crypto-policies - files in /etc/crypto-policies/back-ends/¶
This is a collection of parsers that all deal with the generated configuration
files under the /etc/crypto-policies/back-ends/ folder. Parsers included
in this module are:
CryptoPoliciesConfig - file /etc/crypto-policies/config¶
CryptoPoliciesStateCurrent - file /etc/crypto-policies/state/current¶
CryptoPoliciesOpensshserver - file /etc/crypto-policies/back-ends/opensshserver.config¶
CryptoPoliciesBind - file /etc/crypto-policies/back-ends/bind.config¶
- class insights.parsers.crypto_policies.CryptoPoliciesBind(context)[source]¶
Bases:
ParserThis parser reads the
/etc/crypto-policies/back-ends/bind.configfile. The sectionsdisable-algorithmsanddisable-ds-digestsare in the propertiesdisable_algorithmsanddisable_ds_digests.Sample Input:
disable-algorithms "." { RSAMD5; DSA; }; disable-ds-digests "." { GOST; };
Examples
>>> 'GOST' in cp_bind.disable_ds_digests True >>> cp_bind.disable_algorithms ['RSAMD5', 'DSA']
- class insights.parsers.crypto_policies.CryptoPoliciesConfig(context)[source]¶
Bases:
ParserThis parser reads the
/etc/crypto-policies/configfile. The contents of the file is a single-line value, available in thevalueproperty.Sample Input:
LEGACYExamples
>>> cp_c.value 'LEGACY'
- class insights.parsers.crypto_policies.CryptoPoliciesOpensshserver(context)[source]¶
Bases:
SysconfigOptionsThis parser reads the
/etc/crypto-policies/back-ends/opensshserver.configfile. It uses theSysconfigOptionsparser class to convert the file into a dictionary of options. It also provides theoptionsproperty as a helper to retrieve theCRYPTO_POLICYvariable.Sample Input:
CRYPTO_POLICY='-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'
Examples
>>> 'CRYPTO_POLICY' in cp_os True >>> cp_os.options '-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'
- property options¶
The value of the
CRYPTO_POLICYvariable if it exists, else None.- Type:
(union[str, None])