From ff620f5b266b9dd1c3459e1c886d6cd8fd963829 Mon Sep 17 00:00:00 2001 From: Hubert Kario Date: Fri, 4 Apr 2014 21:08:38 +0200 Subject: [PATCH] report number of servers that use ECDSA and RSA certificates Since use of both ECDSA and RSA certificates is easy, it is relatively simple to support both. Report the total number of such servers --- top1m/parse_results.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/top1m/parse_results.py b/top1m/parse_results.py index 6fd52bd..0a9817b 100644 --- a/top1m/parse_results.py +++ b/top1m/parse_results.py @@ -15,6 +15,7 @@ protocolstats = defaultdict(int) handshakestats = defaultdict(int) keysize = defaultdict(int) sigalg = defaultdict(int) +dsarsastack = 0 total = 0 for r,d,flist in os.walk(path): @@ -40,6 +41,8 @@ for r,d,flist in os.walk(path): TLS1 = False TLS1_1 = False TLS1_2 = False + dualstack = False + ECDSA = False """ process the file """ f_abs = os.path.join(r,f) @@ -95,11 +98,16 @@ for r,d,flist in os.walk(path): """ save the key size """ if 'ECDSA' in entry['cipher']: + ECDSA = True tempecckeystats[entry['pubkey'][0]] = 1 elif 'DSS' in entry['cipher']: tempdsakeystats[entry['pubkey'][0]] = 1 + elif 'AECDH' in entry['cipher'] or 'ADH' in entry['cipher']: + """ skip """ else: tempkeystats[entry['pubkey'][0]] = 1 + if ECDSA: + dualstack = True """ save key signatures size """ tempsigstats[entry['sigalg'][0]] = 1 @@ -133,6 +141,9 @@ for r,d,flist in os.walk(path): for s in tempdsakeystats: keysize['DSA ' + s] += 1 + if dualstack: + dsarsastack += 1 + for s in tempsigstats: sigalg[s] += 1 @@ -231,6 +242,8 @@ for stat in sorted(keysize): percent = round(keysize[stat] / total * 100, 4) sys.stdout.write(stat.ljust(25) + " " + str(keysize[stat]).ljust(10) + str(percent).ljust(9) + "\n") +sys.stdout.write("RSA/ECDSA Dual Stack".ljust(25) + " " + str(dsarsastack).ljust(10) + str(round(dsarsastack/total * 100, 4)) + "\n") + print("\nSupported Protocols Count Percent") print("-------------------------+---------+-------") for stat in sorted(protocolstats):