From d177a90bbee0057cbd2a39c762dde89430d8e043 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Wed, 25 Mar 2020 15:28:08 -0400 Subject: [PATCH 1/3] Adjust pr_cipher_quality ratings This commit makes several changes to the way that ciphers are rated by pr_cipher_quality: * It upgrades SEED ciphers to considered as strong as the corresponding AES ciphers. * It downgrades ciphers that use AEAD, but that use a non-FS key exchange (TLS_DH_*, TLS_ECDH*, TLS_PSK_WITH_*) from best to good, thus giving them the same rating as AEAD ciphers that use static RSA (TLS_RSA_*). * It downgrades some CBC ciphers to low (4) that are currently rated as neither good nor bad (5). * It modifies the ratings created using OpenSSL names to provide the same ratings as those created using RFC names. --- testssl.sh | 51 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 21 deletions(-) diff --git a/testssl.sh b/testssl.sh index 1a7a34d..9610979 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5948,7 +5948,7 @@ pr_cipher_quality() { # We have an OpenSSL name and can't convert it to the RFC name which is rarely # the case, see "prepare_arrays()" and "./etc/cipher-mapping.txt" case "$cipher" in - *NULL*|EXP*|ADH*) + *NULL*|EXP*|ADH*|AECDH*) pr_svrty_critical "$text" return 1 ;; @@ -5956,20 +5956,34 @@ pr_cipher_quality() { pr_svrty_high "$text" return 2 ;; - AES256-GCM-SHA384|AES128-GCM-SHA256|AES256-CCM|AES128-CCM|ARIA256-GCM-SHA384|ARIA128-GCM-SHA256) + AES256-GCM-SHA384|AES128-GCM-SHA256|AES256-CCM*|AES128-CCM*|ARIA256-GCM-SHA384|ARIA128-GCM-SHA256) # RSA kx and e.g. GCM isn't certainly the best pr_svrty_good "$text" return 6 ;; + *CBC3*|*3DES*|*IDEA*) + pr_svrty_medium "$text" + return 3 + ;; + *DES*) + pr_svrty_high "$text" + return 2 + ;; + PSK-*GCM*|PSK-*CCM*|RSA-PSK-*GCM*|RSA-PSK-CHACHA20-POLY1305|PSK-CHACHA20-POLY1305|PSK-ARIA*-GCM-SHA*|RSA-PSK-ARIA*-GCM-SHA*) + # PSK kx and e.g. GCM isn't certainly the best + pr_svrty_good "$text" + return 6 + ;; + DH-*GCM*|ECDH-*GCM*) + # static DH or ECDH kx and GCM isn't certainly the best + pr_svrty_good "$text" + return 6 + ;; *GCM*|*CCM*|*CHACHA20*) pr_svrty_best "$text" return 7 ;; #best ones - *CBC3*|*SEED*|*3DES*|*IDEA*) - pr_svrty_medium "$text" - return 3 - ;; - ECDHE*AES*|DHE*AES*SHA*|*CAMELLIA*SHA) + *AES*SHA*|*CAMELLIA*SHA*|*SEED*SHA*) pr_svrty_low "$text" return 4 ;; @@ -6000,28 +6014,23 @@ pr_cipher_quality() { pr_svrty_high "$text" return 2 ;; - *CBC3*|*SEED*|*3DES*|*IDEA*) + *CBC3*|*3DES*|*IDEA*) pr_svrty_medium "$text" return 3 ;; - TLS_RSA_*) - if [[ "$cipher" =~ CBC ]]; then - pr_svrty_low "$text" - return 4 - else - pr_svrty_good "$text" - # RSA kx and e.g. GCM isn't certainly the best - return 6 - fi + *CBC*) + pr_svrty_low "$text" + return 4 + ;; + TLS_RSA_*|TLS_DH_*|TLS_ECDH_*|TLS_PSK_WITH_*) + pr_svrty_good "$text" + # RSA, or static DH, ECDH, or PSK kx and e.g. GCM isn't certainly the best + return 6 ;; *GCM*|*CCM*|*CHACHA20*) pr_svrty_best "$text" return 7 ;; - *ECDHE*AES*CBC*|*DHE*AES*SHA*|*RSA*AES*SHA*|*CAMELLIA*SHA*) - pr_svrty_low "$text" - return 4 - ;; *) out "$text" return 5 From e15aea47909dd7729c86833b0067e4a1d51c1e43 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Wed, 25 Mar 2020 15:57:00 -0400 Subject: [PATCH 2/3] Modify pr_cipher_quality to handle ARIA This commit fixes the way pr_cipher_quality handles the OpenSSL names of some ARIA ciphers that either provide no authentication or that use CBC padding. --- testssl.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/testssl.sh b/testssl.sh index 9610979..03d2970 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5948,7 +5948,7 @@ pr_cipher_quality() { # We have an OpenSSL name and can't convert it to the RFC name which is rarely # the case, see "prepare_arrays()" and "./etc/cipher-mapping.txt" case "$cipher" in - *NULL*|EXP*|ADH*|AECDH*) + *NULL*|EXP*|ADH*|AECDH*|*anon*) pr_svrty_critical "$text" return 1 ;; @@ -5983,7 +5983,7 @@ pr_cipher_quality() { pr_svrty_best "$text" return 7 ;; #best ones - *AES*SHA*|*CAMELLIA*SHA*|*SEED*SHA*) + *AES*SHA*|*CAMELLIA*SHA*|*SEED*SHA*|*CBC*) pr_svrty_low "$text" return 4 ;; From 72dae035b5f31dc63dc8da31dcba67aa485bf4b6 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Wed, 25 Mar 2020 16:07:22 -0400 Subject: [PATCH 3/3] Remove redundant entries This commit removes two entries from a "case" test that were already covered by a previous entry. --- testssl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 03d2970..a40a1ce 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5969,7 +5969,7 @@ pr_cipher_quality() { pr_svrty_high "$text" return 2 ;; - PSK-*GCM*|PSK-*CCM*|RSA-PSK-*GCM*|RSA-PSK-CHACHA20-POLY1305|PSK-CHACHA20-POLY1305|PSK-ARIA*-GCM-SHA*|RSA-PSK-ARIA*-GCM-SHA*) + PSK-*GCM*|PSK-*CCM*|RSA-PSK-*GCM*|RSA-PSK-CHACHA20-POLY1305|PSK-CHACHA20-POLY1305) # PSK kx and e.g. GCM isn't certainly the best pr_svrty_good "$text" return 6