You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket

sslinfo

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

sslinfo

Library for inspecting SSL/TLS protocols and ciphers

0.2.0
latest
Source
npmnpm
Version published
Weekly downloads
33
3200%
Maintainers
1
Weekly downloads
 
Created
Source

NPM

npm version bitHound Overall Score Dependency Status License Stories in Ready Known Vulnerabilities Badges

Table of Contents generated with DocToc

SSL Info

Utility library for determining which SSL/TLS versions and ciphers a server supports

Installation

This module requires NodeJS v6.9 or higher

npm install sslinfo --save

Note: This library requires an OpenSSL installation - the newer the better.

Usage

Get the server certificate, enabled SSL/TLS protocols, and supported ciphers.

var sslinfo = require('sslinfo');

sslinfo.getServerResults({ host: "www.google.com", port: 443 })
    .done(function (results) {
        console.log(results);
    },
    function (error) {
        console.log("Error", {error: error})
    });

Note: To get results from servers which support SNI (all servers of cloudflare for example), specify which servername should be transmitted to the remote server:

sslinfo.getServerResults({ host: "www.cloudflare.com", port: 443, servername: "www.cloudflare.com" })

The getServerResults() function returns a promise that should be resolved by implementing done().

Sample output:

{
    "host": "www.google.com",
    "port": 443,
    "cert": {
        ... certificate information ...
    },
    "protocols": [
        {
            "protocol": "SSLv2_method",
            "name": "SSLv2",
            "enabled": false,
            "error": "The installed openssl library does not support \"SSLv2_method\""
        },
        {
            "protocol": "SSLv3_method",
            "name": "SSLv3",
            "enabled": true
        },
        {
            "protocol": "TLSv1_method",
            "name": "TLSv1",
            "enabled": true
        },
        {
            "protocol": "TLSv1_1_method",
            "name": "TLSv1.1",
            "enabled": true
        },
        {
            "protocol": "TLSv1_2_method",
            "name": "TLSv1.2",
            "enabled": true
        }
    ],
    "ciphers": {
        "SSLv3_method": {
            ...
        },
        "TLSv1_method": {
            "name": "TLSv1",
            "enabled": [
                ... enabled cipher list ...
            ],
            "disabled": [
                ... disabled cipher list ...
            ],
            "unsupported": [
                ... ciphers unsupported by the OpenSSL version ...
            ]
        },
        "TLSv1_1_method": {
            ...
        },
        "TLSv1_2_method": {
            ...
        }
    }
}

Beginning with NodeJS 4.0.0, SSLv2 and SSLv3 are disabled by default. The sample output will be slightly different in this case.

{
    "host": "www.google.com",
    "port": 443,
    "cert": {
        ... certificate information ...
    },
    "certPEM": '... PEM encoded certificate ...',
    "protocols": [
        {
            "protocol": "SSLv2_method",
            "name": "SSLv2",
            "enabled": false,
            "error": "This version of NodeJS does not support \"SSLv2_method\""
        }
    ]
}

Get only the certificate information for a server

var sslinfo = require('sslinfo');

sslinfo.getCertificateInfo({ host: "www.google.com", port: 443 })
    .done(function (results) {
        console.log(results);
    },
    function (error) {
        console.log("Error", {error: error})
    });

The getCertificateInfo() function returns a promise that should be resolved by implementing done().

Sample output:

{
    "host": "www.google.com",
    "port": 443,
    "cert": {
        { version: 2,
             subject:
              { countryName: 'US',
                stateOrProvinceName: 'California',
                localityName: 'Mountain View',
                organizationName: 'Google Inc',
                commonName: 'www.google.com' },
             issuer:
              { countryName: 'US',
                organizationName: 'Google Inc',
                commonName: 'Google Internet Authority G2' },
             ... more cert info ...
    },
    "certPEM": '... PEM encoded certificate ...'
}

Get information about the installed OpenSSL version

var sslinfo = require('sslinfo');

sslinfo.getOpenSSLCapabilities()
    .done(function (results) {
        console.log(results);
    },
    function (error) {
        console.log("Error", {error: error});
    });

The getOpenSSLCapabilities() function returns a promise that should be resolved by implementing done().

Sample output (from Mac OS X 10.10.3):

{
    "version": "OpenSSL 0.9.8zd 8 Jan 2015",
    "protocols": {
        "supported": [
            "SSLv3",
            "TLSv1",
            "TLSv1.1",
            "TLSv1.2"
        ],
        "unsupported": [
            "SSLv2"
        ]
    },
    "ciphers": {
        "supported": [
            ... ciphers supported by this OpenSSL version ...
        ],
        "unsupported": [
            ... ciphers supported by this tool, but not the installed OpenSSL version ...
        ]
    }
}

Note: The unsupported cipher list is not necessarily correct. I'm going to investigate how to make this information more useful.

Keywords

ssl

FAQs

Package last updated on 08 Apr 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts