tls-map 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,24 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+
5
+ # TLS map module
6
+ module TLSmap
7
+ # TLS mapping
8
+ class App
9
+ GNUTLS_URL = 'https://gitlab.com/gnutls/gnutls/raw/master/lib/algorithms/ciphersuites.c'
10
+
11
+ def parse_gnutls
12
+ reg = /(GNUTLS_[a-zA-Z0-9_]+)\s{\s(0x[[:xdigit:]]{2},\s0x[[:xdigit:]]{2})\s}/
13
+ File.read(@gnutls_file.path).scan(reg).each do |alg|
14
+ codepoint = codepoint_iana(alg[1])
15
+ name = alg[0][7..]
16
+ @tls_map.each do |h|
17
+ h[:gnutls] ||= h[:codepoint] == codepoint ? name : nil
18
+ end
19
+ end
20
+ end
21
+
22
+ private :parse_gnutls
23
+ end
24
+ end
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+ require 'csv'
5
+
6
+ # TLS map module
7
+ module TLSmap
8
+ # TLS mapping
9
+ class App
10
+ IANA_URL = 'https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv'
11
+
12
+ # remove Reserved, Unassigned codepoints (those with a range: X-X or *)
13
+ # also works with gnutls
14
+ def codepoint_iana(raw_cp)
15
+ c1, c2 = raw_cp.split(',')
16
+ c2.strip!
17
+ return nil unless c2.size == 4
18
+
19
+ "#{c1[2..3]}#{c2[2..3]}"
20
+ end
21
+
22
+ # remove remaining Reserved, Unassigned codepoints
23
+ def desc_iana(desc)
24
+ return nil if /Reserved|Unassigned/.match?(desc)
25
+
26
+ desc
27
+ end
28
+
29
+ def parse_iana
30
+ CSV.foreach(@iana_file.path, **{ headers: true, header_converters: :symbol }) do |alg|
31
+ codepoint = codepoint_iana(alg[:value])
32
+ description = desc_iana(alg[:description])
33
+ @tls_map << { codepoint: codepoint, iana: description } unless codepoint.nil? || description.nil?
34
+ end
35
+ end
36
+
37
+ private :codepoint_iana, :desc_iana, :parse_iana
38
+ end
39
+ end
@@ -0,0 +1,23 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+
5
+ # TLS map module
6
+ module TLSmap
7
+ # TLS mapping
8
+ class App
9
+ # Timeout https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ssl/sslproto.h
10
+ # so use github RO mirror instead.
11
+ NSS_URL = 'https://raw.githubusercontent.com/nss-dev/nss/master/lib/ssl/sslproto.h'
12
+
13
+ def parse_nss
14
+ File.read(@nss_file.path).scan(/(TLS_[a-zA-Z0-9_]+)\s+0x([[:xdigit:]]{4})/) do |alg|
15
+ @tls_map.each do |h|
16
+ h[:nss] ||= h[:codepoint] == alg[1] ? alg[0] : nil
17
+ end
18
+ end
19
+ end
20
+
21
+ private :parse_nss
22
+ end
23
+ end
@@ -0,0 +1,49 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+
5
+ # TLS map module
6
+ module TLSmap
7
+ # TLS mapping
8
+ class App
9
+ OPENSSL_URL = 'https://raw.githubusercontent.com/openssl/openssl/master/include/openssl/tls1.h'
10
+
11
+ def raw_data_openssl
12
+ openssl_h = File.read(@openssl_file.path)
13
+
14
+ ck1 = openssl_h.scan(/(TLS1_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
15
+ txt1 = openssl_h.scan(/(TLS1_TXT_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9-]+)"/)
16
+ ck2 = openssl_h.scan(/(TLS1_3_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
17
+ rfc2 = openssl_h.scan(/(TLS1_3_RFC_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9_]+)"/)
18
+ { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
19
+ end
20
+
21
+ def clean_raw_data_openssl
22
+ ck1, txt1, ck2, rfc2 = raw_data_openssl.values
23
+
24
+ ck1.map! { |e| [e[0][8..], e[1]] }
25
+ txt1.map! { |e| [e[0][9..], e[1]] }
26
+ ck2.map! { |e| [e[0][10..], e[1]] }
27
+ rfc2.map! { |e| [e[0][11..], e[1]] }
28
+
29
+ { ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
30
+ end
31
+
32
+ def data_openssl
33
