tls-map 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +21 -0
- data/bin/tls-map +64 -0
- data/bin/tls-map_console +7 -0
- data/data/mapping.json +2452 -0
- data/data/mapping.marshal +0 -0
- data/data/mapping.md +352 -0
- data/data/mapping.min.json +1 -0
- data/lib/tls_map.rb +56 -0
- data/lib/tls_map/cli.rb +57 -0
- data/lib/tls_map/gnutls.rb +24 -0
- data/lib/tls_map/iana.rb +39 -0
- data/lib/tls_map/nss.rb +23 -0
- data/lib/tls_map/openssl.rb +49 -0
- data/lib/tls_map/output.rb +53 -0
- data/lib/tls_map/utils.rb +19 -0
- data/lib/tls_map/version.rb +5 -0
- metadata +189 -0
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
|
5
|
+
# TLS map module
|
6
|
+
module TLSmap
|
7
|
+
# TLS mapping
|
8
|
+
class App
|
9
|
+
GNUTLS_URL = 'https://gitlab.com/gnutls/gnutls/raw/master/lib/algorithms/ciphersuites.c'
|
10
|
+
|
11
|
+
def parse_gnutls
|
12
|
+
reg = /(GNUTLS_[a-zA-Z0-9_]+)\s{\s(0x[[:xdigit:]]{2},\s0x[[:xdigit:]]{2})\s}/
|
13
|
+
File.read(@gnutls_file.path).scan(reg).each do |alg|
|
14
|
+
codepoint = codepoint_iana(alg[1])
|
15
|
+
name = alg[0][7..]
|
16
|
+
@tls_map.each do |h|
|
17
|
+
h[:gnutls] ||= h[:codepoint] == codepoint ? name : nil
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
private :parse_gnutls
|
23
|
+
end
|
24
|
+
end
|
data/lib/tls_map/iana.rb
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
require 'csv'
|
5
|
+
|
6
|
+
# TLS map module
|
7
|
+
module TLSmap
|
8
|
+
# TLS mapping
|
9
|
+
class App
|
10
|
+
IANA_URL = 'https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv'
|
11
|
+
|
12
|
+
# remove Reserved, Unassigned codepoints (those with a range: X-X or *)
|
13
|
+
# also works with gnutls
|
14
|
+
def codepoint_iana(raw_cp)
|
15
|
+
c1, c2 = raw_cp.split(',')
|
16
|
+
c2.strip!
|
17
|
+
return nil unless c2.size == 4
|
18
|
+
|
19
|
+
"#{c1[2..3]}#{c2[2..3]}"
|
20
|
+
end
|
21
|
+
|
22
|
+
# remove remaining Reserved, Unassigned codepoints
|
23
|
+
def desc_iana(desc)
|
24
|
+
return nil if /Reserved|Unassigned/.match?(desc)
|
25
|
+
|
26
|
+
desc
|
27
|
+
end
|
28
|
+
|
29
|
+
def parse_iana
|
30
|
+
CSV.foreach(@iana_file.path, **{ headers: true, header_converters: :symbol }) do |alg|
|
31
|
+
codepoint = codepoint_iana(alg[:value])
|
32
|
+
description = desc_iana(alg[:description])
|
33
|
+
@tls_map << { codepoint: codepoint, iana: description } unless codepoint.nil? || description.nil?
