tests for ordering of sig algs in TLS 1.2 PFS kex

2026-02-05 22:55:15 +01:00 · 2014-11-07 02:41:52 +01:00
parent 434b383f01
commit 8f5b1eedc9
2 changed files with 126 additions and 0 deletions
--- a/top1m/parse_results.py
+++ b/top1m/parse_results.py
@@ -137,6 +137,7 @@ i+=1
 fallback_ids['   '] = i
 pfssigalgfallback = defaultdict(int)
 pfssigalgs = defaultdict(int)
+pfssigalgsordering = defaultdict(int)
 dsarsastack = 0
 total = 0
 for r,d,flist in os.walk(path):
@@ -157,6 +158,7 @@ for r,d,flist in os.walk(path):
        tempfallbacks = {}
        """ supported ciphers by the server under scan """
        tempcipherstats = {}
+        temppfssigalgordering = {}
        temppfssigalgfallback = {}
        temppfssigalgs = {}
        ciphertypes = 0
@@ -255,6 +257,8 @@ for r,d,flist in os.walk(path):

            """ collect TLSv1.2 PFS ciphersuite sigalgs """
            if 'sigalgs' in results:
+                if results['sigalgs']['ordering']:
+                    temppfssigalgordering[results['sigalgs']['ordering']] = 1
                if results['sigalgs']['ECDSA-fallback']:
                    temppfssigalgfallback['ECDSA ' + results['sigalgs']['ECDSA-fallback']] = 1
                if results['sigalgs']['RSA-fallback']:
@@ -556,6 +560,8 @@ for r,d,flist in os.walk(path):
            pfssigalgfallback[s] += 1
        for s in temppfssigalgs:
            pfssigalgs[s] += 1
+        for s in temppfssigalgordering:
+            pfssigalgsordering[s] += 1

        """ store cipher stats """
        if AESGCM:
@@ -767,6 +773,12 @@ for stat in sorted(pfssigalgs):
    percent = round(pfssigalgs[stat] / total * 100, 4)
    sys.stdout.write(stat.ljust(30) + " " + str(pfssigalgs[stat]).ljust(10) + str(percent).ljust(9) + "\n")

+print("\nTLSv1.2 PFS ordering           Count     Percent ")
+print("------------------------------+---------+--------")
+for stat in sorted(pfssigalgsordering):
+    percent = round(pfssigalgsordering[stat] / total * 100, 4)
+    sys.stdout.write(stat.ljust(30) + " " + str(pfssigalgsordering[stat]).ljust(10) + str(percent).ljust(9) + "\n")
+
 print("\nTLSv1.2 PFS sigalg fallback    Count     Percent ")
 print("------------------------------+---------+--------")
 for stat in sorted(pfssigalgfallback):