From e9c9e3d1e8cae910af55f6482ad0cd8697203be3 Mon Sep 17 00:00:00 2001 From: Ryan Parman Date: Mon, 25 Nov 2024 10:04:06 -0700 Subject: [PATCH] Expand TLS ciphers. --- .trivyignore | 0 cmd/doc.go | 2 +- cmd/docs.go | 2 +- cmd/{hasher.go => hasher.go.bak} | 2 +- cmd/root.go | 2 +- cmd/version.go | 2 +- cs.json | 1 + go.mod | 55 +- go.sum | 64 + lambda/hasher/main.go | 2 +- main.go | 2 +- pkg/hasher/{doc.go => doc.go.bak} | 2 +- pkg/hasher/{hasher.go => hasher.go.bak} | 2 +- .../{hasher_test.go => hasher_test.go.bak} | 2 +- pkg/httptls/cipher_strength.go | 32 + pkg/httptls/cipher_suites.go | 808 +++++ pkg/httptls/encryption.go | 96 + pkg/httptls/hashing.go | 50 + pkg/httptls/httptls.go | 122 + pkg/httptls/httptls_test.go | 321 ++ pkg/httptls/key_exchange.go | 48 + pkg/httptls/links.go | 33 + pkg/httptls/problems.go | 79 + pkg/httptls/signatures.go | 48 + pkg/httptls/structs.go | 61 + pkg/httptls/tls_versions.go | 24 + pkg/httptls/tmp.go | 3067 +++++++++++++++++ test.json | 13 + trivy-license.yaml | 13 +- trivy-vuln.yaml | 13 +- unit-coverage.png | Bin 0 -> 45032 bytes unit-coverage.svg | 137 + 32 files changed, 5053 insertions(+), 52 deletions(-) create mode 100644 .trivyignore rename cmd/{hasher.go => hasher.go.bak} (98%) create mode 100644 cs.json rename pkg/hasher/{doc.go => doc.go.bak} (96%) rename pkg/hasher/{hasher.go => hasher.go.bak} (99%) rename pkg/hasher/{hasher_test.go => hasher_test.go.bak} (94%) create mode 100644 pkg/httptls/cipher_strength.go create mode 100644 pkg/httptls/cipher_suites.go create mode 100644 pkg/httptls/encryption.go create mode 100644 pkg/httptls/hashing.go create mode 100644 pkg/httptls/httptls.go create mode 100644 pkg/httptls/httptls_test.go create mode 100644 pkg/httptls/key_exchange.go create mode 100644 pkg/httptls/links.go create mode 100644 pkg/httptls/problems.go create mode 100644 pkg/httptls/signatures.go create mode 100644 pkg/httptls/structs.go create mode 100644 pkg/httptls/tls_versions.go create mode 100644 pkg/httptls/tmp.go create mode 100644 test.json create mode 100644 unit-coverage.png create mode 100644 unit-coverage.svg diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000..e69de29 diff --git a/cmd/doc.go b/cmd/doc.go index bb7b932..40a5aef 100644 --- a/cmd/doc.go +++ b/cmd/doc.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/cmd/docs.go b/cmd/docs.go index 4df7db6..2ad3cef 100644 --- a/cmd/docs.go +++ b/cmd/docs.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/cmd/hasher.go b/cmd/hasher.go.bak similarity index 98% rename from cmd/hasher.go rename to cmd/hasher.go.bak index 1ab3afe..9b23d83 100644 --- a/cmd/hasher.go +++ b/cmd/hasher.go.bak @@ -1,4 +1,4 @@ -// Copyright 2023-2024, Northwood Labs +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/cmd/root.go b/cmd/root.go index 11efc97..56ffef4 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/cmd/version.go b/cmd/version.go index 99e8f15..3743e18 100644 --- a/cmd/version.go +++ b/cmd/version.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/cs.json b/cs.json new file mode 100644 index 0000000..44542d9 --- /dev/null +++ b/cs.json @@ -0,0 +1 @@ +{"ciphersuites": [{"TLS_AES_128_CCM_8_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x13", "hex_byte_2": "0x05", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.3"]}}, {"TLS_AES_128_CCM_SHA256": {"gnutls_name": "", "openssl_name": "TLS_AES_128_CCM_SHA256", "hex_byte_1": "0x13", "hex_byte_2": "0x04", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.3"]}}, {"TLS_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "TLS_AES_128_GCM_SHA256", "hex_byte_1": "0x13", "hex_byte_2": "0x01", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.3"]}}, {"TLS_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "TLS_AES_256_GCM_SHA384", "hex_byte_1": "0x13", "hex_byte_2": "0x02", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.3"]}}, {"TLS_CHACHA20_POLY1305_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x13", "hex_byte_2": "0x03", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.3"]}}, {"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x19", "protocol_version": "TLS EXPORT", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_EXPORT_WITH_RC4_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x17", "protocol_version": "TLS EXPORT", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "RC4 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_DH_ANON_3DES_EDE_CBC_SHA1", "openssl_name": "ADH-DES-CBC3-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x1B", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_DH_ANON_AES_128_CBC_SHA1", "openssl_name": "ADH-AES128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x34", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_DH_ANON_AES_128_CBC_SHA256", "openssl_name": "ADH-AES128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x6C", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_DH_ANON_AES_128_GCM_SHA256", "openssl_name": "ADH-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xA6", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_DH_ANON_AES_256_CBC_SHA1", "openssl_name": "ADH-AES256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x3A", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_256_CBC_SHA256": {"gnutls_name": "TLS_DH_ANON_AES_256_CBC_SHA256", "openssl_name": "ADH-AES256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x6D", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_DH_ANON_AES_256_GCM_SHA384", "openssl_name": "ADH-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xA7", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x46", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5A", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x47", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5B", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_128_CBC_SHA1", "openssl_name": "ADH-CAMELLIA128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x46", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_128_CBC_SHA256", "openssl_name": "ADH-CAMELLIA128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xBF", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x84", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_256_CBC_SHA1", "openssl_name": "ADH-CAMELLIA256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x89", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_256_CBC_SHA256", "openssl_name": "ADH-CAMELLIA256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xC5", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_DH_ANON_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x85", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x1A", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_RC4_128_MD5": {"gnutls_name": "TLS_DH_ANON_ARCFOUR_128_MD5", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x18", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "RC4 128", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_anon_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "ADH-SEED-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x9B", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "anon", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x0B", "protocol_version": "TLS EXPORT", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x0D", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x30", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x3E", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xA4", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x36", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_256_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x68", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xA5", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x3E", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x58", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x3F", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x59", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x42", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xBB", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x82", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x85", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xC1", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x83", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x0C", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_DSS_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x97", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "DSS", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x11", "protocol_version": "TLS EXPORT", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_DHE_DSS_3DES_EDE_CBC_SHA1", "openssl_name": "DHE-DSS-DES-CBC3-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x13", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_DHE_DSS_AES_128_CBC_SHA1", "openssl_name": "DHE-DSS-AES128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x32", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_DSS_AES_128_CBC_SHA256", "openssl_name": "DHE-DSS-AES128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x40", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_DSS_AES_128_GCM_SHA256", "openssl_name": "DHE-DSS-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xA2", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_DHE_DSS_AES_256_CBC_SHA1", "openssl_name": "DHE-DSS-AES256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x38", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256": {"gnutls_name": "TLS_DHE_DSS_AES_256_CBC_SHA256", "openssl_name": "DHE-DSS-AES256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x6A", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_DSS_AES_256_GCM_SHA384", "openssl_name": "DHE-DSS-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xA3", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x42", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x56", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x43", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x57", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1", "openssl_name": "DHE-DSS-CAMELLIA128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x44", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_128_CBC_SHA256", "openssl_name": "DHE-DSS-CAMELLIA128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xBD", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x80", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1", "openssl_name": "DHE-DSS-CAMELLIA256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x87", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_256_CBC_SHA256", "openssl_name": "DHE-DSS-CAMELLIA256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xC3", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_DSS_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x81", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x12", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_DSS_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "DHE-DSS-SEED-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x99", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "DSS", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_DHE_PSK_3DES_EDE_CBC_SHA1", "openssl_name": "DHE-PSK-3DES-EDE-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x8F", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_DHE_PSK_AES_128_CBC_SHA1", "openssl_name": "DHE-PSK-AES128-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x90", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_PSK_AES_128_CBC_SHA256", "openssl_name": "DHE-PSK-AES128-CBC-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xB2", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_128_CCM": {"gnutls_name": "TLS_DHE_PSK_AES_128_CCM", "openssl_name": "DHE-PSK-AES128-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xA6", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_PSK_AES_128_GCM_SHA256", "openssl_name": "DHE-PSK-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xAA", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_DHE_PSK_AES_256_CBC_SHA1", "openssl_name": "DHE-PSK-AES256-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x91", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_DHE_PSK_AES_256_CBC_SHA384", "openssl_name": "DHE-PSK-AES256-CBC-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xB3", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_256_CCM": {"gnutls_name": "TLS_DHE_PSK_AES_256_CCM", "openssl_name": "DHE-PSK-AES256-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xA7", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_PSK_AES_256_GCM_SHA384", "openssl_name": "DHE-PSK-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xAB", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x66", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6C", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x67", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6D", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_PSK_CAMELLIA_128_CBC_SHA256", "openssl_name": "DHE-PSK-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x96", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_PSK_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x90", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_DHE_PSK_CAMELLIA_256_CBC_SHA384", "openssl_name": "DHE-PSK-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x97", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_PSK_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x91", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_DHE_PSK_CHACHA20_POLY1305", "openssl_name": "DHE-PSK-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xAD", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_NULL_SHA": {"gnutls_name": "TLS_DHE_PSK_NULL_SHA1", "openssl_name": "DHE-PSK-NULL-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x2D", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_NULL_SHA256": {"gnutls_name": "TLS_DHE_PSK_NULL_SHA256", "openssl_name": "DHE-PSK-NULL-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xB4", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_NULL_SHA384": {"gnutls_name": "TLS_DHE_PSK_NULL_SHA384", "openssl_name": "DHE-PSK-NULL-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xB5", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_PSK_WITH_RC4_128_SHA": {"gnutls_name": "TLS_DHE_PSK_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x8E", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x14", "protocol_version": "TLS