇒ Object

Subject alternative names of the certificate

# File 'lib/sslscan_wrapper/report.rb', line 58

def altnames
  @doc.xpath('//certificate/altnames').first.content
end

#cipher_supported?(cipher) ⇒ Boolean

Is the cipher supported?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 95

def cipher_supported?(cipher)
  @doc.xpath("//cipher[@cipher=\"#{cipher}\"]").count > 0
end

#ciphers ⇒ Object

Returns a list of supported ciphers

# File 'lib/sslscan_wrapper/report.rb', line 90

def ciphers
  @doc.xpath('//cipher/@cipher').map(&:value)
end

#compression_supported? ⇒ Boolean

Is ssl compression supported on target?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 34

def compression_supported?
  @doc.xpath('//compression/@supported').first.value == '1'
end

#expired? ⇒ Boolean

Is the certificate expired?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 73

def expired?
  @doc.xpath('//certificate/expired').first.content == 'true'
end

#heartbleed_vulnerable? ⇒ Boolean

Are there any heartblead vulnerable SSL/TLS protocol versions?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 110

def heartbleed_vulnerable?
  @doc.xpath('//heartbleed[@vulnerable="1"]').count > 0
end

#heartbleed_vulnerable_sslversions ⇒ Object

Returns a list of SSL/TLS protocol versions vulnerable to heartbleed

# File 'lib/sslscan_wrapper/report.rb', line 105

def heartbleed_vulnerable_sslversions
  @doc.xpath('//heartbleed[@vulnerable="1"]/@sslversion').map(&:value)
end

#host ⇒ Object

The hostname of the scanned host

# File 'lib/sslscan_wrapper/report.rb', line 24

def host
  @doc.xpath('//ssltest/@host').first.value
end

#issuer ⇒ Object

Issuer of the certificate

# File 'lib/sslscan_wrapper/report.rb', line 63

def issuer
  @doc.xpath('//certificate/issuer').first.content
end

#not_after ⇒ Object

Time the certificate is no longer valid

# File 'lib/sslscan_wrapper/report.rb', line 84

def not_after
  time_str = @doc.xpath('//certificate/not-valid-after').first.content
  Time.parse(time_str)
end

#not_before ⇒ Object

Time the certificate starts to be valid

# File 'lib/sslscan_wrapper/report.rb', line 78

def not_before
  time_str = @doc.xpath('//certificate/not-valid-before').first.content
  Time.parse(time_str)
end

#port ⇒ Object

The port of the scan report

# File 'lib/sslscan_wrapper/report.rb', line 29

def port
  @doc.xpath('//ssltest/@port').first.value
end

#preferred_ciphers ⇒ Object

Returns a list of preferred ciphers

# File 'lib/sslscan_wrapper/report.rb', line 100

def preferred_ciphers
  @doc.xpath('//cipher[@status="preferred"]/@cipher').map(&:value)
end

#renegotiation_secure? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 43

def renegotiation_secure?
  @doc.xpath('//renegotiation/@secure').first.value == '1'
end

#renegotiation_supported? ⇒ Boolean

Does the target support TLS renegotiation?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 39

def renegotiation_supported?
  @doc.xpath('//renegotiation/@supported').first.value == '1'
end

#self_signed? ⇒ Boolean

Is the certificate a self-signed certificate?

Returns:

• (Boolean)

# File 'lib/sslscan_wrapper/report.rb', line 68

def self_signed?
  @doc.xpath('//certificate/self-signed').first.content == 'true'
end

#signature_algorithm ⇒ Object

Signature algorithm used in the certificate

# File 'lib/sslscan_wrapper/report.rb', line 48

def signature_algorithm
  @doc.xpath('//certificate/signature-algorithm').first.content
end

#subject ⇒ Object

Subject of the certificate

# File 'lib/sslscan_wrapper/report.rb', line 53

def subject
  @doc.xpath('//certificate/subject').first.content
end