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
private :codepoint_iana, :desc_iana, :parse_iana
|
38
|
+
end
|
39
|
+
end
|
data/lib/tls_map/nss.rb
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
|
5
|
+
# TLS map module
|
6
|
+
module TLSmap
|
7
|
+
# TLS mapping
|
8
|
+
class App
|
9
|
+
# Timeout https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ssl/sslproto.h
|
10
|
+
# so use github RO mirror instead.
|
11
|
+
NSS_URL = 'https://raw.githubusercontent.com/nss-dev/nss/master/lib/ssl/sslproto.h'
|
12
|
+
|
13
|
+
def parse_nss
|
14
|
+
File.read(@nss_file.path).scan(/(TLS_[a-zA-Z0-9_]+)\s+0x([[:xdigit:]]{4})/) do |alg|
|
15
|
+
@tls_map.each do |h|
|
16
|
+
h[:nss] ||= h[:codepoint] == alg[1] ? alg[0] : nil
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
private :parse_nss
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
|
5
|
+
# TLS map module
|
6
|
+
module TLSmap
|
7
|
+
# TLS mapping
|
8
|
+
class App
|
9
|
+
OPENSSL_URL = 'https://raw.githubusercontent.com/openssl/openssl/master/include/openssl/tls1.h'
|
10
|
+
|
11
|
+
def raw_data_openssl
|
12
|
+
openssl_h = File.read(@openssl_file.path)
|
13
|
+
|
14
|
+
ck1 = openssl_h.scan(/(TLS1_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
|
15
|
+
txt1 = openssl_h.scan(/(TLS1_TXT_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9-]+)"/)
|
16
|
+
ck2 = openssl_h.scan(/(TLS1_3_CK_[a-zA-Z0-9_]+)\s+0x0300([[:xdigit:]]{4})/)
|
17
|
+
rfc2 = openssl_h.scan(/(TLS1_3_RFC_[a-zA-Z0-9_]+)\s+"([a-zA-Z0-9_]+)"/)
|
18
|
+
{ ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
|
19
|
+
end
|
20
|
+
|
21
|
+
def clean_raw_data_openssl
|
22
|
+
ck1, txt1, ck2, rfc2 = raw_data_openssl.values
|
23
|
+
|
24
|
+
ck1.map! { |e| [e[0][8..], e[1]] }
|
25
|
+
txt1.map! { |e| [e[0][9..], e[1]] }
|
26
|
+
ck2.map! { |e| [e[0][10..], e[1]] }
|
27
|
+
rfc2.map! { |e| [e[0][11..], e[1]] }
|
28
|
+
|
29
|
+
{ ck1: ck1, txt1: txt1, ck2: ck2, rfc2: rfc2 }
|
30
|
+
end
|
31
|
+
|
32
|
+
def data_openssl
|
33
|
+
ck1, txt1, ck2, rfc2 = clean_raw_data_openssl.values
|
34
|
+
data = ck1.map { |e| [e[1], txt1.select { |x| x[0] == e[0] }[0][1]] }
|
35
|
+
data += ck2.map { |e| [e[1], rfc2.select { |x| x[0] == e[0] }[0][1]] }
|
36
|
+
data
|
37
|
+
end
|
38
|
+
|
39
|
+
def parse_openssl
|
40
|
+
data_openssl.each do |alg|
|
41
|
+
@tls_map.each do |h|
|
42
|
+
h[:openssl] ||= h[:codepoint] == alg[0] ? alg[1] : nil
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
private :parse_openssl, :raw_data_openssl, :clean_raw_data_openssl, :data_openssl
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
require 'json'
|
5
|
+
|
6
|
+
# TLS map module
|
7
|
+
module TLSmap
|
8
|
+
# TLS mapping
|
9
|
+
class App
|
10
|
+
def markdown(table)
|
11
|
+
output = "Codepoint | IANA | OpenSSL | GnuTLS | NSS\n"
|
12
|
+
output += "--- | --- | --- | --- | ---\n"
|
13
|
+
table.each do |alg|
|
14
|
+
values = alg.values.map { |x| x.nil? ? '-' : x }
|
15
|
+
output += "#{values.join(' | ')}\n"
|
16
|
+
end
|
17
|
+
output
|
18
|
+
end
|
19
|
+
|
20
|
+
def output_markdown(filename)
|
21
|
+
File.write(filename, markdown(@tls_map))
|
22
|
+
end
|
23
|
+
|
24
|
+
def output_json_pretty(filename)
|
25
|
+
File.write(filename, JSON.pretty_generate(@tls_map))
|
26
|
+
end
|
27
|
+
|
28
|
+
def output_json_compact(filename)
|
29
|
+
File.write(filename, JSON.generate(@tls_map))
|
30
|
+
end
|
31
|
+
|
32
|
+
def output_marshal(filename)
|
33
|
+
File.write(filename, Marshal.dump(@tls_map))
