David Cooper
6460de39a2
Add OpenSSL names for ARIA ciphers
...
A PR was just accepted into the master branch of https://github.com/openssl/openssl that specifies OpenSSL names for the ARIA GCM cipher suites: bc32673869
. This PR adds these OpenSSL names to the cipher-mapping.txt file. It also changes the description of the encryption algorithm for these ciphers from "ARIA" to "ARIAGCM" to be consistent with OpenSSL and with the other GCM ciphers in the cipher-mapping.txt file.
In addition, OpenSSL names for some of the ARIA CBC ciphers are provided in https://github.com/openssl/openssl/blob/master/doc/man1/ciphers.pod , and this PR adds those OpenSSL names to the cipher-mapping.txt file as well.
2017-08-30 11:12:11 -04:00
Dirk Wetter
5ea2b7c612
typo
2017-08-13 11:32:24 +02:00
David Cooper
966f9c499a
Update README.md for etc directory
2017-08-04 09:10:41 -04:00
Dirk
9540224722
adding comments for David's PR #807 and pointing to the cipher list in #806
2017-07-31 12:59:36 +02:00
David Cooper
ee40625d40
Fix typo in comment
...
$TLS12_CIPHER only includes 123 standard ciphers; 0x00,0xFF doesn't count as a "standard cipher."
2017-07-28 12:23:21 -04:00
David Cooper
7ccb611d13
Update TLS12_CIPHER
...
Update `$TLS12_CIPHER` to contain only 128 ciphers (so that it will work with servers that can't handle larger ClientHello messages), and also add some newer ciphers to `$TLS12_CIPHER`. Also define a `$TLS12_CIPHER_2ND_TRY` containing a list of 127 ciphers that do not appear in `$TLS12_CIPHER`. `$TLS12_CIPHER_2ND_TRY` is used in `run_protocols()` in order to perform a second test against servers that do not establish a TLSv1.2 connection when offered `$TLS12_CIPHER`.
2017-07-28 12:14:44 -04:00
Dirk Wetter
26bf3300e8
Delete mapping.txt
...
has been replaced in 2.9dev by cipher-mapping.txt
2017-05-22 11:38:23 +02:00
David Cooper
005fe3f27e
Remove unnecessary spaces
2017-03-23 14:15:26 -04:00
Dirk
8c0b0083d0
further separation of data / code
2017-03-21 09:15:30 +01:00
Dirk Wetter
ca18433959
Update README.md
2017-02-24 17:55:20 +01:00
Dirk Wetter
3f0a98b635
Generated from utils/update_client_sim_data.pl and manually massaged ;-)
...
Note that the internal data from testssl.sh will disappear
2017-02-24 17:45:23 +01:00
Dirk
f3666a13c5
- add crypotsense prefined DH groups
...
- final FIX #589
2017-01-20 18:14:48 +01:00
Dirk
05d27ff1be
- FIX for the last mess submitted ;-)
2017-01-18 18:09:39 +01:00
Dirk
b1c80512e6
first bunch of common primes, see #589 + #576 + #120 . License of nmap is also GPLv2: no conflicts
2017-01-18 12:44:15 +01:00
David Cooper
b0ac21fe31
Add two missing OpenSSL cipher names
2016-11-15 15:13:09 -05:00
Dirk
08384920a9
Cipher mapping externalized by using David's extended mapping. Also implemented warnings
...
and fallback to openssl if this file cannot be found and thus sockets can't be used
2016-11-15 15:20:48 +01:00
Dirk
1613bb214e
Merge branch 'master' into CA_pinning
...
Conflicts:
testssl.sh
2016-10-27 21:59:10 +02:00
Dirk
d32dbdaff3
Updating MS store, sill small, still not automated/cumbersome not sure if ok
2016-10-12 21:15:37 +02:00
Dirk
eb1f6e05bb
update, thanks to Niko78, see #371
2016-10-02 10:04:25 +02:00
Dirk
fd83509ae5
update
2016-09-29 23:23:44 +02:00
Frank Breedijk
5d7367a68d
Shell script to generate ca_hashes.txt (OSX only)
2016-07-25 09:47:24 +02:00
Dirk Wetter
12c7af11c6
fixed hashes
2016-07-20 19:11:38 +02:00
Dirk Wetter
9b8fc2c6f0
rename old alg chacha/poly ciphers according to SSLlabs ( #379 / https://github.com/PeterMosmans/openssl/issues/43 )
2016-06-15 20:14:08 +02:00
Dirk
1fae394b04
2013 --> OLD for CHACHA/POLY ciphers
2016-06-13 21:38:02 +02:00
Peter Mosmans
a06c71d915
Updated ChaCha20 cipher names
...
See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04).
The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
2016-06-13 10:34:04 +10:00
Dirk
d561687554
initial commit
2016-06-09 15:06:42 +02:00
Dirk
6b07b89946
- added values to curve448 + 25519
2016-06-09 13:18:55 +02:00
Dirk
1ea6e944f3
- new chacha/poly ciphers
2016-03-29 21:56:54 +02:00
David Cooper
02e41951cb
Fix typo in mapping-rfc.txt
...
There is a tab on the line for SSL_CK_RC2_128_CBC_WITH_MD5. When testssl.sh is called with "-E" and "--show-each," this causes the string "not a/v" to be printed two characters to the right of the same string on every other line (at least on Linux systems). This PR just deletes the tab character.
2016-03-29 09:23:59 -04:00
Dirk
c684ba7d9c
- polishing
2016-03-25 11:52:23 +01:00
Niko78
e233480ca2
Update README.md
2016-03-25 09:20:20 +01:00
Dirk Wetter
a95c807c5e
Delete microsoft.pem
2016-03-25 09:07:45 +01:00
Dirk Wetter
7bb8ecc566
- now the stores are properly named
2016-03-24 18:56:26 +01:00
Dirk Wetter
53b0843664
- added Apple certificate store
...
- renamed the other stores accordingly (caps in the beginng)
2016-03-24 18:52:10 +01:00
Dirk Wetter
a0b7d04974
Update README.md
2016-03-14 22:40:29 +01:00
Dirk Wetter
50660e9edd
typos, minor additions
2016-03-13 21:13:03 +01:00
Dirk Wetter
682ea066d6
typos, clarification
2016-03-13 21:10:00 +01:00
Dirk Wetter
7f28b17b3c
- updated, see #317
2016-03-13 20:38:06 +01:00
Dirk Wetter
46407ad2e4
- updated Mozilla truststore from http://curl.haxx.se/ instead of local firefox install, #317
2016-03-12 18:19:15 +01:00
Dirk Wetter
1fe9c95dc0
checkin (for future work)
2016-02-06 15:42:55 +01:00
David Cooper
77379903ed
Fix typo in etc/mapping-rfc.txt
...
Change value for SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA from xFEFE to xFEFF in accordance with http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html .
2016-02-05 14:53:19 -05:00
Dirk Wetter
2f4e549dab
- missing root certs
2016-02-01 16:27:20 +01:00
Dirk
e68fcc9dad
- remove duplicates
2016-01-15 15:15:29 +01:00
Dirk
5ff214b894
updates, failed e.g. at github.com
2016-01-13 19:34:11 +01:00
Dirk
5ff5a189fb
better place for mapping file
2015-12-08 17:53:46 +01:00
Dirk
1668daa04e
- NEW: chain of trust -- for openssl 1.0.2 only
...
- FIX #97
2015-09-22 15:05:59 +02:00