Permalink
Browse files

Fix, header restore, TLS13 ciphers

This fixes a bug which prevented the script from running properly. Also
the commit restores writing a correct comment header. In addition it
adds TLS 1.3 ciphers.
  • Loading branch information...
drwetter committed Jan 3, 2018
1 parent 0bc1f6f commit 407358623e2655c603dedfb1185c48f2fa088506
Showing with 25 additions and 9 deletions.
  1. +25 −9 utils/update_client_sim_data.pl
@@ -4,7 +4,8 @@
use Data::Dumper;
use JSON;
my $namelength = 30;
# we get all data from here
my $json = `curl 'https://api.dev.ssllabs.com/api/v3/getClients'`;
my @spec;
my %ciphers;
@@ -20,8 +21,8 @@
$ciphers{hex "0x$hex"} = $fields[3];
}
my $namelength = 30;
# Get the data
my $json = `curl 'https://api.dev.ssllabs.com/api/v3/getClients'`;
my $ssllabs = decode_json($json);
my %sims;
@@ -73,6 +74,16 @@
push @ciphers, "ECDHE-ECDSA-CHACHA20-POLY1305"; }
elsif ( $suite == "52394" ) {
push @ciphers, "DHE-RSA-CHACHA20-POLY1305"; }
elsif ( $suite == "4865" ) {
push @ciphers, "TLS13-AES-128-GCM-SHA256"; }
elsif ( $suite == "4866" ) {
push @ciphers, "TLS13-AES-256-GCM-SHA384"; }
elsif ( $suite == "4867" ) {
push @ciphers, "TLS13-CHACHA20-POLY1305-SHA256"; }
elsif ( $suite == "4868" ) {
push @ciphers, "TLS13-AES-128-CCM-SHA256"; }
elsif ( $suite == "4869" ) {
push @ciphers, "TLS13-AES-128-CCM-8-SHA256"; }
elsif ( $suite == "14906" ) {
if ( $has_matched ) {
print " \"$shortname\": ";
@@ -204,6 +215,7 @@
#$sim->{minEcdsaBits} = "minEcdsaBits+=(-1)";
#$sim->{requiresSha2} = "requiresSha2+=(false)";
# example of self generated / provided handshake:
$sim->{name} = "names+=(\"Thunderbird 45.1.1 OSX 10.11 \")";
$sim->{shortname} = "short+=(\"thunderbird_45.1.1_osx_101115\")";
$sim->{ciphers} = "ciphers+=(\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA\")";
@@ -328,17 +340,21 @@
}
}
open OUT, ">client-simulation_generated.txt" or die "Unable to open client-simulation_generated.txt";
# This file contains client handshake data used in the run_client_simulation function
# Don't update this file by hand, but run util/update_client_sim_data.pl instead.
# The one currently distributed with testssl.sh (etc/client-simulation.txt) has been generated
my $header = <<"EOF";
# This file contains client handshake data used in the run_client_simulation() function.
# The file distributed with testssl.sh (etc/client-simulation.txt) has been generated
# from this script and manually edited (=which UA to show up) and sorted.
#
# Most clients are taken from Qualys SSL Labs --- From: https://api.dev.ssllabs.com/api/v3/getClients
";
EOF
open OUT, ">client-simulation_generated.txt" or die "Unable to open client-simulation_generated.txt";
print OUT "$header";
foreach my $shortname ( sort keys %sims ) {
foreach my $k ( qw(name shortname ciphers sni warning handshakebytes protos lowestProtocol highestProtocol service
foreach my $k ( qw(name shortname ciphers sni warning handshakebytes protos lowestProtocol highestProtocol service
minDhBits maxDhBits minRsaBits maxRsaBits minEcdsaBits requiresSha2 current) ) {
print OUT " $sims{$shortname}->{$k}\n";
}

0 comments on commit 4073586

Please sign in to comment.