|
34
|
+
end
|
35
|
+
|
36
|
+
# Export the mapping to a file, supporting various formats.
|
37
|
+
# @param filename [String] The output file name to write to.
|
38
|
+
# @param format [Symbol] Supported formats: +:markdown+ (a markdown table),
|
39
|
+
# +:json_pretty+ (expanded JSON), +:json_compact+ (minified JSON),
|
40
|
+
# +:marshal+ (Ruby marshalized hash).
|
41
|
+
def export(filename, format)
|
42
|
+
case format
|
43
|
+
when :markdown then output_markdown(filename)
|
44
|
+
when :json_pretty then output_json_pretty(filename)
|
45
|
+
when :json_compact then output_json_compact(filename)
|
46
|
+
when :marshal then output_marshal(filename)
|
47
|
+
else raise "Wrong format: #{format}"
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
protected :markdown, :output_markdown, :output_json_pretty, :output_json_compact, :output_marshal
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Ruby internal
|
4
|
+
require 'net/http'
|
5
|
+
require 'tempfile'
|
6
|
+
|
7
|
+
# TLS map module
|
8
|
+
module TLSmap
|
9
|
+
# TLS mapping
|
10
|
+
class App
|
11
|
+
def tmpfile(name, url)
|
12
|
+
tmp = Tempfile.new(name)
|
13
|
+
tmp.write(Net::HTTP.get(URI(url)))
|
14
|
+
tmp
|
15
|
+
end
|
16
|
+
|
17
|
+
protected :tmpfile
|
18
|
+
end
|
19
|
+
end
|
metadata
ADDED
@@ -0,0 +1,189 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: tls-map
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Alexandre ZANNI
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2021-04-30 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: docopt
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0.6'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: paint
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '2.2'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '2.2'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: 2.1.0
|
48
|
+
- - "<"
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: '2.3'
|
51
|
+
type: :development
|
52
|
+
prerelease: false
|
53
|
+
version_requirements: !ruby/object:Gem::Requirement
|
54
|
+
requirements:
|
55
|
+
- - ">="
|
56
|
+
- !ruby/object:Gem::Version
|
57
|
+
version: 2.1.0
|
58
|
+
- - "<"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '2.3'
|
61
|
+
- !ruby/object:Gem::Dependency
|
62
|
+
name: commonmarker
|
63
|
+
requirement: !ruby/object:Gem::Requirement
|
64
|
+
requirements:
|
65
|
+
- - "~>"
|
66
|
+
- !ruby/object:Gem::Version
|
67
|
+
version: '0.21'
|
68
|
+
type: :development
|
69
|
+
prerelease: false
|
70
|
+
version_requirements: !ruby/object:Gem::Requirement
|
71
|
+
requirements:
|
72
|
+
- - "~>"
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '0.21'
|
75
|
+
- !ruby/object:Gem::Dependency
|
76
|
+
name: github-markup
|
77
|
+
requirement: !ruby/object:Gem::Requirement
|
78
|
+
requirements:
|
79
|
+
- - "~>"
|
80
|
+
- !ruby/object:Gem::Version
|
81
|
+
version: '4.0'
|
82
|
+
type: :development
|
83
|
+
prerelease: false
|
84
|
+
version_requirements: !ruby/object:Gem::Requirement
|
85
|
+
requirements:
|
86
|
+
- - "~>"
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '4.0'
|
89
|
+
- !ruby/object:Gem::Dependency
|
90
|
+
name: redcarpet
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - "~>"
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '3.5'
|
96
|
+
type: :development
|
97
|
+
prerelease: false
|
98
|
+
version_requirements: !ruby/object:Gem::Requirement
|
99
|
+
requirements:
|
100
|
+
- - "~>"
|
101
|
+
- !ruby/object:Gem::Version
|
102
|
+
version: '3.5'
|
103
|
+
- !ruby/object:Gem::Dependency
|
104
|
+
name: rubocop
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - "~>"
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '1.10'
|
110
|
+
type: :development
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - "~>"
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '1.10'
|
117
|
+
- !ruby/object:Gem::Dependency
|
118
|
+
name: yard
|
119
|
+
requirement: !ruby/object:Gem::Requirement
|
120
|
+
requirements:
|
121
|
+
- - "~>"
|
122
|
+
- !ruby/object:Gem::Version
|
123
|
+
version: '0.9'
|
124
|
+
type: :development
|
125
|
+
prerelease: false
|
126
|
+
version_requirements: !ruby/object:Gem::Requirement
|
127
|
+
requirements:
|
128
|
+
- - "~>"
|
129
|
+
- !ruby/object:Gem::Version
|
130
|
+
version: '0.9'
|
131
|
+
description: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL,
|
132
|
+
GnUTLS, NSS'
|
133
|
+
email: alexandre.zanni@engineer.com
|
134
|
+
executables:
|
135
|
+
- tls-map
|
136
|
+
- tls-map_console
|
137
|
+
extensions: []
|
138
|
+
extra_rdoc_files: []
|
139
|
+
files:
|
140
|
+
- LICENSE
|
141
|
+
- bin/tls-map
|
142
|
+
- bin/tls-map_console
|
143
|
+
- data/mapping.json
|
144
|
+
- data/mapping.marshal
|
145
|
+
- data/mapping.md
|
146
|
+
- data/mapping.min.json
|
147
|
+
- lib/tls_map.rb
|
148
|
+
- lib/tls_map/cli.rb
|
149
|
+
- lib/tls_map/gnutls.rb
|
150
|
+
- lib/tls_map/iana.rb
|
151
|
+
- lib/tls_map/nss.rb
|
152
|
+
- lib/tls_map/openssl.rb
|
153
|
+
- lib/tls_map/output.rb
|
154
|
+
- lib/tls_map/utils.rb
|
155
|
+
- lib/tls_map/version.rb
|
156
|
+
homepage: https://sec-it.github.io/tls-map/
|
157
|
+
licenses:
|
158
|
+
- MIT
|
159
|
+
metadata:
|
160
|
+
yard.run: yard
|
161
|
+
bug_tracker_uri: https://github.com/sec-it/tls-map/issues
|
162
|
+
changelog_uri: https://github.com/sec-it/tls-map/blob/master/docs/CHANGELOG.md
|
163
|
+
documentation_uri: https://sec-it.github.io/tls-map/yard/
|
164
|
+
homepage_uri: https://sec-it.github.io/tls-map/
|
165
|
+
source_code_uri: https://github.com/sec-it/tls-map/
|
166
|
+
post_install_message:
|
167
|
+
rdoc_options: []
|
168
|
+
require_paths:
|
169
|
+
- lib
|
170
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
171
|
+
requirements:
|
172
|
+
- - ">="
|
173
|
+
- !ruby/object:Gem::Version
|
174
|
+
version: 2.6.0
|
175
|
+
- - "<"
|
176
|
+
- !ruby/object:Gem::Version
|
177
|
+
version: '3.1'
|
178
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
179
|
+
requirements:
|
180
|
+
- - ">="
|
181
|
+
- !ruby/object:Gem::Version
|
182
|
+
version: '0'
|
183
|
+
requirements: []
|
184
|
+
rubygems_version: 3.2.15
|
185
|
+
signing_key:
|
186
|
+
specification_version: 4
|
187
|
+
summary: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS,
|
188
|
+
NSS'
|
189
|
+
test_files: []
|