TLS13 Cipher Enumeration

projectdiscovery / tlsx

Fast and configurable TLS grabber focused on TLS based data collection.

MIT License

863 stars 79 forks source link

TLS13 Cipher Enumeration #70

Open Mzack9999 opened 2 years ago

Mzack9999 commented 2 years ago

Please describe your feature request:

Investigate the feasibility of enumerations for TLS1.3 (cipher selection is automatic - ref https://github.com/projectdiscovery/tlsx/issues/20#issuecomment-1158900782)

Describe the use case of this feature:

Cipher enumeration for TLS 1.3

JaneX8 commented 2 days ago

I'm not sure if this is related but I have Tlsx outputting

    "version_enum": [
      "tls13",
      "tls12"
    ],
    "cipher_enum": [
      {
        "version": "tls13",
        "ciphers": {}
      },

While Qualys SSLLabs lists:

# TLS 1.3 (server has no preference)
TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS | 128
TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS | 256
TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS | 256

So, Tlsx is missing ciphers in the list.