Hubert Kario
|
946cc6a9ac
|
Report the signature type used on server certificate
Parse the certificate used by server and report the signature used:
prio ciphersuite protocols pubkey_size signature_algorithm pfs_keysize
1 ECDHE-RSA-AES128-SHA256 TLSv1.2 2048 sha1WithRSAEncryption ECDH,P-256,256bits
2 ECDHE-ECDSA-AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 256 ecdsa-with-SHA512 ECDH,P-256,256bits
3 AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048 sha1WithRSAEncryption
4 AECDH-RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 0 None ECDH,P-256,256bits
5 RC4-MD5 SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048 sha1WithRSAEncryption
6 EXP-RC4-MD5 SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048 sha1WithRSAEncryption RSA,512bits
|
2014-04-05 19:23:04 +02:00 |
|
Hubert Kario
|
f9fdd62a59
|
report key size used in server's certificate
Extend the report to show also server certificate key size:
prio ciphersuite protocols pubkey_size pfs_keysize
1 ECDHE-RSA-AES128-SHA256 TLSv1.2 2048 ECDH,P-256,256bits
2 ECDHE-ECDSA-AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 256 ECDH,P-256,256bits
3 AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048
4 RC4-MD5 SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048
5 EXP-RC4-MD5 SSLv3,TLSv1,TLSv1.1,TLSv1.2 2048 RSA,512bits
|
2014-04-05 19:23:04 +02:00 |
|
Hubert Kario
|
32eba4e644
|
update examples from README
since now the scan reports protocols correctly, update the example
to illustrate that
|
2014-04-05 18:47:37 +02:00 |
|
Hubert Kario
|
ac3e5f4d62
|
Correctly report TLSv1.2 only ciphers as negotiable with TLSv1.2
Previously scan would report:
prio ciphersuite protocols pfs_keysize
1 ECDHE-RSA-AES128-GCM-SHA256 SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
2 ECDHE-RSA-RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
Now it correctly reports:
prio ciphersuite protocols pfs_keysize
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits
2 ECDHE-RSA-RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
|
2014-04-05 18:47:37 +02:00 |
|
Julien Vehent
|
afcc92db02
|
Merge pull request #5 from mzeltner/master
Cleaned up options and documented custom OpenSSL build
|
2014-04-04 21:26:59 -04:00 |
|
Michael Zeltner
|
05bd24b405
|
Cleaning up old style, fixing --allciphers
|
2014-04-04 20:46:40 -04:00 |
|
Michael Zeltner
|
bf48cd2a3c
|
Documenting how to build OpenSSL with ChaCha20-Poly1305
Also updating README.md with new options by MacLemon
|
2014-04-01 14:29:55 -04:00 |
|
Michael Zeltner
|
45f0f3305d
|
Merge branch 'master' of https://github.com/MacLemon/cipherscan
|
2014-04-01 13:04:08 -04:00 |
|
Pepi Zawodsky
|
49214fc508
|
Verbose and Debug output go to stderr now. Added simple --delay function.
|
2014-02-18 02:05:26 +01:00 |
|
Michael Zeltner
|
8480e63ff7
|
Fixing a typo
|
2014-02-14 20:44:15 +01:00 |
|
Pepi Zawodsky
|
3282c2c3a5
|
Improved reference of switches documentation formatting.
|
2014-02-10 19:46:46 +01:00 |
|
Pepi Zawodsky
|
0282ae9209
|
Added simple debug function
|
2014-02-08 18:37:30 +01:00 |
|
Pepi Zawodsky
|
0d93b5d37e
|
Updated README to reflect the changes in cipherscan.
|
2014-02-08 17:07:54 +01:00 |
|
Pepi Zawodsky
|
490c86c43e
|
Changed grep invocation to prevent strange grep versions to balk on -E
|
2014-02-08 01:14:40 +01:00 |
|
Michael Zeltner
|
26b52d4e17
|
Make mktemp obsolete
We have pipes, we shall use them!
|
2014-02-07 00:56:31 +01:00 |
|
Pepi Zawodsky
|
57f41d7376
|
Fixed variable renaming.
|
2014-02-06 23:32:12 +01:00 |
|
Pepi Zawodsky
|
9e5ce9cca3
|
Removed neccessity for timeout, thanks to mzeltner. Better parameter parsing with short- and longoptions. Can now pass a path to use any openssl. Now works on OS X.
|
2014-02-06 23:26:19 +01:00 |
|
Julien Vehent
|
1f92094b3d
|
Merge pull request #4 from mzeltner/master
Support s_client args, give -starttls example. Contributed by mzeltner.
