Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-02 10:08:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Support RFC 9150 cipher suites

Browse Source 
This commit adds support for the two cipher suites in RFC 9150, TLS_SHA256_SHA256 and TLS_SHA384_SHA384. These are authentication and integrity-only cipher suites.
This commit is contained in:
David Cooper
2024-10-24 08:11:21 -07:00
parent 6452ec997e
commit e17b1c17bb
5 changed files with 158 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
etc/cipher-mapping.txt
View File

@ -342,6 +342,8 @@
0x02,0x00,0x80 - EXP-RC4-MD5 SSL_CK_RC4_128_EXPORT40_WITH_MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
0x00,0x28 - EXP-KRB5-RC4-SHA TLS_KRB5_EXPORT_WITH_RC4_40_SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(40) Mac=SHA1 export
0x00,0x2B - EXP-KRB5-RC4-MD5 TLS_KRB5_EXPORT_WITH_RC4_40_MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(40) Mac=MD5 export
0xC0,0xB4 - TLS_SHA256_SHA256 TLS_SHA256_SHA256 TLSv1.3 Kx=any Au=any Enc=None Mac=SHA256
0xC0,0xB5 - TLS_SHA384_SHA384 TLS_SHA384_SHA384 TLSv1.3 Kx=any Au=any Enc=None Mac=SHA384
0xC0,0x10 - ECDHE-RSA-NULL-SHA TLS_ECDHE_RSA_WITH_NULL_SHA SSLv3 Kx=ECDH Au=RSA Enc=None Mac=SHA1
0xC0,0x06 - ECDHE-ECDSA-NULL-SHA TLS_ECDHE_ECDSA_WITH_NULL_SHA SSLv3 Kx=ECDH Au=ECDSA Enc=None Mac=SHA1
0xC0,0x15 - AECDH-NULL-SHA TLS_ECDH_anon_WITH_NULL_SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1

4
etc/tls_data.txt
View File

@ -3,9 +3,9 @@
# see #807 and #806 (especially
# https://github.com/drwetter/testssl.sh/issues/806#issuecomment-318686374)
# All 5 ciphers defined for TLS 1.3
# 7 ciphers defined for TLS 1.3 in RFCs 8446 and 9150
readonly TLS13_CIPHER="
13,01, 13,02, 13,03, 13,04, 13,05"
13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5"
# 123 standard cipher + 4x GOST for TLS 1.2 and SPDY/NPN HTTP2/ALPN
declare TLS12_CIPHER="