Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 22:05:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rate RSA e=1 as CRITICAL

Browse Source 
PR #1619 set the grade cap to 'F' is the server has a certificate with an RSA with e=1, however, it did not change the rating in the JSON/CSV output. This commit changes the cert_keySize rating to CRITICAL for an RSA key with e=1, regardless of the size of the modulus. It also uses pr_svrty_critical() to print the exponent in this case.
This commit is contained in:
David Cooper
2020-05-08 08:23:14 -04:00
parent d16f8a20c5
commit cde2ecdc5d
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
testssl.sh
View File

@@ -8535,9 +8535,14 @@ certificate_info() {
cert_spki_info="$(strip_leading_space "$cert_spki_info")" cert_spki_info="$(strip_leading_space "$cert_spki_info")"
cert_spki_info="${cert_spki_info%%[[:space:]]*}" cert_spki_info="${cert_spki_info%%[[:space:]]*}"
if [[ -n "$cert_spki_info" ]]; then if [[ -n "$cert_spki_info" ]]; then
out " (exponent is $cert_spki_info)" if [[ $cert_spki_info -eq 1 ]]; then
out " (exponent is "; pr_svrty_critical "$cert_spki_info"; out ")"
json_rating="CRITICAL"
set_grade_cap "F" "RSA certificate uses exponent of 1"
else
out " (exponent is $cert_spki_info)"
fi
json_msg+=" (exponent is $cert_spki_info)" json_msg+=" (exponent is $cert_spki_info)"
[[ $cert_spki_info -eq 1 ]] && set_grade_cap "F" "RSA certificate uses exponent of 1"
fi fi
;; ;;
"EC") cert_spki_info="${cert_txt##*Subject Public Key Info:}" "EC") cert_spki_info="${cert_txt##*Subject Public Key Info:}"