- add util that creates python dicts from iana registries

[tintinweb]

no more copy paste orgies ;) creates python dicts from official iana tls registries (https://www.iana.org/assignments/tls-parameters/tls-parameters.xml) may be used to sync our dicts every now and then.

do we want to have a 'utils' top level folder? any other suggestions?

python fetch_from_iana_tls_registry.py tls-parameters-4
# cipher_list generated from https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
# from id: tls-parameters-4
# date: 2015-05-26
# skipping: ValueError("invalid literal for int() with base 16: '0x1C-1D'",)
data = {
    0x0000: 'NULL_WITH_NULL_NULL',
    0x0001: 'RSA_WITH_NULL_MD5',
    0x0002: 'RSA_WITH_NULL_SHA',
    0x0003: 'RSA_EXPORT_WITH_RC4_40_MD5',
    ...
    0xc0ad: 'ECDHE_ECDSA_WITH_AES_256_CCM',
    0xc0ae: 'ECDHE_ECDSA_WITH_AES_128_CCM_8',
    0xc0af: 'ECDHE_ECDSA_WITH_AES_256_CCM_8',
    }

...
python fetch_from_iana_tls_registry.py tls-parameters-5
...

[buildhive]

tintin » scapy-ssl_tls #44 SUCCESS This pull request looks good (what's this?)

[alexmgr]

utils top level folder sounds good. We could actually add a layer file which is just a dict generated via the above script.

Overall, I'm starting to think that we'd need to create a subfolder in the layers folder (like inet). We're starting to grow a bit tight ;)

[tintinweb]

yeah, thought about adding an ssl_tls_registers.py but I'd be also good only having ssl_tls.py in the layers and a sub-package with the crypto and all the registers. Any other ideas?

[alexmgr]

No other ideas ;). I had a quick look at the organization of the layers folder, and it seems to be all flat. So guess today's approach is fine. It would be nice to hide ssl_tls_crypto though and move TLSSessionCtx() into ssl_tls.py at some stage. No hard feelings here, and no definite ideas either

[buildhive]

tintin » scapy-ssl_tls #77 SUCCESS This pull request looks good (what's this?)

[tintinweb]

• fetches all registries if none specified on cmdline
• fetches multiple iana sources (compressions,extensions,tls-params)
• does minor name normalization (removing 'TLS' prefixes for values, replacing [" ","-","(.*)"] with "")
• registry title => dict name (uppercase)
• does not work with python2.6 due to changes in xml.etree

The idea is to import structs from the autogenerated ssl_tls_registry.py (only fetch_iana_tls_registry should ever touch that file) and make them available in ssl_tls.py while renaming the structs to fit our conventions.

usage: python fetch_iana_tls_registry.py > ../scapy_ssl_tls/ssl_tls_registry.py

[buildhive]

tintin » scapy-ssl_tls #79 SUCCESS This pull request looks good (what's this?)

[tintinweb]

I've made ssl_tls_registry available in ssl_tls as ssl_tls.registry. Also tried to make crypto available but that causes errors therfore I've created issue https://github.com/tintinweb/scapy-ssl_tls/issues/29

[tintinweb]

btw. TLS_EXPORTER_LABEL_REGISTRY is empty but it is not of much use anyway.