Esempio n. 1
0
 def get_ssh_timeframe(self, for_server: Optional[bool] = None) -> 'Timeframe':
     timeframe = Timeframe()
     for alg_pair in self.values:
         alg_db = alg_pair.db
         for alg_type, alg_list in alg_pair.items():
             for alg_name in alg_list:
                 alg_name_native = Utils.to_text(alg_name)
                 alg_desc = alg_db[alg_type].get(alg_name_native)
                 if alg_desc is None:
                     continue
                 versions = alg_desc[0]
                 timeframe.update(versions, for_server)
     return timeframe
Esempio n. 2
0
def output_algorithm(out: OutputBuffer, alg_db: Dict[str, Dict[str, List[List[Optional[str]]]]], alg_type: str, alg_name: str, unknown_algs: List[str], program_retval: int, alg_max_len: int = 0, alg_sizes: Optional[Dict[str, Tuple[int, int]]] = None) -> int:
    prefix = '(' + alg_type + ') '
    if alg_max_len == 0:
        alg_max_len = len(alg_name)
    padding = '' if out.batch else ' ' * (alg_max_len - len(alg_name))

    # If this is an RSA host key or DH GEX, append the size to its name and fix
    # the padding.
    alg_name_with_size = None
    if (alg_sizes is not None) and (alg_name in alg_sizes):
        hostkey_size, ca_size = alg_sizes[alg_name]
        if ca_size > 0:
            alg_name_with_size = '%s (%d-bit cert/%d-bit CA)' % (alg_name, hostkey_size, ca_size)
            padding = padding[0:-15]
        else:
            alg_name_with_size = '%s (%d-bit)' % (alg_name, hostkey_size)
            padding = padding[0:-11]

    texts = []
    if len(alg_name.strip()) == 0:
        return program_retval
    alg_name_native = Utils.to_text(alg_name)
    if alg_name_native in alg_db[alg_type]:
        alg_desc = alg_db[alg_type][alg_name_native]
        ldesc = len(alg_desc)
        for idx, level in enumerate(['fail', 'warn', 'info']):
            if level == 'info':
                versions = alg_desc[0]
                since_text = Algorithm.get_since_text(versions)
                if since_text is not None and len(since_text) > 0:
                    texts.append((level, since_text))
            idx = idx + 1
            if ldesc > idx:
                for t in alg_desc[idx]:
                    if t is None:
                        continue
                    texts.append((level, t))
        if len(texts) == 0:
            texts.append(('info', ''))
    else:
        texts.append(('warn', 'unknown algorithm'))
        unknown_algs.append(alg_name)

    alg_name = alg_name_with_size if alg_name_with_size is not None else alg_name
    first = True
    for level, text in texts:
        if level == 'fail':
            program_retval = exitcodes.FAILURE
        elif level == 'warn' and program_retval != exitcodes.FAILURE:  # If a failure was found previously, don't downgrade to warning.
            program_retval = exitcodes.WARNING

        f = getattr(out, level)
        comment = (padding + ' -- [' + level + '] ' + text) if text != '' else ''
        if first:
            if first and level == 'info':
                f = out.good
            f(prefix + alg_name + comment)
            first = False
        else:  # pylint: disable=else-if-used
            if out.verbose:
                f(prefix + alg_name + comment)
            elif text != '':
                comment = (padding + ' `- [' + level + '] ' + text)
                f(' ' * len(prefix + alg_name) + comment)

    return program_retval
 def supported_ciphers(self) -> List[str]:
     ciphers = []
     for i in range(len(SSH1.CIPHERS)):
         if self.__supported_ciphers_mask & (1 << i) != 0:
             ciphers.append(Utils.to_text(SSH1.CIPHERS[i]))
     return ciphers
 def supported_authentications(self) -> List[str]:
     auths = []
     for i in range(1, len(SSH1.AUTHS)):
         if self.__supported_authentications_mask & (1 << i) != 0:
             auths.append(Utils.to_text(SSH1.AUTHS[i]))
     return auths
Esempio n. 5
0
 def supported_ciphers(self) -> List[str]:
     ciphers = []
     for i in range(len(SSH1.CIPHERS)):  # pylint: disable=consider-using-enumerate
         if self.__supported_ciphers_mask & (1 << i) != 0:
             ciphers.append(Utils.to_text(SSH1.CIPHERS[i]))
     return ciphers