#!/usr/bin/perl # # ***** BEGIN LICENSE BLOCK ***** # Version: MPL 1.1/GPL 2.0/LGPL 2.1 # # The contents of this file are subject to the Mozilla Public License Version # 1.1 (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # http://www.mozilla.org/MPL/ # # Software distributed under the License is distributed on an "AS IS" basis, # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License # for the specific language governing rights and limitations under the # License. # # The Original Code is the Netscape security libraries. # # The Initial Developer of the Original Code is # Netscape Communications Corporation. # Portions created by the Initial Developer are Copyright (C) 1994-2000 # the Initial Developer. All Rights Reserved. # # Contributor(s): # # Alternatively, the contents of this file may be used under the terms of # either the GNU General Public License Version 2 or later (the "GPL"), or # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), # in which case the provisions of the GPL or the LGPL are applicable instead # of those above. If you wish to allow use of your version of this file only # under the terms of either the GPL or the LGPL, and not to allow others to # use your version of this file under the terms of the MPL, indicate your # decision by deleting the provisions above and replace them with the notice # and other provisions required by the GPL or the LGPL. If you do not delete # the provisions above, a recipient may use your version of this file under # the terms of any one of the MPL, the GPL or the LGPL. # # ***** END LICENSE BLOCK ***** use CGI qw(:standard); # Replace this will the full path to the sslstrength executable. $sslstrength = "./sslstrength"; # Replace this with the name of this CGI. $sslcgi = "sslstr.cgi"; $query = new CGI; print header; print " \n"; print "SSLStrength\n"; print "\n"; print "

SSLStrength

\n"; if ($query->param('dotest')) { print "Output from sslstrength: \n"; print "
\n";

    $cs = "";
    
    @ssl2ciphers = $query->param('ssl2ciphers');
    for $cipher (@ssl2ciphers) {
	if ($cipher eq "SSL_EN_RC2_128_WITH_MD5")              { $cs .= "a"; }
	if ($cipher eq "SSL_EN_RC2_128_CBC_WITH_MD5")          { $cs .= "b"; }
	if ($cipher eq "SSL_EN_DES_192_EDE3_CBC_WITH_MD5")     { $cs .= "c"; }
	if ($cipher eq "SSL_EN_DES_64_CBC_WITH_MD5")           { $cs .= "d"; }
	if ($cipher eq "SSL_EN_RC4_128_EXPORT40_WITH_MD5")     { $cs .= "e"; }
	if ($cipher eq "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5") { $cs .= "f"; }
    }

    @ssl3ciphers = $query->param('ssl3ciphers');
    for $cipher (@ssl3ciphers) {
	if ($cipher eq "SSL_RSA_WITH_RC4_128_MD5")           { $cs .= "i"; }
	if ($cipher eq "SSL_RSA_WITH_3DES_EDE_CBC_SHA")      { $cs .= "j"; }
	if ($cipher eq "SSL_RSA_WITH_DES_CBC_SHA")           { $cs .= "k"; }
	if ($cipher eq "SSL_RSA_EXPORT_WITH_RC4_40_MD5")     { $cs .= "l"; }
	if ($cipher eq "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5") { $cs .= "m"; }
	if ($cipher eq "SSL_RSA_WITH_NULL_MD5")              { $cs .= "o"; }
	if ($cipher eq "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA") { $cs .= "p"; }
	if ($cipher eq "SSL_RSA_FIPS_WITH_DES_CBC_SHA")      { $cs .= "q"; }
    }

    $hs = $query->param('host');
    if ($hs eq "") {
	print "
You must specify a host to connect to.

\n"; exit(0); } $ps = $query->param('policy'); $cmdstring = "$sslstrength $hs policy=$ps ciphers=$cs"; print "running sslstrength:\n"; print "$cmdstring\n"; $r = open(SSLS, "$cmdstring |"); if ($r == 0) { print "
There was a problem starting $cmdstring

\n";
	exit(0);
    }
    while () {
	print "$_";
    }
    close(SSLS);


    print "
\n"; } else { print "
\n"; print "

Host Name

Type hostname here:
 

 Or click these buttons to test some well-known servers
Export servers:
Domestic servers:
Step-Up Servers    


Encryption policy

  Export
  Domestic


Cipher Selection

(use ctrl to multi-select)
SSL 2 Ciphers
SSL3 Ciphers


\n"; } exit(0); __END__ id CipherName Domestic Export a SSL_EN_RC4_128_WITH_MD5 (ssl2) Yes No b SSL_EN_RC2_128_CBC_WITH_MD5 (ssl2) Yes No c SSL_EN_DES_192_EDE3_CBC_WITH_MD5 (ssl2) Yes No d SSL_EN_DES_64_CBC_WITH_MD5 (ssl2) Yes No e SSL_EN_RC4_128_EXPORT40_WITH_MD5 (ssl2) Yes Yes f SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2) Yes Yes i SSL_RSA_WITH_RC4_128_MD5 (ssl3) Yes Step-up only j SSL_RSA_WITH_3DES_EDE_CBC_SHA (ssl3) Yes Step-up only k SSL_RSA_WITH_DES_CBC_SHA (ssl3) Yes No l SSL_RSA_EXPORT_WITH_RC4_40_MD5 (ssl3) Yes Yes m SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (ssl3) Yes Yes o SSL_RSA_WITH_NULL_MD5 (ssl3) Yes Yes