EXPORT", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_DHE_RSA_3DES_EDE_CBC_SHA1", "openssl_name": "DHE-RSA-DES-CBC3-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x16", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_DHE_RSA_AES_128_CBC_SHA1", "openssl_name": "DHE-RSA-AES128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x33", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_RSA_AES_128_CBC_SHA256", "openssl_name": "DHE-RSA-AES128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x67", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_128_CCM": {"gnutls_name": "TLS_DHE_RSA_AES_128_CCM", "openssl_name": "DHE-RSA-AES128-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0x9E", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_128_CCM_8": {"gnutls_name": "TLS_DHE_RSA_AES_128_CCM_8", "openssl_name": "DHE-RSA-AES128-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA2", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_RSA_AES_128_GCM_SHA256", "openssl_name": "DHE-RSA-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x9E", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_DHE_RSA_AES_256_CBC_SHA1", "openssl_name": "DHE-RSA-AES256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x39", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": {"gnutls_name": "TLS_DHE_RSA_AES_256_CBC_SHA256", "openssl_name": "DHE-RSA-AES256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x6B", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_256_CCM": {"gnutls_name": "TLS_DHE_RSA_AES_256_CCM", "openssl_name": "DHE-RSA-AES256-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0x9F", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_256_CCM_8": {"gnutls_name": "TLS_DHE_RSA_AES_256_CCM_8", "openssl_name": "DHE-RSA-AES256-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA3", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_RSA_AES_256_GCM_SHA384", "openssl_name": "DHE-RSA-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0x9F", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x44", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x52", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x45", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x53", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1", "openssl_name": "DHE-RSA-CAMELLIA128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x45", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_128_CBC_SHA256", "openssl_name": "DHE-RSA-CAMELLIA128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xBE", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7C", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1", "openssl_name": "DHE-RSA-CAMELLIA256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x88", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_256_CBC_SHA256", "openssl_name": "DHE-RSA-CAMELLIA256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xC4", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_DHE_RSA_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7D", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_DHE_RSA_CHACHA20_POLY1305", "openssl_name": "DHE-RSA-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xAA", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x15", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DHE_RSA_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "DHE-RSA-SEED-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x9A", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "RSA", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x0E", "protocol_version": "TLS EXPORT", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x10", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x31", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x3F", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xA0", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x37", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_256_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x69", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xA1", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x40", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x54", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x41", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x55", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x43", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xBC", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7E", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x86", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xC2", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7F", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x0F", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_DH_RSA_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x98", "protocol_version": "TLS", "kex_algorithm": "DH", "auth_algorithm": "RSA", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECCPWD_WITH_AES_128_CCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB2", "protocol_version": "TLS", "kex_algorithm": "ECCPWD", "auth_algorithm": "ECCPWD", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECCPWD_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB0", "protocol_version": "TLS", "kex_algorithm": "ECCPWD", "auth_algorithm": "ECCPWD", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECCPWD_WITH_AES_256_CCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB3", "protocol_version": "TLS", "kex_algorithm": "ECCPWD", "auth_algorithm": "ECCPWD", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA384", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECCPWD_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB1", "protocol_version": "TLS", "kex_algorithm": "ECCPWD", "auth_algorithm": "ECCPWD", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_ECDH_ANON_3DES_EDE_CBC_SHA1", "openssl_name": "AECDH-DES-CBC3-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x17", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "anon", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_anon_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_ECDH_ANON_AES_128_CBC_SHA1", "openssl_name": "AECDH-AES128-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x18", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "anon", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_anon_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_ECDH_ANON_AES_256_CBC_SHA1", "openssl_name": "AECDH-AES256-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x19", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "anon", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_anon_WITH_NULL_SHA": {"gnutls_name": "TLS_ECDH_ANON_NULL_SHA1", "openssl_name": "AECDH-NULL-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x15", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "anon", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_anon_WITH_RC4_128_SHA": {"gnutls_name": "TLS_ECDH_ANON_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x16", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "anon", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x03", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x04", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x25", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x2D", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x05", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x26", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x2E", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4A", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5E", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4B", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5F", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x74", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x88", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x75", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x89", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_NULL_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x01", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_ECDSA_WITH_RC4_128_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x02", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "ECDSA", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1", "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x08", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_128_CBC_SHA1", "openssl_name": "ECDHE-ECDSA-AES128-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x09", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_128_CBC_SHA256", "openssl_name": "ECDHE-ECDSA-AES128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x23", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_128_CCM": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_128_CCM", "openssl_name": "ECDHE-ECDSA-AES128-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xAC", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_128_CCM_8", "openssl_name": "ECDHE-ECDSA-AES128-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xAE", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_128_GCM_SHA256", "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x2B", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_256_CBC_SHA1", "openssl_name": "ECDHE-ECDSA-AES256-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x0A", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_256_CBC_SHA384", "openssl_name": "ECDHE-ECDSA-AES256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x24", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_256_CCM": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_256_CCM", "openssl_name": "ECDHE-ECDSA-AES256-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xAD", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_256_CCM_8", "openssl_name": "ECDHE-ECDSA-AES256-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xAF", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 CCM 8", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_ECDHE_ECDSA_AES_256_GCM_SHA384", "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x2C", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x48", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5C", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x49", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x5D", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256", "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x72", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x86", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384", "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x73", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x87", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_ECDHE_ECDSA_CHACHA20_POLY1305", "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xA9", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_NULL_SHA": {"gnutls_name": "TLS_ECDHE_ECDSA_NULL_SHA1", "openssl_name": "ECDHE-ECDSA-NULL-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x06", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA": {"gnutls_name": "TLS_ECDHE_ECDSA_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x07", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "ECDSA", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_ECDHE_PSK_3DES_EDE_CBC_SHA1", "openssl_name": "ECDHE-PSK-3DES-EDE-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x34", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_ECDHE_PSK_AES_128_CBC_SHA1", "openssl_name": "ECDHE-PSK-AES128-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x35", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_PSK_AES_128_CBC_SHA256", "openssl_name": "ECDHE-PSK-AES128-CBC-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x37", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xD0", "hex_byte_2": "0x03", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xD0", "hex_byte_2": "0x05", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xD0", "hex_byte_2": "0x01", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_ECDHE_PSK_AES_256_CBC_SHA1", "openssl_name": "ECDHE-PSK-AES256-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x36", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_PSK_AES_256_CBC_SHA384", "openssl_name": "ECDHE-PSK-AES256-CBC-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x38", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xD0", "hex_byte_2": "0x02", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x70", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x71", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256", "openssl_name": "ECDHE-PSK-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x9A", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384", "openssl_name": "ECDHE-PSK-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x9B", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_ECDHE_PSK_CHACHA20_POLY1305", "openssl_name": "ECDHE-PSK-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xAC", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "recommended", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_NULL_SHA": {"gnutls_name": "TLS_ECDHE_PSK_NULL_SHA1", "openssl_name": "ECDHE-PSK-NULL-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x39", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_NULL_SHA256": {"gnutls_name": "TLS_ECDHE_PSK_NULL_SHA256", "openssl_name": "ECDHE-PSK-NULL-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x3A", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_NULL_SHA384": {"gnutls_name": "TLS_ECDHE_PSK_NULL_SHA384", "openssl_name": "ECDHE-PSK-NULL-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x3B", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_PSK_WITH_RC4_128_SHA": {"gnutls_name": "TLS_ECDHE_PSK_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x33", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "PSK", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1", "openssl_name": "ECDHE-RSA-DES-CBC3-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x12", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_ECDHE_RSA_AES_128_CBC_SHA1", "openssl_name": "ECDHE-RSA-AES128-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x13", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_RSA_AES_128_CBC_SHA256", "openssl_name": "ECDHE-RSA-AES128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x27", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_ECDHE_RSA_AES_128_GCM_SHA256", "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x2F", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_ECDHE_RSA_AES_256_CBC_SHA1", "openssl_name": "ECDHE-RSA-AES256-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x14", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_RSA_AES_256_CBC_SHA384", "openssl_name": "ECDHE-RSA-AES256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x28", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_ECDHE_RSA_AES_256_GCM_SHA384", "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x30", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4C", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x60", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4D", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x61", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256", "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x76", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8A", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384", "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x77", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8B", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_ECDHE_RSA_CHACHA20_POLY1305", "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xA8", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "secure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_NULL_SHA": {"gnutls_name": "TLS_ECDHE_RSA_NULL_SHA1", "openssl_name": "ECDHE-RSA-NULL-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x10", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDHE_RSA_WITH_RC4_128_SHA": {"gnutls_name": "TLS_ECDHE_RSA_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x11", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "RSA", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x0D", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x0E", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x29", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x31", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x0F", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x2A", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x32", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4E", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x62", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x4F", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x63", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x78", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8C", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x79", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8D", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_NULL_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x0B", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_ECDH_RSA_WITH_RC4_128_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x0C", "protocol_version": "TLS", "kex_algorithm": "ECDH", "auth_algorithm": "RSA", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_28147_CNT_IMIT": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x02", "protocol_version": "TLS", "kex_algorithm": "GOSTR341112 256", "auth_algorithm": "GOSTR341012", "enc_algorithm": "28147 CNT", "hash_algorithm": "GOSTR341112", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x00", "protocol_version": "TLS", "kex_algorithm": "GOSTR341112 256", "auth_algorithm": "GOSTR341012", "enc_algorithm": "KUZNYECHIK CTR", "hash_algorithm": "GOSTR341112", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x03", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "-", "enc_algorithm": "KUZNYECHIK MGM L", "hash_algorithm": "-", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x05", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "-", "enc_algorithm": "KUZNYECHIK MGM S", "hash_algorithm": "-", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x01", "protocol_version": "TLS", "kex_algorithm": "GOSTR341112 256", "auth_algorithm": "GOSTR341012", "enc_algorithm": "MAGMA CTR", "hash_algorithm": "GOSTR341112", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_MAGMA_MGM_L": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x04", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "-", "enc_algorithm": "MAGMA MGM L", "hash_algorithm": "-", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_GOSTR341112_256_WITH_MAGMA_MGM_S": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC1", "hex_byte_2": "0x06", "protocol_version": "TLS", "kex_algorithm": "ECDHE", "auth_algorithm": "-", "enc_algorithm": "MAGMA MGM S", "hash_algorithm": "-", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x29", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "DES CBC 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x26", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "DES CBC 40", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x2A", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC2 CBC 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x27", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC2 CBC 40", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_RC4_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x2B", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC4 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_EXPORT_WITH_RC4_40_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x28", "protocol_version": "TLS EXPORT", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC4 40", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_3DES_EDE_CBC_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x23", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x1F", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_DES_CBC_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x22", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "DES CBC", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x1E", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_IDEA_CBC_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x25", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "IDEA CBC", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_IDEA_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x21", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "IDEA CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_RC4_128_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x24", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC4 128", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_KRB5_WITH_RC4_128_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x20", "protocol_version": "TLS", "kex_algorithm": "KRB5", "auth_algorithm": "KRB5", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_NULL_WITH_NULL_NULL": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x00", "protocol_version": "TLS", "kex_algorithm": "NULL", "auth_algorithm": "NULL", "enc_algorithm": "NULL", "hash_algorithm": "NULL", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_DHE_WITH_AES_128_CCM_8": {"gnutls_name": "TLS_DHE_PSK_AES_128_CCM_8", "openssl_name": "DHE-PSK-AES128-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xAA", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_DHE_WITH_AES_256_CCM_8": {"gnutls_name": "TLS_DHE_PSK_AES_256_CCM_8", "openssl_name": "DHE-PSK-AES256-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xAB", "protocol_version": "TLS", "kex_algorithm": "DHE", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_PSK_3DES_EDE_CBC_SHA1", "openssl_name": "PSK-3DES-EDE-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x8B", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_PSK_AES_128_CBC_SHA1", "openssl_name": "PSK-AES128-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x8C", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_PSK_AES_128_CBC_SHA256", "openssl_name": "PSK-AES128-CBC-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xAE", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_128_CCM": {"gnutls_name": "TLS_PSK_AES_128_CCM", "openssl_name": "PSK-AES128-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xA4", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_128_CCM_8": {"gnutls_name": "TLS_PSK_AES_128_CCM_8", "openssl_name": "PSK-AES128-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA8", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_PSK_AES_128_GCM_SHA256", "openssl_name": "PSK-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xA8", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_PSK_AES_256_CBC_SHA1", "openssl_name": "PSK-AES256-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x8D", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_PSK_AES_256_CBC_SHA384", "openssl_name": "PSK-AES256-CBC-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xAF", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_256_CCM": {"gnutls_name": "TLS_PSK_AES_256_CCM", "openssl_name": "PSK-AES256-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0xA5", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_256_CCM_8": {"gnutls_name": "TLS_PSK_AES_256_CCM_8", "openssl_name": "PSK-AES256-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA9", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_PSK_AES_256_GCM_SHA384", "openssl_name": "PSK-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xA9", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x64", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6A", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x65", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6B", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_PSK_CAMELLIA_128_CBC_SHA256", "openssl_name": "PSK-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x94", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_PSK_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8E", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_PSK_CAMELLIA_256_CBC_SHA384", "openssl_name": "PSK-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x95", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_PSK_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x8F", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_PSK_CHACHA20_POLY1305", "openssl_name": "PSK-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xAB", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_NULL_SHA": {"gnutls_name": "TLS_PSK_NULL_SHA1", "openssl_name": "PSK-NULL-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x2C", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_NULL_SHA256": {"gnutls_name": "TLS_PSK_NULL_SHA256", "openssl_name": "PSK-NULL-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xB0", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_NULL_SHA384": {"gnutls_name": "TLS_PSK_NULL_SHA384", "openssl_name": "PSK-NULL-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xB1", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_PSK_WITH_RC4_128_SHA": {"gnutls_name": "TLS_PSK_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x8A", "protocol_version": "TLS", "kex_algorithm": "PSK", "auth_algorithm": "PSK", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x08", "protocol_version": "TLS EXPORT", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "DES40 CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x06", "protocol_version": "TLS EXPORT", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "RC2 CBC 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_EXPORT_WITH_RC4_40_MD5": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x03", "protocol_version": "TLS EXPORT", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "RC4 40", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_RSA_PSK_3DES_EDE_CBC_SHA1", "openssl_name": "RSA-PSK-3DES-EDE-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x93", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_RSA_PSK_AES_128_CBC_SHA1", "openssl_name": "RSA-PSK-AES128-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x94", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_RSA_PSK_AES_128_CBC_SHA256", "openssl_name": "RSA-PSK-AES128-CBC-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xB6", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_RSA_PSK_AES_128_GCM_SHA256", "openssl_name": "RSA-PSK-AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xAC", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_RSA_PSK_AES_256_CBC_SHA1", "openssl_name": "RSA-PSK-AES256-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x95", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_256_CBC_SHA384": {"gnutls_name": "TLS_RSA_PSK_AES_256_CBC_SHA384", "openssl_name": "RSA-PSK-AES256-CBC-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xB7", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_RSA_PSK_AES_256_GCM_SHA384", "openssl_name": "RSA-PSK-AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xAD", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x68", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6E", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x69", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x6F", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_RSA_PSK_CAMELLIA_128_CBC_SHA256", "openssl_name": "RSA-PSK-CAMELLIA128-SHA256", "hex_byte_1": "0xC0", "hex_byte_2": "0x98", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_RSA_PSK_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x92", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384": {"gnutls_name": "TLS_RSA_PSK_CAMELLIA_256_CBC_SHA384", "openssl_name": "RSA-PSK-CAMELLIA256-SHA384", "hex_byte_1": "0xC0", "hex_byte_2": "0x99", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_RSA_PSK_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x93", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256": {"gnutls_name": "TLS_RSA_PSK_CHACHA20_POLY1305", "openssl_name": "RSA-PSK-CHACHA20-POLY1305", "hex_byte_1": "0xCC", "hex_byte_2": "0xAE", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "CHACHA20 