ssl.rb in yawast-0.6.0.beta5

- old
+ new

@@ -66,29 +66,23 @@
         Yawast::Utilities.puts_info "\t\tKey: #{cert.public_key.class.to_s.gsub('OpenSSL::PKey::', '')}-#{get_x509_pub_key_strength(cert)}"
         Yawast::Utilities.puts_info "\t\t\tKey Hash: #{Digest::SHA1.hexdigest(cert.public_key.to_s)}"
         Yawast::Utilities.puts_info "\t\tExtensions:"
         cert.extensions.each { |ext| Yawast::Utilities.puts_info "\t\t\t#{ext}" unless ext.oid == 'subjectAltName' || ext.oid == 'ct_precert_scts' }
 
-        #ct_precert_scts
-        scts = cert.extensions.find {|e| e.oid == 'ct_precert_scts'}
-        unless scts.nil?
-          Yawast::Utilities.puts_info "\t\tSCTs:"
-          scts.value.split("\n").each { |line| puts "\t\t\t#{line}" }
-        end
+        # ct_precert_scts
+        Yawast::Scanner::Plugins::SSL::SSL.print_precert cert
 
         #alt names
         alt_names = cert.extensions.find {|e| e.oid == 'subjectAltName'}
         unless alt_names.nil?
           Yawast::Utilities.puts_info "\t\tAlternate Names:"
           alt_names.value.split(',').each { |name| Yawast::Utilities.puts_info "\t\t\t#{name.strip.delete('DNS:')}" }
         end
 
-        hash = Digest::SHA1.hexdigest(cert.to_der)
-        Yawast::Utilities.puts_info "\t\tHash: #{hash}"
-        puts "\t\t\thttps://censys.io/certificates?q=#{hash}"
-        puts "\t\t\thttps://crt.sh/?q=#{hash}"
-        puts ''
+        Yawast::Scanner::Plugins::SSL::SSL.print_cert_hash cert
+
+        puts
       end
 
       def self.get_cert_chain_info(cert_chain, cert)
         if cert_chain.count == 1
           #HACK: This is an ugly way to guess if it's a missing intermediate, or self-signed
@@ -168,39 +162,9 @@
           #secure, probably safe
           Yawast::Utilities.puts_info "\t\tVersion: #{ssl.ssl_version.ljust(7)}\tBits: #{cipher[2]}\tCipher: #{cipher[0]}"
         else
           #weak, but not "omg!" weak.
           Yawast::Utilities.puts_warn "\t\tVersion: #{ssl.ssl_version.ljust(7)}\tBits: #{cipher[2]}\tCipher: #{cipher[0]}"
-        end
-      end
-
-      def self.check_hsts(head)
-        found = ''
-
-        head.each do |k, v|
-          if k.downcase.include? 'strict-transport-security'
-            found = "#{k}: #{v}"
-          end
-        end
-
-        if found == ''
-          Yawast::Utilities.puts_warn 'HSTS: Not Enabled'
-        else
-          Yawast::Utilities.puts_info "HSTS: Enabled (#{found})"
-        end
-      end
-
-      def self.check_hsts_preload(uri)
-        begin
-          info = JSON.parse(Net::HTTP.get(URI("https://hstspreload.com/api/v1/status/#{uri.host}")))
-
-          chrome = info['chrome'] != nil
-          firefox = info['firefox'] != nil
-          tor = info['tor'] != nil
-
-          Yawast::Utilities.puts_info "HSTS Preload: Chrome - #{chrome}; Firefox - #{firefox}; Tor - #{tor}"
-        rescue => e
-          Yawast::Utilities.puts_error "Error getting HSTS preload information: #{e.message}"
         end
       end
 
       #private methods
       class << self