2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-12-03 10:53:41 +01:00

add support for GOST cipher scanning

This commit is contained in:
Hubert Kario 2015-05-24 21:11:22 +02:00
parent 3bc8dc5583
commit 596692a18e
2 changed files with 17 additions and 0 deletions

View File

@ -42,6 +42,11 @@ if [[ "$TIMEOUTOUTPUT" =~ BusyBox ]]; then
TIMEOUTBIN="$TIMEOUTBIN -t"
fi
# use custom config file to enable GOST ciphers
if [[ -e $(dirname $0)/openssl.cnf ]]; then
export OPENSSL_CONF="$(dirname $0)/openssl.cnf"
fi
# find a list of trusted CAs on the local system, or use the provided list
if [ -z "$CACERTS" ]; then
for f in /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt; do

12
openssl.cnf Normal file
View File

@ -0,0 +1,12 @@
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
gost = gost_section
[gost_section]
engine_id = gost
default_algorithms = ALL
CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet