From 036bf2e53cbd0922cd0b9d46d6e22fd46bbcbdad Mon Sep 17 00:00:00 2001 From: Dirk Date: Wed, 12 Apr 2017 21:00:08 +0200 Subject: [PATCH] revamped run_std_cipherlists(). There are now less catagories, less overlap and it's more modern: NULL ciphers (no encryption) Anonymous NULL Ciphers (no authentication) Export ciphers (w/o ADH+NULL) LOW: 64 Bit + DES encryption (w/o export) Weak 128 Bit ciphers Triple DES Ciphers (Medium) High grade encryption Strong grade encryption (AEAD ciphers) --- testssl.sh | 142 ++++++++++++++++++++++++++++++----------------------- 1 file changed, 80 insertions(+), 62 deletions(-) diff --git a/testssl.sh b/testssl.sh index df1470f..86da5f1 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1466,7 +1466,7 @@ run_http_date() { if [[ -n "$HTTP_TIME" ]]; then HTTP_TIME=$(parse_date "$HTTP_TIME" "+%s" "%a, %d %b %Y %T %Z" 2>>$ERRFILE) # the trailing \r confuses BSD flavors otherwise - difftime=$((HTTP_TIME - $NOW_TIME)) + difftime=$((HTTP_TIME - NOW_TIME)) [[ $difftime != "-"* ]] && [[ $difftime != "0" ]] && difftime="+$difftime" # process was killed, so we need to add an error: [[ $HAD_SLEPT -ne 0 ]] && difftime="$difftime (± 1.5)" @@ -2197,19 +2197,20 @@ listciphers() { # argv[1]: cipher list to test in OpenSSL syntax -# argv[2]: string on console -# argv[3]: ok to offer? 0: yes, 1: no -# argv[4]: string for fileout +# argv[2]: string on console / HTML or "finding" +# argv[3]: rating whether ok to offer +# argv[4]: string to be appended for fileout # argv[5]: non-SSLv2 cipher list to test (hexcodes), if using sockets # argv[6]: SSLv2 cipher list to test (hexcodes), if using sockets std_cipherlists() { local -i i len sclient_success local sslv2_cipherlist detected_ssl2_ciphers - local singlespaces proto="" addcmd="" + local singlespaces + local proto="" addcmd="" local debugname="$(sed -e s'/\!/not/g' -e 's/\:/_/g' <<< "$1")" [[ "$OPTIMAL_PROTO" == "-ssl2" ]] && proto="$OPTIMAL_PROTO" - pr_bold "$2 " # indenting to be in the same row as server preferences + pr_bold "$2 " # to be indented equal to server preferences if [[ -n "$5" ]] || listciphers "$1" $proto; then if [[ -z "$5" ]] || ( "$FAST" && listciphers "$1" -tls1 ); then "$HAS_NO_SSL2" && addcmd="-no_ssl2" @@ -2241,8 +2242,8 @@ std_cipherlists() { fi fi case $3 in - 0) # ok to offer - if [[ $sclient_success -eq 0 ]]; then + 2) if [[ $sclient_success -eq 0 ]]; then + # Strong is excellent to offer pr_done_best "offered (OK)" fileout "std_$4" "OK" "$2 offered" else @@ -2250,17 +2251,28 @@ std_cipherlists() { fileout "std_$4" "MEDIUM" "$2 not offered" fi ;; - 1) # the ugly ones - if [[ $sclient_success -eq 0 ]]; then - pr_svrty_critical "offered (NOT ok)" - fileout "std_$4" "CRITICAL" "$2 offered - ugly" + + 1) if [[ $sclient_success -eq 0 ]]; then + # High is good to offer + pr_done_good "offered (OK)" + fileout "std_$4" "OK" "$2 offered" else - pr_done_best "not offered (OK)" + # FIXME: the rating could be readjusted if we knew the result of STRONG before + pr_svrty_medium "not offered" + fileout "std_$4" "MEDIUM" "$2 not offered" + fi + ;; + 0) if [[ $sclient_success -eq 0 ]]; then + # medium is not that bad + pr_svrty_medium "offered" + fileout "std_$4" "MEDIUM" "$2 offered - not too bad" + else + out "not offered (OK)" fileout "std_$4" "OK" "$2 not offered" fi ;; - 2) # bad but not worst - if [[ $sclient_success -eq 0 ]]; then + -1) if [[ $sclient_success -eq 0 ]]; then + # bad but there is worse pr_svrty_high "offered (NOT ok)" fileout "std_$4" "HIGH" "$2 offered - bad" else @@ -2268,12 +2280,12 @@ std_cipherlists() { fileout "std_$4" "OK" "$2 not offered" fi ;; - 3) # not totally bad - if [[ $sclient_success -eq 0 ]]; then - pr_svrty_medium "offered" - fileout "std_$4" "MEDIUM" "$2 offered - not too bad" + -2) if [[ $sclient_success -eq 0 ]]; then + # the ugly ones + pr_svrty_critical "offered (NOT ok)" + fileout "std_$4" "CRITICAL" "$2 offered - ugly" else - out "not offered (OK)" + pr_done_best "not offered (OK)" fileout "std_$4" "OK" "$2 not offered" fi ;; @@ -3914,9 +3926,10 @@ run_protocols() { return 0 } -#TODO: work with fixed lists here +#TODO: work with fixed lists here --> atm ok, as sockets are preferred. If there would be a single function for testing: yes. run_std_cipherlists() { local hexc hexcode strength + local using_sockets=true local -i i local null_ciphers="c0,10, c0,06, c0,15, c0,0b, c0,01, c0,3b, c0,3a, c0,39, 00,b9, 00,b8, 00,b5, 00,b4, 00,2e, 00,2d, 00,b1, 00,b0, 00,2c, 00,3b, 00,02, 00,01, 00,82, 00,83, ff,87, 00,ff" local sslv2_null_ciphers="" @@ -3924,50 +3937,55 @@ run_std_cipherlists() { local sslv2_anon_ciphers="" local adh_ciphers="00,a7, 00,6d, 00,3a, 00,c5, 00,89, c0,47, c0,5b, c0,85, 00,a6, 00,6c, 00,34, 00,bf, 00,9b, 00,46, c0,46, c0,5a, c0,84, 00,18, 00,1b, 00,1a, 00,19, 00,17, 00,ff" local sslv2_adh_ciphers="" - local exp40_ciphers="00,14, 00,11, 00,19, 00,08, 00,06, 00,27, 00,26, 00,2a, 00,29, 00,0b, 00,0e, 00,17, 00,03, 00,28, 00,2b, 00,ff" - local sslv2_exp40_ciphers="04,00,80, 02,00,80" - local exp56_ciphers="00,63, 00,62, 00,61, 00,65, 00,64, 00,60, 00,ff" - local sslv2_exp56_ciphers="" + # ~ grep -i EXP etc/cipher-mapping.txt local exp_ciphers="00,63, 00,62, 00,61, 00,65, 00,64, 00,60, 00,14, 00,11, 00,19, 00,08, 00,06, 00,27, 00,26, 00,2a, 00,29, 00,0b, 00,0e, 00,17, 00,03, 00,28, 00,2b, 00,ff" local sslv2_exp_ciphers="04,00,80, 02,00,80" + # ~ egrep -w '64|56' etc/cipher-mapping.txt | grep -v export local low_ciphers="00,15, 00,12, 00,0f, 00,0c, 00,09, 00,1e, 00,22, fe,fe, ff,e1, 00,ff" local