|
2014-02-02 18:15:27 -08:00 |
|
Michael Zeltner
|
5c07a6e552
|
Support s_client args, give -starttls example
|
2014-02-02 15:41:16 +01:00 |
|
Julien Vehent
|
ae5d7ad15c
|
Merge branch 'master' of github.com:jvehent/cipherscan
|
2014-01-31 10:24:02 -05:00 |
|
Julien Vehent
|
b3ca13a5ae
|
Rebuilt openssl to support ChaCha20/Poly1305. Test against google servers.
|
2014-01-31 10:22:21 -05:00 |
|
Julien Vehent
|
5e8b495a18
|
added many tests
|
2014-01-11 01:07:32 +00:00 |
|
Julien Vehent
|
1414973531
|
basic results parsing script in python
|
2014-01-10 05:50:03 +00:00 |
|
Julien Vehent
|
f3c8b24b8b
|
tweaks
|
2014-01-09 20:16:40 +00:00 |
|
Julien Vehent
|
5df0fe3d52
|
Merge branch 'master' of github.com:jvehent/cipherscan
|
2014-01-09 11:53:54 -05:00 |
|
Julien Vehent
|
19d443b8fe
|
OpenSSL binary location fix
|
2014-01-09 11:52:43 -05:00 |
|
Julien Vehent
|
e4ea957c8d
|
Script to scan Alexa's top 1m websites
|
2014-01-09 11:52:17 -05:00 |
|
Julien Vehent
|
26948cbccf
|
Merge pull request #3 from simondeziel/clean-temp
Cleanup old temp files when a connection failed
|
2014-01-07 19:04:43 -08:00 |
|
Simon Deziel
|
93ee5e3f33
|
Cleanup old temp files when a connection failed
|
2014-01-07 18:32:09 -05:00 |
|
Julien Vehent
|
af7b4ce18c
|
Rename CiphersScan to cipherscan
|
2013-12-09 11:01:30 -05:00 |
|
Julien Vehent
|
34a011ab71
|
Better doc
|
2013-12-09 10:40:23 -05:00 |
|
Julien Vehent
|
f7c159b568
|
Support JSON output with -json
|
2013-12-09 10:16:45 -05:00 |
|
Julien Vehent
|
4420db6f9b
|
prevent http keep-alive from blocking the scan
|
2013-11-20 11:51:37 -05:00 |
|
Julien Vehent
|
7c55288a7e
|
Fix test of all ciphers individually
|
2013-11-20 10:47:59 -05:00 |
|
Julien Vehent
|
d6556f5620
|
Progress indicator
|
2013-11-20 10:47:23 -05:00 |
|
Julien Vehent
|
889a75722d
|
doc update
|
2013-11-20 10:33:58 -05:00 |
|
Julien Vehent
|
a0e4f96a7b
|
Test all versions of SSL and TLS
|
2013-11-20 10:30:45 -05:00 |
|
Julien Vehent
|
69087f27ac
|
User larger list of cipher with COMPLEMENTOFALL
|
2013-11-20 10:30:14 -05:00 |
|
Julien Vehent
|
eaa586a1fa
|
add comment for system openssl
|
2013-11-20 09:30:52 -05:00 |
|
Julien Vehent
|
d794fa75ee
|
Added OpenSSL License
|
2013-11-05 15:53:55 -05:00 |
|
Julien Vehent
|
ee3200ebe5
|
remove last entry NONE
|
2013-11-05 15:51:00 -05:00 |
|
Julien Vehent
|
5a483775d7
|
Updated README
|
2013-09-26 09:33:22 +02:00 |
|
Julien Vehent
|
627701ec63
|
Add PFS key size to results
|
2013-09-24 17:02:31 +02:00 |
|
Julien Vehent
|
4a51ef71d6
|
Added protocol
|
2013-08-07 10:40:03 -04:00 |
|
Julien Vehent
|
d2b82ed871
|
Added option to scan all known ciphers "-a"
|
2013-08-03 22:07:13 -04:00 |
|
Julien Vehent
|
f5ff56344a
|
Use local openssl & return microseconds for benchmark
|
2013-07-19 09:45:06 -04:00 |
|
Julien Vehent
|
a651af9857
|
Updated README
|
2013-07-18 21:01:44 -04:00 |
|
Julien Vehent
|
2a9e80ea7e
|
doc update
|
2013-07-17 15:19:51 -04:00 |
|
Julien Vehent
|
e326b40ad3
|
doc update
|
2013-07-17 15:12:20 -04:00 |
|
Julien Vehent
|
c534b25c46
|
wait, no, don't use my openssl, use yours
|
2013-07-17 15:07:14 -04:00 |
|