POLY1305", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_NULL_SHA": {"gnutls_name": "TLS_RSA_PSK_NULL_SHA1", "openssl_name": "RSA-PSK-NULL-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x2E", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_NULL_SHA256": {"gnutls_name": "TLS_RSA_PSK_NULL_SHA256", "openssl_name": "RSA-PSK-NULL-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xB8", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_NULL_SHA384": {"gnutls_name": "TLS_RSA_PSK_NULL_SHA384", "openssl_name": "RSA-PSK-NULL-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0xB9", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "NULL", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_PSK_WITH_RC4_128_SHA": {"gnutls_name": "TLS_RSA_PSK_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x92", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "PSK", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_RSA_3DES_EDE_CBC_SHA1", "openssl_name": "DES-CBC3-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x0A", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_RSA_AES_128_CBC_SHA1", "openssl_name": "AES128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x2F", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_128_CBC_SHA256": {"gnutls_name": "TLS_RSA_AES_128_CBC_SHA256", "openssl_name": "AES128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x3C", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_128_CCM": {"gnutls_name": "TLS_RSA_AES_128_CCM", "openssl_name": "AES128-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0x9C", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_128_CCM_8": {"gnutls_name": "TLS_RSA_AES_128_CCM_8", "openssl_name": "AES128-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA0", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_128_GCM_SHA256": {"gnutls_name": "TLS_RSA_AES_128_GCM_SHA256", "openssl_name": "AES128-GCM-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x9C", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_RSA_AES_256_CBC_SHA1", "openssl_name": "AES256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x35", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_256_CBC_SHA256": {"gnutls_name": "TLS_RSA_AES_256_CBC_SHA256", "openssl_name": "AES256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x3D", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_256_CCM": {"gnutls_name": "TLS_RSA_AES_256_CCM", "openssl_name": "AES256-CCM", "hex_byte_1": "0xC0", "hex_byte_2": "0x9D", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_256_CCM_8": {"gnutls_name": "TLS_RSA_AES_256_CCM_8", "openssl_name": "AES256-CCM8", "hex_byte_1": "0xC0", "hex_byte_2": "0xA1", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 CCM 8", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_AES_256_GCM_SHA384": {"gnutls_name": "TLS_RSA_AES_256_GCM_SHA384", "openssl_name": "AES256-GCM-SHA384", "hex_byte_1": "0x00", "hex_byte_2": "0x9D", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "AES 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_ARIA_128_CBC_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x3C", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_ARIA_128_GCM_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x50", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_ARIA_256_CBC_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x3D", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 CBC", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_ARIA_256_GCM_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x51", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "ARIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_128_CBC_SHA": {"gnutls_name": "TLS_RSA_CAMELLIA_128_CBC_SHA1", "openssl_name": "CAMELLIA128-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x41", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256": {"gnutls_name": "TLS_RSA_CAMELLIA_128_CBC_SHA256", "openssl_name": "CAMELLIA128-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xBA", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256": {"gnutls_name": "TLS_RSA_CAMELLIA_128_GCM_SHA256", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7A", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 128 GCM", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA": {"gnutls_name": "TLS_RSA_CAMELLIA_256_CBC_SHA1", "openssl_name": "CAMELLIA256-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x84", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256": {"gnutls_name": "TLS_RSA_CAMELLIA_256_CBC_SHA256", "openssl_name": "CAMELLIA256-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0xC0", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 CBC", "hash_algorithm": "SHA256", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384": {"gnutls_name": "TLS_RSA_CAMELLIA_256_GCM_SHA384", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0x7B", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "CAMELLIA 256 GCM", "hash_algorithm": "SHA384", "security": "weak", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_DES_CBC_SHA": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x09", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "DES CBC", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_IDEA_CBC_SHA": {"gnutls_name": "", "openssl_name": "IDEA-CBC-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x07", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "IDEA CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_NULL_MD5": {"gnutls_name": "TLS_RSA_NULL_MD5", "openssl_name": "NULL-MD5", "hex_byte_1": "0x00", "hex_byte_2": "0x01", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "NULL", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_NULL_SHA": {"gnutls_name": "TLS_RSA_NULL_SHA1", "openssl_name": "NULL-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x02", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_NULL_SHA256": {"gnutls_name": "TLS_RSA_NULL_SHA256", "openssl_name": "NULL-SHA256", "hex_byte_1": "0x00", "hex_byte_2": "0x3B", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_RC4_128_MD5": {"gnutls_name": "TLS_RSA_ARCFOUR_128_MD5", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x04", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "RC4 128", "hash_algorithm": "MD5", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_RC4_128_SHA": {"gnutls_name": "TLS_RSA_ARCFOUR_128_SHA1", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0x05", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "RC4 128", "hash_algorithm": "SHA", "security": "insecure", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_RSA_WITH_SEED_CBC_SHA": {"gnutls_name": "", "openssl_name": "SEED-SHA", "hex_byte_1": "0x00", "hex_byte_2": "0x96", "protocol_version": "TLS", "kex_algorithm": "RSA", "auth_algorithm": "RSA", "enc_algorithm": "SEED CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SHA256_SHA256": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB4", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "SHA256", "enc_algorithm": "NULL", "hash_algorithm": "SHA256", "security": "insecure", "tls_version": ["TLS1.3"]}}, {"TLS_SHA384_SHA384": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0xC0", "hex_byte_2": "0xB5", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "SHA384", "enc_algorithm": "NULL", "hash_algorithm": "SHA384", "security": "insecure", "tls_version": ["TLS1.3"]}}, {"TLS_SM4_CCM_SM3": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xC7", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "SM4 CCM", "hash_algorithm": "SM3", "security": "insecure", "tls_version": ["TLS1.3"]}}, {"TLS_SM4_GCM_SM3": {"gnutls_name": "", "openssl_name": "", "hex_byte_1": "0x00", "hex_byte_2": "0xC6", "protocol_version": "TLS", "kex_algorithm": "-", "auth_algorithm": "-", "enc_algorithm": "SM4 GCM", "hash_algorithm": "SM3", "security": "insecure", "tls_version": ["TLS1.3"]}}, {"TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1", "openssl_name": "SRP-DSS-3DES-EDE-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1C", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA DSS", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_DSS_AES_128_CBC_SHA1", "openssl_name": "SRP-DSS-AES-128-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1F", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA DSS", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_DSS_AES_256_CBC_SHA1", "openssl_name": "SRP-DSS-AES-256-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x22", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA DSS", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1", "openssl_name": "SRP-RSA-3DES-EDE-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1B", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA RSA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_RSA_AES_128_CBC_SHA1", "openssl_name": "SRP-RSA-AES-128-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1E", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA RSA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_RSA_AES_256_CBC_SHA1", "openssl_name": "SRP-RSA-AES-256-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x21", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA RSA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_3DES_EDE_CBC_SHA1", "openssl_name": "SRP-3DES-EDE-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1A", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA", "enc_algorithm": "3DES EDE CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_WITH_AES_128_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_AES_128_CBC_SHA1", "openssl_name": "SRP-AES-128-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x1D", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA", "enc_algorithm": "AES 128 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}, {"TLS_SRP_SHA_WITH_AES_256_CBC_SHA": {"gnutls_name": "TLS_SRP_SHA_AES_256_CBC_SHA1", "openssl_name": "SRP-AES-256-CBC-SHA", "hex_byte_1": "0xC0", "hex_byte_2": "0x20", "protocol_version": "TLS", "kex_algorithm": "SRP", "auth_algorithm": "SHA", "enc_algorithm": "AES 256 CBC", "hash_algorithm": "SHA", "security": "weak", "tls_version": ["TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"]}}]} \ No newline at end of file diff --git a/go.mod b/go.mod index d14b805..34ee626 100644 --- a/go.mod +++ b/go.mod @@ -1,57 +1,66 @@ module github.com/northwood-labs/devsec-tools -go 1.22 +go 1.22.0 -toolchain go1.22.0 +toolchain go1.23.3 require ( - github.com/aws/aws-lambda-go v1.46.0 + github.com/aws/aws-lambda-go v1.47.0 github.com/google/go-cmp v0.6.0 - github.com/google/go-containerregistry v0.19.0 + github.com/google/go-containerregistry v0.20.2 github.com/gookit/color v1.5.4 + github.com/goware/urlx v0.3.2 github.com/lithammer/dedent v1.1.0 - github.com/moby/buildkit v0.12.5 - github.com/northwood-labs/golang-utils/archstring v0.0.0-20230302161720-ec685e2f274a - github.com/northwood-labs/golang-utils/debug v0.0.0-20230302161720-ec685e2f274a - github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20230302161720-ec685e2f274a + github.com/moby/buildkit v0.17.2 + github.com/northwood-labs/golang-utils/archstring v0.0.0-20240514195441-31b98331cf9f + github.com/northwood-labs/golang-utils/debug v0.0.0-20240514195441-31b98331cf9f + github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20240514195441-31b98331cf9f github.com/northwood-labs/whalelint v0.3.0 github.com/pkg/errors v0.9.1 - github.com/rs/zerolog v1.32.0 - github.com/spf13/cobra v1.8.0 + github.com/rs/zerolog v1.33.0 + github.com/spf13/cobra v1.8.1 ) require ( + github.com/PuerkitoBio/purell v1.2.1 // indirect + github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect github.com/agext/levenshtein v1.2.3 // indirect - github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect - github.com/containerd/typeurl/v2 v2.1.1 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect + github.com/containerd/stargz-snapshotter/estargz v0.16.1 // indirect + github.com/containerd/typeurl/v2 v2.2.3 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/docker/cli v25.0.3+incompatible // indirect + github.com/docker/cli v27.3.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v25.0.3+incompatible // indirect - github.com/docker/docker-credential-helpers v0.8.1 // indirect + github.com/docker/docker v27.3.1+incompatible // indirect + github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/klauspost/compress v1.17.6 // indirect + github.com/klauspost/compress v1.17.11 // indirect github.com/kr/pretty v0.3.1 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/moby/docker-image-spec v1.3.1 // indirect + github.com/northwood-labs/debug v0.0.0-20240514204655-f938e2fa11e9 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opencontainers/image-spec v1.1.0-rc6 // indirect + github.com/opencontainers/image-spec v1.1.0 // indirect + github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/vbatts/tar-split v0.11.5 // indirect + github.com/tonistiigi/go-csvvalue v0.0.0-20240814133006-030d3b2625d0 // indirect + github.com/vbatts/tar-split v0.11.6 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect - golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect - golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.17.0 // indirect - google.golang.org/protobuf v1.32.0 // indirect + golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect + golang.org/x/net v0.31.0 // indirect + golang.org/x/sync v0.9.0 // indirect + golang.org/x/sys v0.27.0 // indirect + golang.org/x/text v0.20.0 // indirect + google.golang.org/protobuf v1.35.