tls-map 1.0.0 → 1.1.0

data/lib/tls_map/cli.rb

@@ -7,7 +7,7 @@ require 'digest'
 module TLSmap
   # TLS mapping
   class CLI < App
-    INTEGRITY = '9a45b44ce6b3347a7de4a34a54d4d4732b7e72a131c02bc6aa2ac2559cea6650' # sha2-256
+    INTEGRITY = '42e44f89550365da2bc8d33d87f88b65d85d6474e90f9edb65e0ea6c78f61a53' # sha2-256
 
     # Load and parse data from marshalized hash (+data/mapping.marshal+).
     # It must match the integrity check for security purpose.

data/lib/tls_map/gnutls.rb

@@ -9,12 +9,12 @@ module TLSmap
     GNUTLS_URL = 'https://gitlab.com/gnutls/gnutls/raw/master/lib/algorithms/ciphersuites.c'
 
     def parse_gnutls
-      reg = /(GNUTLS_[a-zA-Z0-9_]+)\s{\s(0x[[:xdigit:]]{2},\s0x[[:xdigit:]]{2})\s}/
+      reg = /(GNUTLS_[a-zA-Z0-9_]+)\s+{\s?(0x[[:xdigit:]]{2},\s?0x[[:xdigit:]]{2})\s?}/
       File.read(@gnutls_file.path).scan(reg).each do |alg|
         codepoint = codepoint_iana(alg[1])
         name = alg[0][7..]
         @tls_map.each do |h|
-          h[:gnutls] ||= h[:codepoint] == codepoint ? name : nil
+          h[:gnutls] ||= h[:codepoint] == codepoint.upcase ? name : nil
         end
       end
     end

data/lib/tls_map/nss.rb

@@ -13,7 +13,7 @@ module TLSmap
     def parse_nss
       File.read(@nss_file.path).scan(/(TLS_[a-zA-Z0-9_]+)\s+0x([[:xdigit:]]{4})/) do |alg|
         @tls_map.each do |h|
-          h[:nss] ||= h[:codepoint] == alg[1] ? alg[0] : nil
+          h[:nss] ||= h[:codepoint] == alg[1].upcase ? alg[0] : nil
         end
       end
     end

data/lib/tls_map/openssl.rb

@@ -1,45 +1,53 @@
 # frozen_string_literal: true
 
-# Ruby internal
-
 # TLS map module
 module TLSmap
   # TLS mapping
   class App
     OPENSSL_URL = 'https://raw.githubusercontent.com/openssl/openssl/master/include/openssl/tls1.h'
+    OPENSSL_URL2 = 'https://raw.githubusercontent.com/openssl/openssl/master/include/openssl/ssl3.h'
 
     def raw_data_openssl
       openssl_h = File.read(@openssl_file.path)
+      openssl_h2 = File.read(@openssl_file2.path)
 
       ck1 = openssl_h.scan(/(TLS1_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
       txt1 = openssl_h.scan(/(TLS1_TXT_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9-]+)"/)
       ck2 = openssl_h.scan(/(TLS1_3_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
       rfc2 = openssl_h.scan(/(TLS1_3_RFC_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9_]+)"/)
-      { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
+      ck3 = openssl_h2.scan(/(SSL3_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
+      txt3 = openssl_h2.scan(/(SSL3_TXT_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9-]+)"/)
+      { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2, ck3: ck3, txt3: txt3 }
     end
 
     def clean_raw_data_openssl
-      ck1, txt1, ck2, rfc2 = raw_data_openssl.values
+      ck1, txt1, ck2, rfc2, ck3, txt3 = raw_data_openssl.values
 
       ck1.map! { |e| [e[0][8..], e[1]] }
       txt1.map! { |e| [e[0][9..], e[1]] }
       ck2.map! { |e| [e[0][10..], e[1]] }
       rfc2.map! { |e| [e[0][11..], e[1]] }
+      ck3.map! { |e| [e[0][8..], e[1]] }
+      txt3.map! { |e| [e[0][9..], e[1]] }
 
-      { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
+      { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2, ck3: ck3, txt3: txt3 }
     end
 
-    def data_openssl
-      ck1, txt1, ck2, rfc2 = clean_raw_data_openssl.values
+    def data_openssl # rubocop:disable Metrics/CyclomaticComplexity
+      ck1, txt1, ck2, rfc2, ck3, txt3 = clean_raw_data_openssl.values
       data = ck1.map { |e| [e[1], txt1.select { |x| x[0] == e[0] }[0][1]] }
       data += ck2.map { |e| [e[1], rfc2.select { |x| x[0] == e[0] }[0][1]] }
+      data += ck3.map do |e|
+        candidate = txt3.select { |x| x[0] == e[0] }
+        [e[1], candidate.empty? ? nil : candidate[0][1]]
+      end
       data
     end
 
     def parse_openssl
       data_openssl.each do |alg|
         @tls_map.each do |h|
-          h[:openssl] ||= h[:codepoint] == alg[0] ? alg[1] : nil
+          h[:openssl] ||= h[:codepoint] == alg[0].upcase ? alg[1] : nil
         end
       end
     end

data/lib/tls_map/utils.rb

@@ -6,14 +6,19 @@ require 'tempfile'
 
 # TLS map module
 module TLSmap
-  # TLS mapping
-  class App
+  # Generic utilities
+  module Utils
     def tmpfile(name, url)
       tmp = Tempfile.new(name)
       tmp.write(Net::HTTP.get(URI(url)))
+      tmp.close
       tmp
     end
+  end
 
+  # TLS mapping
+  class App
+    include Utils
     protected :tmpfile
   end
 end

data/lib/tls_map/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TLSmap
-  VERSION = '1.0.0'
+  VERSION = '1.1.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tls-map
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Alexandre ZANNI
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-04-30 00:00:00.000000000 Z
+date: 2021-05-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: docopt
@@ -129,7 +129,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0.9'
 description: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL,
-  GnUTLS, NSS'
+  GnuTLS, NSS'
 email: alexandre.zanni@engineer.com
 executables:
 - tls-map
@@ -145,6 +145,7 @@ files:
 - data/mapping.md
 - data/mapping.min.json
 - lib/tls_map.rb
+- lib/tls_map/ciphersuiteinfo.rb
 - lib/tls_map/cli.rb
 - lib/tls_map/gnutls.rb
 - lib/tls_map/iana.rb
@@ -184,6 +185,6 @@ requirements: []
 rubygems_version: 3.2.15
 signing_key:
 specification_version: 4
-summary: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS,
+summary: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnuTLS,
   NSS'
 test_files: []