+ ck1, txt1, ck2, rfc2 = clean_raw_data_openssl.values
34
+ data = ck1.map { |e| [e[1], txt1.select { |x| x[0] == e[0] }[0][1]] }
35
+ data += ck2.map { |e| [e[1], rfc2.select { |x| x[0] == e[0] }[0][1]] }
36
+ data
37
+ end
38
+
39
+ def parse_openssl
40
+ data_openssl.each do |alg|
41
+ @tls_map.each do |h|
42
+ h[:openssl] ||= h[:codepoint] == alg[0] ? alg[1] : nil
43
+ end
44
+ end
45
+ end
46
+
47
+ private :parse_openssl, :raw_data_openssl, :clean_raw_data_openssl, :data_openssl
48
+ end
49
+ end
@@ -0,0 +1,53 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+ require 'json'
5
+
6
+ # TLS map module
7
+ module TLSmap
8
+ # TLS mapping
9
+ class App
10
+ def markdown(table)
11
+ output = "Codepoint | IANA | OpenSSL | GnuTLS | NSS\n"
12
+ output += "--- | --- | --- | --- | ---\n"
13
+ table.each do |alg|
14
+ values = alg.values.map { |x| x.nil? ? '-' : x }
15
+ output += "#{values.join(' | ')}\n"
16
+ end
17
+ output
18
+ end
19
+
20
+ def output_markdown(filename)
21
+ File.write(filename, markdown(@tls_map))
22
+ end
23
+
24
+ def output_json_pretty(filename)
25
+ File.write(filename, JSON.pretty_generate(@tls_map))
26
+ end
27
+
28
+ def output_json_compact(filename)
29
+ File.write(filename, JSON.generate(@tls_map))
30
+ end
31
+
32
+ def output_marshal(filename)
33
+ File.write(filename, Marshal.dump(@tls_map))
34
+ end
35
+
36
+ # Export the mapping to a file, supporting various formats.
37
+ # @param filename [String] The output file name to write to.
38
+ # @param format [Symbol] Supported formats: +:markdown+ (a markdown table),
39
+ # +:json_pretty+ (expanded JSON), +:json_compact+ (minified JSON),
40
+ # +:marshal+ (Ruby marshalized hash).
41
+ def export(filename, format)
42
+ case format
43
+ when :markdown then output_markdown(filename)
44
+ when :json_pretty then output_json_pretty(filename)
45
+ when :json_compact then output_json_compact(filename)
46
+ when :marshal then output_marshal(filename)
47
+ else raise "Wrong format: #{format}"
48
+ end
49
+ end
50
+
51
+ protected :markdown, :output_markdown, :output_json_pretty, :output_json_compact, :output_marshal
52
+ end
53
+ end
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Ruby internal
4
+ require 'net/http'
5
+ require 'tempfile'
6
+
7
+ # TLS map module
8
+ module TLSmap
9
+ # TLS mapping
10
+ class App
11
+ def tmpfile(name, url)
12
+ tmp = Tempfile.new(name)
13
+ tmp.write(Net::HTTP.get(URI(url)))
14
+ tmp
15
+ end
16
+
17
+ protected :tmpfile
18
+ end
19
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module TLSmap
4
+ VERSION = '1.0.0'
5
+ end
metadata ADDED
@@ -0,0 +1,189 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: tls-map
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Alexandre ZANNI
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-04-30 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: docopt
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.6'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.6'
27
+ - !ruby/object:Gem::Dependency
28
+ name: paint
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '2.2'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '2.2'
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: 2.1.0
48
+ - - "<"
49
+ - !ruby/object:Gem::Version
50
+ version: '2.3'
51
+ type: :development
52
+ prerelease: false
53
+ version_requirements: !ruby/object:Gem::Requirement
54
+ requirements:
55
+ - - ">="
56
+ - !ruby/object:Gem::Version
57
+ version: 2.1.0
58
+ - - "<"
59
+ - !ruby/object:Gem::Version
60