sslv2_low_ciphers="08,00,80, 06,00,40" - local des_ciphers="00,15, 00,12, 00,0f, 00,0c, 00,09, 00,1e, 00,22, fe,fe, ff,e1, 00,ff" - local sslv2_des_ciphers="06,00,40" + # ~ grep -w 128 etc/cipher-mapping.txt | egrep -v "Au=None|AEAD|ARIA|Camellia|AES" local medium_ciphers="00,9a, 00,99, 00,98, 00,97, 00,96, 00,07, 00,21, 00,25, c0,11, c0,07, 00,66, c0,0c, c0,02, 00,05, 00,04, 00,92, 00,8a, 00,20, 00,24, c0,33, 00,8e, 00,ff" - local sslv2_medium_ciphers="" + local sslv2_medium_ciphers="01,00,80, 03,00,80, 05,00,80" + # ~ egrep -w '3DES' etc/cipher-mapping.txt local tdes_ciphers="c0,12, c0,08, c0,1c, c0,1b, c0,1a, 00,16, 00,13, 00,10, 00,0d, c0,0d, c0,03, 00,0a, 00,93, 00,8b, 00,1f, 00,23, c0,34, 00,8f, fe,ff, ff,e0, 00,ff" local sslv2_tdes_ciphers="07,00,c0" - local high_ciphers="13,02, 13,03, cc,14, cc,13, cc,15, c0,30, c0,2c, c0,28, c0,24, c0,14, c0,0a, c0,22, c0,21, c0,20, 00,b7, 00,b3, 00,91, c0,9b, c0,99, c0,97, 00,af, c0,95, 00,a5, 00,a3, 00,a1, 00,9f, cc,a9, cc,a8, cc,aa, c0,af, c0,ad, c0,a3, c0,9f, 00,6b, 00,6a, 00,69, 00,68, 00,39, 00,38, 00,37, 00,36, c0,77, c0,73, 00,c4, 00,c3, 00,c2, 00,c1, 00,88, 00,87, 00,86, 00,85, 00,ad, 00,ab, cc,ae, cc,ad, cc,ac, c0,ab, c0,a7, c0,32, c0,2e, c0,2a, c0,26, c0,0f, c0,05, c0,79, c0,75, 00,9d, c0,a1, c0,9d, 00,a9, cc,ab, c0,a9, c0,a5, 00,3d, 00,35, 00,c0, c0,38, c0,36, 00,84, 00,95, 00,8d, c0,3d, c0,3f, c0,41, c0,43, c0,45, c0,49, c0,4b, c0,4d, c0,4f, c0,51, c0,53, c0,55, c0,57, c0,59, c0,5d, c0,5f, c0,61, c0,63, c0,65, c0,67, c0,69, c0,6b, c0,6d, c0,6f, c0,71, c0,7b, c0,7d, c0,7f, c0,81, c0,83, c0,87, c0,89, c0,8b, c0,8d, c0,8f, c0,91, c0,93, 00,80, 00,81, ff,00, ff,01, ff,02, ff,03, ff,85, 16,b7, 16,b8, 16,b9, 16,ba, 13,01, 13,04, 13,05, c0,2f, c0,2b, c0,27, c0,23, c0,13, c0,09, c0,1f, c0,1e, c0,1d, 00,a4, 00,a2, 00,a0, 00,9e, c0,ae, c0,ac, c0,a2, c0,9e, 00,ac, 00,aa, c0,aa, c0,a6, c0,a0, c0,9c, 00,a8, c0,a8, c0,a4, 00,67, 00,40, 00,3f, 00,3e, 00,33, 00,32, 00,31, 00,30, c0,76, c0,72, 00,be, 00,bd, 00,bc, 00,bb, 00,45, 00,44, 00,43, 00,42, c0,31, c0,2d, c0,29, c0,25, c0,0e, c0,04, c0,78, c0,74, 00,9c, 00,3c, 00,2f, 00,ba, c0,37, c0,35, 00,b6, 00,b2, 00,90, 00,41, c0,9a, c0,98, c0,96, 00,ae, c0,94, 00,94, 00,8c, c0,3c, c0,3e, c0,40, c0,42, c0,44, c0,48, c0,4a, c0,4c, c0,4e, c0,50, c0,52, c0,54, c0,56, c0,58, c0,5c, c0,5e, c0,60, c0,62, c0,64, c0,66, c0,68, c0,6a, c0,6c, c0,6e, c0,70, c0,7a, c0,7c, c0,7e, c0,80, c0,82, c0,86, c0,88, c0,8a, c0,8c, c0,8e, c0,90, c0,92, 00,ff" - local sslv2_high_ciphers="" - local using_sockets=true + # ~ equivalent to 'grep -w "GOST|128" etc/cipher-mapping.txt | grep -v '=None' | egrep -vw 'RC4|AEAD|IDEA|SEED|RC2' + local high_ciphers="c0,27, c0,23, c0,13, c0,09, c0,1f, c0,1e, c0,1d, 00,67, 00,40, 00,3f, 00,3e, 00,33, 00,32, 00,31, 00,30, c0,76, c0,72, 00,be, 00,bd, 00,bc, 00,bb, 00,45, 00,44, 00,43, 00,42, c0,29, c0,25, c0,0e, c0,04, c0,78, c0,74, 00,3c, 00,2f, 00,ba, c0,37, c0,35, 00,b6, 00,b2, 00,90, 00,41, c0,9a, c0,98, c0,96, 00,ae, c0,94, 00,94, 00,8c, c0,3c, c0,3e, c0,40, c0,42, c0,44, c0,48, c0,4a, c0,4c, c0,4e, c0,64, c0,66, c0,68, c0,70, 00,80, 00,81, ff,00, ff,01, ff,02, ff,03, 00,ff" + # no SSLv2 here and in strong + # ~ equivalent to 'grep AEAD etc/cipher-mapping.txt | grep -v Au=None' + local strong_ciphers="cc,14, cc,13, cc,15, c0,30, c0,2c, 00,a5, 00,a3, 00,a1, 00,9f, cc,a9, cc,a8, cc,aa, c0,af, c0,ad, c0,a3, c0,9f, 00,ad, 00,ab, cc,ae, cc,ad, cc,ac, c0,ab, c0,a7, c0,32, c0,2e, 00,9d, c0,a1, c0,9d, 00,a9, cc,ab, c0,a9, c0,a5, c0,51, c0,53, c0,55, c0,57, c0,59, c0,5d, c0,5f, c0,61, c0,63, c0,6b, c0,6d, c0,6f, c0,7b, c0,7d, c0,7f, c0,81, c0,83, c0,87, c0,89, c0,8b, c0,8d, c0,8f, c0,91, c0,93, 16,b7, 16,b8, 16,b9, 16,ba, c0,2f, c0,2b, 00,a4, 00,a2, 00,a0, 00,9e, c0,ae, c0,ac, c0,a2, c0,9e, 00,ac, 00,aa, c0,aa, c0,a6, c0,a0, c0,9c, 00,a8, c0,a8, c0,a4, c0,31, c0,2d, 00,9c, c0,50, c0,52, c0,54, c0,56, c0,58, c0,5c, c0,5e, c0,60, c0,62, c0,6a, c0,6c, c0,6e, c0,7a, c0,7c, c0,7e, c0,80, c0,82, c0,86, c0,88, c0,8a, c0,8c, c0,8e, c0,90, c0,92, 00,ff" "$SSL_NATIVE" && using_sockets=false - if ! "$using_sockets"; then - null_ciphers=""; anon_ciphers=""; adh_ciphers=""; exp40_ciphers="" - exp56_ciphers=""; exp_ciphers=""; low_ciphers=""; des_ciphers="" - medium_ciphers=""; tdes_ciphers=""; high_ciphers="" - sslv2_null_ciphers=""; sslv2_anon_ciphers=""; sslv2_adh_ciphers=""; sslv2_exp40_ciphers="" - sslv2_exp56_ciphers=""; sslv2_exp_ciphers=""; sslv2_low_ciphers=""; sslv2_des_ciphers="" - sslv2_medium_ciphers=""; sslv2_tdes_ciphers=""; sslv2_high_ciphers="" + null_ciphers=""; anon_ciphers="" + exp_ciphers=""; low_ciphers="" medium_ciphers=""; + tdes_ciphers=""; high_ciphers=""; strong_ciphers="" + sslv2_null_ciphers=""; sslv2_anon_ciphers="" + sslv2_exp_ciphers=""; sslv2_low_ciphers="" + sslv2_medium_ciphers=""; sslv2_tdes_ciphers="" fi outln - pr_headlineln " Testing ~standard cipher lists " + pr_headlineln " Testing ~standard cipher categories " outln -# see ciphers(1ssl) or run 'openssl ciphers -v' - std_cipherlists 'NULL:eNULL' " Null Ciphers " 1 "NULL" "$null_ciphers" "$sslv2_null_ciphers" - std_cipherlists 'aNULL' " Anonymous NULL Ciphers " 1 "aNULL" "$anon_ciphers" "$sslv2_anon_ciphers" - std_cipherlists 'ADH' " Anonymous DH Ciphers " 1 "ADH" "$adh_ciphers" "$sslv2_adh_ciphers" - std_cipherlists 'EXPORT40' " 40 Bit encryption " 1 "EXPORT40" "$exp40_ciphers" "$sslv2_exp40_ciphers" - std_cipherlists 'EXPORT56' " 56 Bit export ciphers " 1 "EXPORT56" "$exp56_ciphers" "$sslv2_exp56_ciphers" - std_cipherlists 'EXPORT' " Export Ciphers (general) " 1 "EXPORT" "$exp_ciphers" "$sslv2_exp_ciphers" - std_cipherlists 'LOW:!ADH' " Low (<=64 Bit) " 1 "LOW" "$low_ciphers" "$sslv2_low_ciphers" - std_cipherlists 'DES:!ADH:!EXPORT:!aNULL' " DES Ciphers " 1 "DES" "$des_ciphers" "$sslv2_des_ciphers" - std_cipherlists 'MEDIUM:!NULL:!aNULL:!SSLv2:!3DES' " \"Medium\" grade encryption" 2 "MEDIUM" "$medium_ciphers" "$sslv2_medium_ciphers" - std_cipherlists '3DES:!ADH:!aNULL' " Triple DES Ciphers " 3 "3DES" "$tdes_ciphers" "$sslv2_tdes_ciphers" - std_cipherlists 'HIGH:!NULL:!aNULL:!DES:!3DES' " High grade encryption " 0 "HIGH" "$high_ciphers" "$sslv2_high_ciphers" + # argv[1]: cipher list to test in OpenSSL syntax (see ciphers(1ssl) or run 'openssl ciphers -v/-V)' + # argv[2]: string on console / HTML or "finding" + # argv[3]: rating whether ok to offer + # argv[4]: string to be appended for fileout + # argv[5]: non-SSLv2 cipher list to test (hexcodes), if using sockets + # argv[6]: SSLv2 cipher list to test (hexcodes), if using sockets + std_cipherlists 'NULL:eNULL' " NULL ciphers (no encryption) " -2 "NULL" "$null_ciphers" "$sslv2_null_ciphers" + std_cipherlists 'aNULL:ADH' " Anonymous NULL Ciphers (no authentication)" -2 "aNULL" "$anon_ciphers" "$sslv2_anon_ciphers" + std_cipherlists 'EXPORT:!ADH:!NULL' " Export ciphers (w/o ADH+NULL) " -2 "EXPORT" "$exp_ciphers" "$sslv2_exp_ciphers" + std_cipherlists 'LOW:DES:!ADH:!EXP:!NULL' " LOW: 64 Bit + DES encryption (w/o export) " -2 "DES+64Bit" "$low_ciphers" "$sslv2_low_ciphers" + + std_cipherlists 'MEDIUM:!aNULL:!AES:!CAMELLIA:!ARIA:!CHACHA20:!3DES' \ + " Weak 128 Bit ciphers " -1 "128Bit" "$medium_ciphers" "$sslv2_medium_ciphers" + std_cipherlists '3DES:!aNULL:!ADH' " Triple DES Ciphers (Medium) " 0 "3DES" "$tdes_ciphers" "$sslv2_tdes_ciphers" + std_cipherlists 'HIGH:!NULL:!aNULL:!DES:!3DES:!AESGCM:!CHACHA20:!AESGCM:!CamelliaGCM:!AESCCM8:!AESCCM'\ + " High grade encryption " 1 "HIGH" "$high_ciphers" "" + std_cipherlists 'AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM' \ + " Strong grade encryption (AEAD ciphers) " 2 "STRONG" "$strong_ciphers" "" outln return 0 } @@ -4427,7 +4445,7 @@ run_server_preference() { cipher[i]="" fi fi - i=$(($i + 1)) + i=$((i + 1)) done [[ -n "$STARTTLS" ]] && arg=" " @@ -4904,7 +4922,7 @@ tls_time() { pr_bold " TLS clock skew" ; out "$spaces" if [[ -n "$TLS_TIME" ]]; then # nothing returned a time! - difftime=$(($TLS_TIME - $TLS_NOW)) # TLS_NOW is being set in tls_sockets() + difftime=$(( TLS_TIME - TLS_NOW)) # TLS_NOW is being set in tls_sockets() if [[ "${#difftime}" -gt 5 ]]; then # openssl >= 1.0.1f fills this field with random values! --> good for possible fingerprint out "random values, no fingerprinting possible " @@ -6025,7 +6043,7 @@ run_server_defaults() { [[ ${success[n]} -ne 0 ]] && match_found=true fi if ! "$match_found"; then - certs_found=$(($certs_found + 1)) + certs_found=$(( certs_found + 1)) cipher[certs_found]=${ciphers_to_test[n]} keysize[certs_found]=$(awk '/Server public key/ { print $(NF-1) }' $TMPFILE) ocsp_response[certs_found]=$(grep -aA 20 "OCSP response" $TMPFILE) @@ -8120,7 +8138,7 @@ sslv2_sockets() { len_ciph_suites_byte=${#cipher_suites} let "len_ciph_suites_byte += 2" - len_ciph_suites=$(printf "%02x\n" $(($len_ciph_suites_byte / 4 ))) + len_ciph_suites=$(printf "%02x\n" $(( len_ciph_suites_byte / 4 ))) len_client_hello=$(printf "%02x\n" $((0x$len_ciph_suites + 0x19))) client_hello=" @@ -8203,7 +8221,7 @@ socksend_tls_clienthello() { let "len_ciph_suites_byte += 2" # we have additional 2 chars \x in each 2 byte string and 2 byte ciphers, so we need to divide by 4: - len_ciph_suites=$(printf "%02x\n" $(($len_ciph_suites_byte / 4 ))) + len_ciph_suites=$(printf "%02x\n" $(( len_ciph_suites_byte / 4 ))) len2twobytes "$len_ciph_suites" len_ciph_suites_word="$LEN_STR" #[[ $DEBUG -ge 3 ]] && echo $len_ciph_suites_word @@ -8981,7 +8999,7 @@ run_renego() { #FIXME Insecure Client-Initiated Renegotiation is missing tmpfile_handle $FUNCNAME.txt - return $(($sec_renego + $sec_client_renego)) + return $(( sec_renego + sec_client_renego)) #FIXME: the return value is wrong, should be 0 if all ok. But as the caller doesn't care we don't care either ... yet ;-) } @@ -12322,8 +12340,8 @@ time_right_align() { "$MEASURE_TIME" || return new_delta=$(( $(date +%s) - LAST_TIME )) printf "%${COLUMNS}s" "$new_delta" - [[ -e "$MEASURE_TIME_FILE" ]] && echo "$1 : $new_delta " >> $MEASURE_TIME_FILE - LAST_TIME=$(( $new_delta + LAST_TIME )) + [[ -e "$MEASURE_TIME_FILE" ]] && echo "$1 : $new_delta " >> "$MEASURE_TIME_FILE" + LAST_TIME=$(( new_delta + LAST_TIME )) } lets_roll() { @@ -12334,7 +12352,7 @@ lets_roll() { # called once upfront to be able to measure preperation time b4 everything starts START_TIME=$(date +%s) LAST_TIME=$START_TIME - [[ -n "$MEASURE_TIME_FILE" ]] && >$MEASURE_TIME_FILE + [[ -n "$MEASURE_TIME_FILE" ]] && >"$MEASURE_TIME_FILE" return 0 fi time_right_align initialized @@ -12425,7 +12443,7 @@ lets_roll() { datebanner " Done" "$MEASURE_TIME" && printf "%${COLUMNS}s\n" "$SCAN_TIME" - [[ -e "$MEASURE_TIME_FILE" ]] && echo "Total : $SCAN_TIME " >> $MEASURE_TIME_FILE + [[ -e "$MEASURE_TIME_FILE" ]] && echo "Total : $SCAN_TIME " >> "$MEASURE_TIME_FILE" return $ret } @@ -12452,7 +12470,7 @@ lets_roll() { csv_header get_install_dir # see #705, we need to source TLS_DATA_FILE here instead of in get_install_dir(), see #705 - [[ -r "$TLS_DATA_FILE" ]] && . $TLS_DATA_FILE + [[ -r "$TLS_DATA_FILE" ]] && . "$TLS_DATA_FILE" set_color_functions maketempf find_openssl_binary