From e768ab3f7b72b76c2237a45dc264d5bf22ddf6af Mon Sep 17 00:00:00 2001 From: Dirk Date: Thu, 18 Apr 2019 10:04:08 +0200 Subject: [PATCH 01/10] Remove file as Not needed --- utils/wireshark2ciphers.pl | 49 -------------------------------------- 1 file changed, 49 deletions(-) delete mode 100755 utils/wireshark2ciphers.pl diff --git a/utils/wireshark2ciphers.pl b/utils/wireshark2ciphers.pl deleted file mode 100755 index ba49d24..0000000 --- a/utils/wireshark2ciphers.pl +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/perl - -use strict; -use Data::Dumper; -use JSON; - -my $namelength = 30; - -# Get all ciphers first -my @spec; -my %ciphers; -my $ossl = "bin/openssl." . `uname -s` . "." . `uname -m`; -$ossl =~ s/\R//g; # remove LFs - -die "Unable to open $ossl" unless -f $ossl; -my $ossl = "$ossl" . " ciphers -V 'ALL:COMPLEMENTOFALL:\@STRENGTH'"; - -foreach my $line ( split /\n/, `$ossl` ) { - my @fields = split /\s+/, $line; - my $hex = ""; - foreach my $byte ( split /,/, $fields[1] ) { - $byte = lc $byte; - $byte =~ s/^0x//; - $hex .= $byte; - } - $hex =~ s/^0+//; - $ciphers{"0x$hex"} = $fields[3]; -} -#die Dumper \%ciphers; -#exit; - -my @ciphers = (); -while (<>) { - if ( /^\s*Cipher Suite\:/ ) { - /\((0x[0-9a-f]+)\)\s*$/; - my $n = $1; - $n =~ s/0x0*/0x/; - if ( $n && exists $ciphers{$n} ) { - push @ciphers, $ciphers{$n}; - } else { - print STDERR "No matching cipher for: $n on line\n$_" - } - } else { - print STDERR "Ignoring line $_" - } -} - -print "\n\n" . join ":", @ciphers; -print "\n"; From 5f047db92f474b118c35e0e535844bceab40301f Mon Sep 17 00:00:00 2001 From: Dirk Date: Thu, 18 Apr 2019 10:06:01 +0200 Subject: [PATCH 02/10] Add client simlation data and provide howto While we are thankful that Ivan Ristic permitted to use the client data from SSLlabs, it became of bit outdated now (see #1158). Also as sslhaf [1] was used, the data comes from HTTP traffic only. This is a start to address it. It provides data from Android 9 (connecting to the play store, so that it is sure we don't capture a ClientHello from an application having an own TLS stack. Also it provides documentation how to grab data yourself, and provide it back to testssl.sh. Aim is at least for testssl.sh 3.0 to add Android 8 and OpenSSL 1.1.1 (@drwetter). My hope others can assist with Safari on OSX 11 and 12. Java 10 and 11, and a recent Opera and Edge version. (Firefox and Chrome are out of date too) Mail clients to follow later. [1] https://github.com/ssllabs/sslhaf --- etc/README.md | 3 +- etc/client-simulation.txt | 21 +++++++++++ etc/client-simulation.wiresharked.txt | 51 +++++++++++++++++++++++++++ utils/hexstream2cipher.sh | 30 ++++++++++++++++ 4 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 etc/client-simulation.wiresharked.txt create mode 100755 utils/hexstream2cipher.sh diff --git a/etc/README.md b/etc/README.md index 896c004..f414aa0 100644 --- a/etc/README.md +++ b/etc/README.md @@ -34,4 +34,5 @@ If you want to test against e.g. a company internal CA you want to avoid warning * ``client-simulation.txt`` as the name indicates it's the data for the client simulation. Use ``~/utils/update_client_sim_data.pl`` for an update. Note: This list has been manually - edited to sort it and weed it out. + edited to sort it and weed it out. In addition the file named ``client-simulation.wiresharked.txt`` + provides more client data and some instructions how to generate it yourself diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index 44d8bc5..cd92e66 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -193,6 +193,27 @@ requiresSha2+=(false) current+=(true) + names+=("Android 9.0 (native)") + short+=("android_90") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010246010002420303d6259dca682ab368c7e095da7189996da830514896063d4acdc83cb5d2c2568d2041a787bf8dd3d7a1ceda514a6606f1068432a13063ea320fd7e7b367af47ecae00220a0a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001d77a7a00000000001e001c0000196c68332e676f6f676c6575736572636f6e74656e742e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00203e67895a11e9ce5c69df2995782adaddb7a03ef30b245000ca332d5940ecff20002d00020101002b000b0aeaea0304030303020301001b00030200026a6a0001000029010500e000da001c9941f6b101f853f370851e583bd22e03150fc67298947270c6058707fe1670efe590d777a34b9e2e2d0ec6aa8d0ddc375c2535934c75c9623d1a271f735417fdd9190dae7f4c8541c262f8fbfeee2e820f54f59f68e78503f5c093f6084037be22c20dad3d057f64dc73f2dd45948e27c707f3f2107b32040a21fa9c1273e7797aaf5a5bc8994e9eafc4bd43b2951e10f952564a910f146344ec6d0c49f75fc6a070c75f0ffdd84fe9e10f77c23f1062e90f9e1e396eddb84d8ac00bf7ac87c557622dd18c54bbc229268699c60434648b279dd86e996baee9d1c155002120235d43319c7d5bb4725a52fa782468cd2280bd622c40a36296b354759f6d4389") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + service+=("HTTP,FTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("Chrome 27 Win 7") short+=("chrome_27_win7") ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-RC4-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt new file mode 100644 index 0000000..aa96060 --- /dev/null +++ b/etc/client-simulation.wiresharked.txt @@ -0,0 +1,51 @@ +# This is a file which content has been manually created from Wireshark. +# The content needs to be added to client-simulation.txt which other part +# comes from the SSLlabs client API via update_client_sim_data.pl +# The whole process is done manually. +# +# Instructions how to add a client simulation: +# * Start wireshark at the client / router. Best is during capture to filter for the target you want to contribute. +# * Make sure you create a bit of encrypted traffic to a target of your choice 1) . +# * Make sure the client traffic is specific: For just "Android" do not use a browser. +# * Stop the recording. +# * If needed sort for ClientHello. +# * Look for the ClientHello which matches the source IP + destination IP you had in mind. +# * Retrieve "handshakebytes" by marking the Record Layer --> Copy --> As a hex stream. +# * Figure out "protos" and "tlsvers" by looking at the supported_versions TLS extension (43=0x002b). May work only on modern clients. +# * Adjust "lowest_protocol" and "highest_protocol" accordingly. +# * Get "curves" from at the supported groups TLS extension 10 = 0x00a. Omit GREASE. +# * Retrieve "alpn" by looking at the alpn TLS extension 16 (=0x0010). +# * Review TLS extension 13 (=0x000d) whether any SHA1 signature algorithm is listed. If not "requiresSha2" is true +# * Leave "maxDhBits"/"minDhBits" and "minRsaBits"/"maxRsaBits" at -1, unless you know for sure what the