LittleNellie
/
cipherscan
mirror of https://github.com/mozilla/cipherscan.git
2
0
Fork 0
Code Issues Releases Wiki Activity
407 Commits 5 Branches 0 Tags 35 MiB
Commit Graph

407 Commits

Author SHA1 Message Date
Julien Vehent 39f2ad7b09
Add tls1.3 test to travisci 2018-12-12 07:18:50 -05:00
Julien Vehent e79ce277f7
Add TLS1.3 support 2018-12-12 06:16:15 -05:00
Julien Vehent [:ulfr] b0548dff8e
Merge pull request #149 from tomato42/bash-env-fix 
make shell scripts respect PATH
 2018-05-19 19:56:27 -04:00
Julien Vehent [:ulfr] a614389861
Merge pull request #156 from tomato42/spaces-in-path 
support spaces in openssl path
 2018-05-19 19:55:57 -04:00
Julien Vehent [:ulfr] 1df1377f6c
Merge pull request #157 from mozilla/jvehent-patch-1 
Create .travis.yml
 2018-05-19 19:55:31 -04:00
Julien Vehent [:ulfr] 9681b2f615
Create .travis.yml 2018-05-19 19:54:18 -04:00
Hubert Kario 4890e26910 support spaces in openssl path 
fixes #78
 2018-05-19 20:25:43 +02:00
Hubert Kario 31761fa7b2 make shell scripts respect PATH 
use the bash from PATH, not from /bin

fixes #141
 2018-05-13 19:33:05 +02:00
Hubert Kario 528e94d613
Merge pull request #143 from luigiJsonar/patch-1 
README.md typo
 2017-11-21 01:33:44 +01:00
Luigi Labigalini fda447a5a8
README.md typo 2017-11-16 12:02:33 -08:00
Hubert Kario cb6e027327
Merge pull request #142 from ebabani/master 
Redirect dependency download output to stderr
 2017-11-13 12:12:29 +01:00
Ergin Babani 3ecd5c5895 Redirect dependency download output to stderr 
If running `analyze.py` for the first time the dependency downloading
output would be part of the json, and the command would fail due to
invalid json data.
 2017-11-07 13:18:10 -05:00
Hubert Kario 17dcd0dc05 Merge pull request #138 from sunshuzhou/patch-1 
Update cipherscan
 2017-05-03 14:57:32 +02:00
Sun Shuzhou 2204ec21e9 Update cipherscan 2017-05-03 09:03:32 +08:00
Sun Shuzhou c23d1ba64a Update cipherscan 2017-05-02 21:38:03 +08:00
Hubert Kario e9f3df4e9f Merge pull request #135 from Jiab77/patch-1 
Fixed symbolic link creation error and git output supression
 2017-01-23 16:16:27 +01:00
Jonathan Barda 0b1d5331d6 Added requested changes 
I may change `${BASH_SOURCE[0]}` by ` `basename $BASH_SOURCE` ` if you prefer
 2017-01-23 16:12:34 +01:00
Jonathan Barda 717b9c0a13 Adapted changes as requested 
Added some detail when required libraries are not present on the host and needs downloading
 2017-01-23 15:27:04 +01:00
Jonathan Barda 5fd2e95c4d Few fixes 
Added `&>/dev/null` on git commands to suppress their output
Fixed the symbolic link creation that pointed to non existent path. `ecdsa` folder moved to `src/ecdsa`
 2017-01-23 07:36:24 +01:00
Julien Vehent [:ulfr] 757bfefc6d Merge pull request #134 from tycho/fix-benchmark-output 
fix -b (benchmark) output
 2017-01-13 16:19:56 -05:00
Julien Vehent [:ulfr] 1f2846d54e Merge pull request #131 from castillar/master 
Added info about OpenSSL proxy option to cipherscan script.
 2017-01-13 16:15:15 -05:00
Julien Vehent [:ulfr] 6d66214fd1 Merge pull request #124 from firesock/master 
Allow EC keys to have a smaller bitsize
 2017-01-13 16:14:33 -05:00
Julien Vehent [:ulfr] b1d37bf26d Merge pull request #128 from tomato42/intolerance-tests 
TLS version (in)tolerance scanner
 2017-01-13 16:07:44 -05:00
Steven Noonan 981cf0744e cipherscan: fix benchmark mode output 
The microsecond measurement column wasn't being rendered.

Signed-off-by: Steven Noonan <steven@uplinklabs.net>
 2017-01-01 14:15:23 -08:00
Steven Noonan 532ff712aa cipherscan: always define a curves_ordering column value 
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
 2017-01-01 14:15:23 -08:00
Jos Purvis c6934569bd Update to fix OpenSSL version in info message 2016-12-02 21:07:24 -05:00
Jos Purvis 3fc28b001c Added info about OpenSSL proxy option to cipherscan script. 2016-12-02 12:29:44 -05:00
Hubert Kario fb8b4d73bf interpreting the intolerance data 2016-10-11 22:46:02 +02:00
Hubert Kario 45bb7d0c28 TLS version (in)tolerance scanner 
Since it is impossible to make openssl command line tool send
TLSv1.3 Client Hello message, add a python based tool to perform
TLS version intolerance scan
 2016-10-05 01:00:11 +02:00
Julien Vehent [:ulfr] e5b747d29b Merge pull request #125 from tomato42/sort-cas-by-usage 
sort CA's by count, not name
 2016-09-30 15:30:48 -04:00
Julien Vehent [:ulfr] 197881da81 Merge pull request #126 from tomato42/npn 
Add support for collecting supported NPN protocols
 2016-09-17 08:11:03 -04:00
Hubert Kario 6a906a6267 add support for collecting supported NPN protocols 2016-09-16 23:06:34 +02:00
Hubert Kario 0120fff9bc sort CA's by count, not name 2016-09-06 14:08:06 +02:00
Awad Mackie bb3e89ec09 Update fubar EC parameter size to 256 2016-08-25 00:40:39 +01:00
Awad Mackie 3a2a43f91d Hardcode minimum EC key size 2016-08-22 23:44:13 +01:00
Awad Mackie 955d55a6ba Update EC check to use regexp and match all OpenSSL EC cipher suite variants 2016-08-22 23:33:28 +01:00
Awad Mackie f5ad5806c3 Allow EC keys to have a smaller bitsize 2016-08-21 13:16:54 +01:00
Julien Vehent 74dd82e8ad Update OpenSSL binary 2016-08-16 11:28:34 -04:00
Julien Vehent [:ulfr] 8b73962b72 Merge pull request #122 from tomato42/result-parser-update 
Result parser update
 2016-07-23 10:30:52 -04:00
Julien Vehent [:ulfr] 4a6cb350c8 Merge pull request #123 from tomato42/certificate-verification-time 
changing time of verification for certificate chains
 2016-07-23 10:29:11 -04:00
Julien Vehent [:ulfr] 38f5ffba9d Merge pull request #121 from tomato42/better-ca-handling 
Better CA certificate handling
 2016-07-23 10:27:00 -04:00
Hubert Kario a5ec045000 changing time of verification for certificate chains 
allow to run the analysis of certificate chains later after the
data was collected, allows also for re-analysis of archival data
 2016-07-20 21:17:37 +02:00
Hubert Kario 7bb272e353 single-out 3DES ciphers 
3DES is the weakest cipher from the ones that are still officially
standing, so report more detailed statistics about it
 2016-07-20 20:51:51 +02:00
Hubert Kario bbeac6107a add FF 44 ciphers 
since FF 44 has a different cipher set than FF 35, especially the
drop of DSS and RC4, it will be useful to have connection
statistics for it
 2016-07-20 20:50:26 +02:00
Hubert Kario 7834cd0748 fold some long lines 
long lines hard to read, make Hulk sad
 2016-07-20 20:45:15 +02:00
Hubert Kario 94efc235d0 use more robust trust path building by default 
use the -trusted_first flag to openssl, so that it tries alternative
trust paths to verify validity of server presented certificate
 2016-07-20 20:43:47 +02:00
Hubert Kario f9f3407bb4 scripts to create CApath directories with roots or intermediaries 
In case the user has a set of certificates *and* intermediaries,
it is necessary to prime both the `ca_trusted` directory and the
`ca_files` directories with respectively all root CA's and
all CA's (root or intermediate)
 2016-07-20 20:40:35 +02:00
Julien Vehent [:ulfr] 189695c0b1 Merge pull request #120 from tomato42/top1m-info 
add README for the top1m folder
 2016-07-20 14:30:22 -04:00
Hubert Kario e9808a1bcb report errors in cert file searching 
since the certificates are separate from results file, they can get
missing (or an incorrect set can be used)

provide a clear message about what file is missing
 2016-07-20 20:21:28 +02:00
Hubert Kario 985e26c71a add README for the top1m folder 
since the top-1m.csv.zip is not static, tell the users where it
can be found

also add a generic explanation about files in the folder
 2016-07-20 20:16:39 +02:00