search

OWASP / O-Saft

O-Saft - OWASP SSL advanced forensic tool
GNU General Public License v2.0
372 stars 97 forks source link

--cipher-range bizarre behaviour #150

Closed kylak closed 1 month ago

kylak commented 1 month ago

Hi.

When I do this command ./o-saft.pl +cipher my.tld --ca-path=/etc/pki/tls --cipher-range=TLSv12 I got 12 accepted cipher suites.

However when I switch the cipher-range to iana instead of TLSv12, I got 4 accepted cipher suites!

I don't understand, it seems to be a bug ..

EnDe commented 1 month ago

./o-saft.pl --header --help=range

EnDe commented 1 month ago

--help-range now prints number of ciphers per range, see OMan.pm.

kylak commented 1 month ago

Thanks, however I didn't find in the doc, the explanation of why iana has only 24 cipher suites because on their website they have more than 300 cipher suites.