Module: SSLShake
- Defined in:
- lib/sslshake/common.rb,
lib/sslshake.rb,
lib/sslshake/tls.rb,
lib/sslshake/sslv2.rb,
lib/sslshake/ciphers.rb,
lib/sslshake/version.rb
Overview
copyright: 2016, Dominik Richter license: MPLv2
Defined Under Namespace
Modules: CommonHelpers Classes: Alert, NotYetImplementedError, SSLv2, TLS, UserError
Constant Summary collapse
- CIPHERS =
rubocop:disable Metrics/ModuleLength
{ '010080' => 'SSL_CK_RC4_128_WITH_MD5', '020080' => 'SSL_CK_RC4_128_EXPORT40_WITH_MD5', '030080' => 'SSL_CK_RC2_128_CBC_WITH_MD5', '040080' => 'SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5', '050080' => 'SSL_CK_IDEA_128_CBC_WITH_MD5', '060040' => 'SSL_CK_DES_64_CBC_WITH_MD5', '0700C0' => 'SSL_CK_DES_192_EDE3_CBC_WITH_MD5', '080080' => 'SSL_CK_RC4_64_WITH_MD5', '0000' => 'TLS_NULL_WITH_NULL_NULL', '0001' => 'TLS_RSA_WITH_NULL_MD5', '0002' => 'TLS_RSA_WITH_NULL_SHA', '0003' => 'TLS_RSA_EXPORT_WITH_RC4_40_MD5', '0004' => 'TLS_RSA_WITH_RC4_128_MD5', '0005' => 'TLS_RSA_WITH_RC4_128_SHA', '0006' => 'TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5', '0007' => 'TLS_RSA_WITH_IDEA_CBC_SHA', '0008' => 'TLS_RSA_EXPORT_WITH_DES40_CBC_SHA', '0009' => 'TLS_RSA_WITH_DES_CBC_SHA', '000A' => 'TLS_RSA_WITH_3DES_EDE_CBC_SHA', '000B' => 'TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA', '000C' => 'TLS_DH_DSS_WITH_DES_CBC_SHA', '000D' => 'TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA', '000E' => 'TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA', '000F' => 'TLS_DH_RSA_WITH_DES_CBC_SHA', '0010' => 'TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA', '0011' => 'TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA', '0012' => 'TLS_DHE_DSS_WITH_DES_CBC_SHA', '0013' => 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA', '0014' => 'TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA', '0015' => 'TLS_DHE_RSA_WITH_DES_CBC_SHA', '0016' => 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA', '0017' => 'TLS_DH_anon_EXPORT_WITH_RC4_40_MD5', '0018' => 'TLS_DH_anon_WITH_RC4_128_MD5', '0019' => 'TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA', '001A' => 'TLS_DH_anon_WITH_DES_CBC_SHA', '001B' => 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA', '001E' => 'TLS_KRB5_WITH_DES_CBC_SHA', '001F' => 'TLS_KRB5_WITH_3DES_EDE_CBC_SHA', '0020' => 'TLS_KRB5_WITH_RC4_128_SHA', '0021' => 'TLS_KRB5_WITH_IDEA_CBC_SHA', '0022' => 'TLS_KRB5_WITH_DES_CBC_MD5', '0023' => 'TLS_KRB5_WITH_3DES_EDE_CBC_MD5', '0024' => 'TLS_KRB5_WITH_RC4_128_MD5', '0025' => 'TLS_KRB5_WITH_IDEA_CBC_MD5', '0026' => 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA', '0027' => 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA', '0028' => 'TLS_KRB5_EXPORT_WITH_RC4_40_SHA', '0029' => 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5', '002A' => 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5', '002B' => 'TLS_KRB5_EXPORT_WITH_RC4_40_MD5', '002C' => 'TLS_PSK_WITH_NULL_SHA', '002D' => 'TLS_DHE_PSK_WITH_NULL_SHA', '002E' => 'TLS_RSA_PSK_WITH_NULL_SHA', '002F' => 'TLS_RSA_WITH_AES_128_CBC_SHA', '0030' => 'TLS_DH_DSS_WITH_AES_128_CBC_SHA', '0031' => 'TLS_DH_RSA_WITH_AES_128_CBC_SHA', '0032' => 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA', '0033' => 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA', '0034' => 'TLS_DH_anon_WITH_AES_128_CBC_SHA', '0035' => 'TLS_RSA_WITH_AES_256_CBC_SHA', '0036' => 'TLS_DH_DSS_WITH_AES_256_CBC_SHA', '0037' => 'TLS_DH_RSA_WITH_AES_256_CBC_SHA', '0038' => 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA', '0039' => 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA', '003A' => 'TLS_DH_anon_WITH_AES_256_CBC_SHA', '003B' => 'TLS_RSA_WITH_NULL_SHA256', '003C' => 'TLS_RSA_WITH_AES_128_CBC_SHA256', '003D' => 'TLS_RSA_WITH_AES_256_CBC_SHA256', '003E' => 'TLS_DH_DSS_WITH_AES_128_CBC_SHA256', '003F' => 'TLS_DH_RSA_WITH_AES_128_CBC_SHA256', '0040' => 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256', '0041' => 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA', '0042' => 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA', '0043' => 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA', '0044' => 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA', '0045' => 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA', '0046' => 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA', '0060' => 'TLS_RSA_EXPORT1024_WITH_RC4_56_MD5', '0061' => 'TLS_RSA_EXPORT1024_WITH_RC2_56_MD5', '0062' => 'TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA', '0063' => 'TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA', '0064' => 'TLS_RSA_EXPORT1024_WITH_RC4_56_SHA', '0065' => 'TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA', '0066' => 'TLS_DHE_DSS_WITH_RC4_128_SHA', '0067' => 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256', '0068' => 'TLS_DH_DSS_WITH_AES_256_CBC_SHA256', '0069' => 'TLS_DH_RSA_WITH_AES_256_CBC_SHA256', '006A' => 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256', '006B' => 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256', '006C' => 'TLS_DH_anon_WITH_AES_128_CBC_SHA256', '006D' => 'TLS_DH_anon_WITH_AES_256_CBC_SHA256', '0080' => 'TLS_GOSTR341094_WITH_28147_CNT_IMIT', '0081' => 'TLS_GOSTR341001_WITH_28147_CNT_IMIT', '0082' => 'TLS_GOSTR341094_WITH_NULL_GOSTR3411', '0083' => 'TLS_GOSTR341001_WITH_NULL_GOSTR3411', '0084' => 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA', '0085' => 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA', '0086' => 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA', '0087' => 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA', '0088' => 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA', '0089' => 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA', '008A' => 'TLS_PSK_WITH_RC4_128_SHA', '008B' => 'TLS_PSK_WITH_3DES_EDE_CBC_SHA', '008C' => 'TLS_PSK_WITH_AES_128_CBC_SHA', '008D' => 'TLS_PSK_WITH_AES_256_CBC_SHA', '008E' => 'TLS_DHE_PSK_WITH_RC4_128_SHA', '008F' => 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA', '0090' => 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA', '0091' => 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA', '0092' => 'TLS_RSA_PSK_WITH_RC4_128_SHA', '0093' => 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA', '0094' => 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA', '0095' => 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA', '0096' => 'TLS_RSA_WITH_SEED_CBC_SHA', '0097' => 'TLS_DH_DSS_WITH_SEED_CBC_SHA', '0098' => 'TLS_DH_RSA_WITH_SEED_CBC_SHA', '0099' => 'TLS_DHE_DSS_WITH_SEED_CBC_SHA', '009A' => 'TLS_DHE_RSA_WITH_SEED_CBC_SHA', '009B' => 'TLS_DH_anon_WITH_SEED_CBC_SHA', '009C' => 'TLS_RSA_WITH_AES_128_GCM_SHA256', '009D' => 'TLS_RSA_WITH_AES_256_GCM_SHA384', '009E' => 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256', '009F' => 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384', '00A0' => 'TLS_DH_RSA_WITH_AES_128_GCM_SHA256', '00A1' => 'TLS_DH_RSA_WITH_AES_256_GCM_SHA384', '00A2' => 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256', '00A3' => 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384', '00A4' => 'TLS_DH_DSS_WITH_AES_128_GCM_SHA256', '00A5' => 'TLS_DH_DSS_WITH_AES_256_GCM_SHA384', '00A6' => 'TLS_DH_anon_WITH_AES_128_GCM_SHA256', '00A7' => 'TLS_DH_anon_WITH_AES_256_GCM_SHA384', '00A8' => 'TLS_PSK_WITH_AES_128_GCM_SHA256', '00A9' => 'TLS_PSK_WITH_AES_256_GCM_SHA384', '00AA' => 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256', '00AB' => 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384', '00AC' => 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256', '00AD' => 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384', '00AE' => 'TLS_PSK_WITH_AES_128_CBC_SHA256', '00AF' => 'TLS_PSK_WITH_AES_256_CBC_SHA384', '00B0' => 'TLS_PSK_WITH_NULL_SHA256', '00B1' => 'TLS_PSK_WITH_NULL_SHA384', '00B2' => 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256', '00B3' => 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384', '00B4' => 'TLS_DHE_PSK_WITH_NULL_SHA256', '00B5' => 'TLS_DHE_PSK_WITH_NULL_SHA384', '00B6' => 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256', '00B7' => 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384', '00B8' => 'TLS_RSA_PSK_WITH_NULL_SHA256', '00B9' => 'TLS_RSA_PSK_WITH_NULL_SHA384', '00BA' => 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256', '00BB' => 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256', '00BC' => 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256', '00BD' => 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256', '00BE' => 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256', '00BF' => 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256', '00C0' => 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256', '00C1' => 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256', '00C2' => 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256', '00C3' => 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256', '00C4' => 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256', '00C5' => 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256', '00FF' => 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV', # See https://tools.ietf.org/html/rfc8446#appendix-B.4 "1301" => "TLS_AES_128_GCM_SHA256", "1302" => "TLS_AES_256_GCM_SHA384", "1303" => "TLS_CHACHA20_POLY1305_SHA256", "1304" => "TLS_AES_128_CCM_SHA256", "1305" => "TLS_AES_128_CCM_8_SHA256", 