search

april / tls-table

Generates mappings between IANA TLS hex values and their corresponding cipher names in GnuTLS, NSS, and OpenSSL
Mozilla Public License 2.0
23 stars 11 forks source link

Are these Cipher_Suites still updated? #4

Open mdantonio opened 4 years ago

mdantonio commented 4 years ago

Hello, I was looking at: https://wiki.mozilla.org/Security/Cipher_Suites

and noticed that the table was last updated in May 2019

I tried to execute the tsl-table script by myself but I got an error:

$ python3 tls-table.py mediawiki --colorize

Retrieving IANA cipher List
Retrieving NSS cipher list
  Warning: code point 0x00,0x66 (TLS_DHE_DSS_WITH_RC4_128_SHA) not in IANA registry
  Warning: code point 0x00,0x62 (TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA) not in IANA registry
  Warning: code point 0x00,0x64 (TLS_RSA_EXPORT1024_WITH_RC4_56_SHA) not in IANA registry
  Warning: code point 0x00,0x63 (TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA) not in IANA registry
  Warning: code point 0x00,0x65 (TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA) not in IANA registry
Retrieving OpenSSL cipher list
Unable to retrieve or parse OpenSSL cipher list
Retrieving GnuTLS cipher list
  Warning: code point 0x00,0x66 (TLS_DHE_DSS_ARCFOUR_128_SHA1) not in IANA registry
  Warning: code point 0xc1,0x02 (TLS_GOSTR341112_256_28147_CNT_IMIT) not in IANA registry

Retrieving cipher suites from Mozilla Server Side TLS page
Traceback (most recent call last):
  File "tls-table.py", line 259, in <module>
    get_colorize_chart()
  File "tls-table.py", line 68, in get_colorize_chart
    'Modern': get_colorize_chart_openssl_ciphers(recommendations[0]),
IndexError: list index out of range

Is this script still supported? Can the wiki table still be considered updated? or can it be updated?

Many thanks for your support!

noraj commented 3 years ago

I think yes, eg IANA was updated on 2021-04-02

https://github.com/april/tls-table/blob/169f749c0371c73cf96f96d0b7a7e2c9e733f6b1/tls-table.py#L13

GNUTLS and OPENSSL are fetched form master branches so they should be updated.

https://github.com/april/tls-table/blob/169f749c0371c73cf96f96d0b7a7e2c9e733f6b1/tls-table.py#L12 https://github.com/april/tls-table/blob/169f749c0371c73cf96f96d0b7a7e2c9e733f6b1/tls-table.py#L16

mdantonio commented 3 years ago

Ok... thank you Unfortunately the page at https://wiki.mozilla.org/Security/Cipher_Suites is not updated since the last two years and the script does not work for me

noraj commented 3 years ago

Ok... thank you Unfortunately the page at https://wiki.mozilla.org/Security/Cipher_Suites is not updated since the last two years and the script does not work for me

You can see with #5 that TLS table is not working in it's actual state. I made a new tool called TLS map that you cloud use and will work to get up to date values.

janbrasna commented 8 months ago

The page https://wiki.mozilla.org/Security/Cipher_Suites is currently being updated manually, see: