LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-09-29 08:03:42 +02:00
Code Issues Releases Wiki Activity
406 Commits 5 Branches 0 Tags 35 MiB
981ac390d6
Commit Graph

46 Commits

Author SHA1 Message Date
Hubert Kario
981ac390d6 tweak phrasing for analyze.py report 
for intermediate and modern, we expect the server to support exact
set of curves, reflect that in the error message
 2018-05-20 14:31:09 +02:00
Awad Mackie
bb3e89ec09 Update fubar EC parameter size to 256 2016-08-25 00:40:39 +01:00
Awad Mackie
3a2a43f91d Hardcode minimum EC key size 2016-08-22 23:44:13 +01:00
Awad Mackie
955d55a6ba Update EC check to use regexp and match all OpenSSL EC cipher suite variants 2016-08-22 23:33:28 +01:00
Awad Mackie
f5ad5806c3 Allow EC keys to have a smaller bitsize 2016-08-21 13:16:54 +01:00
Adam Crosby
55cdb74ff7 Added fallback to use local json recommendations file if urllib fails to connect (including SNI errors), fixes issue #116 2016-02-29 08:21:04 -05:00
Julien Vehent
9f0226e00b analyze.py: update example of json input 2016-02-24 10:52:18 -05:00
Julien Vehent
639bc45bf7 analyze.py refactoring to use online recommendations 2016-02-24 10:48:28 -05:00
Emantor
536ff90b86 ECDHE-ECDSA-DES-CBC3-SHA was missing too 
Fix `ECDHE-ECDSA-DES-CBC3-SHA` as well.
 2015-11-19 16:58:49 +01:00
Emantor
e8ba5ab8fe Update analyze.py 
Per https://mozilla.github.io/server-side-tls/ssl-config-generator/
The intermediate config supports 'ECDHE-RSA-DES-CBC3-SHA', add it to analyze.py
 2015-11-17 09:01:52 +01:00
Julien Vehent
3770389b5c Merge pull request #68 from kenoh/master 
Fix: incorrect list + string concatenation (issue #64)
 2015-09-18 09:27:41 -04:00
Hubert Kario
a3e04d3d01 fix analyze.py Python3 compat 
because subprocess returns `bytes` in Python 3
we need to interpret them to characters, which are needed by json
input and string parsing

fixes #69, #71
 2015-08-23 17:31:04 +02:00
Matúš Honěk
c9529b5977 Fix: incorrect list + string concatenation (issue #64) 2015-08-14 16:55:54 +02:00
Hubert Kario
86bc8e8574 fix is_fubar key size check 2015-05-30 19:48:56 +02:00
Hubert Kario
a53a91695e make scripts python 3 compatible 2015-05-30 15:46:26 +02:00
Julien Vehent
3e4b86eedd Merge pull request #47 from ScriptFanix/master 
fix silent TypeError on sigalg md5WithRSAEncryption
 2015-01-26 11:09:54 -05:00
Julien Vehent
3915164430 Use custom darwin openssl bin in analyze.py 2015-01-18 12:26:59 -05:00
Vincent Riquer
d1a8604a2a fix silent TypeError on sigalg md5WithRSAEncryption 
conn['sigalg'] is an array, logging.debug(conn['sigalg']) caused silent failure
 2015-01-10 03:51:26 +01:00
Vincent Riquer
b457951f5f don't expect openssl to be in cwd 2014-12-26 09:49:52 +01:00
Vincent Riquer
0e7996181a Don't expect scripts to be in working directory 2014-12-24 11:26:24 +01:00
Vincent Riquer
983f85d2d4 --nagios: run as a nagios plugin 2014-12-23 14:51:50 +01:00
Julien Vehent
d11d5e9f36 update old and intermediate ciphersuites 2014-10-18 08:31:53 -04:00
Julien Vehent
a17cfe373e make 2048 DHE key optional in intermediate level 2014-10-18 08:20:00 -04:00
Julien Vehent
ebf4f8bcc7 fix ECC size in fubar pfs analysis 2014-10-18 07:23:24 -04:00
Julien Vehent
244e9ca9f2 refactor pfs evaluation in separate function 2014-10-17 11:58:19 -04:00
Julien Vehent
ddfaa6722d display target level compliance in text output 2014-10-17 11:58:05 -04:00
Julien Vehent
551255f8b4 detect fubar dh parameters 2014-10-17 11:20:25 -04:00
Julien Vehent
a4f573195e update intermediate ciphersuite to accept 3des 2014-10-17 11:10:01 -04:00
Julien Vehent
df0b5d8d3f fix wrong failure flag 2014-10-17 11:09:42 -04:00
Julien Vehent
a11b594ab4 Fix dhparam size detection in inter and modern levels 2014-10-17 11:09:28 -04:00
Julien Vehent
28c6c2488b Accept sha384 and sha512 signatures as well as sha256 2014-10-17 11:08:32 -04:00
Julien Vehent
26c7b0e0d7 fix target level verification check 2014-10-11 23:08:35 -04:00
Julien Vehent
a749742ff3 make sha-256 cert an optional requirement to the intermediate level 2014-10-11 23:08:21 -04:00
Julien Vehent
b009c71321 add operator flag to analyze.py 2014-10-11 20:52:18 -04:00
Julien Vehent
cdd34fce03 fix bug in status detection of analyze.py 2014-10-11 20:45:14 -04:00
Julien Vehent
b846ac9d5b add json output to analyze.py via the -j flag 2014-10-11 19:37:08 -04:00
Julien Vehent
0da92f25b7 verify server side ordering is used in analyze.py 2014-10-11 00:34:07 -04:00
Julien Vehent
1c9d52c94c First shot at ordering analysis. Not yet perfect, but somewhat useful... 2014-10-10 20:30:27 -04:00
Julien Vehent
a46e474337 add some fubar recommentations 2014-10-10 19:07:31 -04:00
Julien Vehent
f4d0d598c7 analyze.py add option to give path to specific openssl 2014-10-10 18:56:44 -04:00
Julien Vehent
86edd481f6 analyze.py uses provided openssl only on linux 64 2014-10-10 18:00:10 -04:00
Julien Vehent
cc1230efd9 Analysis wording changes 2014-10-09 10:09:44 -04:00
Julien Vehent
5665951b09 minor analysis wording changes 2014-10-09 09:57:40 -04:00
Julien Vehent
215dbd0c1a ignore openssl errors in analyze.py 2014-10-09 09:54:30 -04:00
Julien Vehent
405b104583 improved configuration analysis 2014-10-09 09:35:59 -04:00
Julien Vehent
34b2eb7819 First shot at cipherscan results analyzer 2014-10-08 21:53:05 -04:00