Added flag to export site report to JSON file (#238)

* Added flag to export site report to JSON file

Author: mmaehren

Scanner-Core/src/main/java/de/rub/nds/scanner/core/config/ScannerConfig.java

@@ -28,6 +28,10 @@ public abstract class ScannerConfig extends TLSDelegateConfig {
     @Parameter(names = "-reportDetail", required = false, description = "How detailed do you want the report to be?")
     private ScannerDetail reportDetail = ScannerDetail.NORMAL;
 
+    @Parameter(names = "-outputFile", required = false,
+        description = "Specify a file to write the site report in JSON to")
+    private String outputFile = null;
+
     @Parameter(names = "-probeTimeout", required = false,
         description = "The timeout for each probe in ms (default 1800000)")
     private int probeTimeout = 1800000;
@@ -81,4 +85,16 @@ public int getProbeTimeout() {
     public void setProbeTimeout(int probeTimeout) {
         this.probeTimeout = probeTimeout;
     }
+
+    public boolean isWriteReportToFile() {
+        return outputFile != null;
+    }
+
+    public String getOutputFile() {
+        return outputFile;
+    }
+
+    public void setOutputFile(String outputFile) {
+        this.outputFile = outputFile;
+    }
 }

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/Main.java

@@ -18,6 +18,8 @@
 import de.rub.nds.tlsscanner.serverscanner.config.ServerScannerConfig;
 import de.rub.nds.tlsscanner.serverscanner.execution.TlsServerScanner;
 import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
+import de.rub.nds.tlsscanner.serverscanner.report.ServerReportSerializer;
+import java.io.File;
 import java.io.IOException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -45,6 +47,10 @@ public static void main(String[] args) throws IOException {
                 ConsoleLogger.CONSOLE
                     .info(AnsiColor.RESET.getCode() + "Scanned in: " + ((System.currentTimeMillis() - time) / 1000)
                         + "s\n" + report.getFullReport(config.getReportDetail(), !config.isNoColor()));
+                if (config.isWriteReportToFile()) {
+                    File outputFile = new File(config.getOutputFile());
+                    ServerReportSerializer.serialize(outputFile, report);
+                }
             } catch (ConfigurationException e) {
                 LOGGER.error("Encountered a ConfigurationException aborting.", e);
             }

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/converter/Asn1FieldSerializer.java

@@ -0,0 +1,33 @@
+/**
+ * TLS-Server-Scanner - A TLS configuration and analysis tool based on TLS-Attacker
+ *
+ * Copyright 2017-2022 Ruhr University Bochum, Paderborn University, Hackmanit GmbH
+ *
+ * Licensed under Apache License, Version 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0.txt
+ */
+
+package de.rub.nds.tlsscanner.serverscanner.converter;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.std.StdSerializer;
+import de.rub.nds.asn1.model.Asn1Field;
+import de.rub.nds.modifiablevariable.util.ArrayConverter;
+import java.io.IOException;
+
+public class Asn1FieldSerializer extends StdSerializer<Asn1Field> {
+
+    public Asn1FieldSerializer() {
+        super(Asn1Field.class);
+    }
+
+    @Override
+    public void serialize(Asn1Field asn1Field, JsonGenerator jsonGenerator, SerializerProvider serializerProvider)
+        throws IOException {
+        jsonGenerator.writeStartObject();
+        jsonGenerator.writeStringField("Asn1Field",
+            ArrayConverter.bytesToHexString(asn1Field.getSerializer().serialize(), false));
+        jsonGenerator.writeEndObject();
+    }
+}

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/report/ServerReportSerializer.java

@@ -0,0 +1,64 @@
+/**
+ * TLS-Server-Scanner - A TLS configuration and analysis tool based on TLS-Attacker
+ *
+ * Copyright 2017-2022 Ruhr University Bochum, Paderborn University, Hackmanit GmbH
+ *
+ * Licensed under Apache License, Version 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0.txt
+ */
+
+package de.rub.nds.tlsscanner.serverscanner.report;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.std.ByteArraySerializer;
+import de.rub.nds.scanner.core.report.ScanReport;
+import de.rub.nds.tlsscanner.serverscanner.converter.Asn1CertificateSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.Asn1FieldSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.CertificateSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.CustomDhPublicKeySerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.CustomDsaPublicKeySerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.CustomEcPublicKeySerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.CustomRsaPublicKeySerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.HttpsHeaderSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.PointSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.ResponseFingerprintSerializer;
+import de.rub.nds.tlsscanner.serverscanner.converter.VectorSerializer;
+import java.io.File;
+import java.io.IOException;
+import java.math.BigDecimal;
+import org.apache.logging.log4j.LogManager;
+
+public class ServerReportSerializer {
+
+    private static final org.apache.logging.log4j.Logger LOGGER = LogManager.getLogger();
+
+    public static void serialize(File outputFile, ScanReport scanReport) {
+        try {
+            ObjectMapper mapper = new ObjectMapper();
+
+            SimpleModule module = new SimpleModule();
+            module.addSerializer(new ByteArraySerializer());
+            module.addSerializer(new ResponseFingerprintSerializer());
+            module.addSerializer(new CertificateSerializer());
+            module.addSerializer(new Asn1CertificateSerializer());
+            module.addSerializer(new CustomDhPublicKeySerializer());
+            module.addSerializer(new CustomEcPublicKeySerializer());
+            module.addSerializer(new CustomRsaPublicKeySerializer());
+            module.addSerializer(new CustomDsaPublicKeySerializer());
+            module.addSerializer(new VectorSerializer());
+            module.addSerializer(new PointSerializer());
+            module.addSerializer(new HttpsHeaderSerializer());
+            module.addSerializer(new Asn1FieldSerializer());
+
+            mapper.registerModule(module);
+            mapper.configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false);
+            mapper.configOverride(BigDecimal.class).setFormat(JsonFormat.Value.forShape(JsonFormat.Shape.STRING));
+            mapper.writeValue(outputFile, scanReport);
+        } catch (IOException ex) {
+            LOGGER.error(ex);
+        }
+    }
+}