Features
- TLS (
tls)
- Diffie-Hellman (
dhparams)
- check whether server uses safe
prime as DH
parameter to avoid small subgroup confinement
attack
(#13)
- check whether server uses well-known (RFC defined) DH
parameter (#13)
- check whether server reuse the DH parameter (#13)
- check whether server uses safe
- FTP opportunistic TLS (
STARTTLS) support (#8)
- Diffie-Hellman (
Notable Fixes
- TLS (
tls)
- Cipher Suites (
ciphers)
- handle server long cipher suite list intolerance
- fix cipher suite preference order calculation (#18)
- handle server long cipher suite list intolerance
- Elliptic Curves (
curves)
- fix result when server does not support named group
extension
- fix result when server does not support named group
- Public Keys (
pubkeys)
- handle cross signed key in the certificate chain
- fixed JSON output in case of expired certificates (#15)
- handle the case when only a self-singed CA is served as
certificate (#17)
- handle the case when CA with no basic constraint is served
(#20)
- handle cross signed key in the certificate chain
- handle rarely/incorrectly used TLS alerts
- handle when there is no response from server (#11)
- handle scheme other than tls in URL argument of the command line
tool (#3)
- handle plain text response to TLS handshake initiation (#19)
- add default port for opportunistic TLS schemes (#6)
- uniform timeout handling in TLS clients (#12)
- Cipher Suites (
Other
- improve unit tests (100% code coverage)
- Docker support and ready-to-use container on DockerHub
(coroner/cryprolyzer)
- build packages to several Linux distributions on Open Build
Service
- Debian (10, Testing)
- Raspbian (10)
- Ubuntu (19.10)
- Fedora (29, 30, 31, Rawhide)
- Mageia (7, Cauldron)
- Debian (10, Testing)
- IP address can be set to hostname in command line (#10)
- fix several Python packaging issues