tls-map 1.1.0 → 1.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 83caecd8dd0a4d170d686c141a7b39860f99f29f2bc4e436418eca7b877807ff
-  data.tar.gz: 7a3a245f86067d8c9d59fb8f75b207e320c09d11b701624adf86842da27afc4e
+  metadata.gz: 0eadde9b90bc4cfb3dc23e8b6263fdaf5fc1815a262ee8c6f2db3dfc0fe54db7
+  data.tar.gz: 7c80ee6fa969f77643e8256cc0d4a33f1de8bf1f540fefe7d1641e3691e76044
 SHA512:
-  metadata.gz: fa1240ae951c33a26838ee04f15b55e03ec452cd9b03790394ebee99a142acc91b0bda3074f95bf97f495d3b553ef8363c17221d2c519772690ca5573954a80d
-  data.tar.gz: cd72c3ff9281bfe37a7f866a33fc73340dbd70f37ee370cfd3a01a1742760d3f0f110a778ded5b03aca8b01873832f66ca24ebeef51ba3cab09d57c3e81b5377
+  metadata.gz: a7303c826807b76c35d3899b02ce0af2874471e7dc55f19d6dcef85447270c5ea8fbb67e7bdb21fa5acf9a352f5355adcaa83e23bc4aeb83f42ca0d2149964aa
+  data.tar.gz: c148a6770e6619bb7d32a435d7ad314e55871f4188cbff01c1f21c8e02e58497e3c6d32ec007bb27b6b9020c85bbd596a32e99575c7a1fab3cd4d224f7969184

data/bin/tls-map

@@ -10,31 +10,44 @@ require 'tls_map/cli'
 require 'docopt'
 require 'paint'
 
+# can't specify 2 options with the same name even if used in different commands
+# https://github.com/docopt/docopt/issues/296#issuecomment-857477191
 doc = <<~DOCOPT
-  TLS map
+  TLS map #{TLSmap::VERSION}
 
   Usage:
     tls-map search <critera> <term> [-o <output> --force -e -a] [--no-color --debug]
+    tls-map bulk <critera> <file> [-q <output> --force] [--no-color --debug]
     tls-map export <filename> <format> [--force] [--debug]
+    tls-map extract <filename> <format> [--no-color --debug]
     tls-map update [--debug]
     tls-map -h | --help
     tls-map --version
 
-  Search options: (offline)
+  Search options: (offline) search and translate cipher names between SSL/TLS libraries
     <critera>               The type of term. Accepted values: codepoint, iana, openssl, gnutls, nss.
     <term>                  The cipher algorithm name.
     -o, --output <output>   Displayed fields. Accepted values: all, codepoint, iana, openssl, gnutls, nss. [default: all]
     -e, --extended          (Online) Display additional information about the cipher (requires output = all or iana)
     -a, --acronym           (Online) Display full acronym name (requires -e / --extended option)
 
-  Export options: (offline)
+  Bulk options: (offline) search and translate cipher names between SSL/TLS libraries in bulk
+    <critera>               The type of term. Accepted values: codepoint, iana, openssl, gnutls, nss.
+    <file>                  File containing the cipher algorithm names, one per line.
+    -q, --output2 <output>  Displayed fields. Accepted values: codepoint, iana, openssl, gnutls, nss. [default: iana]
+
+  Export options: (offline) export the list of all ciphers (mapping) in various formats
     <filename>              The output file name to write to.
     <format>                Supported formats: markdown (a markdown table), json_pretty (expanded JSON), json_compact (minified JSON), marshal (Ruby marshalized hash).
 
+  Extract options: (offline) extract ciphers from external tools output file
+    <filename>              The external tool output file
+    <format>                Supported formats: sslyze, sslscan2, testssl, ssllabs-scan (check the documentation for the expected file format)
+
   Update options: (online) DANGEROUS, will break database integrity, force option will be required
 
   Other options:
-    --force     Force parsing even if intigrity check failed (DANGEROUS, may result in command execution vulnerability)
+    --force     Force parsing even if integrity check failed (DANGEROUS, may result in command execution vulnerability)
     --no-color  Disable colorized output
     --debug     Display arguments
     -h, --help  Show this screen
@@ -75,10 +88,24 @@ begin
         end
       end
     end
+  elsif args['bulk']
+    cli = TLSmap::CLI.new(args['--force'])
+    res = cli.bulk_search(args['<critera>'].to_sym, args['<file>'], args['--output2'].to_sym)
+    puts Paint['No match found', :red] if res.empty?
+    res.each do |h|
+      puts Paint[h[args['--output2'].to_sym], :green]
+    end
   elsif args['export']
     cli = TLSmap::CLI.new(args['--force'])
     cli.export(args['<filename>'], args['<format>'].to_sym)
     puts "#{args['<filename>']} exported"
+  elsif args['extract']
+    extractor = TLSmap::App::Extractor.new
+    ciphers = extractor.parse(args['<format>'], args['<filename>'])
+    ciphers.each do |k, v|
+      puts Paint[k, :blue] unless v.empty?
+      puts Paint[v.join("\n"), :white] unless v.empty?
+    end
   elsif args['update']
     cli = TLSmap::CLI.new
     cli.update

data/lib/tls_map.rb

@@ -11,6 +11,7 @@ require 'tls_map/gnutls'
 require 'tls_map/nss'
 require 'tls_map/output'
 require 'tls_map/ciphersuiteinfo'
+require 'tls_map/extractor'
 
 # TLS map module
 module TLSmap
@@ -18,11 +19,11 @@ module TLSmap
   class App
     # Will automatically fetch source files and parse them.
     def initialize
-      @iana_file = tmpfile('iana', IANA_URL)
-      @openssl_file = tmpfile('openssl', OPENSSL_URL)
-      @openssl_file2 = tmpfile('openssl', OPENSSL_URL2)
-      @gnutls_file = tmpfile('gnutls', GNUTLS_URL)
-      @nss_file = tmpfile('nss', NSS_URL)
+      @iana_file = Utils.tmpfile('iana', IANA_URL)
+      @openssl_file = Utils.tmpfile('openssl', OPENSSL_URL)
+      @openssl_file2 = Utils.tmpfile('openssl', OPENSSL_URL2)
+      @gnutls_file = Utils.tmpfile('gnutls', GNUTLS_URL)
+      @nss_file = Utils.tmpfile('nss', NSS_URL)
 
       @tls_map = []
       parse
@@ -36,13 +37,13 @@ module TLSmap
     end
 
     # Search for corresponding cipher algorithms in other libraries
-    # @param critera [Symbol] The type of +term+.
-    #   Accepted values: +:codepoint+, +:iana+, +:openssl+, +:gnutls+, +:nss+.
+    # @param critera [Symbol] The type of `term`.
+    #   Accepted values: `:codepoint`, `:iana`, `:openssl`, `:gnutls`, `:nss`.
     # @param term [String] The cipher algorithm name.
     # @param output [Symbol] The corresponding type to be included in the return value.
-    #   Accepted values: +:all+ (default), +:codepoint+, +:iana+, +:openssl+,
-    #   +:gnutls+, +:nss+.
-    # @return [Hash] The corresponding type matching +term+.
+    #   Accepted values: `:all` (default), `:codepoint`, `:iana`, `:openssl`,
+    #   `:gnutls`, `:nss`.
+    # @return [Hash] The corresponding type matching `term`.
     def search(critera, term, output = :all)
       @tls_map.each do |alg|
         term = term.upcase if critera == :codepoint
@@ -54,6 +55,23 @@ module TLSmap
       {}
     end
 
+    # Search for corresponding cipher algorithms in other libraries in bulk
+    # @param critera [Symbol] The type of `term`.
+    #   Accepted values: `:codepoint`, `:iana`, `:openssl`, `:gnutls`, `:nss`.
+    # @param file [String] File containing the cipher algorithm names, one per line.
+    # @param output [Symbol] The corresponding type to be included in the return value.
+    #   Accepted values: `:all` (default), `:codepoint`, `:iana`, `:openssl`,
+    #   `:gnutls`, `:nss`.
+    # @return [Array<Hash>] The corresponding type, same as {search} return value
+    #   but one per line stored in an array.
+    def bulk_search(critera, file, output = :all)
+      res = []
+      File.foreach(file) do |line|
+        res.push(search(critera, line.chomp, output))
+      end
+      res
+    end
+
     protected :parse
   end
 end

data/lib/tls_map/ciphersuiteinfo.rb

@@ -10,11 +10,13 @@ require 'yaml'
 module TLSmap
   class App
     # Partial wrapper around ciphersuite.info API to get extra info about a cipher
+    #
     # Documentation:
-    #   - https://ciphersuite.info/blog/2019/04/05/how-to-use-our-api/
-    #   - https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.0.md
-    #   - https://ciphersuite.info/api/
-    #   - https://github.com/hcrudolph/ciphersuite.info
+    #
+    # - https://ciphersuite.info/blog/2019/04/05/how-to-use-our-api/
+    # - https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.0.md
+    # - https://ciphersuite.info/api/
+    # - https://github.com/hcrudolph/ciphersuite.info
     class Extended
       # Root URL of Cipher Suite Info
       ROOT = 'https://ciphersuite.info/'
@@ -43,13 +45,10 @@ module TLSmap
         2 => { title: 'High', color: :red }
       }.freeze
 
-      include Utils
-      protected :tmpfile
-
       # Will automatically fetch source files and parse them.
       def initialize
-        @tech_file = tmpfile('tech', TECH_DATA)
-        @vuln_file = tmpfile('vuln', VULN_DATA)
+        @tech_file = Utils.tmpfile('tech', TECH_DATA)
+        @vuln_file = Utils.tmpfile('vuln', VULN_DATA)
         @tech = parse_tech
         @vuln = parse_vuln
       end
@@ -57,8 +56,8 @@ module TLSmap
       # Retrieve advanced about a cipher on Cipher Suite Info API and enhanced it
       # @param iana_name [String] IANA cipher name
       # @return [Hash] Hash containing advanced information. The keys are the same as {DICO}. All valeus are string
-      #   except +vulns+ which is an array of hashes containing two keys: +:severity+ (integer) and +:description+
-      #   (string). Each hash in +vulns+ correspond to a vulnerability.
+      #   except `vulns` which is an array of hashes containing two keys: `:severity` (integer) and `:description`
+      #   (string). Each hash in `vulns` correspond to a vulnerability.
       def extend(iana_name) # rubocop:disable Metrics/MethodLength
         obj = Net::HTTP.get(URI("#{API_ROOT}cs/#{iana_name}/"))
         out = JSON.parse(obj)[iana_name]
@@ -99,7 +98,7 @@ module TLSmap
 
       # Translate cipher related acronyms
       # @param term [String] Acronym, eg. DSS
-      # @return [String] The long name of the acronym, eg. Digital Signature Standard or +nil+ if it's not found
+      # @return [String] The long name of the acronym, eg. Digital Signature Standard or `nil` if it's not found
       def translate_acronym(term)
         return @tech[term][:long_name] unless @tech[term].nil?
 
@@ -108,7 +107,7 @@ module TLSmap
 
       # Find vulnerabilities related to a technology
       # @param tech [String] The technology acronym, eg. CBC
-      # @return [Array<Hash>] Array of vulnerabilities as described for {extend} return value in the +vulns+ key.
+      # @return [Array<Hash>] Array of vulnerabilities as described for {extend} return value in the `vulns` key.
       def find_vuln(tech)
         return @tech[tech][:vulnerabilities].map { |vuln| @vuln[vuln] } unless @tech[tech][:vulnerabilities].nil?
 

data/lib/tls_map/cli.rb

@@ -9,7 +9,7 @@ module TLSmap
   class CLI < App
     INTEGRITY = '42e44f89550365da2bc8d33d87f88b65d85d6474e90f9edb65e0ea6c78f61a53' # sha2-256
 
-    # Load and parse data from marshalized hash (+data/mapping.marshal+).
+    # Load and parse data from marshalized hash (`data/mapping.marshal`).
     # It must match the integrity check for security purpose.
     # @param force [Boolean] Force parsing even if intigrity check failed (DANGEROUS,
     #   may result in command execution vulnerability)
@@ -31,7 +31,7 @@ module TLSmap
     end
 
     # Check if the password database exists
-    # @return [Boolean] +true+ if the file exists
+    # @return [Boolean] `true` if the file exists
     def database_exists?
       exists = File.file?(@database_path)
       raise "Database does not exist: #{@database_path}" unless exists

data/lib/tls_map/extractor.rb

@@ -0,0 +1,276 @@
+# frozen_string_literal: true
+
+# Ruby internal
+require 'json'
+# Project internal
+require 'tls_map/cli'
+# External
+require 'rexml/document'
+
+module TLSmap
+  class App
+    # External tools output data extractor
+    #
+    # Output files from [SSLyze][1] (JSON), [sslscan2][2] (XML), [testssl.sh][3] (JSON), [ssllabs-scan][4] (JSON)
+    #
+    # [1]:https://github.com/nabla-c0d3/sslyze
+    # [2]:https://github.com/rbsec/sslscan
+    # [3]:https://github.com/drwetter/testssl.sh
+    # [4]:https://github.com/ssllabs/ssllabs-scan
+    #
+    # Example of commands:
+    #
+    # - `sslyze --json_out=example.org.json example.org`
+    # - `sslscan2 --show-cipher-ids --xml=example.org.xml example.org`
+    #   - `--show-cipher-ids` is mandatory else ciphers are not saved to the output
+    # - `testssl --jsonfile-pretty example.org.json --mapping no-openssl --cipher-per-proto example.org`
+    #   - json-pretty is the only supported format, default json or csv, html won't work
+    # - `ssllabs-scan --quiet example.org > example.org.json`
+    #   - The default output is the only supported format, using `-json-flat` won't work
+    class Extractor
+      # Get the list of ciphers extracted from the tool output file
+      # @return [Array<String>] Cipher array (IANA names)
+      attr_reader :ciphers
+
+      # Initialize {TLSmap::App::Extractor} instance
+      def initialize
+        @ciphers = []
+      end
+
+      # Return only the SSL 2.0 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def ssl20
+        @ciphers['SSL2.0']
+      end
+
+      # Return only the SSL 3.0 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def ssl30
+        @ciphers['SSL3.0']
+      end
+
+      # Return only the TLS 1.0 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def tls10
+        @ciphers['TLS1.0']
+      end
+
+      # Return only the TLS 1.1 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def tls11
+        @ciphers['TLS1.1']
+      end
+
+      # Return only the TLS 1.2 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def tls12
+        @ciphers['TLS1.2']
+      end
+
+      # Return only the TLS 1.3 ciphers
+      # @return [Array<String>] Cipher array (IANA names)
+      def tls13
+        @ciphers['TLS1.3']
+      end
+
+      # Extract the ciphers from the tool output file
+      # @param tool [String] Possible values: `sslyze`, `sslscan2`, `testssl`, `ssllabs-scan`
+      # @param file [String] Path of the tool output file, beware of the format expected. See {TLSmap::App::Extractor}
+      # @return [Array<String>] Cipher array (IANA names)
+      def parse(tool, file)
+        # Convert string to class
+        @ciphers = Object.const_get("TLSmap::App::Extractor::#{normalize(tool)}").parse(file)
+      rescue StandardError
+        warn helper(tool)
+      end
+
+      # Commands for {helper}
+      CMD = {
+        'sslyze' => 'sslyze --json_out=example.org.json example.org',
+        'sslscan2' => 'sslscan2 --show-cipher-ids --xml=example.org.xml example.org',
+        'testssl' => 'testssl --jsonfile-pretty example.org.json --mapping no-openssl --cipher-per-proto example.org',
+        'ssllabs-scan' => 'ssllabs-scan --quiet example.org > example.org.json'
+      }.freeze
+
+      # Get the external tool command used to generate the expected result format
+      # @param tool [String] Possible values: `sslyze`, `sslscan2`, `testssl`, `ssllabs-scan`
+      # @return [String] external tool command used to generate the expected result format used in input of the extract
+      #   command (CLI) / {parse} method (library)
+      def helper(tool)
+        intro = 'You may not be provinding the right format.'
+        outro = 'See https://sec-it.github.io/tls-map/yard/TLSmap/App/Extractor'
+        "#{intro}\nUse this command: #{CMD[tool]}\n#{outro}"
+      end
+
+      # Convert cmdline tool name to Class name
+      def normalize(tool)
+        tool.split('-').map(&:capitalize).join
+      end
+
+      protected :normalize, :helper
+      private_constant :CMD
+
+      # Parsing SSLyze
+      class Sslyze
+        class << self
+          # Extract the ciphers from the sslyze output file
+          # @param file [String] Path of the sslyze output file, beware of the format expected.
+          #   See {TLSmap::App::Extractor}
+          # @return [Array<String>] Cipher array (IANA names)
+          def parse(file)
+            data = Utils.json_load_file(file)
+            extract_cipher(data)
+          end
+
+          # Extract the ciphers from the sslyze output file
+          # @param json_data [Hash] Ruby hash of the parsed JSON
+          # @return [Array<String>] Cipher array (IANA names)
+          def extract_cipher(json_data)
+            ciphers = json_data['server_scan_results'][0]['scan_commands_results']
+            raw = {
+              'SSL2.0' => ciphers['ssl_2_0_cipher_suites']['accepted_cipher_suites'],
+              'SSL3.0' => ciphers['ssl_3_0_cipher_suites']['accepted_cipher_suites'],
+              'TLS1.0' => ciphers['tls_1_0_cipher_suites']['accepted_cipher_suites'],
+              'TLS1.1' => ciphers['tls_1_1_cipher_suites']['accepted_cipher_suites'],
+              'TLS1.2' => ciphers['tls_1_2_cipher_suites']['accepted_cipher_suites'],
+              'TLS1.3' => ciphers['tls_1_3_cipher_suites']['accepted_cipher_suites']
+            }
+            raw.transform_values { |v| v.empty? ? v : v.map { |x| x['cipher_suite']['name'] } }
+          end
+
+          protected :extract_cipher
+        end
+      end
+
+      # Parsing sslscan2
+      class Sslscan2
+        class << self
+          # Extract the ciphers from the sslscan2 output file
+          # @param file [String] Path of the sslscan2 output file, beware of the format expected.
+          #   See {TLSmap::App::Extractor}
+          # @return [Array<String>] Cipher array (IANA names)
+          def parse(file, online = false)
+            doc = REXML::Document.new(File.new(file))
+            extract_cipher(doc, online)
+          end
+
+          # Extract the ciphers from the sslscan2 output file
+          # @param xml_doc [REXML::Document] XML document as returned by `REXML::Document`
+          # @param online By default use the offline mode with {TLSmap::CLI} for better performance.
+          #   Online mode will use {TLSmap::App} and fetch upstream resources to get latest updates but is a lot slower.
+          # @return [Array<String>] Cipher array (IANA names)
+          def extract_cipher(xml_doc, online = false) # rubocop:disable Metrics/MethodLength
+            raw = {
+              'SSL2.0' => [], 'SSL3.0' => [],
+              'TLS1.0' => [], 'TLS1.1' => [], 'TLS1.2' => [], 'TLS1.3' => []
+            }
+            tm = online ? TLSmap::App.new : TLSmap::CLI.new
+            xml_doc.root.each_element('//cipher') do |node|
+              sslv = node.attributes['sslversion'].gsub('v', '')
+              cipher = tm.search(:codepoint, node.attributes['id'][2..], :iana)[:iana]
+              raw[sslv].push(cipher)
+            end
+            raw
+          end
+
+          protected :extract_cipher
+        end
+      end
+
+      # Parsing testssl.sh
+      class Testssl
+        class << self
+          # Extract the ciphers from the testssl output file
+          # @param file [String] Path of the testssl output file, beware of the format expected.
+          #   See {TLSmap::App::Extractor}
+          # @return [Array<String>] Cipher array (IANA names)
+          def parse(file)
+            data = Utils.json_load_file(file)
+            extract_cipher(data)
+          end
+
+          # Extract the ciphers from the testssl output file
+          # @param json_data [Hash] Ruby hash of the parsed JSON
+          # @return [Array<String>] Cipher array (IANA names)
+          def extract_cipher(json_data)
+            cipher = json_data['scanResult'][0]['cipherTests']
+            raw = {
+              'SSL2.0' => [], 'SSL3.0' => [],
+              'TLS1.0' => [], 'TLS1.1' => [], 'TLS1.2' => [], 'TLS1.3' => []
+            }
+            cipher.each do |node|
+              raw[id2prot(node['id'])].push(finding2cipher(node['finding']))
+            end
+            raw
+          end
+
+          # Convert testssl protocol id to protocol name in TLSmap format
+          # @param id [String] testssl protocol id
+          # @return [String] protocol name in TLSmap format
+          def id2prot(id)
+            prot = {
+              'ssl2' => 'SSL2.0', 'ssl3' => 'SSL3.0', 'tls1' => 'TLS1.0',
+              'tls1_1' => 'TLS1.1', 'tls1_2' => 'TLS1.2', 'tls1_3' => 'TLS1.3'
+            }
+            protv = id.match(/cipher-(\w+)_x\w+/).captures[0]
+            prot[protv]
+          end
+
+          # Extract the cipher name from testssl finding
+          # @param finding [String] testssl finding
+          # @return [String] cipher name (IANA names)
+          def finding2cipher(finding)
+            /\s(\w+_\w+)\s/.match(finding).captures[0]
+          end
+
+          protected :extract_cipher, :id2prot, :finding2cipher
+        end
+      end
+
+      # Parsing ssllabs-scan
+      class SsllabsScan
+        class << self
+          # Extract the ciphers from the ssllabs-scan output file
+          # @param file [String] Path of the ssllabs-scan output file, beware of the format expected.
+          #   See {TLSmap::App::Extractor}
+          # @return [Array<String>] Cipher array (IANA names)
+          def parse(file)
+            data = Utils.json_load_file(file)
+            extract_cipher(data)
+          end
+
+          # Extract the ciphers from the ssllabs-scan output file
+          # @param json_data [Hash] Ruby hash of the parsed JSON
+          # @return [Array<String>] Cipher array (IANA names)
+          def extract_cipher(json_data) # rubocop:disable Metrics/MethodLength
+            raw = {
+              'SSL2.0' => [], 'SSL3.0' => [],
+              'TLS1.0' => [], 'TLS1.1' => [], 'TLS1.2' => [], 'TLS1.3' => []
+            }
+            json_data[0]['endpoints'].each do |endpoint|
+              endpoint['details']['suites'].each do |suite|
+                suite['list'].each do |cipher|
+                  raw[id2prot(suite['protocol'])].push(cipher['name'])
+                end
+              end
+            end
+            raw.transform_values(&:uniq)
+          end
+
+          # Convert ssllabs-scan protocol id to protocol name in TLSmap format
+          # @param id [String] ssllabs-scan protocol id
+          # @return [String] protocol name in TLSmap format
+          def id2prot(id)
+            prot = {
+              512 => 'SSL2.0', 768 => 'SSL3.0', 769 => 'TLS1.0',
+              770 => 'TLS1.1', 771 => 'TLS1.2', 772 => 'TLS1.3'
+            }
+            prot[id]
+          end
+
+          protected :extract_cipher, :id2prot
+        end
+      end
+    end
+  end
+end

data/lib/tls_map/output.rb

@@ -35,9 +35,9 @@ module TLSmap
 
     # Export the mapping to a file, supporting various formats.
     # @param filename [String] The output file name to write to.
-    # @param format [Symbol] Supported formats: +:markdown+ (a markdown table),
-    #   +:json_pretty+ (expanded JSON), +:json_compact+ (minified JSON),
-    #   +:marshal+ (Ruby marshalized hash).
+    # @param format [Symbol] Supported formats: `:markdown` (a markdown table),
+    #   `:json_pretty` (expanded JSON), `:json_compact` (minified JSON),
+    #   `:marshal` (Ruby marshalized hash).
     def export(filename, format)
       case format
       when :markdown      then output_markdown(filename)

data/lib/tls_map/utils.rb

@@ -3,22 +3,27 @@
 # Ruby internal
 require 'net/http'
 require 'tempfile'
+require 'json'
 
 # TLS map module
 module TLSmap
   # Generic utilities
   module Utils
-    def tmpfile(name, url)
+    def self.tmpfile(name, url)
       tmp = Tempfile.new(name)
       tmp.write(Net::HTTP.get(URI(url)))
       tmp.close
       tmp
     end
-  end
 
-  # TLS mapping
-  class App
-    include Utils
-    protected :tmpfile
+    # bring JSON.load_file before ruby 3.0.0
+    # https://ruby-doc.org/stdlib-3.0.0/libdoc/json/rdoc/JSON.html#method-i-load_file
+    def self.json_load_file(filespec, opts = {})
+      if RUBY_VERSION < '3.0.0'
+        JSON.parse(File.read(filespec), opts)
+      else
+        JSON.load_file(filespec, opts)
+      end
+    end
   end
 end

data/lib/tls_map/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TLSmap
-  VERSION = '1.1.0'
+  VERSION = '1.3.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tls-map
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.3.2
 platform: ruby
 authors:
 - Alexandre ZANNI
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-25 00:00:00.000000000 Z
+date: 2021-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: docopt
@@ -39,95 +39,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.2'
 - !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.1.0
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.1.0
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-- !ruby/object:Gem::Dependency
-  name: commonmarker
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.21'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.21'
-- !ruby/object:Gem::Dependency
-  name: github-markup
+  name: rexml
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
-- !ruby/object:Gem::Dependency
-  name: redcarpet
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.10'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.10'
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.9'
-  type: :development
+        version: '3.2'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '3.2'
 description: 'CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL,
   GnuTLS, NSS'
 email: alexandre.zanni@engineer.com
@@ -147,6 +71,7 @@ files:
 - lib/tls_map.rb
 - lib/tls_map/ciphersuiteinfo.rb
 - lib/tls_map/cli.rb
+- lib/tls_map/extractor.rb
 - lib/tls_map/gnutls.rb
 - lib/tls_map/iana.rb
 - lib/tls_map/nss.rb