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 775cb6c..34b54ad 100644 --- a/go.sum +++ b/go.sum @@ -1,14 +1,28 @@ +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/purell v1.2.1 h1:QsZ4TjvwiMpat6gBCBxEQI0rcS9ehtkKtSpiUnd9N28= +github.com/PuerkitoBio/purell v1.2.1/go.mod h1:ZwHcC/82TOaovDi//J/804umJFFmbOHPngi8iYYv/Eo= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/aws/aws-lambda-go v1.46.0 h1:UWVnvh2h2gecOlFhHQfIPQcD8pL/f7pVCutmFl+oXU8= github.com/aws/aws-lambda-go v1.46.0/go.mod h1:dpMpZgvWx5vuQJfBt0zqBha60q7Dd7RfgJv23DymV8A= +github.com/aws/aws-lambda-go v1.47.0 h1:0H8s0vumYx/YKs4sE7YM0ktwL2eWse+kfopsRI1sXVI= +github.com/aws/aws-lambda-go v1.47.0/go.mod h1:dpMpZgvWx5vuQJfBt0zqBha60q7Dd7RfgJv23DymV8A= github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU= github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk= +github.com/containerd/stargz-snapshotter/estargz v0.16.1 h1:7YswwU6746cJBN3p3l65JRk3+NZL7bap9Y6E3YeYowk= +github.com/containerd/stargz-snapshotter/estargz v0.16.1/go.mod h1:uyr4BfYfOj3G9WBVE8cOlQmXAbPN9VEQpBBeJIuOipU= github.com/containerd/typeurl/v2 v2.1.1 h1:3Q4Pt7i8nYwy2KmQWIw2+1hTvwTE/6w9FqcttATPO/4= github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= +github.com/containerd/typeurl/v2 v2.2.3 h1:yNA/94zxWdvYACdYO8zofhrTVuQY73fFU1y++dYSw40= +github.com/containerd/typeurl/v2 v2.2.3/go.mod h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc= +github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -16,12 +30,18 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docker/cli v25.0.3+incompatible h1:KLeNs7zws74oFuVhgZQ5ONGZiXUUdgsdy6/EsX/6284= github.com/docker/cli v25.0.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v27.3.1+incompatible h1:qEGdFBF3Xu6SCvCYhc7CzaQTlBmqDuzxPDpigSyeKQQ= +github.com/docker/cli v27.3.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v25.0.3+incompatible h1:D5fy/lYmY7bvZa0XTZ5/UJPljor41F+vdyJG5luQLfQ= github.com/docker/docker v25.0.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v27.3.1+incompatible h1:KttF0XoteNTicmUtBO0L2tP+J7FGRFTjaEF4k6WdhfI= +github.com/docker/docker v27.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= +github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= +github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= @@ -35,16 +55,22 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-containerregistry v0.19.0 h1:uIsMRBV7m/HDkDxE/nXMnv1q+lOOSPlQ/ywc5JbB8Ic= github.com/google/go-containerregistry v0.19.0/go.mod h1:u0qB2l7mvtWVR5kNcbFIhFY1hLbf8eeGapA+vbFDCtQ= +github.com/google/go-containerregistry v0.20.2 h1:B1wPJ1SN/S7pB+ZAimcciVD+r+yV/l/DSArMxlbwseo= +github.com/google/go-containerregistry v0.20.2/go.mod h1:z38EKdKh4h7IP2gSfUUqEvalZBqs6AoLeWfUy34nQC8= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w= +github.com/goware/urlx v0.3.2 h1:gdoo4kBHlkqZNaf6XlQ12LGtQOmpKJrR04Rc3RnpJEo= +github.com/goware/urlx v0.3.2/go.mod h1:h8uwbJy68o+tQXCGZNa9D73WN8n0r9OBae5bUnLcgjw= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.17.6 h1:60eq2E/jlfwQXtvZEeBUYADs+BwKBWURIY+Gj2eRGjI= github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -61,21 +87,37 @@ github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/moby/buildkit v0.12.5 h1:RNHH1l3HDhYyZafr5EgstEu8aGNCwyfvMtrQDtjH9T0= github.com/moby/buildkit v0.12.5/go.mod h1:YGwjA2loqyiYfZeEo8FtI7z4x5XponAaIWsWcSjWwso= +github.com/moby/buildkit v0.17.2 h1:/jgk/MuXbA7jeXMkknOpHYB+Ct4aNvQHkBB7SxD3D4U= +github.com/moby/buildkit v0.17.2/go.mod h1:vr5vltV8wt4F2jThbNOChfbAklJ0DOW11w36v210hOg= +github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= +github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= +github.com/northwood-labs/debug v0.0.0-20240514204655-f938e2fa11e9 h1:Uuy/Obqj8z6MCER8y0geETA0894Ulo0hqM71u9WtcuQ= +github.com/northwood-labs/debug v0.0.0-20240514204655-f938e2fa11e9/go.mod h1:fu3Hu+ET7MkBAws624vkPDnehxuY/L8AJuR3nlKw64k= github.com/northwood-labs/golang-utils/archstring v0.0.0-20230302161720-ec685e2f274a h1:g5He4lP335CqRw/S1JgkC93EI3zVHOkmKzjHw6MWoiM= github.com/northwood-labs/golang-utils/archstring v0.0.0-20230302161720-ec685e2f274a/go.mod h1:ixVR+WTyw0LxuhcprIZzxgxAy7LyZRFkpyIwvyNdpcY= +github.com/northwood-labs/golang-utils/archstring v0.0.0-20240514195441-31b98331cf9f h1:1qqIaHGvvZhPJieuHLIuobMNjvT/T6r+UHcKVUvg4ZU= +github.com/northwood-labs/golang-utils/archstring v0.0.0-20240514195441-31b98331cf9f/go.mod h1:ixVR+WTyw0LxuhcprIZzxgxAy7LyZRFkpyIwvyNdpcY= github.com/northwood-labs/golang-utils/debug v0.0.0-20230302161720-ec685e2f274a h1:i8w1BLb7KQQRfEwjYSs8z5SzpUn13+a37i0sdgZVmBs= github.com/northwood-labs/golang-utils/debug v0.0.0-20230302161720-ec685e2f274a/go.mod h1:W37K0xYji7q+pHZc8ucid72muHRjKwPhgHRalGXFyQc= +github.com/northwood-labs/golang-utils/debug v0.0.0-20240514195441-31b98331cf9f h1:zgz3rD/uKKu9+lBdw+gEeiWXozGGfzDSLU9K47gmRg0= +github.com/northwood-labs/golang-utils/debug v0.0.0-20240514195441-31b98331cf9f/go.mod h1:hfKKWq4nY9zLSlQF9+8aY/kMEkc8B18UXbhNk4d6nkQ= github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20230302161720-ec685e2f274a h1:IvtxXAdMfCPmjDiUNhVKn/qoNDSU6xmutr9rlul4V9Q= github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20230302161720-ec685e2f274a/go.mod h1:DZOF/zxKfLJhhFfPhDNrUEU0/MvT5GpFeX3HL1UdYTY= +github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20240514195441-31b98331cf9f h1:Oo7yb8t8qlP2eFwMkmBwJRq8McNh7dqPu4fz5gT6Nxk= +github.com/northwood-labs/golang-utils/exiterrorf v0.0.0-20240514195441-31b98331cf9f/go.mod h1:DZOF/zxKfLJhhFfPhDNrUEU0/MvT5GpFeX3HL1UdYTY= github.com/northwood-labs/whalelint v0.3.0 h1:uCj2L6LX9EpSn6mKDBjKa5IUvCQtXYEsL3hZGCEuc4g= github.com/northwood-labs/whalelint v0.3.0/go.mod h1:i5PAvWFuMQd4gOMQktUt66pMFDKU1qKZDJnON/VncUg= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc6 h1:XDqvyKsJEbRtATzkgItUqBA7QHk58yxX1Ov9HERHNqU= github.com/opencontainers/image-spec v1.1.0-rc6/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= +github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -84,20 +126,30 @@ github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/f github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0= github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= +github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= +github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= +github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= +github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/tonistiigi/go-csvvalue v0.0.0-20240814133006-030d3b2625d0 h1:2f304B10LaZdB8kkVEaoXvAMVan2tl9AiK4G0odjQtE= +github.com/tonistiigi/go-csvvalue v0.0.0-20240814133006-030d3b2625d0/go.mod h1:278M4p8WsNh3n4a1eqiFcV2FGk7wE5fwUpUom9mK9lE= github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= +github.com/vbatts/tar-split v0.11.6 h1:4SjTW5+PU11n6fZenf2IPoV8/tz3AaYHMWjf23envGs= +github.com/vbatts/tar-split v0.11.6/go.mod h1:dqKNtesIOr2j2Qv3W/cHjnvk9I8+G7oAkFDFN6TCBEI= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -107,17 +159,23 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA= golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= +golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= +golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ= +golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -127,8 +185,12 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= +golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug= +golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -141,6 +203,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= +google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/lambda/hasher/main.go b/lambda/hasher/main.go index 62773e1..1b57883 100644 --- a/lambda/hasher/main.go +++ b/lambda/hasher/main.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/main.go b/main.go index 120b5e7..136724d 100644 --- a/main.go +++ b/main.go @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/hasher/doc.go b/pkg/hasher/doc.go.bak similarity index 96% rename from pkg/hasher/doc.go rename to pkg/hasher/doc.go.bak index 8bf50b8..0e8d6af 100644 --- a/pkg/hasher/doc.go +++ b/pkg/hasher/doc.go.bak @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/hasher/hasher.go b/pkg/hasher/hasher.go.bak similarity index 99% rename from pkg/hasher/hasher.go rename to pkg/hasher/hasher.go.bak index f2f9e98..bac16e3 100644 --- a/pkg/hasher/hasher.go +++ b/pkg/hasher/hasher.go.bak @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/hasher/hasher_test.go b/pkg/hasher/hasher_test.go.bak similarity index 94% rename from pkg/hasher/hasher_test.go rename to pkg/hasher/hasher_test.go.bak index c3f6230..c58064b 100644 --- a/pkg/hasher/hasher_test.go +++ b/pkg/hasher/hasher_test.go.bak @@ -1,4 +1,4 @@ -// Copyright 2024, Ryan Parman +// Copyright 2024, Northwood Labs // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/httptls/cipher_strength.go b/pkg/httptls/cipher_strength.go new file mode 100644 index 0000000..90174b4 --- /dev/null +++ b/pkg/httptls/cipher_strength.go @@ -0,0 +1,32 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type CipherStrength int + +const ( + // Cipher strength groupings + StrengthInsecure CipherStrength = iota + StrengthWeak + StrengthSecure + StrengthRecommended +) + +var StrengthList = map[CipherStrength]string{ + StrengthInsecure: "Insecure", + StrengthWeak: "Weak", + StrengthSecure: "Secure", + StrengthRecommended: "Recommended", +} diff --git a/pkg/httptls/cipher_suites.go b/pkg/httptls/cipher_suites.go new file mode 100644 index 0000000..a8ff18d --- /dev/null +++ b/pkg/httptls/cipher_suites.go @@ -0,0 +1,808 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type CipherData struct { + // IANAName represents the official name of the cipher suite. + IANAName string `json:"ianaName,omitempty"` + + // OpenSSLName represents the name of the cipher suite used by the + // OpenSSL library. + OpenSSLName string `json:"opensslName,omitempty"` + + // GNUTLSName represents the name of the cipher suite used by the + // GNU-TLS library. + GNUTLSName string `json:"gnutlsName,omitempty"` + + // Strength is a string representation of the strength of the cipher + // suite. + Strength string `json:"strength"` + + // KeyExchange is a string representation of the key exchange algorithm. + KeyExchange string `json:"keyExchange"` + + // Authentication is a string representation of the key authentication + // algorithm. + Authentication string `json:"authentication"` + + // EncryptionAlgoisastring representation of the encryption + // algorithm. + EncryptionAlgo string `json:"encryption"` + + // Hash is a string representation of the hashing function. + Hash string `json:"hash"` + + // Problems is a a list of strings which represent problems known with + // the cipher suite. + Problems []ProblemData `json:"problems"` + + // Private + strength CipherStrength + keyExchange KeyExchange + authentication Signature + encryptionAlgo EncryptionAlgo + hash Hash + problems []Problem +} + +// https://ciphersuite.info/cs/?singlepage=true +// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml +var CipherList = map[uint16]CipherData{ + 0x0000: { + IANAName: "TLS_NULL_WITH_NULL_NULL", + strength: StrengthInsecure, + keyExchange: KexNULL, + authentication: SigNULL, + encryptionAlgo: EncryptNULL, + hash: HashNULL, + }, + 0x0001: {IANAName: "TLS_RSA_WITH_NULL_MD5"}, + 0x0002: {IANAName: "TLS_RSA_WITH_NULL_SHA"}, + 0x0003: {IANAName: "TLS_RSA_EXPORT_WITH_RC4_40_MD5"}, + 0x0004: {IANAName: "TLS_RSA_WITH_RC4_128_MD5"}, + 0x0005: { + IANAName: "TLS_RSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_RSA_ARCFOUR_128_SHA1", + + strength: StrengthInsecure, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + problems: []Problem{ProblemNonEphemeral, ProblemRSA, ProblemRC4, ProblemSHA1}, + }, + 0x0006: {IANAName: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, + 0x0007: {IANAName: "TLS_RSA_WITH_IDEA_CBC_SHA"}, + 0x0008: {IANAName: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"}, + 0x0009: {IANAName: "TLS_RSA_WITH_DES_CBC_SHA"}, + 0x000A: { + IANAName: "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DES-CBC3-SHA", + GNUTLSName: "TLS_RSA_3DES_EDE_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + problems: []Problem{ProblemNonEphemeral, ProblemRSA, Problem3DES, ProblemCBC, ProblemSHA1}, + }, + 0x000B: {IANAName: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, + 0x000C: {IANAName: "TLS_DH_DSS_WITH_DES_CBC_SHA"}, + 0x000D: {IANAName: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, + 0x000E: {IANAName: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, + 0x000F: {IANAName: "TLS_DH_RSA_WITH_DES_CBC_SHA"}, + 0x0010: {IANAName: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, + 0x0011: {IANAName: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, + 0x0012: {IANAName: "TLS_DHE_DSS_WITH_DES_CBC_SHA"}, + 0x0013: {IANAName: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, + 0x0014: {IANAName: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, + 0x0015: {IANAName: "TLS_DHE_RSA_WITH_DES_CBC_SHA"}, + 0x0016: {IANAName: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, + 0x0017: {IANAName: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"}, + 0x0018: {IANAName: "TLS_DH_anon_WITH_RC4_128_MD5"}, + 0x0019: { + IANAName: "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x001A: {IANAName: "TLS_DH_anon_WITH_DES_CBC_SHA"}, + 0x001B: {IANAName: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"}, + // 0x001C-0x001D Reserved to avoid conflicts with SSLv3 + 0x001E: {IANAName: "TLS_KRB5_WITH_DES_CBC_SHA"}, + 0x001F: {IANAName: "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"}, + 0x0020: {IANAName: "TLS_KRB5_WITH_RC4_128_SHA"}, + 0x0021: {IANAName: "TLS_KRB5_WITH_IDEA_CBC_SHA"}, + 0x0022: {IANAName: "TLS_KRB5_WITH_DES_CBC_MD5"}, + 0x0023: {IANAName: "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"}, + 0x0024: {IANAName: "TLS_KRB5_WITH_RC4_128_MD5"}, + 0x0025: {IANAName: "TLS_KRB5_WITH_IDEA_CBC_MD5"}, + 0x0026: {IANAName: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"}, + 0x0027: {IANAName: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"}, + 0x0028: {IANAName: "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"}, + 0x0029: {IANAName: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"}, + 0x002A: {IANAName: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"}, + 0x002B: {IANAName: "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"}, + 0x002C: {IANAName: "TLS_PSK_WITH_NULL_SHA"}, + 0x002D: {IANAName: "TLS_DHE_PSK_WITH_NULL_SHA"}, + 0x002E: {IANAName: "TLS_RSA_PSK_WITH_NULL_SHA"}, + 0x002F: { + IANAName: "TLS_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "AES128-SHA", + GNUTLSName: "TLS_RSA_AES_128_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + problems: []Problem{ProblemNonEphemeral, ProblemRSA, ProblemCBC, ProblemSHA1}, + }, + 0x0030: {IANAName: "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, + 0x0031: {IANAName: "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, + 0x0032: {IANAName: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, + 0x0033: {IANAName: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, + 0x0034: {IANAName: "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, + 0x0035: { + IANAName: "TLS_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "AES256-SHA", + GNUTLSName: "TLS_RSA_AES_256_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + problems: []Problem{ProblemNonEphemeral, ProblemRSA, ProblemCBC, ProblemSHA1}, + }, + 0x0036: {IANAName: "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, + 0x0037: {IANAName: "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, + 0x0038: {IANAName: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, + 0x0039: {IANAName: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, + 0x003A: {IANAName: "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, + 0x003B: {IANAName: "TLS_RSA_WITH_NULL_SHA256"}, + 0x003C: { + IANAName: "TLS_RSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "AES128-GCM-SHA256", + GNUTLSName: "TLS_RSA_AES_128_GCM_SHA256", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + problems: []Problem{ProblemNonEphemeral, ProblemRSA}, + }, + 0x003D: {IANAName: "TLS_RSA_WITH_AES_256_CBC_SHA256"}, + 0x003E: {IANAName: "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, + 0x003F: {IANAName: "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, + 0x0040: {IANAName: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, + 0x0041: {IANAName: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"}, + 0x0042: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"}, + 0x0043: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"}, + 0x0044: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"}, + 0x0045: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"}, + 0x0046: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"}, + // 0x0047-0x004F Reserved to avoid conflicts with deployed implementations + // 0x0050-0x0058 Reserved to avoid conflicts + // 0x0059-0x005C Reserved to avoid conflicts with deployed implementations + // 0x005D-0x005F Unassigned + // 0x0060-0x0066 Reserved to avoid conflicts with widely deployed implementations + 0x0067: {IANAName: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, + 0x0068: {IANAName: "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, + 0x0069: {IANAName: "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, + 0x006A: {IANAName: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, + 0x006B: {IANAName: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, + 0x006C: {IANAName: "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, + 0x006D: {IANAName: "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, + // 0x006E-0x0083 Unassigned + 0x0084: {IANAName: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"}, + 0x0085: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"}, + 0x0086: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"}, + 0x0087: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"}, + 0x0088: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"}, + 0x0089: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"}, + 0x008A: {IANAName: "TLS_PSK_WITH_RC4_128_SHA"}, + 0x008B: {IANAName: "TLS_PSK_WITH_3DES_EDE_CBC_SHA"}, + 0x008C: {IANAName: "TLS_PSK_WITH_AES_128_CBC_SHA"}, + 0x008D: {IANAName: "TLS_PSK_WITH_AES_256_CBC_SHA"}, + 0x008E: {IANAName: "TLS_DHE_PSK_WITH_RC4_128_SHA"}, + 0x008F: {IANAName: "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"}, + 0x0090: {IANAName: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"}, + 0x0091: {IANAName: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"}, + 0x0092: {IANAName: "TLS_RSA_PSK_WITH_RC4_128_SHA"}, + 0x0093: {IANAName: "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"}, + 0x0094: {IANAName: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"}, + 0x0095: {IANAName: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"}, + 0x0096: {IANAName: "TLS_RSA_WITH_SEED_CBC_SHA"}, + 0x0097: {IANAName: "TLS_DH_DSS_WITH_SEED_CBC_SHA"}, + 0x0098: {IANAName: "TLS_DH_RSA_WITH_SEED_CBC_SHA"}, + 0x0099: {IANAName: "TLS_DHE_DSS_WITH_SEED_CBC_SHA"}, + 0x009A: {IANAName: "TLS_DHE_RSA_WITH_SEED_CBC_SHA"}, + 0x009B: {IANAName: "TLS_DH_anon_WITH_SEED_CBC_SHA"}, + 0x009C: { + IANAName: "TLS_RSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "AES128-GCM-SHA256", + GNUTLSName: "TLS_RSA_AES_128_GCM_SHA256", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + problems: []Problem{ProblemNonEphemeral, ProblemRSA}, + }, + 0x009D: { + IANAName: "TLS_RSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "AES256-GCM-SHA384", + GNUTLSName: "TLS_RSA_AES_256_GCM_SHA384", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + problems: []Problem{ProblemNonEphemeral, ProblemRSA}, + }, + 0x009E: {IANAName: "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"}, + 0x009F: {IANAName: "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"}, + 0x00A0: {IANAName: "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"}, + 0x00A1: {IANAName: "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"}, + 0x00A2: {IANAName: "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"}, + 0x00A3: {IANAName: "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"}, + 0x00A4: {IANAName: "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"}, + 0x00A5: {IANAName: "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"}, + 0x00A6: {IANAName: "TLS_DH_anon_WITH_AES_128_GCM_SHA256"}, + 0x00A7: {IANAName: "TLS_DH_anon_WITH_AES_256_GCM_SHA384"}, + 0x00A8: {IANAName: "TLS_PSK_WITH_AES_128_GCM_SHA256"}, + 0x00A9: {IANAName: "TLS_PSK_WITH_AES_256_GCM_SHA384"}, + 0x00AA: {IANAName: "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"}, + 0x00AB: {IANAName: "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"}, + 0x00AC: {IANAName: "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"}, + 0x00AD: {IANAName: "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"}, + 0x00AE: {IANAName: "TLS_PSK_WITH_AES_128_CBC_SHA256"}, + 0x00AF: {IANAName: "TLS_PSK_WITH_AES_256_CBC_SHA384"}, + 0x00B0: {IANAName: "TLS_PSK_WITH_NULL_SHA256"}, + 0x00B1: {IANAName: "TLS_PSK_WITH_NULL_SHA384"}, + 0x00B2: {IANAName: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"}, + 0x00B3: {IANAName: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"}, + 0x00B4: {IANAName: "TLS_DHE_PSK_WITH_NULL_SHA256"}, + 0x00B5: {IANAName: "TLS_DHE_PSK_WITH_NULL_SHA384"}, + 0x00B6: {IANAName: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"}, + 0x00B7: {IANAName: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"}, + 0x00B8: {IANAName: "TLS_RSA_PSK_WITH_NULL_SHA256"}, + 0x00B9: {IANAName: "TLS_RSA_PSK_WITH_NULL_SHA384"}, + 0x00BA: {IANAName: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00BB: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00BC: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00BD: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00BE: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00BF: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"}, + 0x00C0: {IANAName: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C1: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C2: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C3: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C4: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C5: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"}, + 0x00C6: {IANAName: "TLS_SM4_GCM_SM3"}, + 0x00C7: {IANAName: "TLS_SM4_CCM_SM3"}, + // 0x00C8-0x00FE Unassigned + 0x00FF: {IANAName: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}, + // 0x0100-0x0900 Unassigned + // 0x0A00-0x0A09 Unassigned + // 0x0A0A Reserved + // 0x0A0B-0x0AFF Unassigned + // 0x0B00-0x12FF Unassigned + // 0x1300 Unassigned + 0x1301: { + IANAName: "TLS_AES_128_GCM_SHA256", + OpenSSLName: "TLS_AES_128_GCM_SHA256", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + problems: []Problem{}, + }, + 0x1302: { + IANAName: "TLS_AES_256_GCM_SHA384", + OpenSSLName: "TLS_AES_256_GCM_SHA384", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + problems: []Problem{}, + }, + 0x1303: { + IANAName: "TLS_CHACHA20_POLY1305_SHA256", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + problems: []Problem{}, + }, + 0x1304: { + IANAName: "TLS_AES_128_CCM_SHA256", + OpenSSLName: "TLS_AES_128_CCM_SHA256", + + strength: StrengthSecure, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + problems: []Problem{}, + }, + 0x1305: { + IANAName: "TLS_AES_128_CCM_8_SHA256", + + strength: StrengthSecure, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + problems: []Problem{}, + }, + 0x1306: {IANAName: "TLS_AEGIS_256_SHA512"}, + 0x1307: {IANAName: "TLS_AEGIS_128L_SHA256"}, + // 0x1308-0x13FF Unassigned + // 0x1400-0x19FF Unassigned + // 0x1A00-0x1A19 Unassigned + // 0x1A1A Reserved + // 0x1A1B-0x1AFF Unassigned + // 0x1B00-0x29FF Unassigned + // 0x2A00-0x2A29 Unassigned + // 0x2A2A Reserved + // 0x2A2B-0x2AFF Unassigned + // 0x2B00-0x39FF Unassigned + // 0x3A00-0x3A39 Unassigned + // 0x3A3A Reserved + // 0x3A3B-0x3AFF Unassigned + // 0x3B00-0x49FF Unassigned + // 0x4A00-0x4A49 Unassigned + // 0x4A4A Reserved + // 0x4A4B-0x4AFF Unassigned + // 0x4B00-0x55FF Unassigned + 0x5600: {IANAName: "TLS_FALLBACK_SCSV"}, + // 0x5601-0x56FF Unassigned + // 0x5700-0x59FF Unassigned + // 0x5A00-0x5A59 Unassigned + // 0x5A5A Reserved + // 0x5A5B-0x5AFF Unassigned + // 0x5B00-0x69FF Unassigned + // 0x6A00-0x6A69 Unassigned + // 0x6A6A Reserved + // 0x6A6B-0x6AFF Unassigned + // 0x6B00-0x79FF Unassigned + // 0x7A00-0x7A79 Unassigned + // 0x7A7A Reserved + // 0x7A7B-0x7AFF Unassigned + // 0x7B00-0x89FF Unassigned + // 0x8A00-0x8A89 Unassigned + // 0x8A8A Reserved + // 0x8A8B-0x8AFF Unassigned + // 0x8B00-0x99FF Unassigned + // 0x9A00-0x9A99 Unassigned + // 0x9A9A Reserved + // 0x9A9B-0x9AFF Unassigned + // 0x9B00-0xA9FF Unassigned + // 0xAA00-0xAAA9 Unassigned + // 0xAAAA Reserved + // 0xAAAB-0xAAFF Unassigned + // 0xAB00-0xB9FF Unassigned + // 0xBA00-0xBAB9 Unassigned + // 0xBABA Reserved + // 0xBABB-0xBAFF Unassigned + // 0xBB00-0xBFFF Unassigned + // 0xC000 Unassigned + 0xC001: {IANAName: "TLS_ECDH_ECDSA_WITH_NULL_SHA"}, + 0xC002: {IANAName: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"}, + 0xC003: {IANAName: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"}, + 0xC004: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"}, + 0xC005: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"}, + 0xC006: {IANAName: "TLS_ECDHE_ECDSA_WITH_NULL_SHA"}, + 0xC007: { + IANAName: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_ARCFOUR_128_SHA1", + + strength: StrengthInsecure, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + problems: []Problem{ProblemRC4, ProblemSHA1}, + }, + 0xC008: {IANAName: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"}, + 0xC009: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "ECDHE-ECDSA-AES128-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + problems: []Problem{ProblemCBC, ProblemSHA1}, + }, + 0xC00A: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "ECDHE-ECDSA-AES256-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + problems: []Problem{ProblemCBC, ProblemSHA1}, + }, + 0xC00B: {IANAName: "TLS_ECDH_RSA_WITH_NULL_SHA"}, + 0xC00C: {IANAName: "TLS_ECDH_RSA_WITH_RC4_128_SHA"}, + 0xC00D: {IANAName: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"}, + 0xC00E: {IANAName: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"}, + 0xC00F: {IANAName: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"}, + 0xC010: {IANAName: "TLS_ECDHE_RSA_WITH_NULL_SHA"}, + 0xC011: { + IANAName: "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDHE_RSA_ARCFOUR_128_SHA1", + + strength: StrengthInsecure, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + problems: []Problem{ProblemRSA, ProblemRC4, ProblemSHA1}, + }, + 0xC012: { + IANAName: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DES-CBC3-SHA", + GNUTLSName: "TLS_RSA_3DES_EDE_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexRSA, + authentication: SigRSA, + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + problems: []Problem{ProblemRSA, Problem3DES, ProblemCBC, ProblemSHA1}, + }, + 0xC013: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "ECDHE-RSA-AES128-SHA", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + problems: []Problem{ProblemRSA, ProblemCBC, ProblemSHA1}, + }, + 0xC014: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "ECDHE-RSA-AES256-SHA", + GNUTLSName: "TLS_ECDHE_RSA_AES_256_CBC_SHA1", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + problems: []Problem{ProblemRSA, ProblemCBC, ProblemSHA1}, + }, + 0xC015: {IANAName: "TLS_ECDH_anon_WITH_NULL_SHA"}, + 0xC016: {IANAName: "TLS_ECDH_anon_WITH_RC4_128_SHA"}, + 0xC017: {IANAName: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"}, + 0xC018: {IANAName: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"}, + 0xC019: {IANAName: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"}, + 0xC01A: {IANAName: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"}, + 0xC01B: {IANAName: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"}, + 0xC01C: {IANAName: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"}, + 0xC01D: {IANAName: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"}, + 0xC01E: {IANAName: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"}, + 0xC01F: {IANAName: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"}, + 0xC020: {IANAName: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"}, + 0xC021: {IANAName: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"}, + 0xC022: {IANAName: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"}, + 