Added support for kex GSS wildcards (#143).

src/ssh_audit/ssh2_kexdb.py

@@ -71,29 +71,13 @@ class SSH2_KexDB:  # pylint: disable=too-few-public-methods
     ALGORITHMS: Dict[str, Dict[str, List[List[Optional[str]]]]] = {
         # Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...], [info1, info2, ...]]
         'kex': {
-            'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]],
-            'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]],
-            'gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==': [[], [], [WARN_HASH_WEAK]],
-            'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_HASH_WEAK]],
-            'gss-gex-sha1-': [[], [], [WARN_HASH_WEAK]],
-            'gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
-            'gss-group1-sha1-': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
-            'gss-group14-sha1-': [[], [], [WARN_HASH_WEAK, WARN_2048BIT_MODULUS]],
-            'gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q==': [[], [], [WARN_HASH_WEAK, WARN_2048BIT_MODULUS]],
-            'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_HASH_WEAK, WARN_2048BIT_MODULUS]],
-            'gss-group14-sha256-': [[], [], [WARN_2048BIT_MODULUS]],
-            'gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_2048BIT_MODULUS]],
-            'gss-group15-sha512-': [[]],
-            'gss-group15-sha512-toWM5Slw5Ew8Mqkay+al2g==': [[]],
-            'gss-group16-sha512-': [[]],
-            'gss-nistp256-sha256-': [[], [FAIL_CURVES_WEAK]],
-            'gss-curve25519-sha256-': [[]],
+            # The GSS kex algorithms get special wildcard handling, since they include variable base64 data after their standard prefixes.
             'gss-13.3.132.0.10-sha256-*': [[], [FAIL_UNKNOWN]],
             'gss-curve25519-sha256-*': [[]],
             'gss-curve448-sha512-*': [[]],
             'gss-gex-sha1-*': [[], [], [WARN_HASH_WEAK]],
             'gss-gex-sha256-*': [[]],
-            'gss-group1-sha1-*': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
+            'gss-group1-sha1-*': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]],
             'gss-group14-sha1-*': [[], [], [WARN_HASH_WEAK, WARN_2048BIT_MODULUS]],
             'gss-group14-sha256-*': [[], [], [WARN_2048BIT_MODULUS]],
             'gss-group15-sha512-*': [[]],
@@ -103,6 +87,7 @@ class SSH2_KexDB:  # pylint: disable=too-few-public-methods
             'gss-nistp256-sha256-*': [[], [FAIL_CURVES_WEAK]],
             'gss-nistp384-sha256-*': [[], [FAIL_CURVES_WEAK]],
             'gss-nistp521-sha512-*': [[], [FAIL_CURVES_WEAK]],
+            'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]],
             'diffie-hellman-group1-sha256': [[], [FAIL_1024BIT_MODULUS]],
             'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [], [WARN_HASH_WEAK, WARN_2048BIT_MODULUS]],
             'diffie-hellman-group14-sha256': [['7.3,d2016.73'], [], [WARN_2048BIT_MODULUS]],

src/ssh_audit/ssh_audit.py

@@ -137,6 +137,12 @@ def output_algorithm(out: OutputBuffer, alg_db: Dict[str, Dict[str, List[List[Op
             alg_name_with_size = '%s (%d-bit)' % (alg_name, hostkey_size)
             padding = padding[0:-11]
 
+    # If this is a kex algorithm and starts with 'gss-', then normalize its name (i.e.: 'gss-gex-sha1-vz8J1E9PzLr8b1K+0remTg==' => 'gss-gex-sha1-*').  The base64 field can vary, so we'll convert it to the wildcard that our database uses and we'll just resume doing a straight match like all other algorithm names.
+    alg_name_original = alg_name
+    if alg_type == 'kex' and alg_name.startswith('gss-'):
+        last_dash = alg_name.rindex('-')
+        alg_name = "%s-*" % alg_name[0:last_dash]
+
     texts = []
     if len(alg_name.strip()) == 0:
         return program_retval
@@ -162,6 +168,10 @@ def output_algorithm(out: OutputBuffer, alg_db: Dict[str, Dict[str, List[List[Op
         texts.append(('warn', 'unknown algorithm'))
         unknown_algs.append(alg_name)
 
+    # For kex GSS algorithms, now that we already did the database lookup (above), restore the original algorithm name so its reported properly in the output.
+    if alg_name != alg_name_original:
+        alg_name = alg_name_original
+
     alg_name = alg_name_with_size if alg_name_with_size is not None else alg_name
     first = True
     for level, text in texts: