LittleNellie
/
cipherscan
mirror of https://github.com/mozilla/cipherscan.git
2
0
Fork 0
Code Issues Releases Wiki Activity

Commit Graph

  • 826f7b5541 add caching of intermediate CA certificates Hubert Kario 2014-10-11 15:18:11 +0200
  • 3b14cd914f no need to grep the input when we're using awk (v2) Hubert Kario 2014-10-11 13:42:48 +0200
  • c4bb01df64 Merge f1faa28a8c into dca3457d5a #31 Hubert Kario 2014-11-04 03:15:52 +0000
  • dca3457d5a Merge pull request #28 from tomato42/certificate-stats Julien Vehent 2014-11-03 22:15:44 -0500
  • 8655c531f2 Merge 1dfece2bf8 into ebc6939299 #32 ccjon 2014-11-02 02:57:58 +0000
  • 1dfece2bf8 dos2unix ./cipherscan ? #32 ccjon 2014-11-01 19:54:35 -0700
  • 5a6eaaac41 parse_CAs.c - implement error checking, remove magic numbers, compile fix #28 Hubert Kario 2014-10-30 23:37:43 +0100
  • aac3e9a9db parse_CAs.py - add few comments Hubert Kario 2014-10-30 01:41:46 +0100
  • edab545f3e add Makefile for the C utility Hubert Kario 2014-10-30 01:33:58 +0100
  • f1faa28a8c limit number of forks needed to speed up execution #31 Hubert Kario 2014-10-18 17:20:20 +0200
  • 26204115bf don't retry protocols we know don't work Hubert Kario 2014-07-12 01:30:17 +0200
  • 94a1c6fc0d make handling of self signed certs more robust Hubert Kario 2014-08-04 17:22:53 +0200
  • 911b3e2515 few less forks in the script Hubert Kario 2014-07-12 14:54:33 +0200
  • 413a43ecbf don't calculate sha sums for the certificates over and over Hubert Kario 2014-07-12 14:17:52 +0200
  • 68da6f00b6 use CApath for certificates and store certificates (v2) Hubert Kario 2014-10-11 14:15:59 +0200
  • 62808a33c8 clean up the extracted certificate Hubert Kario 2014-07-11 17:29:57 +0200
  • 7087bdb5a0 add ability to also save leaf certificates and untrusted ones Hubert Kario 2014-10-11 15:18:48 +0200
  • 605a1b85fe add caching of intermediate CA certificates Hubert Kario 2014-10-11 15:18:11 +0200
  • 81a8ac0253 no need to grep the input when we're using awk (v2) Hubert Kario 2014-10-11 13:42:48 +0200
  • ebc6939299 Merge pull request #29 from tomato42/client-handshake-simulation Julien Vehent 2014-10-29 19:22:52 -0400
  • 334c3118e2 Merge pull request #30 from tomato42/timeouts Julien Vehent 2014-10-29 17:34:18 -0400
  • 11ce6187de small fixes for delay #30 Hubert Kario 2014-10-28 16:44:43 +0100
  • 71ba3c88b0 increase timeout Hubert Kario 2014-10-28 13:03:46 +0100
  • 29c739faa9 count EDH-DES as PFS too in general stats #29 Hubert Kario 2014-10-25 16:23:41 +0200
  • af2e25ec89 fix EDH checking Hubert Kario 2014-10-25 16:11:18 +0200
  • 7e310a860b Merge 5b96f8fb47 into d11d5e9f36 #27 Hubert Kario 2014-10-18 15:24:53 +0000
  • 5b96f8fb47 limit number of forks needed to speed up execution #27 Hubert Kario 2014-10-18 17:20:20 +0200
  • d11d5e9f36 update old and intermediate ciphersuites Julien Vehent 2014-10-18 08:31:53 -0400
  • a17cfe373e make 2048 DHE key optional in intermediate level Julien Vehent 2014-10-18 08:20:00 -0400
  • ebf4f8bcc7 fix ECC size in fubar pfs analysis Julien Vehent 2014-10-18 07:23:24 -0400
  • 244e9ca9f2 refactor pfs evaluation in separate function Julien Vehent 2014-10-17 11:58:19 -0400
  • ddfaa6722d display target level compliance in text output Julien Vehent 2014-10-17 11:58:05 -0400
  • 551255f8b4 detect fubar dh parameters Julien Vehent 2014-10-17 11:20:25 -0400
  • a4f573195e update intermediate ciphersuite to accept 3des Julien Vehent 2014-10-17 11:10:01 -0400
  • df0b5d8d3f fix wrong failure flag Julien Vehent 2014-10-17 11:09:42 -0400
  • a11b594ab4 Fix dhparam size detection in inter and modern levels Julien Vehent 2014-10-17 11:09:28 -0400
  • 28c6c2488b Accept sha384 and sha512 signatures as well as sha256 Julien Vehent 2014-10-17 11:08:32 -0400
  • 5b32afaa1f Add target to text output Julien Vehent 2014-10-17 10:48:59 -0400
  • 76d791fcbe make cipher selection simulation generic Hubert Kario 2014-10-12 20:24:56 +0200
  • c82bc44558 report cipher ordering in scanning stats, use it to simulate handshakes Hubert Kario 2014-07-01 00:01:32 +0200
  • 42fa7d9ecb report what ciphers Firefox would select while connecting to server Hubert Kario 2014-06-30 21:34:56 +0200
  • 1b4dcc4393 report ciphers causing incompatibility for Firefox Hubert Kario 2014-06-30 10:42:53 +0200
  • 142726c4fd count ECDH-RSA ciphers as ECDSA Hubert Kario 2014-06-24 15:34:44 +0200
  • ac18195b21 process-certificate-statistics.sh - the script HOWTO to turn results to CA stats Hubert Kario 2014-10-04 13:41:40 +0200
  • 3cfd7b76cc collect statistics about found certificates Hubert Kario 2014-07-25 17:49:44 +0200
  • 3699acfc2d helper application for finding cert chains Hubert Kario 2014-08-03 02:15:36 +0200
  • 26c7b0e0d7 fix target level verification check Julien Vehent 2014-10-11 23:08:35 -0400
  • a749742ff3 make sha-256 cert an optional requirement to the intermediate level Julien Vehent 2014-10-11 23:08:21 -0400
  • b009c71321 add operator flag to analyze.py Julien Vehent 2014-10-11 20:52:18 -0400
  • cdd34fce03 fix bug in status detection of analyze.py Julien Vehent 2014-10-11 20:45:14 -0400
  • b846ac9d5b add json output to analyze.py via the -j flag Julien Vehent 2014-10-11 19:37:08 -0400
  • 2e9c3fcc90 don't retry protocols we know don't work Hubert Kario 2014-07-12 01:30:17 +0200
  • 0e6c40ad83 make handling of self signed certs more robust Hubert Kario 2014-08-04 17:22:53 +0200
  • 0071870c7c few less forks in the script Hubert Kario 2014-07-12 14:54:33 +0200
  • 9f9af9c71d don't calculate sha sums for the certificates over and over Hubert Kario 2014-07-12 14:17:52 +0200
  • c2b3b6d7aa use CApath for certificates and store certificates (v2) Hubert Kario 2014-10-11 14:15:59 +0200
  • ea9f0056eb clean up the extracted certificate Hubert Kario 2014-07-11 17:29:57 +0200
  • eaa64e48a3 add ability to also save leaf certificates and untrusted ones Hubert Kario 2014-10-11 15:18:48 +0200
  • 38f428b476 add caching of intermediate CA certificates Hubert Kario 2014-10-11 15:18:11 +0200
  • 512819a33f no need to grep the input when we're using awk (v2) Hubert Kario 2014-10-11 13:42:48 +0200
  • 0da92f25b7 verify server side ordering is used in analyze.py Julien Vehent 2014-10-11 00:34:07 -0400
  • 1c9d52c94c First shot at ordering analysis. Not yet perfect, but somewhat useful... Julien Vehent 2014-10-10 20:30:27 -0400
  • a46e474337 add some fubar recommentations Julien Vehent 2014-10-10 19:07:31 -0400
  • f4d0d598c7 analyze.py add option to give path to specific openssl Julien Vehent 2014-10-10 18:56:44 -0400
  • 37f04054f8 fix json date to use UTC Julien Vehent 2014-10-10 18:16:22 -0400
  • 86edd481f6 analyze.py uses provided openssl only on linux 64 Julien Vehent 2014-10-10 18:00:10 -0400
  • 81ef37c593 gitignore update Julien Vehent 2014-10-10 17:31:44 -0400
  • b80b5cdd35 hide errors when json format is used Julien Vehent 2014-10-10 17:27:58 -0400
  • 278dab4800 Fix json date argument to be compatible on macos Julien Vehent 2014-10-10 17:27:29 -0400
  • f6f4fe8b86 Find timeout binary on linux and mac Julien Vehent 2014-10-10 17:19:44 -0400
  • c7c91ff5f8 updated authors Julien Vehent 2014-10-10 16:56:06 -0400
  • d5685da796 check that provided openssl is executable, fall back to system one if not Julien Vehent 2014-10-10 16:56:00 -0400
  • 26aa8f9408 cleanups Julien Vehent 2014-10-10 16:55:34 -0400
  • 7d2c8b4cad Use local ca bundle if none is found on the system, fixes issues with MacOS Julien Vehent 2014-10-10 16:55:09 -0400
  • 202d808435 Merge eedb26b958 into cc1230efd9 #26 rogerthat 2014-10-10 12:44:46 +0000
  • eedb26b958 analyze.py more portable - openssl_bin defaults to `which openssl`, instead of hardcoded ./openssl - new option -o /path/to/openssl_bin #26 mex 2014-10-10 14:44:03 +0200
  • cc1230efd9 Analysis wording changes Julien Vehent 2014-10-09 10:09:44 -0400
  • a722ad177d updated README with analysis info Julien Vehent 2014-10-09 10:03:19 -0400
  • 5665951b09 minor analysis wording changes Julien Vehent 2014-10-09 09:57:40 -0400
  • 215dbd0c1a ignore openssl errors in analyze.py Julien Vehent 2014-10-09 09:54:30 -0400
  • e9110c6bc8 gitignore Julien Vehent 2014-10-09 09:36:08 -0400
  • 405b104583 improved configuration analysis Julien Vehent 2014-10-09 09:35:59 -0400
  • 2858ef8116 Revert "no need to grep the input when we're using awk" Julien Vehent 2014-10-08 21:53:22 -0400
  • 34b2eb7819 First shot at cipherscan results analyzer Julien Vehent 2014-10-08 21:53:05 -0400
  • ca0ef2fc5c fixes for the pull request #18 Hubert Kario 2014-10-04 14:46:36 +0200
  • 29109f1e64 update SEED and IDEA classification, do a total of broken ciphers Hubert Kario 2014-10-04 12:51:34 +0200
  • 4c05897be2 no need to grep the input when we're using awk Hubert Kario 2014-07-12 01:43:54 +0200
  • fb02ae87ac add some comments, group related code Hubert Kario 2014-07-03 19:09:55 +0200
  • 77671137df add support for CApath Hubert Kario 2014-07-03 19:02:33 +0200
  • 189460da9e report if server uses client side or server side cipher ordering Hubert Kario 2014-06-30 23:03:55 +0200
  • a7ae42b08e openssl in -ssl2 mode doesn't tolerate -servername option Hubert Kario 2014-06-30 23:03:27 +0200
  • 3a4a5f938d add missing ocsp_staple header Hubert Kario 2014-06-25 14:37:21 +0200
  • 8a0c9190a9 sort reported TLS session ticket hint using natural sort Hubert Kario 2014-06-24 15:59:24 +0200
  • ed3b15fb99 Merge 77f326522e into ded65c40df #25 Hubert Kario 2014-10-04 12:56:54 +0000
  • 77f326522e fixes for the pull request #18 #25 Hubert Kario 2014-10-04 14:46:36 +0200
  • 8911827be1 process-certificate-statistics.sh - the script HOWTO to turn results to CA stats Hubert Kario 2014-10-04 13:41:40 +0200
  • 0adf721643 parse_CAs.py - add support for MD5 sigs Hubert Kario 2014-10-04 13:27:48 +0200
  • 1aeff568ee update SEED and IDEA classification, do a total of broken ciphers Hubert Kario 2014-10-04 12:51:34 +0200
  • 3c93cbd6c2 make handling of self signed certs more robust Hubert Kario 2014-08-04 17:22:53 +0200
  • 9a956dc5a5 use pre-parsed data outputted by the C application Hubert Kario 2014-08-03 17:19:56 +0200