client can handle +# * For "handshakebytes" mark the Cipher Suites --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and +# supply it to ~/utils/hexstream2cipher.sh +# * Figure out the services by applying a good piece of logic +# * Before submitting a PR: test it yourself! You can also watch it again via wireshark +# +# +# 1) Attention: if you want to contribute it contains the target hostname (SNI) + + + names+=("Android 9.0 (native)") + short+=("android_90") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010246010002420303d6259dca682ab368c7e095da7189996da830514896063d4acdc83cb5d2c2568d2041a787bf8dd3d7a1ceda514a6606f1068432a13063ea320fd7e7b367af47ecae00220a0a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001d77a7a00000000001e001c0000196c68332e676f6f676c6575736572636f6e74656e742e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00203e67895a11e9ce5c69df2995782adaddb7a03ef30b245000ca332d5940ecff20002d00020101002b000b0aeaea0304030303020301001b00030200026a6a0001000029010500e000da001c9941f6b101f853f370851e583bd22e03150fc67298947270c6058707fe1670efe590d777a34b9e2e2d0ec6aa8d0ddc375c2535934c75c9623d1a271f735417fdd9190dae7f4c8541c262f8fbfeee2e820f54f59f68e78503f5c093f6084037be22c20dad3d057f64dc73f2dd45948e27c707f3f2107b32040a21fa9c1273e7797aaf5a5bc8994e9eafc4bd43b2951e10f952564a910f146344ec6d0c49f75fc6a070c75f0ffdd84fe9e10f77c23f1062e90f9e1e396eddb84d8ac00bf7ac87c557622dd18c54bbc229268699c60434648b279dd86e996baee9d1c155002120235d43319c7d5bb4725a52fa782468cd2280bd622c40a36296b354759f6d4389") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + + diff --git a/utils/hexstream2cipher.sh b/utils/hexstream2cipher.sh new file mode 100755 index 0000000..60c5afc --- /dev/null +++ b/utils/hexstream2cipher.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +hs="$1" +len=${#hs} +echo "# ciphers: $((len/4))" + +mapfile="etc/cipher-mapping.txt" +[ -s $mapfile ] || mapfile="../$mapfile" +[ -s $mapfile ] || exit 255 + +cip="" +first=true + +for ((i=0; i $grepstr --> " + cip=$(grep -i ${grepstr} $mapfile | awk '{ print $3 }') + echo $cip + if "$first"; then + ciphers="$cip" + first=false + else + ciphers="$ciphers:$cip" + fi +done + +echo +echo $ciphers From c183c213e5309df12cb2b3a9f74aacd0e20e23f1 Mon Sep 17 00:00:00 2001 From: Dirk Date: Sat, 20 Apr 2019 20:21:25 +0200 Subject: [PATCH 03/10] Add client simulations .. for Android 8.1 and Firefox 66. Add ciphersuites to the existing handshakes and update the documentation accordingly. --- etc/client-simulation.txt | 105 ++++++++++++++++++++++++-- etc/client-simulation.wiresharked.txt | 97 ++++++++++++++++++++++-- 2 files changed, 190 insertions(+), 12 deletions(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index cd92e66..91c9510 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -1,6 +1,8 @@ # This file contains client handshake data used in the run_client_simulation() function. -# The file distributed with testssl.sh (etc/client-simulation.txt) has been generated +# The file distributed with testssl.sh (~/etc/client-simulation.txt) has been generated # from this script and manually edited (=which UA to show up) and sorted. +# In addition this file contains handshake data retrieved manually from +# wireshark. Data and HowTo see ~/etc/client-simulation.wiresharked.txt # # Most clients are taken from Qualys SSL Labs --- From: https://api.dev.ssllabs.com/api/v3/getClients @@ -193,17 +195,18 @@ requiresSha2+=(false) current+=(true) - names+=("Android 9.0 (native)") - short+=("android_90") - ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + names+=("Android 8.1 (native)") + short+=("android_81") + ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA") ciphersuites+=("") sni+=("$SNI") warning+=("") - handshakebytes+=("1603010246010002420303d6259dca682ab368c7e095da7189996da830514896063d4acdc83cb5d2c2568d2041a787bf8dd3d7a1ceda514a6606f1068432a13063ea320fd7e7b367af47ecae00220a0a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001d77a7a00000000001e001c0000196c68332e676f6f676c6575736572636f6e74656e742e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00203e67895a11e9ce5c69df2995782adaddb7a03ef30b245000ca332d5940ecff20002d00020101002b000b0aeaea0304030303020301001b00030200026a6a0001000029010500e000da001c9941f6b101f853f370851e583bd22e03150fc67298947270c6058707fe1670efe590d777a34b9e2e2d0ec6aa8d0ddc375c2535934c75c9623d1a271f735417fdd9190dae7f4c8541c262f8fbfeee2e820f54f59f68e78503f5c093f6084037be22c20dad3d057f64dc73f2dd45948e27c707f3f2107b32040a21fa9c1273e7797aaf5a5bc8994e9eafc4bd43b2951e10f952564a910f146344ec6d0c49f75fc6a070c75f0ffdd84fe9e10f77c23f1062e90f9e1e396eddb84d8ac00bf7ac87c557622dd18c54bbc229268699c60434648b279dd86e996baee9d1c155002120235d43319c7d5bb4725a52fa782468cd2280bd622c40a36296b354759f6d4389") + handshakebytes+=("16030100c0010000bc030346fcc7d3e5a9f68af0aa05de62de63c4ad1a4f472da56aa1424041106922370720ef51a7595abfd5bb32038c96c481bb6449053ba08023a752d124b1c1ca7d34fe001cc02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f0035010000570000001700150000127777772e676f6f676c65617069732e636f6d00170000ff01000100000a00080006001d00170018000b00020100000500050100000000000d00140012040308040401050308050501080606010201") protos+=("-no_ssl3 -no_ssl2") - tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") - highest_protocol+=("0x0304") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") service+=("HTTP,FTP,SMTP,POP,IMAP") minDhBits+=(-1) maxDhBits+=(-1) @@ -214,6 +217,28 @@ requiresSha2+=(false) current+=(true) + names+=("Android 9.0 (native)") + short+=("android_90") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010246010002420303d6259dca682ab368c7e095da7189996da830514896063d4acdc83cb5d2c2568d2041a787bf8dd3d7a1ceda514a6606f1068432a13063ea320fd7e7b367af47ecae00220a0a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001d77a7a00000000001e001c0000196c68332e676f6f676c6575736572636f6e74656e742e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00203e67895a11e9ce5c69df2995782adaddb7a03ef30b245000ca332d5940ecff20002d00020101002b000b0aeaea0304030303020301001b00030200026a6a0001000029010500e000da001c9941f6b101f853f370851e583bd22e03150fc67298947270c6058707fe1670efe590d777a34b9e2e2d0ec6aa8d0ddc375c2535934c75c9623d1a271f735417fdd9190dae7f4c8541c262f8fbfeee2e820f54f59f68e78503f5c093f6084037be22c20dad3d057f64dc73f2dd45948e27c707f3f2107b32040a21fa9c1273e7797aaf5a5bc8994e9eafc4bd43b2951e10f952564a910f146344ec6d0c49f75fc6a070c75f0ffdd84fe9e10f77c23f1062e90f9e1e396eddb84d8ac00bf7ac87c557622dd18c54bbc229268699c60434648b279dd86e996baee9d1c155002120235d43319c7d5bb4725a52fa782468cd2280bd622c40a36296b354759f6d4389") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(true) + current+=(true) + names+=("Chrome 