Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-13 12:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Add DH support to SSL analyzer.

Browse source 
When using DHE or DH-Anon, sever key parameters are now available
in scriptland.

Also add script to alert on weak certificate keys or weak dh-params.
This commit is contained in:
Bernhard Amann 2014-04-26 23:48:47 -07:00
parent b1a2bccdc7
commit fb56b22cff
12 changed files with 288 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

1
testing/btest/Baseline/scripts.base.protocols.ssl.dhe/.stdout Normal file
View file

@ -0,0 +1 @@
key length in bits, 1024

10
testing/btest/Baseline/scripts.base.protocols.ssl.dhe/ssl.log Normal file
View file

@ -0,0 +1,10 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path ssl
#open 2014-04-27-00-52-03
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name session_id last_alert established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
#types time string addr port addr port string string string string string string bool vector[string] vector[string] string string string string
1398558136.319509 CXWv6p3arKYeMETxOg 192.168.18.50 62277 162.219.2.166 443 TLSv12 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - - - - T F6fLv13PBYz8MNqx68,F8cTDl1penwXxGu4K7 (empty) emailAddress=denicadmmail@arcor.de,CN=www.lilawelt.net,C=US CN=StartCom Class 1 Primary Intermediate Server CA,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL - -
#close 2014-04-27-00-52-03