Added new data handler "noforwardsecrecy".

google / nogotofail

An on-path blackbox network traffic security testing tool

Apache License 2.0

2.94k stars 418 forks source link

Added new data handler "noforwardsecrecy". #98

Open mkenne11 opened 8 years ago

mkenne11 commented 8 years ago

The "noforwardsecrecy" data handler detects cipher suites negotiated between client and server (in the Server Hello message) which don't support forward secrecy i.e. Ephemeral Diffie-Hellman methods DHE or ECDHE.

mkenne11 commented 8 years ago

Just checking if this PR and #78 are ok to merge? No worries if you are busy :)

mkenne11 commented 8 years ago

I made the changes recommended:

The NoForwardSecrecy handler now inherits from _TlsRecordHandler
INFO items are added in the event log when alerts for this handler are raised

I am still raising notifications in the Android client when alerts for this handler are raised. Do you think this OK? (Not sure if it's too spammy/ or if it's application policy to notify on INFO events).