From a25cbf50786e56ee9bc995cef52c1e2d276b4a84 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Fri, 27 Oct 2017 11:49:11 -0400 Subject: [PATCH] Fix problem with LibreSSL encryption names For ciphers that use the ChaCha20-Poly1305 cipher, LibreSSL shows "Enc=ChaCha20-Poly1305" in the "openssl ciphers -V" command rather than "Enc=ChaCha20(256)" and for some GOST ciphers it shows "Enc=GOST-28178-89-CNT" rather than "Enc=GOST(256)". This causes a problem for neat_list() if information is being obtained from "$OPENSSL ciphers -V" rather than from the cipher-mapping.txt file. --- testssl.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/testssl.sh b/testssl.sh index 7901e74..752573c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -2686,6 +2686,11 @@ neat_list(){ kx="${3//Kx=/}" enc="${4//Enc=/}" + # In two cases LibreSSL uses very long names for encryption algorithms + # and doesn't include the number of bits. + [[ "$enc" == "ChaCha20-Poly1305" ]] && enc="CHACHA20(256)" + [[ "$enc" == "GOST-28178-89-CNT" ]] && enc="GOST(256)" + strength="${enc//\)/}" # retrieve (). first remove traling ")" strength="${strength#*\(}" # exfiltrate (VAL enc="${enc%%\(*}"