Releases: c0r0n3r/cryptolyzer
Releases · c0r0n3r/cryptolyzer
0.8.1
0.8.0
0.7.3
Features
- SSH (
ssh)- Generic
- Add all command to SSH
- Generic
Notable fixes
- Generic
- Diffie-Hellman
- Handle Diffie-Hellman parameter q value comparision well
- Diffie-Hellman
- TLS (
tls)- Generic
- Handle multi-line greeting message in the case of SMTP servers
- Diffie-Hellman (
dhparams)- Add safe prime attribute to well-known DH params as there is an RFC (5144) which defines unsafe prime
- Public Keys (
pubkeys)- Handle missing certificates message well during an anonymous Diffie-Hellman key exchange
- Generic
0.7.2
Features
- SSH (
ssh)- Diffie-Hellman (
dhparams)- add group exchange algorithms supported by the server to the result
- Diffie-Hellman (
Other
- switch to Markdown format in changelog, readme and contributing
- update contributing to the latest version from contribution-guide.org
- add summary of the project to the readme
0.7.1
Features
- TLS (
tls)- LMTP opportunistic TLS (
STARTTLS) support - NNTP opportunistic TLS (
STARTTLS) support - PostgreSQL opportunistic TLS (
STARTTLS) support
- LMTP opportunistic TLS (
Notable fixes
- TLS (
tls)- Generic
- Use DH ephemeral keys that are mathematically correct during a TLS 1.3 handshake to increase stability
- Ciphers (
ciphers)- No fallback mechanism is used to check cipher suites if the server honors long cipher suite lists
- Generic
0.7.0
Features
- TLS (
tls)- Extensions (
extensions)- add analyzer checking which application-layer protocols are supported
- add analyzer checking whether encrypt-then-MAC mode is supported
- add analyzer checking whether extended master secret is supported
- add analyzer checking which next protocols are supported
- add analyzer checking whether renegotiation indication is supported
- add analyzer checking whether session ticket is supported
- Sieve opportunistic TLS (
STARTTLS) support
- Extensions (
- SSH (
ssh)- Diffie-Hellman (
dhparams)- check which DH parameter sizes supported by the server by group exchange
- check which DH parameter sizes supported by the server by key exchange
- Diffie-Hellman (
Notable fixes
- TLS (
tls)- Generic
- handle server long cipher suite, signature algorithm list intolerance
- Generic
0.6.0
0.5.0
Features
- TLS (
tls)- add analyzer (
all) for running all TLS analysis at once
- add analyzer (
- SSH (
ssh2)- add analyzer for checking SSH servers against negotiated algorithms
Usability
- Generic
- use human readable algorithms names in Markdown output
- command line interface gives error output instead of traceback on exception
0.4.0
Features
- TLS (
tls)- add analyzer for checking whether TLS server requires client certificate for authentication
- LDAP support
Notable fixes
- TLS (
tls)- Generic
- handle that a server indicates handshake failure by sending close notify alert
- handle that a server does not respect lack of the signature algorithms extension
- Versions (
versions)- handle that a server supports only non-RSA public keys
- Generic
Performance
- TLS (
tls)- Cipher Suites (
ciphers)- speed up TLS supported curve check
- Cipher Suites (
0.3.1
Features
- Generic
- Markdown output format
- TLS (
tls)- XMPP (Jabber) support
- Cipher Suites (
ciphers)- GOST (national standards of the Russian Federation and CIS countries) support for TLS cipher suite checker
Notable fixes
- TLS (
tls)- fix several uncertain test cases
Refactor
- remove unnecessary unicode conversions
- switch from cryptography to certvalidator