87 lines
2.6 KiB
Go
87 lines
2.6 KiB
Go
package testsuite
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"github.com/nemunaire/eyespot"
|
|
)
|
|
|
|
type Ciphers struct {}
|
|
|
|
func (Ciphers) GetTestDescription() string {
|
|
return "Test the ciphers suite accepted by the remote host."
|
|
}
|
|
|
|
func (test Ciphers) Run(protocol string, host string) (map[string]eyespot.Result, error) {
|
|
var results = map[string]eyespot.Result{}
|
|
|
|
for _, c := range []uint16{
|
|
tls.TLS_RSA_WITH_RC4_128_SHA,
|
|
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
|
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
} {
|
|
if r, err := cipher_test(protocol, host, c); err != nil {
|
|
return results, err
|
|
} else {
|
|
var cstr string
|
|
|
|
switch c {
|
|
case tls.TLS_RSA_WITH_RC4_128_SHA:
|
|
cstr = "TLS_RSA_WITH_RC4_128_SHA"
|
|
case tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
|
|
cstr = "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
|
|
case tls.TLS_RSA_WITH_AES_128_CBC_SHA:
|
|
cstr = "TLS_RSA_WITH_AES_128_CBC_SHA"
|
|
case tls.TLS_RSA_WITH_AES_256_CBC_SHA:
|
|
cstr = "TLS_RSA_WITH_AES_256_CBC_SHA"
|
|
case tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
|
|
cstr = "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
|
|
case tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
|
|
cstr = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
|
|
case tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
|
|
cstr = "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
|
|
case tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
|
|
cstr = "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
|
|
case tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
|
|
cstr = "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
|
|
case tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
|
|
cstr = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
|
|
case tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
|
|
cstr = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
|
|
case tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
|
|
cstr = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
|
|
case tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
|
|
cstr = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
|
|
default:
|
|
cstr = ""
|
|
}
|
|
|
|
results[cstr] = eyespot.Result{r}
|
|
}
|
|
}
|
|
|
|
return results, nil
|
|
}
|
|
|
|
func cipher_test(protocol string, host string, cipher uint16) (bool, error) {
|
|
conn, err := tls.Dial(protocol, host, &tls.Config{
|
|
CipherSuites: []uint16{cipher},
|
|
InsecureSkipVerify: true,
|
|
})
|
|
if err != nil {
|
|
return false, nil
|
|
}
|
|
defer conn.Close();
|
|
|
|
return true, nil
|
|
}
|