crypto-policies - files in /etc/crypto-policies/back-ends/
¶
This is a collection of parsers that all deal with the generated configuration
files under the /etc/crypto-policies/back-ends/
folder. Parsers included
in this module are:
CryptoPoliciesConfig - file /etc/crypto-policies/config
¶
CryptoPoliciesStateCurrent - file /etc/crypto-policies/state/current
¶
CryptoPoliciesOpensshserver - file /etc/crypto-policies/back-ends/opensshserver.config
¶
CryptoPoliciesBind - file /etc/crypto-policies/back-ends/bind.config
¶
- class insights.parsers.crypto_policies.CryptoPoliciesBind(context)[source]¶
Bases:
Parser
This parser reads the
/etc/crypto-policies/back-ends/bind.config
file. The sectionsdisable-algorithms
anddisable-ds-digests
are in the propertiesdisable_algorithms
anddisable_ds_digests
.Sample Input:
disable-algorithms "." { RSAMD5; DSA; }; disable-ds-digests "." { GOST; };
Examples
>>> 'GOST' in cp_bind.disable_ds_digests True >>> cp_bind.disable_algorithms ['RSAMD5', 'DSA']
- class insights.parsers.crypto_policies.CryptoPoliciesConfig(context)[source]¶
Bases:
Parser
This parser reads the
/etc/crypto-policies/config
file. The contents of the file is a single-line value, available in thevalue
property.Sample Input:
LEGACY
Examples
>>> cp_c.value 'LEGACY'
- class insights.parsers.crypto_policies.CryptoPoliciesOpensshserver(context)[source]¶
Bases:
SysconfigOptions
This parser reads the
/etc/crypto-policies/back-ends/opensshserver.config
file. It uses theSysconfigOptions
parser class to convert the file into a dictionary of options. It also provides theoptions
property as a helper to retrieve theCRYPTO_POLICY
variable.Sample Input:
CRYPTO_POLICY='-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'
Examples
>>> 'CRYPTO_POLICY' in cp_os True >>> cp_os.options '-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'
- property options¶
The value of the
CRYPTO_POLICY
variable if it exists, else None.- Type:
(union[str, None])