+ version: '2.3'
61
+ - !ruby/object:Gem::Dependency
62
+ name: commonmarker
63
+ requirement: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - "~>"
66
+ - !ruby/object:Gem::Version
67
+ version: '0.21'
68
+ type: :development
69
+ prerelease: false
70
+ version_requirements: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - "~>"
73
+ - !ruby/object:Gem::Version
74
+ version: '0.21'
75
+ - !ruby/object:Gem::Dependency
76
+ name: github-markup
77
+ requirement: !ruby/object:Gem::Requirement
78
+ requirements:
79
+ - - "~>"
80
+ - !ruby/object:Gem::Version
81
+ version: '4.0'
82
+ type: :development
83
+ prerelease: false
84
+ version_requirements: !ruby/object:Gem::Requirement
85
+ requirements:
86
+ - - "~>"
87
+ - !ruby/object:Gem::Version
88
+ version: '4.0'
89
+ - !ruby/object:Gem::Dependency
90
+ name: redcarpet
91
+ requirement: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - "~>"
94
+ - !ruby/object:Gem::Version
95
+ version: '3.5'
96
+ type: :development
97
+ prerelease: false
98
+ version_requirements: !ruby/object:Gem::Requirement
99
+ requirements:
100
+ - - "~>"
101
+ - !ruby/object:Gem::Version
102
+ version: '3.5'
103
+ - !ruby/object:Gem::Dependency
104
+ name: rubocop
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: '1.10'
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: '1.10'
117
+ - !ruby/object:Gem::Dependency
118
+ name: yard
119
+ requirement: !ruby/object:Gem::Requirement
120
+ requirements:
121
+ - - "~>"
122
+ - !ruby/object:Gem::Version
123
+ version: '0.9'
124
+ type: :development
125
+ prerelease: false
126
+ version_requirements: !ruby/object:Gem::Requirement
127
+ requirements:
128
+ - - "~>"
129
+ - !ruby/object:Gem::Version
130
+ version: '0.9'
131
+ description: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL,
132
+ GnUTLS, NSS'
133
+ email: alexandre.zanni@engineer.com
134
+ executables:
135
+ - tls-map
136
+ - tls-map_console
137
+ extensions: []
138
+ extra_rdoc_files: []
139
+ files:
140
+ - LICENSE
141
+ - bin/tls-map
142
+ - bin/tls-map_console
143
+ - data/mapping.json
144
+ - data/mapping.marshal
145
+ - data/mapping.md
146
+ - data/mapping.min.json
147
+ - lib/tls_map.rb
148
+ - lib/tls_map/cli.rb
149
+ - lib/tls_map/gnutls.rb
150
+ - lib/tls_map/iana.rb
151
+ - lib/tls_map/nss.rb
152
+ - lib/tls_map/openssl.rb
153
+ - lib/tls_map/output.rb
154
+ - lib/tls_map/utils.rb
155
+ - lib/tls_map/version.rb
156
+ homepage: https://sec-it.github.io/tls-map/
157
+ licenses:
158
+ - MIT
159
+ metadata:
160
+ yard.run: yard
161
+ bug_tracker_uri: https://github.com/sec-it/tls-map/issues
162
+ changelog_uri: https://github.com/sec-it/tls-map/blob/master/docs/CHANGELOG.md
163
+ documentation_uri: https://sec-it.github.io/tls-map/yard/
164
+ homepage_uri: https://sec-it.github.io/tls-map/
165
+ source_code_uri: https://github.com/sec-it/tls-map/
166
+ post_install_message:
167
+ rdoc_options: []
168
+ require_paths:
169
+ - lib
170
+ required_ruby_version: !ruby/object:Gem::Requirement
171
+ requirements:
172
+ - - ">="
173
+ - !ruby/object:Gem::Version
174
+ version: 2.6.0
175
+ - - "<"
176
+ - !ruby/object:Gem::Version
177
+ version: '3.1'
178
+ required_rubygems_version: !ruby/object:Gem::Requirement
179
+ requirements:
180
+ - - ">="
181
+ - !ruby/object:Gem::Version
182
+ version: '0'
183
+ requirements: []
184
+ rubygems_version: 3.2.15
185
+ signing_key:
186
+ specification_version: 4
187
+ summary: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS,
188
+ NSS'
189
+ test_files: []