From 6119d8538e5e486acb3681c3ba793cce6f04a814 Mon Sep 17 00:00:00 2001 From: Magnus Larsen <[]> Date: Mon, 11 May 2020 15:20:16 +0200 Subject: [PATCH 1/7] proper rating of dh group length --- doc/testssl.1.md | 3 +-- testssl.sh | 22 +++++++--------------- 2 files changed, 8 insertions(+), 17 deletions(-) diff --git a/doc/testssl.1.md b/doc/testssl.1.md index b695822..efbd11e 100644 --- a/doc/testssl.1.md +++ b/doc/testssl.1.md @@ -145,7 +145,7 @@ in `/etc/hosts`. The use of the switch is only useful if you either can't or ar `--phone-out` Checking for revoked certificates via CRL and OCSP is not done per default. This switch instructs testssl.sh to query external -- in a sense of the current run -- URIs. By using this switch you acknowledge that the check might have privacy issues, a download of several megabytes (CRL file) may happen and there may be network connectivity problems while contacting the endpoint which testssl.sh doesn't handle. PHONE_OUT is the environment variable for this which needs to be set to true if you want this. -`--add-ca ` enables you to add your own CA(s) for trust chain checks. `cafile` can be a single path or multiple paths as a comma separated list of root CA files. Internally they will be added during runtime to all CA stores. This is (only) useful for internal hosts whose certificates is issued by internal CAs. Alternatively +`--add-ca ` enables you to add your own CA(s) for trust chain checks. `cafile` can be a single path or multiple paths as a comma separated list of root CA files. Internally they will be added during runtime to all CA stores. This is (only) useful for internal hosts whose certificates is issued by internal CAs. Alternatively ADDTL_CA_FILES is the environment variable for this. @@ -404,7 +404,6 @@ As of writing, these checks are missing: * Zombie POODLE - should be graded **F** if vulnerable * All remaining old Symantec PKI certificates are distrusted - should be graded **T** * Symantec certificates issued before June 2016 are distrusted - should be graded **T** -* ! A reading of DH params - should give correct points in `set_key_str_score()` * Anonymous key exchange - should give **0** points in `set_key_str_score()` * Exportable key exchange - should give **40** points in `set_key_str_score()` * Weak key (Debian OpenSSL Flaw) - should give **0** points in `set_key_str_score()` diff --git a/testssl.sh b/testssl.sh index 39c67e3..8ef3c5d 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1030,7 +1030,7 @@ set_grade_warning() { } # Sets the score for Category 2 (Key Exchange Strength) -# arg1: Short key algorithm ("EC", "DH", "RSA", ...) # Can die, when we get DH_PARAMs +# arg1: Short key algorithm ("EC", "DH", "RSA", ...), or "DHE" for ephemeral key size # arg2: key size (number of bits) set_key_str_score() { local type=$1 @@ -1038,13 +1038,8 @@ set_key_str_score() { "$do_rating" || return 0 - # TODO: We need to get the size of DH params (follows the same table as the "else" clause) - # For now, verifying the key size will do... if [[ $type == EC ]]; then - if [[ $size -lt 110 ]] && [[ $KEY_EXCH_SCORE -gt 20 ]]; then - let KEY_EXCH_SCORE=20 - set_grade_cap "F" "Using an insecure key" - elif [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then + if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then let KEY_EXCH_SCORE=40 set_grade_cap "F" "Using an insecure key" elif [[ $size -lt 163 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then @@ -1054,15 +1049,12 @@ set_key_str_score() { let KEY_EXCH_SCORE=90 fi else - if [[ $size -lt 512 ]] && [[ $KEY_EXCH_SCORE -gt 20 ]]; then - let KEY_EXCH_SCORE=20 - set_grade_cap "F" "Using an insecure key" - elif [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then + if [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then let KEY_EXCH_SCORE=40 - set_grade_cap "F" "Using an insecure key" + set_grade_cap "F" "Using an insecure key / DH key exchange parameters" elif [[ $size -lt 2048 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then let KEY_EXCH_SCORE=80 - set_grade_cap "B" "Using a weak key" + set_grade_cap "B" "Using a weak key / DH key exchange parameters" elif [[ $size -lt 4096 ]] && [[ $KEY_EXCH_SCORE -gt 90 ]]; then let KEY_EXCH_SCORE=90 fi @@ -16677,7 +16669,6 @@ run_logjam() { if "$vuln_exportdh_ciphers"; then pr_svrty_high "VULNERABLE (NOT ok):"; out " uses DH EXPORT ciphers" fileout "$jsonID" "HIGH" "VULNERABLE, uses DH EXPORT ciphers" "$cve" "$cwe" "$hint" - set_grade_cap "B" "Uses weak DH key exchange parameters (vulnerable to LOGJAM)" if [[ $subret -eq 3 ]]; then out ", no DH key detected with <= TLS 1.2" fileout "$jsonID2" "OK" "no DH key detected with <= TLS 1.2" @@ -16693,7 +16684,6 @@ run_logjam() { else if [[ $subret -eq 1 ]]; then out_common_prime "$jsonID2" "$cve" "$cwe" - set_grade_cap "A" "Uses known DH key exchange parameters" if ! "$openssl_no_expdhciphers"; then outln "," out "${spaces}but no DH EXPORT ciphers${addtl_warning}" @@ -16726,6 +16716,8 @@ run_logjam() { fi fi + [[ $DH_GROUP_LEN_P -gt 0 ]] && set_key_str_score "DHE" $DH_GROUP_LEN_P + outln tmpfile_handle ${FUNCNAME[0]}.txt return $ret From 8b74d41487ceb4d39d27b870e60382654490bc25 Mon Sep 17 00:00:00 2001 From: Magnus Larsen <[]> Date: Mon, 11 May 2020 15:22:51 +0200 Subject: [PATCH 2/7] unintended linebreak --- doc/testssl.1.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/testssl.1.md b/doc/testssl.1.md index efbd11e..5198def 100644 --- a/doc/testssl.1.md +++ b/doc/testssl.1.md @@ -145,8 +145,7 @@ in `/etc/hosts`. The use of the switch is only useful if you either can't or ar `--phone-out` Checking for revoked certificates via CRL and OCSP is not done per default. This switch instructs testssl.sh to query external -- in a sense of the current run -- URIs. By using this switch you acknowledge that the check might have privacy issues, a download of several megabytes (CRL file) may happen and there may be network connectivity problems while contacting the endpoint which testssl.sh doesn't handle. PHONE_OUT is the environment variable for this which needs to be set to true if you want this. -`--add-ca ` enables you to add your own CA(s) for trust chain checks. `cafile` can be a single path or multiple paths as a comma separated list of root CA files. Internally they will be added during runtime to all CA stores. This is (only) useful for internal hosts whose certificates is issued by internal CAs. Alternatively -ADDTL_CA_FILES is the environment variable for this. +`--add-ca ` enables you to add your own CA(s) for trust chain checks. `cafile` can be a single path or multiple paths as a comma separated list of root CA files. Internally they will be added during runtime to all CA stores. This is (only) useful for internal hosts whose certificates is issued by internal CAs. Alternatively ADDTL_CA_FILES is the environment variable for this. ### SINGLE CHECK OPTIONS From e6150a2348141687eb3aea46c94c3b03ba9686f3 Mon Sep 17 00:00:00 2001 From: Magnus Larsen <[]> Date: Thu, 28 May 2020 20:33:17 +0200 Subject: [PATCH 3/7] Missed todo comment fix; cleanup output --- testssl.sh | 25 +++++++++---------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/testssl.sh b/testssl.sh index ff6c232..28ec6fb 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1035,36 +1035,29 @@ set_grade_warning() { set_key_str_score() { local type=$1 local size=$2 + local type_output "$do_rating" || return 0 -<<<<<<< HEAD - if [[ $type == EC ]]; then - if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then -======= - # TODO: We need to get the size of DH params (follows the same table as the "else" clause) - # For now, verifying the key size will do... + [[ $type == DHE ]] && type_output="DH key exchange parameters" || type_output="key" + if [[ $type == EC || $type == EdDSA ]]; then - if [[ $size -lt 110 ]] && [[ $KEY_EXCH_SCORE -gt 20 ]]; then - let KEY_EXCH_SCORE=20 - set_grade_cap "F" "Using an insecure key" - elif [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then ->>>>>>> upstream/3.1dev + if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then let KEY_EXCH_SCORE=40 - set_grade_cap "F" "Using an insecure key" + set_grade_cap "F" "Using an insecure $type_output" elif [[ $size -lt 163 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then let KEY_EXCH_SCORE=80 - set_grade_cap "B" "Using a weak key" + set_grade_cap "B" "Using a weak $type_output" elif [[ $size -lt 225 ]] && [[ $KEY_EXCH_SCORE -gt 90 ]]; then let KEY_EXCH_SCORE=90 fi else if [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then let KEY_EXCH_SCORE=40 - set_grade_cap "F" "Using an insecure key / DH key exchange parameters" + set_grade_cap "F" "Using an insecure $type_output" elif [[ $size -lt 2048 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then let KEY_EXCH_SCORE=80 - set_grade_cap "B" "Using a weak key / DH key exchange parameters" + set_grade_cap "B" "Using a weak $type_output" elif [[ $size -lt 4096 ]] && [[ $KEY_EXCH_SCORE -gt 90 ]]; then let KEY_EXCH_SCORE=90 fi @@ -8520,7 +8513,7 @@ certificate_info() { fi out " bits" - set_key_str_score "$short_keyAlgo" "$cert_keysize" # TODO: should be $dh_param_size + set_key_str_score "$short_keyAlgo" "$cert_keysize" elif [[ $cert_key_algo =~ RSA ]] || [[ $cert_key_algo =~ rsa ]] || [[ $cert_key_algo =~ dsa ]] || \ [[ $cert_key_algo =~ dhKeyAgreement ]] || [[ $cert_key_algo == X9.42\ DH ]]; then if [[ "$cert_keysize" -le 512 ]]; then From dca50fc49ab8aaafd8973a41f71a477f0baa1b4d Mon Sep 17 00:00:00 2001 From: Magnus Larsen <[]> Date: Thu, 28 May 2020 21:00:45 +0200 Subject: [PATCH 4/7] allow multiple equal key sizes --- testssl.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/testssl.sh b/testssl.sh index 28ec6fb..94b6f9f 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1039,26 +1039,26 @@ set_key_str_score() { "$do_rating" || return 0 - [[ $type == DHE ]] && type_output="DH key exchange parameters" || type_output="key" + [[ $type == DHE ]] && type_output="temporal DH key (DH parameters)" || type_output="key" if [[ $type == EC || $type == EdDSA ]]; then - if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then + if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then let KEY_EXCH_SCORE=40 set_grade_cap "F" "Using an insecure $type_output" - elif [[ $size -lt 163 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then + elif [[ $size -lt 163 ]] && [[ $KEY_EXCH_SCORE -ge 80 ]]; then let KEY_EXCH_SCORE=80 set_grade_cap "B" "Using a weak $type_output" - elif [[ $size -lt 225 ]] && [[ $KEY_EXCH_SCORE -gt 90 ]]; then + elif [[ $size -lt 225 ]] && [[ $KEY_EXCH_SCORE -ge 90 ]]; then let KEY_EXCH_SCORE=90 fi else - if [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -gt 40 ]]; then + if [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then let KEY_EXCH_SCORE=40 set_grade_cap "F" "Using an insecure $type_output" - elif [[ $size -lt 2048 ]] && [[ $KEY_EXCH_SCORE -gt 80 ]]; then + elif [[ $size -lt 2048 ]] && [[ $KEY_EXCH_SCORE -ge 80 ]]; then let KEY_EXCH_SCORE=80 set_grade_cap "B" "Using a weak $type_output" - elif [[ $size -lt 4096 ]] && [[ $KEY_EXCH_SCORE -gt 90 ]]; then + elif [[ $size -lt 4096 ]] && [[ $KEY_EXCH_SCORE -ge 90 ]]; then let KEY_EXCH_SCORE=90 fi fi From 30d571076808eaa2244a701aab7a680e7815b311 Mon Sep 17 00:00:00 2001 From: Magnus Larsen <[]> Date: Thu, 28 May 2020 21:12:14 +0200 Subject: [PATCH 5/7] ephemeral is the word --- testssl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 94b6f9f..02bb7e5 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1039,7 +1039,7 @@ set_key_str_score() { "$do_rating" || return 0 - [[ $type == DHE ]] && type_output="temporal DH key (DH parameters)" || type_output="key" + [[ $type == DHE ]] && type_output="ephemeral DH key (DH parameters)" || type_output="key" if [[ $type == EC || $type == EdDSA ]]; then if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then From cce7566dc8eac7ba459f3609feb5cad96cb27ce2 Mon Sep 17 00:00:00 2001 From: Magnus Larsen Date: Tue, 2 Jun 2020 16:26:55 +0200 Subject: [PATCH 6/7] Moved grade_caps to run_rating() function; added KEY_EXCH_SCORE=20 back again --- testssl.sh | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/testssl.sh b/testssl.sh index 02bb7e5..37c329b 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1039,25 +1039,23 @@ set_key_str_score() { "$do_rating" || return 0 - [[ $type == DHE ]] && type_output="ephemeral DH key (DH parameters)" || type_output="key" - if [[ $type == EC || $type == EdDSA ]]; then - if [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then + if [[ $size -lt 110 ]] && [[ $KEY_EXCH_SCORE -gt 20 ]]; then + let KEY_EXCH_SCORE=20 + elif [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then let KEY_EXCH_SCORE=40 - set_grade_cap "F" "Using an insecure $type_output" elif [[ $size -lt 163 ]] && [[ $KEY_EXCH_SCORE -ge 80 ]]; then let KEY_EXCH_SCORE=80 - set_grade_cap "B" "Using a weak $type_output" elif [[ $size -lt 225 ]] && [[ $KEY_EXCH_SCORE -ge 90 ]]; then let KEY_EXCH_SCORE=90 fi else - if [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then + if [[ $size -lt 512 ]] && [[ $KEY_EXCH_SCORE -ge 20 ]]; then + let KEY_EXCH_SCORE=20 + elif [[ $size -lt 1024 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then let KEY_EXCH_SCORE=40 - set_grade_cap "F" "Using an insecure $type_output" elif [[ $size -lt 2048 ]] && [[ $KEY_EXCH_SCORE -ge 80 ]]; then let KEY_EXCH_SCORE=80 - set_grade_cap "B" "Using a weak $type_output" elif [[ $size -lt 4096 ]] && [[ $KEY_EXCH_SCORE -ge 90 ]]; then let KEY_EXCH_SCORE=90 fi @@ -20880,6 +20878,12 @@ run_rating() { pr_bold " Protocol Support "; out "(weighted) "; outln "$c1_score ($c1_wscore)" ## Category 2 + if [[ $KEY_EXCH_SCORE -le 40 ]]; then + set_grade_cap "F" "Using an insecure public key and/or ephemeral key" + elif [[ $KEY_EXCH_SCORE -le 80 ]]; then + set_grade_cap "B" "Using a weak public key and/or ephemeral key" + fi + let c2_score=$KEY_EXCH_SCORE let c2_wscore=$c2_score*30/100 From 55bbb98a024b818ac2a3a38f055b1078825947b9 Mon Sep 17 00:00:00 2001 From: Magnus Larsen Date: Tue, 2 Jun 2020 16:28:24 +0200 Subject: [PATCH 7/7] small fixes --- testssl.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index 37c329b..a4a401f 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1035,12 +1035,11 @@ set_grade_warning() { set_key_str_score() { local type=$1 local size=$2 - local type_output "$do_rating" || return 0 if [[ $type == EC || $type == EdDSA ]]; then - if [[ $size -lt 110 ]] && [[ $KEY_EXCH_SCORE -gt 20 ]]; then + if [[ $size -lt 110 ]] && [[ $KEY_EXCH_SCORE -ge 20 ]]; then let KEY_EXCH_SCORE=20 elif [[ $size -lt 123 ]] && [[ $KEY_EXCH_SCORE -ge 40 ]]; then let KEY_EXCH_SCORE=40 @@ -1064,7 +1063,7 @@ set_key_str_score() { } # Sets the best and worst bit size key, used to grade Category 3 (Cipher Strength) -# This function itself doesn't actually set a score; its just in the name to keep it logical (score == grading function) +# This function itself doesn't actually set a score; its just in the name to keep it logical (score == rating function) # arg1: a bit size set_ciph_str_score() { local size=$1