dmiller
cb4b46bd53
Canonicalize authors as tables instead of comma-separated strings
2016-06-09 22:46:42 +00:00
dmiller
b341915722
Deprecate RC4 ciphersuites
2016-05-02 13:55:16 +00:00
dmiller
bbee119188
Support fragmented TLS records. Closes #194
2015-10-29 22:18:32 +00:00
dmiller
ddc5762ca9
Fix reporting of DH and ECDH param sizes
...
Finite-field (traditional) DH parameter strength should be reported in
bits. ECDH key strength is the size (log base 2) of the order of the
base point G (see NIST SP 800-57 rev 3 section 5.6.1)
2015-09-16 04:51:49 +00:00
dmiller
6a38678b56
re-sync TLS ciphersuite names that changed in r34683
2015-06-23 00:08:58 +00:00
dmiller
ba38345c32
Mark some TLS ciphersuites as draft
2015-06-19 21:36:53 +00:00
dmiller
ce9eb6b0f3
Fix DH parameter extraction in tls.lua (Jacob Gajek)
2015-06-17 21:17:43 +00:00
dmiller
ab5b346352
Obey TLSv1.2 RFC regarding anonymous signature type
2015-03-25 19:35:20 +00:00
dmiller
170a45f21d
Fix a typo in a debug message
2015-03-25 14:30:18 +00:00
dmiller
04fee3d14c
Move TLSv1.2 signature_algorithms extension defaults into tls.lua
2015-03-25 02:29:25 +00:00
dmiller
ed86473b0c
Send supported signature algorithms for TLSv1.2
2015-03-24 23:22:19 +00:00
dmiller
1fd4b3edd8
Use some sane defaults in tls.client_hello
2015-03-06 19:59:59 +00:00
dmiller
40945dc702
Send SSLv3 as record version in ClientHello for compatibility
2015-03-06 19:59:57 +00:00
dmiller
0e74dd7a35
Replace some string.char and bin.pack calls with literals
2015-02-27 19:42:56 +00:00
dmiller
e50e802c4b
Remove incomplete certificate_request parser in tls.record_read
2014-12-02 18:36:17 +00:00
dmiller
8f414cfc3a
Correct conversion of DH key size to RSA bit strength equivalent
2014-11-07 21:41:38 +00:00
dmiller
222b2a009d
Use internal cipher/handshake scoring system instead of static datafile
2014-11-07 16:39:26 +00:00
dmiller
f365b81c23
Add server certificate message parsing to tls.lua
2014-11-05 05:55:54 +00:00
dmiller
040b813986
tls.lua: get info about a cipher suite by parsing its name
2014-11-03 21:29:31 +00:00
dmiller
e9354a4793
Add TLS_FALLBACK_SCSV checking to ssl-poodle
2014-10-22 17:01:19 +00:00
batrick
ee6622aea4
nselib stdnse.print_debug -> stdnse.debug
...
$ f() { find -name \*.lua -exec /bin/echo sed -i "$1" {} \; ; }
$ f 's/stdnse.print_debug( *\([0-9]*\) *, */stdnse.debug\1(/'
$ f 's/stdnse.print_debug( *"\(.*\))/stdnse.debug1("\1)/'
2014-08-03 00:56:45 +00:00
dmiller
9ca584d0b8
Make tls.record_read more strict about protocol correctness
2014-04-17 02:15:03 +00:00
dmiller
582afb7746
Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746
2014-04-10 15:14:12 +00:00
dmiller
9e601256c6
Add parsing support for TLS heartbeat ContentType
2014-04-08 20:12:22 +00:00
dmiller
c87a4f1b3f
Fix an off-by-one bug in TLS record parsing
2014-04-08 20:12:21 +00:00
henri
df4f3e77b8
Added TLS heartbeat Content Type, which everyone is needing today
2014-04-08 13:21:31 +00:00
dmiller
162a30b3cf
Fix TLS SNI extension, by nnposter
2014-04-08 02:46:20 +00:00
dmiller
f081cf31bb
Allow numeric TLS extensions for unassigned ExtensionTypes
2014-04-03 18:29:07 +00:00
dmiller
6c2ab1e289
Add missing TLS extension types registered with IANA
2014-03-21 20:49:35 +00:00
dmiller
4eaa21e7cb
Integrate David's ssl-enum-ciphers improvements
...
From this thread: http://seclists.org/nmap-dev/2014/q1/105
* Extensions now better supported in tls.lua
* ssl-enum-ciphers sends all EC options to ensure servers reply with
supported EC suites
* tls.lua supports multiple messages of a single type within 1 record
* tls.record_buffer will read an entire TLS record into a buffer
* ssl-date and tls-nextprotoneg updated to use tls.record_buffer
2014-01-30 18:12:14 +00:00
dmiller
760da1788f
Let tls-nextprotoneg use tls.lua library
...
Required fixes to tls lib's extensions (did not previously support
extension data)
2014-01-16 18:10:02 +00:00
dmiller
71b0769fc3
New tls.lua library for handling TLS records
2014-01-16 18:09:57 +00:00
