From b5af8496fc4c0c81827e3cf52a64fb90600664dc Mon Sep 17 00:00:00 2001
From: David Cooper <david.cooper@nist.gov>
Date: Thu, 4 Oct 2018 14:02:43 -0400
Subject: [PATCH] Send ECDHE quality to fileout()

This PR is also based on #1139, but it addresses ECDH keys rather than DH keys. When run_pfs() prints the list of elliptic curves offered, it colors each curve according to its quality (based on key length). However, the severity level used when the list is sent to fileout() is always "INFO". This PR changes the call to fileout() to make the severity level be based on the quality of the shortest curve that the server offers.
---
 testssl.sh | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index a40bd2e..883a7cd 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -8419,6 +8419,7 @@ run_pfs() {
      local curves_hex=("00,01" "00,02" "00,03" "00,04" "00,05" "00,06" "00,07" "00,08" "00,09" "00,0a" "00,0b" "00,0c" "00,0d" "00,0e" "00,0f" "00,10" "00,11" "00,12" "00,13" "00,14" "00,15" "00,16" "00,17" "00,18" "00,19" "00,1a" "00,1b" "00,1c" "00,1d" "00,1e")
      local -a curves_ossl=("sect163k1" "sect163r1" "sect163r2" "sect193r1" "sect193r2" "sect233k1" "sect233r1" "sect239k1" "sect283k1" "sect283r1" "sect409k1" "sect409r1" "sect571k1" "sect571r1" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "prime192v1" "secp224k1" "secp224r1" "secp256k1" "prime256v1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448")
      local -a curves_ossl_output=("K-163" "sect163r1" "B-163" "sect193r1" "sect193r2" "K-233" "B-233" "sect239k1" "K-283" "B-283" "K-409" "B-409" "K-571" "B-571" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "P-192" "secp224k1" "P-224" "secp256k1" "P-256" "P-384" "P-521" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448")
+     local -ai curves_bits=(163 162 163 193 193 232 233 238 281 282 407 409 570 570 161 161 161 192 192 225 224 256 256 384 521 256 384 512 253 448)
      # Many curves have been deprecated, and RFC 8446, Appendix B.3.1.4, states
      # that these curves MUST NOT be offered in a TLS 1.3 ClientHello.
      local -a curves_deprecated=("true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "false" "false" "false" "true" "true" "true" "false" "false")
@@ -8753,15 +8754,29 @@ run_pfs() {
           done
      fi
      if "$ecdhe_offered"; then
+          low=1000
           for (( i=0; i < nr_curves; i++ )); do
-               "${supported_curve[i]}" && curves_offered+="${curves_ossl[i]} "
+               if "${supported_curve[i]}"; then
+                    curves_offered+="${curves_ossl[i]} "
+                    [[ ${curves_bits[i]} -lt $low ]] && low=${curves_bits[i]}
+               fi
           done
           if [[ -n "$curves_offered" ]]; then
                "$WIDE" && outln
                pr_bold " Elliptic curves offered:     "
                out_row_aligned_max_width_by_entry "$curves_offered" "                              " $TERM_WIDTH pr_ecdh_curve_quality
                outln
-               fileout "ECDHE_curves" "INFO" "$curves_offered"
+               # severity ratings based on quality specified by
+               # pr_ecdh_quality() for shortest curve offered.
+               if [[ "$low" -le 163 ]]; then
+                    fileout "ECDHE_curves" "MEDIUM" "$curves_offered"
+               elif [[ "$low" -le 193 ]]; then
+                    fileout "ECDHE_curves" "LOW" "$curves_offered"
+               elif [[ "$low" -le 224 ]]; then
+                    fileout "ECDHE_curves" "INFO" "$curves_offered"
+               else
+                    fileout "ECDHE_curves" "OK" "$curves_offered"
+               fi
           fi
      fi
      if "$using_sockets" && ( "$pfs_tls13_offered" || ( "$ffdhe_offered" && "$EXPERIMENTAL" ) ); then