'C001' => 'TLS_ECDH_ECDSA_WITH_NULL_SHA', 'C002' => 'TLS_ECDH_ECDSA_WITH_RC4_128_SHA', 'C003' => 'TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA', 'C004' => 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA', 'C005' => 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA', 'C006' => 'TLS_ECDHE_ECDSA_WITH_NULL_SHA', 'C007' => 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA', 'C008' => 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA', 'C009' => 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA', 'C00A' => 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA', 'C00B' => 'TLS_ECDH_RSA_WITH_NULL_SHA', 'C00C' => 'TLS_ECDH_RSA_WITH_RC4_128_SHA', 'C00D' => 'TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA', 'C00E' => 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA', 'C00F' => 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA', 'C010' => 'TLS_ECDHE_RSA_WITH_NULL_SHA', 'C011' => 'TLS_ECDHE_RSA_WITH_RC4_128_SHA', 'C012' => 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA', 'C013' => 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA', 'C014' => 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'C015' => 'TLS_ECDH_anon_WITH_NULL_SHA', 'C016' => 'TLS_ECDH_anon_WITH_RC4_128_SHA', 'C017' => 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA', 'C018' => 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA', 'C019' => 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA', 'C01A' => 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA', 'C01B' => 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA', 'C01C' => 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA', 'C01D' => 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA', 'C01E' => 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA', 'C01F' => 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA', 'C020' => 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA', 'C021' => 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA', 'C022' => 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA', 'C023' => 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256', 'C024' => 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', 'C025' => 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256', 'C026' => 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384', 'C027' => 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'C028' => 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'C029' => 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256', 'C02A' => 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384', 'C02B' => 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'C02C' => 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', 'C02D' => 'TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256', 'C02E' => 'TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384', 'C02F' => 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'C030' => 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'C031' => 'TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256', 'C032' => 'TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384', 'C033' => 'TLS_ECDHE_PSK_WITH_RC4_128_SHA', 'C034' => 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA', 'C035' => 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA', 'C036' => 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA', 'C037' => 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256', 'C038' => 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384', 'C039' => 'TLS_ECDHE_PSK_WITH_NULL_SHA', 'C03A' => 'TLS_ECDHE_PSK_WITH_NULL_SHA256', 'C03B' => 'TLS_ECDHE_PSK_WITH_NULL_SHA384', 'C03C' => 'TLS_RSA_WITH_ARIA_128_CBC_SHA256', 'C03D' => 'TLS_RSA_WITH_ARIA_256_CBC_SHA384', 'C03E' => 'TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256', 'C03F' => 'TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384', 'C040' => 'TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256', 'C041' => 'TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384', 'C042' => 'TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256', 'C043' => 'TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384', 'C044' => 'TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256', 'C045' => 'TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384', 'C046' => 'TLS_DH_anon_WITH_ARIA_128_CBC_SHA256', 'C047' => 'TLS_DH_anon_WITH_ARIA_256_CBC_SHA384', 'C048' => 'TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256', 'C049' => 'TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384', 'C04A' => 'TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256', 'C04B' => 'TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384', 'C04C' => 'TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256', 'C04D' => 'TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384', 'C04E' => 'TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256', 'C04F' => 'TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384', 'C050' => 'TLS_RSA_WITH_ARIA_128_GCM_SHA256', 'C051' => 'TLS_RSA_WITH_ARIA_256_GCM_SHA384', 'C052' => 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256', 'C053' => 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384', 'C054' => 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256', 'C055' => 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384', 'C056' => 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256', 'C057' => 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384', 'C058' => 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256', 'C059' => 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384', 'C05A' => 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256', 'C05B' => 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384', 'C05C' => 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256', 'C05D' => 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384', 'C05E' => 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256', 'C05F' => 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384', 'C060' => 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256', 'C061' => 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384', 'C062' => 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256', 'C063' => 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384', 'C064' => 'TLS_PSK_WITH_ARIA_128_CBC_SHA256', 'C065' => 'TLS_PSK_WITH_ARIA_256_CBC_SHA384', 'C066' => 'TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256', 'C067' => 'TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384', 'C068' => 'TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256', 'C069' => 'TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384', 'C06A' => 'TLS_PSK_WITH_ARIA_128_GCM_SHA256', 'C06B' => 'TLS_PSK_WITH_ARIA_256_GCM_SHA384', 'C06C' => 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256', 'C06D' => 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384', 'C06E' => 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256', 'C06F' => 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384', 'C070' => 'TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256', 'C071' => 'TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384', 'C072' => 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256', 'C073' => 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384', 'C074' => 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256', 'C075' => 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384', 'C076' => 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'C077' => 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384', 'C078' => 'TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'C079' => 'TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384', 'C07A' => 'TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'C07B' => 'TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'C07C' => 'TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'C07D' => 'TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'C07E' => 'TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'C07F' => 'TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'C080' => 'TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256', 'C081' => 'TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384', 'C082' => 'TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256', 'C083' => 'TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384', 'C084' => 'TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256', 'C085' => 'TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384', 'C086' => 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256', 'C087' => 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384', 'C088' => 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256', 'C089' => 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384', 'C08A' => 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'C08B' => 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'C08C' => 'TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'C08D' => 'TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'C08E' => 'TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'C08F' => 'TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'C090' => 'TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'C091' => 'TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'C092' => 'TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'C093' => 'TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'C094' => 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'C095' => 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'C096' => 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'C097' => 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'C098' => 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'C099' => 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'C09A' => 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'C09B' => 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'C09C' => 'TLS_RSA_WITH_AES_128_CCM', 'C09D' => 'TLS_RSA_WITH_AES_256_CCM', 'C09E' => 'TLS_DHE_RSA_WITH_AES_128_CCM', 'C09F' => 'TLS_DHE_RSA_WITH_AES_256_CCM', 'C0A0' => 'TLS_RSA_WITH_AES_128_CCM_8', 'C0A1' => 'TLS_RSA_WITH_AES_256_CCM_8', 'C0A2' => 'TLS_DHE_RSA_WITH_AES_128_CCM_8', 'C0A3' => 'TLS_DHE_RSA_WITH_AES_256_CCM_8', 'C0A4' => 'TLS_PSK_WITH_AES_128_CCM', 'C0A5' => 'TLS_PSK_WITH_AES_256_CCM', 'C0A6' => 'TLS_DHE_PSK_WITH_AES_128_CCM', 'C0A7' => 'TLS_DHE_PSK_WITH_AES_256_CCM', 'C0A8' => 'TLS_PSK_WITH_AES_128_CCM_8', 'C0A9' => 'TLS_PSK_WITH_AES_256_CCM_8', 'C0AA' => 'TLS_PSK_DHE_WITH_AES_128_CCM_8', 'C0AB' => 'TLS_PSK_DHE_WITH_AES_256_CCM_8', 'C0AC' => 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM', 'C0AD' => 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM', 'C0AE' => 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8', 'C0AF' => 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8', 'CCA8' => 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305', 'CCA9' => 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305', 'CCAA' => 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305', 'CCAB' => 'TLS_PSK_WITH_CHACHA20_POLY1305', 'CCAC' => 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305', 'CCAD' => 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305', 'CCAE' => 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305', 'CC13' => 'OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'CC14' => 'OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'CC15' => 'OLD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'FEFE' => 'SSL_RSA_FIPS_WITH_DES_CBC_SHA', 'FEFF' => 'SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA', 'FFE0' => 'SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA', 'FFE1' => 'SSL_RSA_FIPS_WITH_DES_CBC_SHA' }.invert.freeze
- VERSION =
'1.3.1'.freeze
Class Method Summary collapse
Class Method Details
.hello(host, opts = {}) ⇒ Object
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/sslshake.rb', line 51 def self.hello(host, opts = {}) cur_socket = opts[:socket] if cur_socket.nil? cur_socket, error = socket(host, opts) return { 'error' => error } unless error.nil? end protocol = opts[:protocol] || 'tls1.2' if protocol == 'ssl2' ssl = SSLShake::SSLv2.new cur_socket.send(ssl.hello(opts[:ciphers]), 0) else ssl = SSLShake::TLS.new sni = nil if opts[:servername] != nil && opts[:protocol] != 'ssl3' sni = '0000' + sprintf('%04x', opts[:servername].length + 5) + sprintf('%04x', opts[:servername].length + 3) + '00' + sprintf('%04x', opts[:servername].length) + opts[:servername].unpack('H*')[0] end cur_socket.send(ssl.hello(protocol, opts[:ciphers], sni), 0) end res = ssl.parse_hello(cur_socket, opts) cur_socket.close if opts[:socket].nil? res rescue SystemCallError => _ return { 'error' => 'Failed to send hello. Socket closed.' } end |
.socket(host, opts = {}) ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/sslshake.rb', line 14 def self.socket(host, opts = {}) return [opts[:socket], nil] unless opts[:socket].nil? port = opts[:port] || 443 timeout = opts[:timeout] || 2 addr = Socket.getaddrinfo(host, nil)[0] || fail("Cannot determine address for socket to #{host}:#{port}") family = addr[4] sockaddr = Socket.pack_sockaddr_in(port, addr[2]) socket = Socket.new(family, Socket::SOCK_STREAM, 0) socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) begin socket.connect_nonblock(sockaddr) rescue IO::WaitWritable if IO.select(nil, [socket], nil, timeout) begin socket.connect_nonblock(sockaddr) rescue Errno::EISCONN true # done, it's connected rescue => err socket.close return [nil, "Connection error #{err.class}, can't connect to #{host}:#{port}."] end else socket.close return [nil, "Connection timeout after #{timeout}, can't connect to #{host}:#{port}."] end end [socket, nil] rescue SystemCallError, Alert => _ return [nil, "Connection refused, can't connect to #{host}:#{port}."] end |