mirror of
https://github.com/drwetter/testssl.sh.git
synced 2024-12-31 22:09:44 +01:00
5f047db92f
While we are thankful that Ivan Ristic permitted to use the client data from SSLlabs, it became of bit outdated now (see #1158). Also as sslhaf [1] was used, the data comes from HTTP traffic only. This is a start to address it. It provides data from Android 9 (connecting to the play store, so that it is sure we don't capture a ClientHello from an application having an own TLS stack. Also it provides documentation how to grab data yourself, and provide it back to testssl.sh. Aim is at least for testssl.sh 3.0 to add Android 8 and OpenSSL 1.1.1 (@drwetter). My hope others can assist with Safari on OSX 11 and 12. Java 10 and 11, and a recent Opera and Edge version. (Firefox and Chrome are out of date too) Mail clients to follow later. [1] https://github.com/ssllabs/sslhaf
31 lines
517 B
Bash
Executable File
31 lines
517 B
Bash
Executable File
#!/bin/bash
|
|
|
|
hs="$1"
|
|
len=${#hs}
|
|
echo "# ciphers: $((len/4))"
|
|
|
|
mapfile="etc/cipher-mapping.txt"
|
|
[ -s $mapfile ] || mapfile="../$mapfile"
|
|
[ -s $mapfile ] || exit 255
|
|
|
|
cip=""
|
|
first=true
|
|
|
|
for ((i=0; i<len ; i+=4)); do
|
|
printf "%02d" "$i"
|
|
echo -n ": ${hs:$i:4}"
|
|
grepstr="0x${hs:$i:2},0x${hs:$((i+2)):2}"
|
|
echo -n " --> $grepstr --> "
|
|
cip=$(grep -i ${grepstr} $mapfile | awk '{ print $3 }')
|
|
echo $cip
|
|
if "$first"; then
|
|
ciphers="$cip"
|
|
first=false
|
|
else
|
|
ciphers="$ciphers:$cip"
|
|
fi
|
|
done
|
|
|
|
echo
|
|
echo $ciphers
|