Beispiel #1
0
def test_sslyze_simplify(scan_result=1):
    import app.utils.sslyze.simplify_result as sslyze_result_simplify
    res = db_models.db.session \
        .query(db_models.ScanResults) \
        .get(scan_result)
    res_simplified = sslyze_result_simplify.sslyze_result_simplify(res)
    a = db_schemas.ScanResultsSimplifiedSchema().dumps(res_simplified)

    return json.dumps(json.loads(a), indent=3), 200
Beispiel #2
0
def test_sslyze_simplify_insert(scan_result_id):
    import app.utils.sslyze.simplify_result as sslyze_result_simplify

    res = db_models.db.session \
        .query(db_models.ScanResults) \
        .get(scan_result_id)

    res_simplified = sslyze_result_simplify.sslyze_result_simplify(res)
    res_saved = db_utils_advanced.generic_get_create_edit_from_transient(db_schemas.ScanResultsSimplifiedSchema, res_simplified)
    return db_schemas.ScanResultsSimplifiedSchema().dumps(res_saved), 200
Beispiel #3
0
def api_get_user_targets():
    user_id = authentication_utils.get_user_id_from_jwt_or_exception()

    # todo: the following search only looks at targets, which have scan result. This might be considered a bug. Fix?

    res = db_models.db.session \
        .query(db_models.ScanOrder, db_models.Target, db_models.LastScan, db_models.ScanResults,
               db_models.ScanResultsSimplified) \
        .outerjoin(db_models.ScanResults, db_models.LastScan.result_id == db_models.ScanResults.id) \
        .outerjoin(db_models.ScanResultsSimplified,
                   db_models.ScanResultsSimplified.scanresult_id == db_models.ScanResults.id) \
        .filter(db_models.LastScan.target_id == db_models.Target.id) \
        .filter(db_models.ScanOrder.target_id == db_models.Target.id) \
        .filter(db_models.ScanOrder.user_id == user_id) \
        .all()

    # res: List[Tuple[db_models.ScanOrder, db_models.Target, db_models.LastScan, db_models.ScanResults]]

    schema = db_schemas.TargetSchema(many=True)
    json_dict = schema.dump([x.Target for x in res])

    for obj in json_dict:
        for single_res in res:
            if obj["id"] == single_res.Target.id:
                obj["active"] = 'yes' if single_res.ScanOrder.active else 'no'

                obj["expires"] = "Not scanned yet"
                obj["grade"] = "Not scanned yet"
                if single_res.ScanResults is None:
                    continue

                if single_res.ScanResultsSimplified:
                    scan_result_simplified = single_res.ScanResultsSimplified
                else:
                    scan_result_simplified = sslyze_result_simplify.sslyze_result_simplify(
                        single_res.ScanResults)
                    # todo: consider saving the simplified result

                if scan_result_simplified:
                    if isinstance(single_res.ScanResultsSimplified.notAfter,
                                  int):
                        obj["expires"] = str(
                            timestamp_to_datetime(
                                single_res.ScanResultsSimplified.notAfter))
                    obj["grade"] = single_res.ScanResultsSimplified.grade
                    obj["grade_reasons"] = single_res.ScanResultsSimplified.grade_reasons
                    continue

    # for x in json_dict:
    #     x["grade"] = random.choice([chr(ord('A')+i) for i in range(5)])
    #     x["expires"] = datetime.date(2020, 1, 1) + datetime.timedelta(days=random.randint(10, 500))

    json_string = json.dumps(json_dict, default=str)
    # logger.debug(json_string)
    return json_string, 200
Beispiel #4
0
def test_grading(scan_result_id):
    import app.utils.sslyze.grade_scan_result as grade_scan_result
    import app.utils.sslyze.simplify_result as sslyze_result_simplify

    res = db_models.db.session \
        .query(db_models.ScanResults) \
        .get(scan_result_id)

    res_simplified = sslyze_result_simplify.sslyze_result_simplify(res)
    grade_str, reasons = grade_scan_result.grade_scan_result(res, res_simplified)

    return jsonify({
        'grade': grade_str,
        'reasons': reasons
    }), 200
Beispiel #5
0
def calculate_and_insert_scan_result_simplified_into_db(scan_result: db_models.ScanResults):
    scan_result_simple = sslyze_result_simplify.sslyze_result_simplify(scan_result)
    return db_utils_advanced.generic_get_create_edit_from_transient(
        db_schemas.ScanResultsSimplifiedSchema,
        scan_result_simple
    )