mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-11-16 20:03:41 +01:00
Merge pull request #122 from tomato42/result-parser-update
Result parser update
This commit is contained in:
commit
8b73962b72
@ -68,6 +68,19 @@ client_ciphers['FF 35']=[
|
|||||||
'RC4-SHA',
|
'RC4-SHA',
|
||||||
'RC4-MD5']
|
'RC4-MD5']
|
||||||
|
|
||||||
|
client_ciphers['FF 44']=[
|
||||||
|
'ECDHE-ECDSA-AES128-GCM-SHA256',
|
||||||
|
'ECDHE-RSA-AES128-GCM-SHA256',
|
||||||
|
'ECDHE-ECDSA-AES256-SHA',
|
||||||
|
'ECDHE-ECDSA-AES128-SHA',
|
||||||
|
'ECDHE-RSA-AES128-SHA',
|
||||||
|
'ECDHE-RSA-AES256-SHA',
|
||||||
|
'DHE-RSA-AES128-SHA',
|
||||||
|
'DHE-RSA-AES256-SHA',
|
||||||
|
'AES128-SHA',
|
||||||
|
'AES256-SHA',
|
||||||
|
'DES-CBC3-SHA']
|
||||||
|
|
||||||
report_untrused=False
|
report_untrused=False
|
||||||
|
|
||||||
cipherstats = defaultdict(int)
|
cipherstats = defaultdict(int)
|
||||||
@ -76,11 +89,15 @@ cipherstats = defaultdict(int)
|
|||||||
# ciphers selected by them, unsupported, etc.
|
# ciphers selected by them, unsupported, etc.
|
||||||
client_RC4_Only_cipherstats={}
|
client_RC4_Only_cipherstats={}
|
||||||
client_RC4_preferred_cipherstats={}
|
client_RC4_preferred_cipherstats={}
|
||||||
|
client_3DES_Only_cipherstats={}
|
||||||
|
client_3DES_preferred_cipherstats={}
|
||||||
client_incompatible_cipherstats={}
|
client_incompatible_cipherstats={}
|
||||||
client_selected_cipherstats={}
|
client_selected_cipherstats={}
|
||||||
for client_name in client_ciphers:
|
for client_name in client_ciphers:
|
||||||
client_RC4_Only_cipherstats[client_name] = defaultdict(int)
|
client_RC4_Only_cipherstats[client_name] = defaultdict(int)
|
||||||
client_RC4_preferred_cipherstats[client_name] = defaultdict(int)
|
client_RC4_preferred_cipherstats[client_name] = defaultdict(int)
|
||||||
|
client_3DES_Only_cipherstats[client_name] = defaultdict(int)
|
||||||
|
client_3DES_preferred_cipherstats[client_name] = defaultdict(int)
|
||||||
client_incompatible_cipherstats[client_name] = defaultdict(int)
|
client_incompatible_cipherstats[client_name] = defaultdict(int)
|
||||||
client_selected_cipherstats[client_name] = defaultdict(int)
|
client_selected_cipherstats[client_name] = defaultdict(int)
|
||||||
|
|
||||||
@ -176,16 +193,20 @@ for r,d,flist in os.walk(path):
|
|||||||
GOST89_cipher = False
|
GOST89_cipher = False
|
||||||
""" variables to support handshake simulation for different clients """
|
""" variables to support handshake simulation for different clients """
|
||||||
client_RC4_Only={}
|
client_RC4_Only={}
|
||||||
|
client_3DES_Only={}
|
||||||
client_compat={}
|
client_compat={}
|
||||||
temp_client_incompat={}
|
temp_client_incompat={}
|
||||||
client_RC4_Pref={}
|
client_RC4_Pref={}
|
||||||
|
client_3DES_Pref={}
|
||||||
client_selected={}
|
client_selected={}
|
||||||
for client_name in client_ciphers:
|
for client_name in client_ciphers:
|
||||||
# the following depends on client_compat, so by default it can be True
|
# the following depends on client_compat, so by default it can be True
|
||||||
client_RC4_Only[client_name]=True
|
client_RC4_Only[client_name]=True
|
||||||
|
client_3DES_Only[client_name]=True
|
||||||
client_compat[client_name]=False
|
client_compat[client_name]=False
|
||||||
temp_client_incompat[client_name]={}
|
temp_client_incompat[client_name]={}
|
||||||
client_RC4_Pref[client_name]=None
|
client_RC4_Pref[client_name]=None
|
||||||
|
client_3DES_Pref[client_name]=None
|
||||||
client_selected[client_name]=None
|
client_selected[client_name]=None