27 Win 7") short+=("chrome_27_win7") ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-RC4-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA") @@ -1348,6 +1373,28 @@ requiresSha2+=(false) current+=(true) + names+=("Firefox 66 (Win 8.1)") + short+=("firefox_66_win81") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc0303f488fc07f89155dba6560e527e1708e0b36458f32492fcf3074386f169d447e5204ed6d2d9d162b792388e9cee6c838b6b1e82dacdf1837f7279bc42339c70b79c0024130113031302c02bc02fcca9cca8c02cc030c00ac009c013c01400330039002f0035000a0100018f0000000f000d00000a7465737473736c2e736800170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000033006b0069001d0020f3c22d5492b1230da8895790bea5e5a3af7e63517cfa31b37d1d2a817a628f690017004104a373b66bce1c5d411d78d93b3c3ee6eb7c4519a52abf29e98bbc355a94f8f52a1c8bb7d6320c0104e98ec3895bc5e89ddc1d8f2b76305912992df46c546f2cf5002b0009080304030303020301000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015009400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1023) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072") + requiresSha2+=(false) + current+=(true) + names+=("IE 6 XP") short+=("ie_6_xp") ciphers+=("RC4-MD5:RC4-SHA:DES-CBC3-SHA:RC4-MD5:DES-CBC3-MD5:RC2-CBC-MD5:DES-CBC-SHA:DES-CBC-MD5:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA") @@ -2335,6 +2382,50 @@ requiresSha2+=(false) current+=(true) + names+=("OpenSSL 1.1.0j (Debian)") + short+=("openssl_110j") + ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("16030100c2010000be03036468410c4ae36f78a4357ad19fa61353e46aed101eff4e0c9f77ec654dc12eb4000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff0100005d00000013001100000e7465737473736c2e73683a343433000b000403000102000a000a0008001d001700190018002300000016000000170000000d0020001e060106020603050105020503040104020403030103020303020102020203") + protos+=("-no_ssl2 -no-ssl3") + tlsvers+=("-tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("ANY") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp521r1:secp384r1") + requiresSha2+=(false) + current+=(true) + + names+=("OpenSSL 1.1.1b (Debian)") + short+=("openssl_111b") + ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA") + ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("160301012d010001290303ac67ab7c72eea2e0f68615f02c9e566ed4a3bb0022c2ca1db7615acfb9dedd0120415470391af467e708e8983b134defcb4f4855e774606ae8223265af0fbb802a003e130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff010000a200000013001100000e7465737473736c2e73683a343433000b000403000102000a000c000a001d0017001e00190018002300000016000000170000000d002a0028040305030603080708080809080a080b080408050806040105010601030303010302040205020602002b00050403040303002d00020101003300260024001d0020b4556edddf807eb6b6bbcd61e25775a3992dd6f5caeee76d37f8895436efc972") + protos+=("-no_ssl2 -no-ssl3") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("ANY") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:x448:secp521r1:secp384r1") + requiresSha2+=(true) + current+=(true) + names+=("Baidu Jan 2015") short+=("baidu_jan_2015") ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-MD5:RC4-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index aa96060..7888be1 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -1,4 +1,4 @@ -# This is a file which content has been manually created from Wireshark. +# This file contains client handshake data manually created from Wireshark. # The content needs to be added to client-simulation.txt which other part # comes from the SSLlabs client API via update_client_sim_data.pl # The whole process is done manually. @@ -11,14 +11,14 @@ # * If needed sort for ClientHello. # * Look for the ClientHello which matches the source IP + destination IP you had in mind. # * Retrieve "handshakebytes" by marking the Record Layer --> Copy --> As a hex stream. -# * Figure out "protos" and "tlsvers" by looking at the supported_versions TLS extension (43=0x002b). May work only on modern clients. +# * Figure out "protos" and "tlsvers" by looking at the supported_versions TLS extension (43=0x002b). May work only on modern clients. Be careful as some do not list all TLS versions here (OpenSSL 1.1.1 lists only TLS 1.2/1.3 here) # * Adjust "lowest_protocol" and "highest_protocol" accordingly. # * Get "curves" from at the supported groups TLS extension 10 = 0x00a. Omit GREASE. # * Retrieve "alpn" by looking at the alpn TLS extension 16 (=0x0010). # * Review TLS extension 13 (=0x000d) whether any SHA1 signature algorithm is listed. If not "requiresSha2" is true # * Leave "maxDhBits"/"minDhBits" and "minRsaBits"/"maxRsaBits" at -1, unless you know for sure what the client can handle -# * For "handshakebytes" mark the Cipher Suites --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and -# supply it to ~/utils/hexstream2cipher.sh +# * For "ciphers" mark the Cipher Suites --> Copy --> As a hex stream, remove any leading GREASE ciphers (?a?a) and supply it to ~/utils/hexstream2cipher.sh +# * "ciphersutes" are TLS 1.3 ciphersuites. You can identify them as they currently are like 0x130?. Retrieve them from above see ~/utils/hexstream2cipher.sh # * Figure out the services by applying a good piece of logic # * Before submitting a PR: test it yourself! You can also watch it again via wireshark # @@ -26,10 +26,32 @@ # 1) Attention: if you want to contribute it contains the target hostname (SNI) + names+=("Android 8.1 (native)") + short+=("android_81") + ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("16030100c0010000bc030346fcc7d3e5a9f68af0aa05de62de63c4ad1a4f472da56aa1424041106922370720ef51a7595abfd5bb32038c96c481bb6449053ba08023a752d124b1c1ca7d34fe001cc02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f0035010000570000001700150000127777772e676f6f676c65617069732e636f6d00170000ff01000100000a00080006001d00170018000b00020100000500050100000000000d00140012040308040401050308050501080606010201") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("Android 9.0 (native)") short+=("android_90") ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") - ciphersuites+=("") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") sni+=("$SNI") warning+=("") handshakebytes+=("1603010246010002420303d6259dca682ab368c7e095da7189996da830514896063d4acdc83cb5d2c2568d2041a787bf8dd3d7a1ceda514a6606f1068432a13063ea320fd7e7b367af47ecae00220a0a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001d77a7a00000000001e001c0000196c68332e676f6f676c6575736572636f6e74656e742e636f6d00170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00203e67895a11e9ce5c69df2995782adaddb7a03ef30b245000ca332d5940ecff20002d00020101002b000b0aeaea0304030303020301001b00030200026a6a0001000029010500e000da001c9941f6b101f853f370851e583bd22e03150fc67298947270c6058707fe1670efe590d777a34b9e2e2d0ec6aa8d0ddc375c2535934c75c9623d1a271f735417fdd9190dae7f4c8541c262f8fbfeee2e820f54f59f68e78503f5c093f6084037be22c20dad3d057f64dc73f2dd45948e27c707f3f2107b32040a21fa9c1273e7797aaf5a5bc8994e9eafc4bd43b2951e10f952564a910f146344ec6d0c49f75fc6a070c75f0ffdd84fe9e10f77c23f1062e90f9e1e396eddb84d8ac00bf7ac87c557622dd18c54bbc229268699c60434648b279dd86e996baee9d1c155002120235d43319c7d5bb4725a52fa782468cd2280bd622c40a36296b354759f6d4389") @@ -45,7 +67,72 @@ maxRsaBits+=(-1) minEcdsaBits+=(-1) curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(true) + current+=(true) + + names+=("Firefox 66 (Win 8.1)") + short+=("firefox_66_win81") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc0303f488fc07f89155dba6560e527e1708e0b36458f32492fcf3074386f169d447e5204ed6d2d9d162b792388e9cee6c838b6b1e82dacdf1837f7279bc42339c70b79c0024130113031302c02bc02fcca9cca8c02cc030c00ac009c013c01400330039002f0035000a0100018f0000000f000d00000a7465737473736c2e736800170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000033006b0069001d0020f3c22d5492b1230da8895790bea5e5a3af7e63517cfa31b37d1d2a817a628f690017004104a373b66bce1c5d411d78d93b3c3ee6eb7c4519a52abf29e98bbc355a94f8f52a1c8bb7d6320c0104e98ec3895bc5e89ddc1d8f2b76305912992df46c546f2cf5002b0009080304030303020301000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015009400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1023) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072") requiresSha2+=(false) current+=(true) + names+=("OpenSSL 1.1.0j (Debian)") + short+=("openssl_110j") + ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("16030100c2010000be03036468410c4ae36f78a4357ad19fa61353e46aed101eff4e0c9f77ec654dc12eb4000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff0100005d00000013001100000e7465737473736c2e73683a343433000b000403000102000a000a0008001d001700190018002300000016000000170000000d0020001e060106020603050105020503040104020403030103020303020102020203") + protos+=("-no_ssl2 -no-ssl3") + tlsvers+=("-tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("ANY") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp521r1:secp384r1") + requiresSha2+=(false) + current+=(true) + + names+=("OpenSSL 1.1.1b (Debian)") + short+=("openssl_111b") + ciphers+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA") + ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("160301012d010001290303ac67ab7c72eea2e0f68615f02c9e566ed4a3bb0022c2ca1db7615acfb9dedd0120415470391af467e708e8983b134defcb4f4855e774606ae8223265af0fbb802a003e130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff010000a200000013001100000e7465737473736c2e73683a343433000b000403000102000a000c000a001d0017001e00190018002300000016000000170000000d002a0028040305030603080708080809080a080b080408050806040105010601030303010302040205020602002b00050403040303002d00020101003300260024001d0020b4556edddf807eb6b6bbcd61e25775a3992dd6f5caeee76d37f8895436efc972") + protos+=("-no_ssl2 -no-ssl3") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("ANY") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:X448:secp521r1:secp384r1") + requiresSha2+=(true) + current+=(true) From 31c5107a64ad567db9c14ab1c1713e00edb9f5d4 Mon Sep 17 00:00:00 2001 From: Dirk Date: Sat, 20 Apr 2019 20:23:50 +0200 Subject: [PATCH 04/10] Remove a few redundant quotes in run_client_simulation() --- testssl.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index 33c063b..05d843e 100755 --- a/testssl.sh +++ b/testssl.sh @@ -4479,7 +4479,7 @@ run_client_simulation() { for name in "${short[@]}"; do if "${current[i]}" || "$ALL_CLIENTS" ; then # for ANY we test this service or if the service we determined from STARTTLS matches - if [[ "${service[i]}" == "ANY" ]] || [[ "${service[i]}" =~ $client_service ]]; then + if [[ "${service[i]}" == ANY ]] || [[ "${service[i]}" =~ $client_service ]]; then out " $(printf -- "%-29s" "${names[i]}")" if "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; then client_simulation_sockets "${handshakebytes[i]}" @@ -4514,7 +4514,7 @@ run_client_simulation() { bits="${temp##*, }" # formatting curve="${temp#*, }" - if [[ "$curve" == "$bits" ]]; then + if [[ "$curve" == $bits ]]; then curve="" else curve="${curve%%,*}" @@ -4525,7 +4525,7 @@ run_client_simulation() { curve="$what_dh" what_dh="ECDH" fi - if [[ "$what_dh" == "DH" ]]; then + if [[ "$what_dh" == DH ]]; then [[ ${minDhBits[i]} -ne -1 ]] && [[ $bits -lt ${minDhBits[i]} ]] && sclient_success=1 [[ ${maxDhBits[i]} -ne -1 ]] && [[ $bits -gt ${maxDhBits[i]} ]] && sclient_success=1 fi From 950772cb23950419b07c4445dc9bba47dde762e1 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 23 Apr 2019 10:26:30 +0200 Subject: [PATCH 05/10] Clarify client sim data --- etc/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/etc/README.md b/etc/README.md index f414aa0..7b36fe6 100644 --- a/etc/README.md +++ b/etc/README.md @@ -32,7 +32,6 @@ If you want to test against e.g. a company internal CA you want to avoid warning * ``common-primes.txt`` is used for LOGJAM and the PFS section -* ``client-simulation.txt`` as the name indicates it's the data for the client simulation. Use - ``~/utils/update_client_sim_data.pl`` for an update. Note: This list has been manually - edited to sort it and weed it out. In addition the file named ``client-simulation.wiresharked.txt`` - provides more client data and some instructions how to generate it yourself +* ``client-simulation.txt`` / ``client-simulation.wiresharked.txt`` are as the names indicate data for the client simulation. + The first one is derived from ``~/utils/update_client_sim_data.pl``, and manually edited to sort and label those we don't want. + The second file provides more client data retrieved from wireshark captures and some instructions how to do that yourself. From d2f5c2633cf93727a8f214071703f0a89d0daa37 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 23 Apr 2019 10:32:17 +0200 Subject: [PATCH 06/10] Add a few MS client hellos * Edge 17 Win 10 * Firefox 66 Win 10 Disable 'Edge 13 Win Phone 10' per default and 'Firefox 62 Win 7'. --- etc/client-simulation.txt | 30 +++++++++++++++++++++++---- etc/client-simulation.wiresharked.txt | 26 +++++++++++++++++++++-- 2 files changed, 50 insertions(+), 6 deletions(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index 91c9510..f9e4573 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -1350,7 +1350,7 @@ minEcdsaBits+=(-1) curves+=("X25519:prime256v1:secp384r1:secp521r1") requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Firefox 62 Win 7") short+=("firefox_62_win7") @@ -1373,7 +1373,7 @@ requiresSha2+=(false) current+=(true) - names+=("Firefox 66 (Win 8.1)") + names+=("Firefox 66 (Win 8.1/10)") short+=("firefox_66_win81") ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") @@ -1708,7 +1708,7 @@ minEcdsaBits+=(-1) curves+=("prime256v1:secp384r1") requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Edge 13 Win Phone 10") short+=("edge_13_winphone10") @@ -1729,7 +1729,7 @@ minEcdsaBits+=(-1) curves+=("prime256v1:secp384r1") requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Edge 15 Win 10") short+=("edge_15_win10") @@ -1752,6 +1752,28 @@ requiresSha2+=(false) current+=(true) + names+=("Edge 17 (Win 10)") + short+=("edge_17_win10") + ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("160303018d0100018903035cbeb3c560acfb3dfe583ba45f51f5e2e36f99dfe5e22f1a230724dfaf5ddbde000026c02cc02bc030c02fc024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a0100013a0000001a0018000015737570706f72742e6d6963726f736f66742e636f6d000500050100000000000a00080006001d00170018000b00020100000d00140012040105010201040305030203020206010603002300c000000f032566a8435c845ce7de67f2f4fd6c75ed3206c9448a513d4b4f8cd2fedb5f7d1eb4573ce68756fdad198bd3e4eadfd4db2d7794cc69198366edcb9b9ff5803a58718c1de4d6dffeb4354cd48f5dba6de719cebb27d544f6b2f4427e4e5d46f564d3098134d9b69a4e83e233f5dfea099733f75022dba07665d7c35dd09742082a06f080871caaa6a7770ebc9e2c792eb88c44d0d56ae6ba068a189b674491cee28155148c86d53071e170ab354e0fd0e390b9ddda0886b9fa8c70ee1a0010000e000c02683208687474702f312e310017000000180006001003020100ff01000100") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1024) + maxDhBits+=(4096) + minRsaBits+=(-1) + maxRsaBits+=(16384) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("Opera 12.15 Win 7") short+=("opera_1215_win7") ciphers+=("DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-DSS-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DES-CBC3-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index 7888be1..ae530c4 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -70,8 +70,30 @@ requiresSha2+=(true) current+=(true) - names+=("Firefox 66 (Win 8.1)") - short+=("firefox_66_win81") + names+=("Edge 17 Win 10") + short+=("edge_17_win10") + ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA") + ciphersuites+=("") + sni+=("$SNI") + warning+=("") + handshakebytes+=("160303018d0100018903035cbeb3c560acfb3dfe583ba45f51f5e2e36f99dfe5e22f1a230724dfaf5ddbde000026c02cc02bc030c02fc024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a0100013a0000001a0018000015737570706f72742e6d6963726f736f66742e636f6d000500050100000000000a00080006001d00170018000b00020100000d00140012040105010201040305030203020206010603002300c000000f032566a8435c845ce7de67f2f4fd6c75ed3206c9448a513d4b4f8cd2fedb5f7d1eb4573ce68756fdad198bd3e4eadfd4db2d7794cc69198366edcb9b9ff5803a58718c1de4d6dffeb4354cd48f5dba6de719cebb27d544f6b2f4427e4e5d46f564d3098134d9b69a4e83e233f5dfea099733f75022dba07665d7c35dd09742082a06f080871caaa6a7770ebc9e2c792eb88c44d0d56ae6ba068a189b674491cee28155148c86d53071e170ab354e0fd0e390b9ddda0886b9fa8c70ee1a0010000e000c02683208687474702f312e310017000000180006001003020100ff01000100") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1024) + maxDhBits+=(4096) + minRsaBits+=(-1) + maxRsaBits+=(16384) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + + names+=("Firefox 66 (Win 8.1/10)") + short+=("firefox_66_win") ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") sni+=("$SNI") From 3f99c2d2c828b4990e35b23247c13551605fafe9 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 23 Apr 2019 11:33:47 +0200 Subject: [PATCH 07/10] Add Opera 60 + Chrome 73 Chrome 74 update pending --- etc/client-simulation.txt | 46 +++++++++++++++++++++++- etc/client-simulation.wiresharked.txt | 52 ++++++++++++++++++++++++--- 2 files changed, 93 insertions(+), 5 deletions(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index f9e4573..0714ca4 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -751,7 +751,7 @@ warning+=("") handshakebytes+=("1603010200010001fc0303a4ae4c9839623356a42a2a977373dcefc5920611a46c549eca42959de9e2dab220d6c3276206e9c756685d96687302864815ed0e8496472898e86b30b694ee994300229a9a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001913a3a0000ff0100010000000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d00140012040308040401050308050501080606010201000500050100000000001200000010000e000c02683208687474702f312e3175500000000b000201000033002b00291a1a000100001d00205672b32aa464a7b8513f37108290ab0dd39e317d2b0db8fe0d77c147b324fe29002d00020101002b000b0a0a0a0304030303020301000a000a00081a1a001d00170018001b00030200022a2a000100001500c50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") protos+=("-no_ssl3 -no_ssl2") - tlsvers+=("-tls1_2 -tls1_1 -tls1") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0304") service+=("HTTP,FTP") @@ -762,6 +762,28 @@ minEcdsaBits+=(-1) curves+=("X25519:prime256v1:secp384r1") requiresSha2+=(false) + current+=(false) + + names+=("Chrome 73 (Win 10)") + short+=("chrome_73_win10") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc0303a719e434922565bbd59fe0dfec21b7f5c8549fdf52566af99cce87ecb276992b20bbf979b5fbe4ebd1412e55ffe6b811e561d3f04ce451fc229d329babda4de91d00227a7a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001914a4a000000000012001000000d7777772e676f6f676c652e646500170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00205c2f12fabe8b2ff843aa9f347816b7d3a8b8c051f0830f4bbf13d44b5ec37c2b002d00020101002b000b0aeaea0304030303020301001b0003020002eaea000100001500cb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1024) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) current+=(true) names+=("Firefox 10.0.12 ESR Win 7") @@ -1858,6 +1880,28 @@ requiresSha2+=(false) current+=(false) + names+=("Opera 60 (Win 10)") + short+=("opera_60_win10") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc03033503bae63f0cf8ef9d0a55623327a28e3c3525a2ce28153242e132279d3940e3206a440f32e7a8488b012b12d4b7d1b2b1764c784a944662a7f305e90f7d15168500228a8a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a01000191eaea000000000012001000000d7777772e6f706572612e636f6d00170000ff01000100000a000a0008caca001d00170018000b00020100002300c07505f51cc349fe3f9e022858dcd1eb12ca07a302fd9f43a4cbffec031296e77b07122bb9532dd112770b686a4898e20462c514c5fb043dc325a5453753c499774bfab673024a86543064c33d40b67b2e4e9dfa177305e8cdc39f3d8afe0fe7c80406a9e07ea836dd8a46ab7ef9aa5dc66301a346585f7ff26615a28cbea2544d4ba8101be6f528b4bba3a5ce9a6683537b29cd16d4c5015de6f9a93d3c132389e56ff20853d952f6ee06b46ca89dc52b67583fbb0fb61e2b78c03ef97892c6a90010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029caca000100001d00204aeb26ec670ce59e094a8b97c281186b4e87706df48667a24193e268a069cd54002d00020101002b000b0a3a3a0304030303020301001b00030200027a7a0001000015000b0000000000000000000000") + protos+=("-no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("Safari 5.1.9 OS X 10.6.8") short+=("safari_519_osx1068") ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5:AES256-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP-RC4-MD5:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index ae530c4..92236f8 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -6,14 +6,14 @@ # Instructions how to add a client simulation: # * Start wireshark at the client / router. Best is during capture to filter for the target you want to contribute. # * Make sure you create a bit of encrypted traffic to a target of your choice 1) . -# * Make sure the client traffic is specific: For just "Android" do not use a browser. +# * Make sure the client traffic is specific: For just "Android" do not use a browser! # * Stop the recording. # * If needed sort for ClientHello. -# * Look for the ClientHello which matches the source IP + destination IP you had in mind. +# * Look for the ClientHello which matches the source IP + destination you had in mind. Check the destination hostname in the SNI extension so that you can be sure, it's the right traffic. # * Retrieve "handshakebytes" by marking the Record Layer --> Copy --> As a hex stream. # * Figure out "protos" and "tlsvers" by looking at the supported_versions TLS extension (43=0x002b). May work only on modern clients. Be careful as some do not list all TLS versions here (OpenSSL 1.1.1 lists only TLS 1.2/1.3 here) # * Adjust "lowest_protocol" and "highest_protocol" accordingly. -# * Get "curves" from at the supported groups TLS extension 10 = 0x00a. Omit GREASE. +# * Get "curves" from at the supported groups TLS extension 10 = 0x00a. Omit any GREASE. # * Retrieve "alpn" by looking at the alpn TLS extension 16 (=0x0010). # * Review TLS extension 13 (=0x000d) whether any SHA1 signature algorithm is listed. If not "requiresSha2" is true # * Leave "maxDhBits"/"minDhBits" and "minRsaBits"/"maxRsaBits" at -1, unless you know for sure what the client can handle @@ -23,7 +23,7 @@ # * Before submitting a PR: test it yourself! You can also watch it again via wireshark # # -# 1) Attention: if you want to contribute it contains the target hostname (SNI) +# 1) Attention, privacy: if you want to contribute it contains the target hostname (SNI) names+=("Android 8.1 (native)") @@ -92,6 +92,28 @@ requiresSha2+=(false) current+=(true) + names+=("Chrome 73 (Win 10)") + short+=("chrome_73_win10") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc0303a719e434922565bbd59fe0dfec21b7f5c8549fdf52566af99cce87ecb276992b20bbf979b5fbe4ebd1412e55ffe6b811e561d3f04ce451fc229d329babda4de91d00227a7a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001914a4a000000000012001000000d7777772e676f6f676c652e646500170000ff01000100000a000a0008aaaa001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029aaaa000100001d00205c2f12fabe8b2ff843aa9f347816b7d3a8b8c051f0830f4bbf13d44b5ec37c2b002d00020101002b000b0aeaea0304030303020301001b0003020002eaea000100001500cb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(1024) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("Firefox 66 (Win 8.1/10)") short+=("firefox_66_win") ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") @@ -114,6 +136,28 @@ requiresSha2+=(false) current+=(true) + names+=("Opera 60 (Win 10)") + short+=("opera_60_win10") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc03033503bae63f0cf8ef9d0a55623327a28e3c3525a2ce28153242e132279d3940e3206a440f32e7a8488b012b12d4b7d1b2b1764c784a944662a7f305e90f7d15168500228a8a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a01000191eaea000000000012001000000d7777772e6f706572612e636f6d00170000ff01000100000a000a0008caca001d00170018000b00020100002300c07505f51cc349fe3f9e022858dcd1eb12ca07a302fd9f43a4cbffec031296e77b07122bb9532dd112770b686a4898e20462c514c5fb043dc325a5453753c499774bfab673024a86543064c33d40b67b2e4e9dfa177305e8cdc39f3d8afe0fe7c80406a9e07ea836dd8a46ab7ef9aa5dc66301a346585f7ff26615a28cbea2544d4ba8101be6f528b4bba3a5ce9a6683537b29cd16d4c5015de6f9a93d3c132389e56ff20853d952f6ee06b46ca89dc52b67583fbb0fb61e2b78c03ef97892c6a90010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029caca000100001d00204aeb26ec670ce59e094a8b97c281186b4e87706df48667a24193e268a069cd54002d00020101002b000b0a3a3a0304030303020301001b00030200027a7a0001000015000b0000000000000000000000") + protos+=("-no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0300") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,FTP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1") + requiresSha2+=(false) + current+=(true) + names+=("OpenSSL 1.1.0j (Debian)") short+=("openssl_110j") ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA") From 64c2bcc949a5680cb0bc8e3bf7195efc74568f6d Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 23 Apr 2019 13:37:50 +0200 Subject: [PATCH 08/10] Add Thunderbird 60.6.1 to client simulation --- etc/client-simulation.txt | 22 ++++++++++++++++++++++ etc/client-simulation.wiresharked.txt | 23 +++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index 0714ca4..44ce893 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -2492,6 +2492,28 @@ requiresSha2+=(true) current+=(true) + names+=("Thunderbird (60.6)") + short+=("thunderbird_60_6_1") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc03039f5f6a4903cf739091fca37e8f43e6d173ffeb64905977b2dede05e061f3a24c20f958c20b0edd50e0716d108e1d6046178a8974d868c138eac8a6ab8becdf81cd001c130113031302c02bc02fcca9cca8c02cc030c013c014002f0035000a0100019700000013001100000e696d61702e676d61696c2e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000005000501000000000033006b0069001d00200ff08104aea54116caac222c2b7661e05d852847fcfd6860a0ec2f09804bd5330017004104d7afd4ac669de5312ff866d84381723c1d5ff549d409658f9300644d76e33b5c953499a89bdb1fc8930587645bf3452a47fbe6e3f00a59e232c39c269791d871002b0009080304030303020301000d0018001604030503060308040805080604010501060102030201002d00020101001c00024001001500aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072") + requiresSha2+=(false) + current+=(true) + names+=("Baidu Jan 2015") short+=("baidu_jan_2015") ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-MD5:RC4-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index 92236f8..2eb1299 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -202,3 +202,26 @@ requiresSha2+=(true) current+=(true) + names+=("Thunderbird (60.6)") + short+=("thunderbird_60_6_1") + ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384") + sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc03039f5f6a4903cf739091fca37e8f43e6d173ffeb64905977b2dede05e061f3a24c20f958c20b0edd50e0716d108e1d6046178a8974d868c138eac8a6ab8becdf81cd001c130113031302c02bc02fcca9cca8c02cc030c013c014002f0035000a0100019700000013001100000e696d61702e676d61696c2e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000005000501000000000033006b0069001d00200ff08104aea54116caac222c2b7661e05d852847fcfd6860a0ec2f09804bd5330017004104d7afd4ac669de5312ff866d84381723c1d5ff549d409658f9300644d76e33b5c953499a89bdb1fc8930587645bf3452a47fbe6e3f00a59e232c39c269791d871002b0009080304030303020301000d0018001604030503060308040805080604010501060102030201002d00020101001c00024001001500aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("X25519:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072") + requiresSha2+=(false) + current+=(true) + + From e72e7728c72f57c3ce185e355b4152bdc710e2c1 Mon Sep 17 00:00:00 2001 From: Dirk Date: Tue, 23 Apr 2019 21:15:48 +0200 Subject: [PATCH 09/10] Renamed to avoid confusion It needs to be completed from README.md from releases 2.8 on --- CHANGELOG.veryold-releases.txt | 396 +++++++++++++++++++++++++++++++++ 1 file changed, 396 insertions(+) create mode 100644 CHANGELOG.veryold-releases.txt diff --git a/CHANGELOG.veryold-releases.txt b/CHANGELOG.veryold-releases.txt new file mode 100644 index 0000000..09e3d85 --- /dev/null +++ b/CHANGELOG.veryold-releases.txt @@ -0,0 +1,396 @@ + +2.6 New: + * display matching host key (HPKP) + * LOGJAM 1: check DHE_EXPORT cipher + * LOGJAM 2: displays DH(/ECDH) bits in wide mode on negotiated ciphers + * "wide mode" option for checks like RC4, BEAST. PFS. Displays hexcode, kx, strength, DH bits, RFC name + * binary directory provides out of the box better binaries (Linux 32+64 Bit, Darwin 64 bit, FreeBSD 64 bit) + * OS X binaries (@jvehent, new builds: @jpluimers) + * ARM binary (@f-s) + * FreeBSD binary + * TLS_FALLBACK_SCSV check -- thx @JonnyHightower + * (HTTP) proxy support! Also with sockets -- thx @jnewbigin + * Extended validation certificate detection + * Run in default mode through all ciphers at the end of a default run + * will test multiple IP addresses of one supplied server name in one shot, --ip= restricts it accordingly + * new mass testing file option --file option where testssl.sh commands are being read from, see https://twitter.com/drwetter/status/627619848344989696 + * TLS time and HTTP time stamps + * TLS time displayed also for STARTTLS protocols + * support of sockets for STARTTLS protocols + * TLS 1.0-1.1 as socket checks per default in production + * further detection of security relevant headers (reverse proxy, IPv4 addresses), proprietary banners (OWA, Liferay etc.) + * can scan STARTTLS+XMPP by also supplying the XMPP domain (to-option in XML streams). + * quite some LibreSSL fixes, still not recommended to use though (see https://testssl.sh/) + * lots of fixes, code improvements, even more robust + +Full log @ https://github.com/drwetter/testssl.sh/commits/2.6/testssl.sh + +2.4 New: + * "only one cmd line option at a time" is completely gone + * several tuning parameters on the cmd line (only available through environment variables b4): --assuming-http, --ssl-native, --sneaky, --warnings, --color, -- debug, --long + * certificate information + * more HTTP header infos (cookies+security headers) + * protocol check via bash sockets for SSLv2+v3 + * debug handling significantly improved (verbosity/each function leaves files in $TEMPDIR) + * BEAST check + * FREAK check + * check for Secure Client-Initiated Renegotiation + * lots of cosmetic and maintainability code cleanups + * bugfixing + +Full changelog: https://github.com/drwetter/testssl.sh/commits/2.4/testssl.sh + + +2.2. new features as: + * works fully under BSD (openssl >=1.0) + * single cipher check (-x) with pattern of hexcode/cipher + * check for POODLE SSL + * HPKP check + * OCSP stapling + * GOST and CHACHA20 POLY1305 cipher support + * service detection (HTTP, IMAP, POP, SMTP) + * runs now with all colors, b/w screen, no escape codes at all + * protocol check better + * job control removes stalling + * RFC <---> OpenSSL name space mapping of ciphers everywhere + * includes a lot of fixes + +Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh + + +2.0 major release, new features: + * SNI + * STARTTLS fully supported + * RC4 check + * (P)FS check + * SPDY check + * color codes make more sense now + * cipher hexcodes are shown + * tests ciphers per protocol + * HSTS + * web and application server banner + * server preferences + * TLS server extensions + * server key size + * cipher suite mapping from openssl to RFC + * heartbleed check + * CCS injection check + +--------------------- +Details: + +1.112 +- IPv6 display fix + +1.111 +- NEW: tested under FreeBSD (works with exception of xxd in CCS) +- getent now works under Linux and FreeBSD +- sed -i in hsts sacrificed for compatibility +- removed query for IP for finishing banner, is now called once in parse_hn_port +- GOST warning after banner +- empty build date is not displayed anymore +- long build date strings minimized +- FIXED: IPv6 address are displayed again + +1.110 +- NEW: adding Russian GOST cipher support by providing a config file on the fly +- adding the compile date of openssl in the banner + +1.109 +- minor IPv6 fixes + +1.108 +- NEW: Major rewrite of output functions. Now using printf instead of "echo -e" for BSD and MacOSX compatibility + +1.107 +- improved IP address stuff + +1.106 +- minor fixes + +1.105 +- NEW: working prototype for CCS injection + +1.104 +- NEW: everywhere *also* RFC style ciphers -- if the mapping file is found +- unitary calls to display cipher suites + +1.103 +- NEW: telnet support for STARTTLS (works only with a patched openssl version) + --> not tested (lack of server) + +1.102 +- NEW: test for BREACH (experimental) + +1.101 +- BUGFIX: muted too verbose output of which on CentOS/RHEL +- BUGFIX: muted too verbose output of netcat/nc on CentOS/RHEL+Debian + +1.100 +- further cleanup + - starttls now tests allciphers() instead of cipher_per_proto + (normal use case makes most sense here) + - ENV J_POSITIV --> SHOW_EACH_C +- finding mapping-rfc.txt is now a bit smarter +- preparations for ChaCha20-Poly1305 (would have provided binaries but + "openssl s_client -connect" with that ciphersuite fails currently with + a handshake error though client and server hello succeeded!) + +1.99 +- BUGFIX: now really really everywhere testing the IP with supplied name +- locking out openssl < 0.9.8f, new function called "old_fart" ;-) +- FEATURE: displaying PTR record of IP +- FEATURE: displaying further IPv4/IPv6 addresses +- bit of a cleanup + +1.98 +- http_header is in total only called once +- better parsing of default protocol (FIXME shouldn't appear anymore) + +1.97 +- reduced sleep time for server hello and payload reply (heartbleed) + +1.96 +- NEW: (experimental) heartbleed support with bash sockets (shell only SSL handshake!) + see also https://testssl.sh/bash-heartbleed.sh + +1.95 (2.0rc3) +- changed cmdline options for CRIME and renego vuln to uppercase +- NEW: displays server key size now +- NEW: displays TLS server extensions (might kill old openssl versions) +- brown warning if HSTS < 180 days +- brown warning if SSLv3 is offered as default protocol + +1.94 +- NEW: prototype of mapping to RFC cipher suite names, needed file mapping-rfc.txt in same dir + as of now only used for 'testssl.sh -V' +- internal renaming: it was supposed to be "cipherlists" instead of "ciphersuites" +- additional tests for cipherlists DES, 3DES, ADH + +1.93 +- BUGFIX: removed space in Server banner fixed (at the expense of showing just nothing if Server string is empty) + +1.92 +- BUGFIX: fixed error of faulty detected empty server string + +1.91 +- replaced most lcyan to brown (=not really bad but somehow) +- empty server string better displayed +- preferred CBC TLS 1.2 cipher is now brown (lucky13) + +1.90 +- fix for netweaver banner (server is lowercase) +- no server banner is no disadvantage (color code) +- 1 more blank proto check +- server preference is better displayed + +1.89 +- reordered! : protocols + cipher come first +- colorized preferred server preference (e.g. CBC+RC4 is light red now, TLSv1.2 green) +- SSLv3 is now light cyan +- NEW: -P|--preference now in help menu +- light cyan is more appropriate than red for HSTS + +1.88 +- NEW: prototype for protocol and cipher preference +- prototype for session ticket + +1.87 +- changed just the version string to rc1 + +1.86 + - NEW: App banner now production, except 2 liners + - DEBUG: 1 is now true as everywhere else + - CRIME+Renego prettier + - last optical polish for RC4, PFS + +1.85 + - NEW: appbanner (also 2 lines like asp.net) + - OSSL_VER_MAJOR/MINOR/APPENDIX + - less bold because bold headlines as bold should be reserved for emphasize findings + - tabbed output also for protocols and cipher classes + - unify neat printing + +1.84 + - NEW: deprecating openssl version <0.98 + - displaying a warning >= 0.98 < 1.0 + - NEW: neat print also for all ciphers (-E,-e) + +1.83 +- BUGFIX: results from unit test: logical error in PFS+RC4 fixed +- headline of -V / PFS+RC4 ciphers unified + +1.82 +- NEW: output for -V now better (bits separate, spacing improved) + +1.81 +- output for RC4+PFS now better (with headline, bits separate, spacing improved) +- both also sorted by encr. strength .. umm ..err bits! + +1.80 +- order of finding supplied binary extended (first one wins): + 1. use supplied variable $OPENSSL + 2. use "openssl" in same path as testssl.sh + 3. use "openssl.`uname -m`" in same path as testssl.sh + 4. use anything in system $PATH (return value of "which" + +1.79 +- STARTTLS options w/o trailing 's' now (easier) +- commented code for CRIME SPDY +- issue a warning for openssl < 0.9.7 ( that version won't work anyway probably) +- NPN protos as a global var +- pretty print with fixed columns: PFS, RC4, allciphers, cipher_per_proto + +1.78 +- -E, -e now sorted by encryption strength (note: it's only encr key length) +- -V now pretty prints all local ciphers +- -V now pretty prints all local ciphers matching pattern (plain string, no regex) +- bugfix: SSLv2 cipher hex codes has 3 bytes! + +1.77 +- removed legacy code (PROD_REL var) + +1.76 +- bash was gone!! disaster for Ubuntu, fixed +- starttls+rc4 check: bottom line was wrong +- starttls had too much output (certificate) at first a/v check + +1.75 +- location is now https://testssl.sh +- be nice: banner, version, help also works for BSD folks (on dash) +- bug in server banner fixed +- sneaky referrer and user agent possible + +1.74 +- Debian 7 fix +- ident obsoleted + +1.72 +- removed obsolete GREP +- SWURL/SWCONTACT +- output for positive RC4 better + +1.71 +- workaround for buggy bash (RC4) +- colors improved + - blue is now reserved for headline + - magenta for local probs + - in RC4 removal of SSL protocol provided by openssl + +1.70 +- DEBUG in http_headers now as expected +- Date: Tue, 23 Apr 2019 21:18:08 +0200 Subject: [PATCH 10/10] Added client handshakes --- Readme.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Readme.md b/Readme.md index e649e82..10999f7 100644 --- a/Readme.md +++ b/Readme.md @@ -82,14 +82,14 @@ Update notification here or @ [twitter](https://twitter.com/drwetter). * JSON output now valid also for non-responding servers * Testing now per default 370 ciphers * Further improving the robustness of TLS sockets (sending and parsing) -* Support of supplying timeout value for ``openssl connect`` -- useful for batch/mass scanning +* Support of supplying timeout value for `openssl connect` -- useful for batch/mass scanning * File input for serial or parallel mass testing can be also in nmap grep(p)able (-oG) format * LOGJAM: now checking also for DH and FFDHE groups (TLS 1.2) * PFS: Display of elliptical curves supported, DH and FFDHE groups (TLS 1.2 + TLS 1.3) * Check for session resumption (Ticket, ID) * TLS Robustness check (GREASE) * Expect-CT Header Detection -* --phone-out does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL +* `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL * Fully OpenBSD and LibreSSL support * Missing SAN warning * Added support for private CAs @@ -105,6 +105,7 @@ Update notification here or @ [twitter](https://twitter.com/drwetter). * More robustness for any STARTTLS protocol (fall back to plaintext while in TLS) * Fixed TCP fragmentation * Added `--ids-friendly` switch +* Major update of client simulations with self-collected data [Planned for 3.0](https://github.com/drwetter/testssl.sh/milestone/4).