External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 21:35:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding support for configurable TLS version/cipher suites

Browse Source
This commit is contained in:
mzack 2022-01-24 18:20:29 +01:00
parent 6107559c8d
commit a57d25fab8
3 changed files with 416 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

367
v2/pkg/protocols/ssl/ciphers.go Normal file
View File

@ -0,0 +1,367 @@
package ssl
import (
"fmt"
ztls "github.com/zmap/zcrypto/tls"
)
var ciphers = map[string]uint16{
"TLS_NULL_WITH_NULL_NULL": ztls.TLS_NULL_WITH_NULL_NULL,
"TLS_RSA_WITH_NULL_MD5": ztls.TLS_RSA_WITH_NULL_MD5,
"TLS_RSA_WITH_NULL_SHA": ztls.TLS_RSA_WITH_NULL_SHA,
"TLS_RSA_EXPORT_WITH_RC4_40_MD5": ztls.TLS_RSA_EXPORT_WITH_RC4_40_MD5,
"TLS_RSA_WITH_RC4_128_MD5": ztls.TLS_RSA_WITH_RC4_128_MD5,
"TLS_RSA_WITH_RC4_128_SHA": ztls.TLS_RSA_WITH_RC4_128_SHA,
"TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5": ztls.TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
"TLS_RSA_WITH_IDEA_CBC_SHA": ztls.TLS_RSA_WITH_IDEA_CBC_SHA,
"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA,
"TLS_RSA_WITH_DES_CBC_SHA": ztls.TLS_RSA_WITH_DES_CBC_SHA,
"TLS_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
"TLS_DH_DSS_WITH_DES_CBC_SHA": ztls.TLS_DH_DSS_WITH_DES_CBC_SHA,
"TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,
"TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
"TLS_DH_RSA_WITH_DES_CBC_SHA": ztls.TLS_DH_RSA_WITH_DES_CBC_SHA,
"TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
"TLS_DHE_DSS_WITH_DES_CBC_SHA": ztls.TLS_DHE_DSS_WITH_DES_CBC_SHA,
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
"TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
"TLS_DHE_RSA_WITH_DES_CBC_SHA": ztls.TLS_DHE_RSA_WITH_DES_CBC_SHA,
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5": ztls.TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5,
"TLS_DH_ANON_WITH_RC4_128_MD5": ztls.TLS_DH_ANON_WITH_RC4_128_MD5,
"TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA": ztls.TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
"TLS_DH_ANON_WITH_DES_CBC_SHA": ztls.TLS_DH_ANON_WITH_DES_CBC_SHA,
"TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA,
"SSL_FORTEZZA_KEA_WITH_NULL_SHA": ztls.SSL_FORTEZZA_KEA_WITH_NULL_SHA,
"SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA": ztls.SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA,
"TLS_KRB5_WITH_DES_CBC_SHA": ztls.TLS_KRB5_WITH_DES_CBC_SHA,
"TLS_KRB5_WITH_3DES_EDE_CBC_SHA": ztls.TLS_KRB5_WITH_3DES_EDE_CBC_SHA,
"TLS_KRB5_WITH_RC4_128_SHA": ztls.TLS_KRB5_WITH_RC4_128_SHA,
"TLS_KRB5_WITH_IDEA_CBC_SHA": ztls.TLS_KRB5_WITH_IDEA_CBC_SHA,
"TLS_KRB5_WITH_DES_CBC_MD5": ztls.TLS_KRB5_WITH_DES_CBC_MD5,
"TLS_KRB5_WITH_3DES_EDE_CBC_MD5": ztls.TLS_KRB5_WITH_3DES_EDE_CBC_MD5,
"TLS_KRB5_WITH_RC4_128_MD5": ztls.TLS_KRB5_WITH_RC4_128_MD5,
"TLS_KRB5_WITH_IDEA_CBC_MD5": ztls.TLS_KRB5_WITH_IDEA_CBC_MD5,
"TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA": ztls.TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA,
"TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA": ztls.TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA,
"TLS_KRB5_EXPORT_WITH_RC4_40_SHA": ztls.TLS_KRB5_EXPORT_WITH_RC4_40_SHA,
"TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5": ztls.TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5,
"TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5": ztls.TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5,
"TLS_KRB5_EXPORT_WITH_RC4_40_MD5": ztls.TLS_KRB5_EXPORT_WITH_RC4_40_MD5,
"TLS_PSK_WITH_NULL_SHA": ztls.TLS_PSK_WITH_NULL_SHA,
"TLS_DHE_PSK_WITH_NULL_SHA": ztls.TLS_DHE_PSK_WITH_NULL_SHA,
"TLS_RSA_PSK_WITH_NULL_SHA": ztls.TLS_RSA_PSK_WITH_NULL_SHA,
"TLS_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_RSA_WITH_AES_128_CBC_SHA,
"TLS_DH_DSS_WITH_AES_128_CBC_SHA": ztls.TLS_DH_DSS_WITH_AES_128_CBC_SHA,
"TLS_DH_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_DH_RSA_WITH_AES_128_CBC_SHA,
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA": ztls.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
"TLS_DH_ANON_WITH_AES_128_CBC_SHA": ztls.TLS_DH_ANON_WITH_AES_128_CBC_SHA,
"TLS_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_RSA_WITH_AES_256_CBC_SHA,
"TLS_DH_DSS_WITH_AES_256_CBC_SHA": ztls.TLS_DH_DSS_WITH_AES_256_CBC_SHA,
"TLS_DH_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_DH_RSA_WITH_AES_256_CBC_SHA,
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA": ztls.TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
"TLS_DH_ANON_WITH_AES_256_CBC_SHA": ztls.TLS_DH_ANON_WITH_AES_256_CBC_SHA,
"TLS_RSA_WITH_NULL_SHA256": ztls.TLS_RSA_WITH_NULL_SHA256,
"TLS_RSA_WITH_AES_128_CBC_SHA256": ztls.TLS_RSA_WITH_AES_128_CBC_SHA256,
"TLS_RSA_WITH_AES_256_CBC_SHA256": ztls.TLS_RSA_WITH_AES_256_CBC_SHA256,
"TLS_DH_DSS_WITH_AES_128_CBC_SHA256": ztls.TLS_DH_DSS_WITH_AES_128_CBC_SHA256,
"TLS_DH_RSA_WITH_AES_128_CBC_SHA256": ztls.TLS_DH_RSA_WITH_AES_128_CBC_SHA256,
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256": ztls.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
"TLS_RSA_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
"TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
"TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
"TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
"TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
"TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA": ztls.TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA,
"TLS_RSA_EXPORT1024_WITH_RC4_56_MD5": ztls.TLS_RSA_EXPORT1024_WITH_RC4_56_MD5,
"TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5": ztls.TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
"TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA": ztls.TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
"TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA": ztls.TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
"TLS_RSA_EXPORT1024_WITH_RC4_56_SHA": ztls.TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
"TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA": ztls.TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
"TLS_DHE_DSS_WITH_RC4_128_SHA": ztls.TLS_DHE_DSS_WITH_RC4_128_SHA,
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256": ztls.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
"TLS_DH_DSS_WITH_AES_256_CBC_SHA256": ztls.TLS_DH_DSS_WITH_AES_256_CBC_SHA256,
"TLS_DH_RSA_WITH_AES_256_CBC_SHA256": ztls.TLS_DH_RSA_WITH_AES_256_CBC_SHA256,
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256": ztls.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": ztls.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
"TLS_DH_ANON_WITH_AES_128_CBC_SHA256": ztls.TLS_DH_ANON_WITH_AES_128_CBC_SHA256,
"TLS_DH_ANON_WITH_AES_256_CBC_SHA256": ztls.TLS_DH_ANON_WITH_AES_256_CBC_SHA256,
"TLS_GOSTR341094_WITH_28147_CNT_IMIT": ztls.TLS_GOSTR341094_WITH_28147_CNT_IMIT,
"TLS_GOSTR341001_WITH_28147_CNT_IMIT": ztls.TLS_GOSTR341001_WITH_28147_CNT_IMIT,
"TLS_GOSTR341094_WITH_NULL_GOSTR3411": ztls.TLS_GOSTR341094_WITH_NULL_GOSTR3411,
"TLS_GOSTR341001_WITH_NULL_GOSTR3411": ztls.TLS_GOSTR341001_WITH_NULL_GOSTR3411,
"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
"TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
"TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
"TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
"TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
"TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA": ztls.TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA,
"TLS_PSK_WITH_RC4_128_SHA": ztls.TLS_PSK_WITH_RC4_128_SHA,
"TLS_PSK_WITH_3DES_EDE_CBC_SHA": ztls.TLS_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS_PSK_WITH_AES_128_CBC_SHA": ztls.TLS_PSK_WITH_AES_128_CBC_SHA,
"TLS_PSK_WITH_AES_256_CBC_SHA": ztls.TLS_PSK_WITH_AES_256_CBC_SHA,
"TLS_DHE_PSK_WITH_RC4_128_SHA": ztls.TLS_DHE_PSK_WITH_RC4_128_SHA,
"TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA": ztls.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS_DHE_PSK_WITH_AES_128_CBC_SHA": ztls.TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
"TLS_DHE_PSK_WITH_AES_256_CBC_SHA": ztls.TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
"TLS_RSA_PSK_WITH_RC4_128_SHA": ztls.TLS_RSA_PSK_WITH_RC4_128_SHA,
"TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA": ztls.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS_RSA_PSK_WITH_AES_128_CBC_SHA": ztls.TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
"TLS_RSA_PSK_WITH_AES_256_CBC_SHA": ztls.TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
"TLS_RSA_WITH_SEED_CBC_SHA": ztls.TLS_RSA_WITH_SEED_CBC_SHA,
"TLS_DH_DSS_WITH_SEED_CBC_SHA": ztls.TLS_DH_DSS_WITH_SEED_CBC_SHA,
"TLS_DH_RSA_WITH_SEED_CBC_SHA": ztls.TLS_DH_RSA_WITH_SEED_CBC_SHA,
"TLS_DHE_DSS_WITH_SEED_CBC_SHA": ztls.TLS_DHE_DSS_WITH_SEED_CBC_SHA,
"TLS_DHE_RSA_WITH_SEED_CBC_SHA": ztls.TLS_DHE_RSA_WITH_SEED_CBC_SHA,
"TLS_DH_ANON_WITH_SEED_CBC_SHA": ztls.TLS_DH_ANON_WITH_SEED_CBC_SHA,
"TLS_RSA_WITH_AES_128_GCM_SHA256": ztls.TLS_RSA_WITH_AES_128_GCM_SHA256,
"TLS_RSA_WITH_AES_256_GCM_SHA384": ztls.TLS_RSA_WITH_AES_256_GCM_SHA384,
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256": ztls.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384": ztls.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
"TLS_DH_RSA_WITH_AES_128_GCM_SHA256": ztls.TLS_DH_RSA_WITH_AES_128_GCM_SHA256,
"TLS_DH_RSA_WITH_AES_256_GCM_SHA384": ztls.TLS_DH_RSA_WITH_AES_256_GCM_SHA384,
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256": ztls.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384": ztls.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
"TLS_DH_DSS_WITH_AES_128_GCM_SHA256": ztls.TLS_DH_DSS_WITH_AES_128_GCM_SHA256,
"TLS_DH_DSS_WITH_AES_256_GCM_SHA384": ztls.TLS_DH_DSS_WITH_AES_256_GCM_SHA384,
"TLS_DH_ANON_WITH_AES_128_GCM_SHA256": ztls.TLS_DH_ANON_WITH_AES_128_GCM_SHA256,
"TLS_DH_ANON_WITH_AES_256_GCM_SHA384": ztls.TLS_DH_ANON_WITH_AES_256_GCM_SHA384,
"TLS_PSK_WITH_AES_128_GCM_SHA256": ztls.TLS_PSK_WITH_AES_128_GCM_SHA256,
"TLS_PSK_WITH_AES_256_GCM_SHA384": ztls.TLS_PSK_WITH_AES_256_GCM_SHA384,
"TLS_DHE_PSK_WITH_AES_128_GCM_SHA256": ztls.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
"TLS_DHE_PSK_WITH_AES_256_GCM_SHA384": ztls.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
"TLS_RSA_PSK_WITH_AES_128_GCM_SHA256": ztls.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
"TLS_RSA_PSK_WITH_AES_256_GCM_SHA384": ztls.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
"TLS_PSK_WITH_AES_128_CBC_SHA256": ztls.TLS_PSK_WITH_AES_128_CBC_SHA256,
"TLS_PSK_WITH_AES_256_CBC_SHA384": ztls.TLS_PSK_WITH_AES_256_CBC_SHA384,
"TLS_PSK_WITH_NULL_SHA256": ztls.TLS_PSK_WITH_NULL_SHA256,
"TLS_PSK_WITH_NULL_SHA384": ztls.TLS_PSK_WITH_NULL_SHA384,
"TLS_DHE_PSK_WITH_AES_128_CBC_SHA256": ztls.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
"TLS_DHE_PSK_WITH_AES_256_CBC_SHA384": ztls.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
"TLS_DHE_PSK_WITH_NULL_SHA256": ztls.TLS_DHE_PSK_WITH_NULL_SHA256,
"TLS_DHE_PSK_WITH_NULL_SHA384": ztls.TLS_DHE_PSK_WITH_NULL_SHA384,
"TLS_RSA_PSK_WITH_AES_128_CBC_SHA256": ztls.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
"TLS_RSA_PSK_WITH_AES_256_CBC_SHA384": ztls.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
"TLS_RSA_PSK_WITH_NULL_SHA256": ztls.TLS_RSA_PSK_WITH_NULL_SHA256,
"TLS_RSA_PSK_WITH_NULL_SHA384": ztls.TLS_RSA_PSK_WITH_NULL_SHA384,
"TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256": ztls.TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256,
"TLS_RENEGO_PROTECTION_REQUEST": ztls.TLS_RENEGO_PROTECTION_REQUEST,
"TLS_FALLBACK_SCSV": ztls.TLS_FALLBACK_SCSV,
"TLS_ECDH_ECDSA_WITH_NULL_SHA": ztls.TLS_ECDH_ECDSA_WITH_NULL_SHA,
"TLS_ECDH_ECDSA_WITH_RC4_128_SHA": ztls.TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA": ztls.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA": ztls.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
"TLS_ECDHE_ECDSA_WITH_NULL_SHA": ztls.TLS_ECDHE_ECDSA_WITH_NULL_SHA,
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA": ztls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": ztls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": ztls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
"TLS_ECDH_RSA_WITH_NULL_SHA": ztls.TLS_ECDH_RSA_WITH_NULL_SHA,
"TLS_ECDH_RSA_WITH_RC4_128_SHA": ztls.TLS_ECDH_RSA_WITH_RC4_128_SHA,
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
"TLS_ECDHE_RSA_WITH_NULL_SHA": ztls.TLS_ECDHE_RSA_WITH_NULL_SHA,
"TLS_ECDHE_RSA_WITH_RC4_128_SHA": ztls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
"TLS_ECDH_ANON_WITH_NULL_SHA": ztls.TLS_ECDH_ANON_WITH_NULL_SHA,
"TLS_ECDH_ANON_WITH_RC4_128_SHA": ztls.TLS_ECDH_ANON_WITH_RC4_128_SHA,
"TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDH_ANON_WITH_AES_128_CBC_SHA": ztls.TLS_ECDH_ANON_WITH_AES_128_CBC_SHA,
"TLS_ECDH_ANON_WITH_AES_256_CBC_SHA": ztls.TLS_ECDH_ANON_WITH_AES_256_CBC_SHA,
"TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
"TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA": ztls.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA": ztls.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
"TLS_SRP_SHA_WITH_AES_128_CBC_SHA": ztls.TLS_SRP_SHA_WITH_AES_128_CBC_SHA,
"TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA": ztls.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
"TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA": ztls.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
"TLS_SRP_SHA_WITH_AES_256_CBC_SHA": ztls.TLS_SRP_SHA_WITH_AES_256_CBC_SHA,
"TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA": ztls.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
"TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA": ztls.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256": ztls.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384": ztls.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": ztls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": ztls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256": ztls.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384": ztls.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256": ztls.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384": ztls.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": ztls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": ztls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256": ztls.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384": ztls.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
"TLS_ECDHE_PSK_WITH_RC4_128_SHA": ztls.TLS_ECDHE_PSK_WITH_RC4_128_SHA,
"TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA": ztls.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA": ztls.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
"TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA": ztls.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
"TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256": ztls.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
"TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384": ztls.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
"TLS_ECDHE_PSK_WITH_NULL_SHA": ztls.TLS_ECDHE_PSK_WITH_NULL_SHA,
"TLS_ECDHE_PSK_WITH_NULL_SHA256": ztls.TLS_ECDHE_PSK_WITH_NULL_SHA256,
"TLS_ECDHE_PSK_WITH_NULL_SHA384": ztls.TLS_ECDHE_PSK_WITH_NULL_SHA384,
"TLS_RSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS_RSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256,
"TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384,
"TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256,
"TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384,
"TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256,
"TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384,
"TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
"TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
"TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256": ztls.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384": ztls.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS_RSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_RSA_WITH_ARIA_128_GCM_SHA256,
"TLS_RSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
"TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256,
"TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
"TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
"TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256,
"TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384,
"TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256,
"TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384,
"TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
"TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
"TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
"TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
"TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
"TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256": ztls.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
"TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384": ztls.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
"TLS_PSK_WITH_ARIA_128_CBC_SHA256": ztls.TLS_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS_PSK_WITH_ARIA_256_CBC_SHA384": ztls.TLS_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256": ztls.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384": ztls.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256": ztls.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384": ztls.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS_PSK_WITH_ARIA_128_GCM_SHA256": ztls.TLS_PSK_WITH_ARIA_128_GCM_SHA256,
"TLS_PSK_WITH_ARIA_256_GCM_SHA384": ztls.TLS_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256": ztls.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
"TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384": ztls.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256": ztls.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
"TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384": ztls.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
"TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256": ztls.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384": ztls.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256": ztls.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384": ztls.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": ztls.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": ztls.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS_RSA_WITH_AES_128_CCM": ztls.TLS_RSA_WITH_AES_128_CCM,
"TLS_RSA_WITH_AES_256_CCM": ztls.TLS_RSA_WITH_AES_256_CCM,
"TLS_DHE_RSA_WITH_AES_128_CCM": ztls.TLS_DHE_RSA_WITH_AES_128_CCM,
"TLS_DHE_RSA_WITH_AES_256_CCM": ztls.TLS_DHE_RSA_WITH_AES_256_CCM,
"TLS_RSA_WITH_AES_128_CCM_8": ztls.TLS_RSA_WITH_AES_128_CCM_8,
"TLS_RSA_WITH_AES_256_CCM_8": ztls.TLS_RSA_WITH_AES_256_CCM_8,
"TLS_DHE_RSA_WITH_AES_128_CCM_8": ztls.TLS_DHE_RSA_WITH_AES_128_CCM_8,
"TLS_DHE_RSA_WITH_AES_256_CCM_8": ztls.TLS_DHE_RSA_WITH_AES_256_CCM_8,
"TLS_PSK_WITH_AES_128_CCM": ztls.TLS_PSK_WITH_AES_128_CCM,
"TLS_PSK_WITH_AES_256_CCM": ztls.TLS_PSK_WITH_AES_256_CCM,
"TLS_DHE_PSK_WITH_AES_128_CCM": ztls.TLS_DHE_PSK_WITH_AES_128_CCM,
"TLS_DHE_PSK_WITH_AES_256_CCM": ztls.TLS_DHE_PSK_WITH_AES_256_CCM,
"TLS_PSK_WITH_AES_128_CCM_8": ztls.TLS_PSK_WITH_AES_128_CCM_8,
"TLS_PSK_WITH_AES_256_CCM_8": ztls.TLS_PSK_WITH_AES_256_CCM_8,
"TLS_PSK_DHE_WITH_AES_128_CCM_8": ztls.TLS_PSK_DHE_WITH_AES_128_CCM_8,
"TLS_PSK_DHE_WITH_AES_256_CCM_8": ztls.TLS_PSK_DHE_WITH_AES_256_CCM_8,
"TLS_ECDHE_ECDSA_WITH_AES_128_CCM": ztls.TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
"TLS_ECDHE_ECDSA_WITH_AES_256_CCM": ztls.TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
"TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8": ztls.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
"TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8": ztls.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
"TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256": ztls.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256": ztls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": ztls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256": ztls.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD": ztls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD,
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD": ztls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD,
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD": ztls.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD,
"SSL_RSA_WITH_RC2_CBC_MD5": ztls.SSL_RSA_WITH_RC2_CBC_MD5,
"SSL_RSA_WITH_IDEA_CBC_MD5": ztls.SSL_RSA_WITH_IDEA_CBC_MD5,
"SSL_RSA_WITH_DES_CBC_MD5": ztls.SSL_RSA_WITH_DES_CBC_MD5,
"SSL_RSA_WITH_3DES_EDE_CBC_MD5": ztls.SSL_RSA_WITH_3DES_EDE_CBC_MD5,
"SSL_EN_RC2_128_CBC_WITH_MD5": ztls.SSL_EN_RC2_128_CBC_WITH_MD5,
"OP_PCL_TLS10_AES_128_CBC_SHA512": ztls.OP_PCL_TLS10_AES_128_CBC_SHA512,
}
func toCiphers(items []string) ([]uint16, error) {
var convertedCiphers []uint16
for _, item := range items {
zcipher, ok := ciphers[item]
if !ok {
return nil, fmt.Errorf("unsupported cipher suite: %s", item)
}
convertedCiphers = append(convertedCiphers, zcipher)
}
return convertedCiphers, nil
}

27
v2/pkg/protocols/ssl/ssl.go
View File

@ -34,7 +34,10 @@ type Request struct {
CompiledOperators *operators.Operators `yaml:"-"` CompiledOperators *operators.Operators `yaml:"-"`
// description: | // description: |
// Address contains address for the request // Address contains address for the request
Address string `yaml:"address,omitempty" jsonschema:"title=address for the ssl request,description=Address contains address for the request"` Address string `yaml:"address,omitempty" jsonschema:"title=address for the ssl request,description=Address contains address for the request"`
MinVersion string `yaml:"min_version,omitempty"`
MaxVersion string `yaml:"max_version,omitempty"`
CiperSuites []string `yaml:"cipher_suites,omitempty"`
// cache any variables that may be needed for operation. // cache any variables that may be needed for operation.
dialer *fastdialer.Dialer dialer *fastdialer.Dialer
@ -98,6 +101,28 @@ func (request *Request) ExecuteWithResults(input string, dynamicValues, previous
addressToDial := string(finalAddress) addressToDial := string(finalAddress)
config := &ztls.Config{InsecureSkipVerify: true, ServerName: hostname} config := &ztls.Config{InsecureSkipVerify: true, ServerName: hostname}
if request.MinVersion != "" {
version, err := toVersion(request.MinVersion)
if err != nil {
return err
}
config.MinVersion = version
}
if request.MaxVersion != "" {
version, err := toVersion(request.MaxVersion)
if err != nil {
return err
}
config.MaxVersion = version
}
if len(config.CipherSuites) > 0 {
cipherSuites, err := toCiphers(request.CiperSuites)
if err != nil {
return err
}
config.CipherSuites = cipherSuites
}
conn, err := request.dialer.DialZTLSWithConfig(context.Background(), "tcp", addressToDial, config) conn, err := request.dialer.DialZTLSWithConfig(context.Background(), "tcp", addressToDial, config)
if err != nil { if err != nil {
requestOptions.Output.Request(requestOptions.TemplateID, input, request.Type().String(), err) requestOptions.Output.Request(requestOptions.TemplateID, input, request.Type().String(), err)

23
v2/pkg/protocols/ssl/version.go Normal file
View File

@ -0,0 +1,23 @@
package ssl
import (
"crypto/tls"
"fmt"
ztls "github.com/zmap/zcrypto/tls"
)
var versions = map[string]uint16{
"sslv3": ztls.VersionSSL30,
"tls10": ztls.VersionTLS10,
"tls11": ztls.VersionTLS11,
"tls12": ztls.VersionTLS12,
"tls13": tls.VersionTLS13,
}
func toVersion(item string) (uint16, error) {
if version, ok := versions[item]; ok {
return version, nil
}
return 0, fmt.Errorf("unsupported version: %s", item)
}