LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-09-29 08:03:42 +02:00
Code Issues Releases Wiki Activity
406 Commits 5 Branches 0 Tags 35 MiB
981ac390d6
Commit Graph

406 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hubert Kario
981ac390d6 tweak phrasing for analyze.py report 
for intermediate and modern, we expect the server to support exact
set of curves, reflect that in the error message
 2018-05-20 14:31:09 +02:00
Julien Vehent [:ulfr]
b0548dff8e
Merge pull request #149 from tomato42/bash-env-fix 
make shell scripts respect PATH
 2018-05-19 19:56:27 -04:00
Julien Vehent [:ulfr]
a614389861
Merge pull request #156 from tomato42/spaces-in-path 
support spaces in openssl path
 2018-05-19 19:55:57 -04:00
Julien Vehent [:ulfr]
1df1377f6c
Merge pull request #157 from mozilla/jvehent-patch-1 
Create .travis.yml
 2018-05-19 19:55:31 -04:00
Julien Vehent [:ulfr]
9681b2f615
Create .travis.yml 2018-05-19 19:54:18 -04:00
Hubert Kario
4890e26910 support spaces in openssl path 
fixes #78
 2018-05-19 20:25:43 +02:00
Hubert Kario
31761fa7b2 make shell scripts respect PATH 
use the bash from PATH, not from /bin

fixes #141
 2018-05-13 19:33:05 +02:00
Hubert Kario
528e94d613
Merge pull request #143 from luigiJsonar/patch-1 
README.md typo
 2017-11-21 01:33:44 +01:00
Luigi Labigalini
fda447a5a8
README.md typo 2017-11-16 12:02:33 -08:00
Hubert Kario
cb6e027327
Merge pull request #142 from ebabani/master 
Redirect dependency download output to stderr
 2017-11-13 12:12:29 +01:00
Ergin Babani
3ecd5c5895 Redirect dependency download output to stderr 
If running `analyze.py` for the first time the dependency downloading
output would be part of the json, and the command would fail due to
invalid json data.
 2017-11-07 13:18:10 -05:00
Hubert Kario
17dcd0dc05 Merge pull request #138 from sunshuzhou/patch-1 
Update cipherscan
 2017-05-03 14:57:32 +02:00
Sun Shuzhou
2204ec21e9 Update cipherscan 2017-05-03 09:03:32 +08:00
Sun Shuzhou
c23d1ba64a Update cipherscan 2017-05-02 21:38:03 +08:00
Hubert Kario
e9f3df4e9f Merge pull request #135 from Jiab77/patch-1 
Fixed symbolic link creation error and git output supression
 2017-01-23 16:16:27 +01:00
Jonathan Barda
0b1d5331d6 Added requested changes 
I may change `${BASH_SOURCE[0]}` by ` `basename $BASH_SOURCE` ` if you prefer
 2017-01-23 16:12:34 +01:00
Jonathan Barda
717b9c0a13 Adapted changes as requested 
Added some detail when required libraries are not present on the host and needs downloading
 2017-01-23 15:27:04 +01:00
Jonathan Barda
5fd2e95c4d Few fixes 
Added `&>/dev/null` on git commands to suppress their output
Fixed the symbolic link creation that pointed to non existent path. `ecdsa` folder moved to `src/ecdsa`
 2017-01-23 07:36:24 +01:00
Julien Vehent [:ulfr]
757bfefc6d Merge pull request #134 from tycho/fix-benchmark-output 
fix -b (benchmark) output
 2017-01-13 16:19:56 -05:00
Julien Vehent [:ulfr]
1f2846d54e Merge pull request #131 from castillar/master 
Added info about OpenSSL proxy option to cipherscan script.
 2017-01-13 16:15:15 -05:00
Julien Vehent [:ulfr]
6d66214fd1 Merge pull request #124 from firesock/master 
Allow EC keys to have a smaller bitsize
 2017-01-13 16:14:33 -05:00
Julien Vehent [:ulfr]
b1d37bf26d Merge pull request #128 from tomato42/intolerance-tests 
TLS version (in)tolerance scanner
 2017-01-13 16:07:44 -05:00
Steven Noonan
981cf0744e cipherscan: fix benchmark mode output 
The microsecond measurement column wasn't being rendered.

Signed-off-by: Steven Noonan <steven@uplinklabs.net>
 2017-01-01 14:15:23 -08:00
Steven Noonan
532ff712aa cipherscan: always define a curves_ordering column value 
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
 2017-01-01 14:15:23 -08:00
Jos Purvis
c6934569bd Update to fix OpenSSL version in info message 2016-12-02 21:07:24 -05:00
Jos Purvis
3fc28b001c Added info about OpenSSL proxy option to cipherscan script. 2016-12-02 12:29:44 -05:00
Hubert Kario
fb8b4d73bf interpreting the intolerance data 2016-10-11 22:46:02 +02:00
Hubert Kario
45bb7d0c28 TLS version (in)tolerance scanner 
Since it is impossible to make openssl command line tool send
TLSv1.3 Client Hello message, add a python based tool to perform
TLS version intolerance scan
 2016-10-05 01:00:11 +02:00
Julien Vehent [:ulfr]
e5b747d29b Merge pull request #125 from tomato42/sort-cas-by-usage 
sort CA's by count, not name
 2016-09-30 15:30:48 -04:00
Julien Vehent [:ulfr]
197881da81 Merge pull request #126 from tomato42/npn 
Add support for collecting supported NPN protocols
 2016-09-17 08:11:03 -04:00
Hubert Kario
6a906a6267 add support for collecting supported NPN protocols 2016-09-16 23:06:34 +02:00
Hubert Kario
0120fff9bc sort CA's by count, not name 2016-09-06 14:08:06 +02:00
Awad Mackie
bb3e89ec09 Update fubar EC parameter size to 256 2016-08-25 00:40:39 +01:00
Awad Mackie
3a2a43f91d Hardcode minimum EC key size 2016-08-22 23:44:13 +01:00
Awad Mackie
955d55a6ba Update EC check to use regexp and match all OpenSSL EC cipher suite variants 2016-08-22 23:33:28 +01:00
Awad Mackie
f5ad5806c3 Allow EC keys to have a smaller bitsize 2016-08-21 13:16:54 +01:00
Julien Vehent
74dd82e8ad Update OpenSSL binary 2016-08-16 11:28:34 -04:00
Julien Vehent [:ulfr]
8b73962b72 Merge pull request #122 from tomato42/result-parser-update 
Result parser update
 2016-07-23 10:30:52 -04:00
Julien Vehent [:ulfr]
4a6cb350c8 Merge pull request #123 from tomato42/certificate-verification-time 
changing time of verification for certificate chains
 2016-07-23 10:29:11 -04:00
Julien Vehent [:ulfr]
38f5ffba9d Merge pull request #121 from tomato42/better-ca-handling 
Better CA certificate handling
 2016-07-23 10:27:00 -04:00
Hubert Kario
a5ec045000 changing time of verification for certificate chains 
allow to run the analysis of certificate chains later after the
data was collected, allows also for re-analysis of archival data
 2016-07-20 21:17:37 +02:00
Hubert Kario
7bb272e353 single-out 3DES ciphers 
3DES is the weakest cipher from the ones that are still officially
standing, so report more detailed statistics about it
 2016-07-20 20:51:51 +02:00
Hubert Kario
bbeac6107a add FF 44 ciphers 
since FF 44 has a different cipher set than FF 35, especially the
drop of DSS and RC4, it will be useful to have connection
statistics for it
 2016-07-20 20:50:26 +02:00
Hubert Kario
7834cd0748 fold some long lines 
long lines hard to read, make Hulk sad
 2016-07-20 20:45:15 +02:00
Hubert Kario
94efc235d0 use more robust trust path building by default 
use the -trusted_first flag to openssl, so that it tries alternative
trust paths to verify validity of server presented certificate
 2016-07-20 20:43:47 +02:00
Hubert Kario
f9f3407bb4 scripts to create CApath directories with roots or intermediaries 
In case the user has a set of certificates *and* intermediaries,
it is necessary to prime both the `ca_trusted` directory and the
`ca_files` directories with respectively all root CA's and
all CA's (root or intermediate)
 2016-07-20 20:40:35 +02:00
Julien Vehent [:ulfr]
189695c0b1 Merge pull request #120 from tomato42/top1m-info 
add README for the top1m folder
 2016-07-20 14:30:22 -04:00
Hubert Kario
e9808a1bcb report errors in cert file searching 
since the certificates are separate from results file, they can get
missing (or an incorrect set can be used)

provide a clear message about what file is missing
 2016-07-20 20:21:28 +02:00
Hubert Kario
985e26c71a add README for the top1m folder 
since the top-1m.csv.zip is not static, tell the users where it
can be found

also add a generic explanation about files in the folder
 2016-07-20 20:16:39 +02:00
Julien Vehent [:ulfr]
5d930c2d32 Merge pull request #117 from adamcrosby/master 
Fallback to local JSON if urllib fails to retrieve updated list
 2016-02-29 08:58:05 -05:00