-
Notifications
You must be signed in to change notification settings - Fork 37
/
tls.go
64 lines (56 loc) · 1.76 KB
/
tls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package hstspreload
import (
"crypto/tls"
"crypto/x509"
)
func checkChain(connState tls.ConnectionState) Issues {
fullChain := connState.VerifiedChains[0]
chain := fullChain[:len(fullChain)-1] // Ignore the root CA
return checkSHA1(chain)
}
func checkSHA1(chain []*x509.Certificate) Issues {
issues := Issues{}
for _, cert := range chain {
if cert.SignatureAlgorithm == x509.SHA1WithRSA || cert.SignatureAlgorithm == x509.ECDSAWithSHA1 {
return issues.addErrorf(
IssueCode("domain.tls.sha1"),
"SHA-1 Certificate",
"One or more of the certificates in your certificate chain "+
"is signed using SHA-1. This needs to be replaced. "+
"See https://security.googleblog.com/2015/12/an-update-on-sha-1-certificates-in.html. "+
"(The first SHA-1 certificate found has a common-name of %q.)",
cert.Subject.CommonName,
)
}
}
return issues
}
func checkCipherSuite(connState tls.ConnectionState) Issues {
issues := Issues{}
// All cipher suites in TLS 1.3 are considered modern.
if connState.Version > tls.VersionTLS12 {
return Issues{}
}
// These modern cipher suites are only supported in TLS 1.2.
switch connState.CipherSuite {
case tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
fallthrough
case tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
fallthrough
case tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305:
fallthrough
case tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
fallthrough
case tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
fallthrough
case tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305:
return Issues{}
default:
return issues.addWarningf(
IssueCode("tls.obsolete_cipher_suite"),
"Obsolete Cipher Suite",
"The site is using obsolete TLS settings. "+
"Check out the site at https://www.ssllabs.com/ssltest/",
)
}
}