|
||||||
|
|
||||||
""" server side list of supported ciphers """
|
""" server side list of supported ciphers """
|
||||||
@ -356,6 +377,8 @@ for r,d,flist in os.walk(path):
|
|||||||
client_compat[client_name]=True
|
client_compat[client_name]=True
|
||||||
if not 'RC4' in entry['cipher']:
|
if not 'RC4' in entry['cipher']:
|
||||||
client_RC4_Only[client_name] = False
|
client_RC4_Only[client_name] = False
|
||||||
|
if not 'CBC3' in entry['cipher']:
|
||||||
|
client_3DES_Only[client_name] = False
|
||||||
else:
|
else:
|
||||||
temp_client_incompat[client_name][entry['cipher']] = 1
|
temp_client_incompat[client_name][entry['cipher']] = 1
|
||||||
|
|
||||||
@ -534,6 +557,8 @@ for r,d,flist in os.walk(path):
|
|||||||
client_selected[client_name] = cipher
|
client_selected[client_name] = cipher
|
||||||
if 'RC4' in cipher:
|
if 'RC4' in cipher:
|
||||||
client_RC4_Pref[client_name] = True
|
client_RC4_Pref[client_name] = True
|
||||||
|
if 'CBC3' in cipher:
|
||||||
|
client_3DES_Pref[client_name] = True
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
for cipher in list_of_ciphers:
|
for cipher in list_of_ciphers:
|
||||||
@ -541,6 +566,8 @@ for r,d,flist in os.walk(path):
|
|||||||
client_selected[client_name] = cipher
|
client_selected[client_name] = cipher
|
||||||
if 'RC4' in cipher:
|
if 'RC4' in cipher:
|
||||||
client_RC4_Pref[client_name] = True
|
client_RC4_Pref[client_name] = True
|
||||||
|
if 'CBC3' in cipher:
|
||||||
|
client_3DES_Pref[client_name] = True
|
||||||
break
|
break
|
||||||
|
|
||||||
for s in tempfallbacks:
|
for s in tempfallbacks:
|
||||||
@ -602,6 +629,12 @@ for r,d,flist in os.walk(path):
|
|||||||
cipherstats['3DES'] += 1
|
cipherstats['3DES'] += 1
|
||||||
if ciphertypes == 1:
|
if ciphertypes == 1:
|
||||||
cipherstats['3DES Only'] += 1
|
cipherstats['3DES Only'] += 1
|
||||||
|
if 'CBC3' in results['ciphersuite'][0]['cipher']:
|
||||||
|
if 'TLSv1.1' in results['ciphersuite'][0]['protocols'] or\
|
||||||
|
'TLSv1.2' in results['ciphersuite'][0]['protocols']:
|
||||||
|
cipherstats['3DES forced in TLS1.1+'] += 1
|
||||||
|
cipherstats['3DES Preferred'] += 1
|
||||||
|
|
||||||
if CAMELLIA:
|
if CAMELLIA:
|
||||||
cipherstats['CAMELLIA'] += 1
|
cipherstats['CAMELLIA'] += 1
|
||||||
if ciphertypes == 1:
|
if ciphertypes == 1:
|
||||||
@ -636,6 +669,14 @@ for r,d,flist in os.walk(path):
|
|||||||
cipherstats['x:' + client_name + ' RC4 Preferred'] += 1
|
cipherstats['x:' + client_name + ' RC4 Preferred'] += 1
|
||||||
for cipher in temp_client_incompat[client_name]:
|
for cipher in temp_client_incompat[client_name]:
|
||||||
client_RC4_preferred_cipherstats[client_name][cipher] += 1
|
client_RC4_preferred_cipherstats[client_name][cipher] += 1
|
||||||
|
if client_3DES_Only[client_name]:
|
||||||
|
cipherstats['x:' + client_name + ' 3DES Only'] += 1
|
||||||
|
for cipher in temp_client_incompat[client_name]:
|
||||||
|
client_3DES_Only_cipherstats[client_name][cipher] += 1
|
||||||
|
if client_3DES_Pref[client_name]:
|
||||||
|
cipherstats['x:' + client_name + ' 3DES Preferred'] += 1
|
||||||
|
for cipher in temp_client_incompat[client_name]:
|
||||||
|
client_3DES_preferred_cipherstats[client_name][cipher] += 1
|
||||||
else:
|
else:
|
||||||
cipherstats['x:' + client_name + ' incompatible'] += 1
|
cipherstats['x:' + client_name + ' incompatible'] += 1
|
||||||
for cipher in temp_client_incompat[client_name]:
|
for cipher in temp_client_incompat[client_name]:
|
||||||
|
Loading…
Reference in New Issue
Block a user