--cipher-range bizarre behaviour

OWASP / O-Saft

O-Saft - OWASP SSL advanced forensic tool

GNU General Public License v2.0

373 stars 86 forks source link

--cipher-range bizarre behaviour #150

Closed kylak closed 3 months ago

kylak commented 3 months ago

Hi.

When I do this command ./o-saft.pl +cipher my.tld --ca-path=/etc/pki/tls --cipher-range=TLSv12 I got 12 accepted cipher suites.

However when I switch the cipher-range to iana instead of TLSv12, I got 4 accepted cipher suites!

I don't understand, it seems to be a bug ..

EnDe commented 3 months ago

./o-saft.pl --header --help=range

EnDe commented 3 months ago

--help-range now prints number of ciphers per range, see OMan.pm.

kylak commented 3 months ago

Thanks, however I didn't find in the doc, the explanation of why iana has only 24 cipher suites because on their website they have more than 300 cipher suites.