0xC023: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ECDHE-ECDSA-AES128-SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CBC_SHA256", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + problems: []Problem{ProblemCBC}, + }, + 0xC024: {IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"}, + 0xC025: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"}, + 0xC026: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"}, + 0xC027: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ECDHE-RSA-AES128-SHA256", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_CBC_SHA256", + + strength: StrengthWeak, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + problems: []Problem{ProblemRSA, ProblemCBC}, + }, + 0xC028: {IANAName: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"}, + 0xC029: {IANAName: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"}, + 0xC02A: {IANAName: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"}, + 0xC02B: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "ECDHE-ECDSA-AES128-GCM-SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_GCM_SHA256", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + problems: []Problem{}, + }, + 0xC02C: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "ECDHE-ECDSA-AES256-GCM-SHA384", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_GCM_SHA384", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + problems: []Problem{}, + }, + 0xC02D: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"}, + 0xC02E: {IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"}, + 0xC02F: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "ECDHE-RSA-AES128-GCM-SHA256", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_GCM_SHA256", + + strength: StrengthSecure, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + problems: []Problem{ProblemRSA}, + }, + 0xC030: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "ECDHE-RSA-AES256-GCM-SHA384", + GNUTLSName: "TLS_ECDHE_RSA_AES_256_GCM_SHA384", + + strength: StrengthSecure, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + problems: []Problem{ProblemRSA}, + }, + 0xC031: {IANAName: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"}, + 0xC032: {IANAName: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"}, + 0xC033: {IANAName: "TLS_ECDHE_PSK_WITH_RC4_128_SHA"}, + 0xC034: {IANAName: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"}, + 0xC035: {IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"}, + 0xC036: {IANAName: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"}, + 0xC037: {IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"}, + 0xC038: {IANAName: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"}, + 0xC039: {IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA"}, + 0xC03A: {IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA256"}, + 0xC03B: {IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA384"}, + 0xC03C: {IANAName: "TLS_RSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC03D: {IANAName: "TLS_RSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC03E: {IANAName: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"}, + 0xC03F: {IANAName: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"}, + 0xC040: {IANAName: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC041: {IANAName: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC042: {IANAName: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"}, + 0xC043: {IANAName: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"}, + 0xC044: {IANAName: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC045: {IANAName: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC046: {IANAName: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"}, + 0xC047: {IANAName: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"}, + 0xC048: {IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC049: {IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC04A: {IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC04B: {IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC04C: {IANAName: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC04D: {IANAName: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC04E: {IANAName: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"}, + 0xC04F: {IANAName: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"}, + 0xC050: {IANAName: "TLS_RSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC051: {IANAName: "TLS_RSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC052: {IANAName: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC053: {IANAName: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC054: {IANAName: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC055: {IANAName: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC056: {IANAName: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"}, + 0xC057: {IANAName: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"}, + 0xC058: {IANAName: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"}, + 0xC059: {IANAName: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"}, + 0xC05A: {IANAName: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"}, + 0xC05B: {IANAName: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"}, + 0xC05C: {IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC05D: {IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC05E: {IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC05F: {IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC060: {IANAName: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC061: {IANAName: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC062: {IANAName: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"}, + 0xC063: {IANAName: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"}, + 0xC064: {IANAName: "TLS_PSK_WITH_ARIA_128_CBC_SHA256"}, + 0xC065: {IANAName: "TLS_PSK_WITH_ARIA_256_CBC_SHA384"}, + 0xC066: {IANAName: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"}, + 0xC067: {IANAName: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"}, + 0xC068: {IANAName: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"}, + 0xC069: {IANAName: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"}, + 0xC06A: {IANAName: "TLS_PSK_WITH_ARIA_128_GCM_SHA256"}, + 0xC06B: {IANAName: "TLS_PSK_WITH_ARIA_256_GCM_SHA384"}, + 0xC06C: {IANAName: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"}, + 0xC06D: {IANAName: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"}, + 0xC06E: {IANAName: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"}, + 0xC06F: {IANAName: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"}, + 0xC070: {IANAName: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"}, + 0xC071: {IANAName: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"}, + 0xC072: {IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC073: {IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC074: {IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC075: {IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC076: {IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC077: {IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC078: {IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC079: {IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC07A: {IANAName: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC07B: {IANAName: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC07C: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC07D: {IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC07E: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC07F: {IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC080: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC081: {IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC082: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC083: {IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC084: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC085: {IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC086: {IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC087: {IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC088: {IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC089: {IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC08A: {IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC08B: {IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC08C: {IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC08D: {IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC08E: {IANAName: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC08F: {IANAName: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC090: {IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC091: {IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC092: {IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, + 0xC093: {IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, + 0xC094: {IANAName: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC095: {IANAName: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC096: {IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC097: {IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC098: {IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC099: {IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC09A: {IANAName: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, + 0xC09B: {IANAName: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, + 0xC09C: {IANAName: "TLS_RSA_WITH_AES_128_CCM"}, + 0xC09D: {IANAName: "TLS_RSA_WITH_AES_256_CCM"}, + 0xC09E: {IANAName: "TLS_DHE_RSA_WITH_AES_128_CCM"}, + 0xC09F: {IANAName: "TLS_DHE_RSA_WITH_AES_256_CCM"}, + 0xC0A0: {IANAName: "TLS_RSA_WITH_AES_128_CCM_8"}, + 0xC0A1: {IANAName: "TLS_RSA_WITH_AES_256_CCM_8"}, + 0xC0A2: {IANAName: "TLS_DHE_RSA_WITH_AES_128_CCM_8"}, + 0xC0A3: {IANAName: "TLS_DHE_RSA_WITH_AES_256_CCM_8"}, + 0xC0A4: {IANAName: "TLS_PSK_WITH_AES_128_CCM"}, + 0xC0A5: {IANAName: "TLS_PSK_WITH_AES_256_CCM"}, + 0xC0A6: {IANAName: "TLS_DHE_PSK_WITH_AES_128_CCM"}, + 0xC0A7: {IANAName: "TLS_DHE_PSK_WITH_AES_256_CCM"}, + 0xC0A8: {IANAName: "TLS_PSK_WITH_AES_128_CCM_8"}, + 0xC0A9: {IANAName: "TLS_PSK_WITH_AES_256_CCM_8"}, + 0xC0AA: {IANAName: "TLS_PSK_DHE_WITH_AES_128_CCM_8"}, + 0xC0AB: {IANAName: "TLS_PSK_DHE_WITH_AES_256_CCM_8"}, + 0xC0AC: {IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"}, + 0xC0AD: {IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"}, + 0xC0AE: {IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"}, + 0xC0AF: {IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"}, + 0xC0B0: {IANAName: "TLS_ECCPWD_WITH_AES_128_GCM_SHA256"}, + 0xC0B1: {IANAName: "TLS_ECCPWD_WITH_AES_256_GCM_SHA384"}, + 0xC0B2: {IANAName: "TLS_ECCPWD_WITH_AES_128_CCM_SHA256"}, + 0xC0B3: {IANAName: "TLS_ECCPWD_WITH_AES_256_CCM_SHA384"}, + 0xC0B4: {IANAName: "TLS_SHA256_SHA256"}, + 0xC0B5: {IANAName: "TLS_SHA384_SHA384"}, + // 0xC0B6-0xC0FF Unassigned + 0xC100: {IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"}, + 0xC101: {IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"}, + 0xC102: {IANAName: "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"}, + 0xC103: {IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L"}, + 0xC104: {IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L"}, + 0xC105: {IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S"}, + 0xC106: {IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S"}, + // 0xC107-0xC1FF Unassigned + // 0xC200-0xC9FF Unassigned + // 0xCA00-0xCAC9 Unassigned + // 0xCACA Reserved + // 0xCACB-0xCAFF Unassigned + // 0xCB00-0xCBFF Unassigned + // 0xCC00-0xCCA7 Unassigned + 0xCCA8: { + IANAName: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "ECDHE-RSA-CHACHA20-POLY1305", + GNUTLSName: "TLS_ECDHE_RSA_CHACHA20_POLY1305", + + strength: StrengthSecure, + keyExchange: KexECDHE, + authentication: SigRSA, + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + problems: []Problem{ProblemRSA}, + }, + 0xCCA9: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "ECDHE-ECDSA-CHACHA20-POLY1305", + GNUTLSName: "TLS_ECDHE_ECDSA_CHACHA20_POLY1305", + + strength: StrengthRecommended, + keyExchange: KexECDHE, + authentication: SigECDSA, + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + problems: []Problem{}, + }, + 0xCCAA: {IANAName: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"}, + 0xCCAB: {IANAName: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"}, + 0xCCAC: {IANAName: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"}, + 0xCCAD: {IANAName: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"}, + 0xCCAE: {IANAName: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"}, + // 0xCCAF-0xCCFF Unassigned + // 0xCD00-0xCFFF Unassigned + // 0xD000 Unassigned + 0xD001: {IANAName: "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256"}, + 0xD002: {IANAName: "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384"}, + 0xD003: {IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256"}, + // 0xD004 Unassigned + 0xD005: {IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256"}, + // 0xD006-0xD0FF Unassigned + // 0xD100-0xD9FF Unassigned + // 0xDA00-0xDAD9 Unassigned + // 0xDADA Reserved + // 0xDADB-0xDAFF Unassigned + // 0xDB00-0xE9FF Unassigned + // 0xEA00-0xEAE9 Unassigned + // 0xEAEA Reserved + // 0xEAEB-0xEAFF Unassigned + // 0xEB00-0xF9FF Unassigned + // 0xFA00-0xFAC9 Unassigned + // 0xFAFA Reserved + // 0xFAFB-0xFAFF Unassigned + // 0xFB00-0xFDFF Unassigned + // 0xFE00-0xFEFD Unassigned + // 0xFEFE-0xFEFF Reserved to avoid conflicts with widely deployed implementations + // 0xFF00-0xFFFF Reserved for Private Use +} diff --git a/pkg/httptls/encryption.go b/pkg/httptls/encryption.go new file mode 100644 index 0000000..7ec8e75 --- /dev/null +++ b/pkg/httptls/encryption.go @@ -0,0 +1,96 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type EncryptionAlgo int + +const ( + // Encryption algorithms + Encrypt28147CNT EncryptionAlgo = iota + Encrypt3DESEDECBC + EncryptAES128CBC + EncryptAES128CCM + EncryptAES128CCM8 + EncryptAES128GCM + EncryptAES256CBC + EncryptAES256CCM + EncryptAES256CCM8 + EncryptAES256GCM + EncryptARIA128CBC + EncryptARIA128GCM + EncryptARIA256CBC + EncryptARIA256GCM + EncryptCamellia128CBC + EncryptCamellia128GCM + EncryptCamellia256CBC + EncryptCamellia256GCM + EncryptChaChaPoly + EncryptDESCBC + EncryptDESCBC40 + EncryptDES40CBC + EncryptIDEACBC + EncryptKuznyechikCTR + EncryptKuznyechikMGML + EncryptKuznyechikMGMS + EncryptMagmaCTR + EncryptMagmaMGML + EncryptMagmaMGMS + EncryptNULL + EncryptRC2CBC40 + EncryptRC4128 + EncryptRC440 + EncryptSEEDCBC + EncryptSM4CCM + EncryptSM4GCM +) + +var EncryptionAlgoList = map[EncryptionAlgo]string{ + Encrypt28147CNT: "28147-CNT", // Russia; Россия + Encrypt3DESEDECBC: "3DES-EDE-CBC", // Ancient + EncryptAES128CBC: "AES-128-CBC", // International Standard + EncryptAES128CCM: "AES-128-CCM", // International Standard + EncryptAES128CCM8: "AES-128-CCM-8", // International Standard + EncryptAES128GCM: "AES-128-GCM", // International Standard + EncryptAES256CBC: "AES-256-CBC", // International Standard + EncryptAES256CCM: "AES-256-CCM", // International Standard + EncryptAES256CCM8: "AES-256-CCM-8", // International Standard + EncryptAES256GCM: "AES-256-GCM", // International Standard + EncryptARIA128CBC: "ARIA-128-CBC", // South Korea; 대한민국 + EncryptARIA128GCM: "ARIA-128-GCM", // South Korea; 대한민국 + EncryptARIA256CBC: "ARIA-256-CBC", // South Korea; 대한민국 + EncryptARIA256GCM: "ARIA-256-GCM", // South Korea; 대한민국 + EncryptCamellia128CBC: "Camellia-128-CBC", // Japan, 日本 + EncryptCamellia128GCM: "Camellia-128-GCM", // Japan, 日本 + EncryptCamellia256CBC: "Camellia-256-CBC", // Japan, 日本 + EncryptCamellia256GCM: "Camellia-256-GCM", // Japan, 日本 + EncryptChaChaPoly: "CHACHA20-POLY1305", // International Standard + EncryptDESCBC: "DES-CBC", // Ancient + EncryptDESCBC40: "DES-CBC-40", // Ancient + EncryptDES40CBC: "DES-40-CBC", // Ancient + EncryptIDEACBC: "IDEA-CBC", // Ancient + EncryptKuznyechikCTR: "Kuznyechik-CTR", // Russia; Россия + EncryptKuznyechikMGML: "Kuznyechik-MGM-L", // Russia; Россия + EncryptKuznyechikMGMS: "Kuznyechik-MGM-S", // Russia; Россия + EncryptMagmaCTR: "Magma-CTR", // Russia; Россия + EncryptMagmaMGML: "Magma-MGM-L", // Russia; Россия + EncryptMagmaMGMS: "Magma-MGM-S", // Russia; Россия + EncryptNULL: "NULL", // + EncryptRC2CBC40: "RC2-CBC-40", // Ancient + EncryptRC4128: "RC4-128", // Ancient + EncryptRC440: "RC4-40", // Ancient + EncryptSEEDCBC: "SEED-CBC", // Ancient + EncryptSM4CCM: "SM4-CCM", // China; 中国 + EncryptSM4GCM: "SM4-GCM", // China; 中国 +} diff --git a/pkg/httptls/hashing.go b/pkg/httptls/hashing.go new file mode 100644 index 0000000..8b24cf2 --- /dev/null +++ b/pkg/httptls/hashing.go @@ -0,0 +1,50 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type Hash int + +const ( + // Hashing functions + HashNone Hash = 0x0000 + HashMD5 Hash = 0x0001 + HashSHA1 Hash = 0x0002 + HashSHA224 Hash = 0x0003 + HashSHA256 Hash = 0x0004 + HashSHA384 Hash = 0x0005 + HashSHA512 Hash = 0x0006 + HashReserved Hash = 0x0007 + HashIntrinsic Hash = 0x0008 + // 0x0009-0x00DF Reserved + // 0x00E0-0x00FF Reserved for Private Use + + // The following are not assigned real values from the IANA. + HashGOST Hash = 0x0100 + HashNULL Hash = 0x0101 + HashSM3 Hash = 0x0102 +) + +var HashList = map[Hash]string{ + HashNone: "None", + HashMD5: "MD5", + HashSHA1: "SHA-1", + HashSHA224: "SHA-224", + HashSHA256: "SHA-256", + HashSHA384: "SHA-384", + HashSHA512: "SHA-512", + HashGOST: "GOSTR341012", + HashNULL: "NULL", + HashSM3: "SM3", +} diff --git a/pkg/httptls/httptls.go b/pkg/httptls/httptls.go new file mode 100644 index 0000000..abf429f --- /dev/null +++ b/pkg/httptls/httptls.go @@ -0,0 +1,122 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +import ( + "crypto/tls" + "fmt" + "net" + "time" + + "github.com/goware/urlx" +) + +// getHost parses the provided domain name, and returns the host or (host + +// port), whichever pairing was provided. +func getHost(domain string) (string, error) { + u, err := urlx.Parse(domain) + if err != nil { + return "", fmt.Errorf("could not parse the URL: %w", err) + } + + return u.Host, nil +} + +func ResolveEndpointToIPs(domain string) ([]string, error) { + host, err := getHost(domain) + if err != nil { + return []string{}, err + } + + addrs, err := net.LookupHost(host) + if err != nil { + host = "www." + host + + addrs, err = net.LookupHost(host) + if err != nil { + return []string{}, fmt.Errorf("could not resolve host `%s`: %w", host, err) + } + } + + return addrs, nil +} + +func TCPConnect(ip string, port int, timeout time.Duration) (bool, error) { + ipPort := net.JoinHostPort(ip, fmt.Sprintf("%d", port)) + + conn, err := net.DialTimeout("tcp", ipPort, timeout) + if err != nil { + return false, fmt.Errorf("could not dial %s within %s: %w", ipPort, timeout, err) + } + + conn.Close() + + return true, nil +} + +func TLSConnect( + host string, + port int, + timeout time.Duration, + forceTLS ...uint16, +) (*tls.Conn, *tls.ClientHelloInfo, error) { + listPort := "" + if port != 80 && port != 443 { + listPort = fmt.Sprintf(":%d", port) + } + + var clientHello *tls.ClientHelloInfo + + config := &tls.Config{ + ServerName: host + listPort, + GetConfigForClient: func(hi *tls.ClientHelloInfo) (*tls.Config, error) { + clientHello = hi + + return nil, nil + }, + } + + if len(forceTLS) > 0 { + config.MinVersion = forceTLS[0] + config.MaxVersion = forceTLS[0] + } + + timeoutDialer := &net.Dialer{ + Timeout: timeout, + } + + hostPort := net.JoinHostPort(host, fmt.Sprintf("%d", port)) + conn2 := &tls.Conn{} + + conn1, err := tls.DialWithDialer(timeoutDialer, "tcp", hostPort, config) + if err != nil { + conn1.Close() + hostPort = "www." + hostPort + config.ServerName = hostPort + + conn2, err = tls.DialWithDialer(timeoutDialer, "tcp", hostPort, config) + if err != nil { + return &tls.Conn{}, clientHello, fmt.Errorf("could not dial %s within %s: %w", hostPort, timeout, err) + } + + return conn2, clientHello, nil + } + + return conn1, clientHello, nil +} + +// o.SupportedSuites = append(o.SupportedSuites, fmt.Sprintf("Unknown, 0x%x", suite)) +// o.SupportedCurves = append(o.SupportedCurves, fmt.Sprintf("Unknown, 0x%x", curve)) +// o.SupportedPoints = append(o.SupportedPoints, fmt.Sprintf("0x%x", point)) diff --git a/pkg/httptls/httptls_test.go b/pkg/httptls/httptls_test.go new file mode 100644 index 0000000..b6cddca --- /dev/null +++ b/pkg/httptls/httptls_test.go @@ -0,0 +1,321 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +import ( + "regexp" + "slices" + "testing" + "time" +) + +// +func TestResolveEndpointToIPs(t *testing.T) { // lint:allow_complexity + for name, tc := range map[string]struct { + Input string + Expected []string + ExpectedErr *regexp.Regexp + }{ + "scheme:cloudflare.com": { + Input: "https://cloudflare.com", + Expected: []string{ + "104.16.132.229", + "104.16.133.229", + "2606:4700::6810:84e5", + "2606:4700::6810:85e5", + }, + }, + "cloudflare.com": { + Input: "cloudflare.com", + Expected: []string{ + "104.16.132.229", + "104.16.133.229", + "2606:4700::6810:84e5", + "2606:4700::6810:85e5", + }, + }, + "scheme:github.com": { + Input: "https://github.com", + Expected: []string{ + "140.82.112.3", + "140.82.112.4", + "140.82.113.3", + "140.82.113.4", + "140.82.114.3", + "140.82.114.4", + }, + }, + "github.com": { + Input: "github.com", + Expected: []string{ + "140.82.112.3", + "140.82.112.4", + "140.82.113.3", + "140.82.113.4", + "140.82.114.3", + "140.82.114.4", + }, + }, + "scheme:ryanparman.com": { + Input: "https://ryanparman.com", + Expected: []string{ + "172.66.40.211", + "172.66.43.45", + "2606:4700:3108::ac42:28d3", + "2606:4700:3108::ac42:2b2d", + }, + }, + "ryanparman.com": { + Input: "ryanparman.com", + Expected: []string{ + "172.66.40.211", + "172.66.43.45", + "2606:4700:3108::ac42:28d3", + "2606:4700:3108::ac42:2b2d", + }, + }, + "scheme:example.com": { + Input: "http://example.com", + Expected: []string{ + "2606:2800:21f:cb07:6820:80da:af6b:8b2c", + "93.184.215.14", + }, + }, + "example.com": { + Input: "example.com", + Expected: []string{ + "2606:2800:21f:cb07:6820:80da:af6b:8b2c", + "93.184.215.14", + }, + }, + "scheme:http.badssl.com": { + Input: "http://http.badssl.com", + Expected: []string{ + "104.154.89.105", + }, + }, + "http.badssl.com": { + Input: "http.badssl.com", + Expected: []string{ + "104.154.89.105", + }, + }, + "scheme:captive.apple.com": { + Input: "http://captive.apple.com", + Expected: []string{ + "17.253.23.201", + "17.253.23.202", + "17.253.23.203", + "17.253.23.204", + "17.253.23.205", + "17.253.23.206", + "2620:149:a1e:f000::1", + "2620:149:a1e:f000::3", + "2620:149:a1e:f000::5", + "2620:149:a1e:f100::2", + "2620:149:a1e:f100::4", + "2620:149:a1e:f100::6", + }, + }, + "scheme:detectportal.firefox.com": { + Input: "http://detectportal.firefox.com", + Expected: []string{ + "2600:1901:0:38d7::", + "34.107.221.82", + }, + }, + } { + t.Run(name, func(t *testing.T) { + actual, err := ResolveEndpointToIPs(tc.Input) + + if len(actual) < 1 { + t.Errorf("Expected at least one IP address for %s, got '%#v'", tc.Input, len(actual)) + } + + if err != nil && tc.ExpectedErr != nil { + if !tc.ExpectedErr.MatchString(err.Error()) { + t.Errorf("Expected error '%#v', got '%#v'", tc.ExpectedErr, err) + } + } + + for i := range actual { + a := actual[i] + + if !slices.Contains(tc.Expected, a) { + t.Errorf("Expected to find %#v inside %#v", a, tc.Expected) + } + } + }) + } +} + +// +func TestTCPConnect(t *testing.T) { // lint:allow_complexity + for name, tc := range map[string]struct { + IP string + Port int + Expected bool + ExpectedErr *regexp.Regexp + }{ + // ryanparman.com + "172.66.40.211:443": { + IP: "172.66.40.211", + Port: 443, + Expected: true, + }, + // ryanparman.com + "172.66.43.45:443": { + IP: "172.66.43.45", + Port: 443, + Expected: true, + }, + // ryanparman.com + "2606:4700:3108::ac42:28d3:443": { + IP: "2606:4700:3108::ac42:28d3", + Port: 443, + Expected: true, + }, + // ryanparman.com + "2606:4700:3108::ac42:2b2d:443": { + IP: "2606:4700:3108::ac42:2b2d", + Port: 443, + Expected: true, + }, + // example.com + "2606:2800:21f:cb07:6820:80da:af6b:8b2c:443": { + IP: "2606:2800:21f:cb07:6820:80da:af6b:8b2c", + Port: 443, + Expected: true, + }, + // example.com + "93.184.215.14:443": { + IP: "93.184.215.14", + Port: 443, + Expected: true, + }, + // example.com + "2606:2800:21f:cb07:6820:80da:af6b:8b2c:80": { // Flaky + IP: "2606:2800:21f:cb07:6820:80da:af6b:8b2c", + Port: 80, + Expected: true, + }, + // example.com + "93.184.215.14:80": { // Flaky + IP: "93.184.215.14", + Port: 80, + Expected: true, + }, + // http.badssl.com + "104.154.89.105:80": { + IP: "104.154.89.105", + Port: 80, + Expected: true, + }, + // http.badssl.com + "104.154.89.105:443": { + IP: "104.154.89.105", + Port: 443, + Expected: true, + }, + } { + t.Run(name, func(t *testing.T) { + actual, err := TCPConnect(tc.IP, tc.Port, 1*time.Second) + if err != nil && tc.ExpectedErr != nil { + if !tc.ExpectedErr.MatchString(err.Error()) { + t.Errorf("Expected error '%#v', got '%#v'", tc.ExpectedErr, err) + } + } + + if actual != tc.Expected { + t.Errorf("Expected %#v, got %#v", tc.Expected, actual) + } + }) + } +} + +// +// func TestTLSConnect(t *testing.T) { // lint:allow_complexity +// for name, tc := range map[string]struct { +// Host string +// Port int +// Expected int +// ExpectedErr *regexp.Regexp +// TLSVersion uint16 +// }{ +// "cloudflare.com": { +// Host: "cloudflare.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "github.com": { +// Host: "github.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "ryanparman.com": { +// Host: "ryanparman.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "example.com": { +// Host: "example.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "http.badssl.com": { +// Host: "http.badssl.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "captive.apple.com": { +// Host: "captive.apple.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// "detectportal.firefox.com": { +// Host: "detectportal.firefox.com", +// Port: 443, +// TLSVersion: tls.VersionTLS12, +// }, +// } { +// t.Run(name, func(t *testing.T) { +// actual, chi, err := TLSConnect(tc.Host, tc.Port, 1*time.Second, tc.TLSVersion) +// if err != nil && tc.ExpectedErr != nil { +// if !tc.ExpectedErr.MatchString(err.Error()) { +// t.Errorf("Expected error '%#v', got '%#v'", tc.ExpectedErr, err) +// } +// } + +// conn := actual.ConnectionState() +// actual.Close() + +// pp := debug.GetSpew() +// pp.Dump(conn) +// fmt.Println("---------------------------------------------------------------------------") +// pp.Dump(chi) +// fmt.Println("---------------------------------------------------------------------------") + +// // for i := range actual { +// // a := actual[i] + +// // if !slices.Contains(tc.Expected, a) { +// // t.Errorf("Expected to find %#v inside %#v", a, tc.Expected) +// // } +// // } + +// panic("1") +// }) +// } +// } diff --git a/pkg/httptls/key_exchange.go b/pkg/httptls/key_exchange.go new file mode 100644 index 0000000..4b9a070 --- /dev/null +++ b/pkg/httptls/key_exchange.go @@ -0,0 +1,48 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type KeyExchange int + +const ( + // Key exchange algorithms + KexNone KeyExchange = iota + KexDH + KexDHE + KexECCPWD + KexECDH + KexECDHE + KexGOST256 + KexKRB5 + KexNULL + KexPSK + KexRSA + KexSRP +) + +var KeyExchangeList = map[KeyExchange]string{ + KexNone: "None", + KexDH: "Diffie-Hellman (Non-Ephemeral) (ECDH)", + KexDHE: "Diffie-Hellman (Ephemeral) (ECDHE)", + KexECCPWD: "ECCPWD", + KexECDH: "Elliptic Curve Diffie-Hellman (Non-Ephemeral) (ECDH)", + KexECDHE: "Elliptic Curve Diffie-Hellman (Ephemeral) (ECDHE)", + KexGOST256: "Russian GOST 256-bit", + KexKRB5: "Kerberos (KRB5)", + KexNULL: "NULL", + KexPSK: "Pre-Shared Keys (PSK)", + KexRSA: "RSA", + KexSRP: "Secure Remote Password (SRP)", +} diff --git a/pkg/httptls/links.go b/pkg/httptls/links.go new file mode 100644 index 0000000..483fa63 --- /dev/null +++ b/pkg/httptls/links.go @@ -0,0 +1,33 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +const ( + // Links to more information + Link3DES = "https://sweet32.info" + LinkCBC = "https://www.isg.rhul.ac.uk/tls/Lucky13.html" + LinkCSAWSALB = "https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html" + LinkCSCloudflare = "https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/supported-cipher-suites/" + LinkCSInfo = "https://ciphersuite.info/cs/%s" + LinkDeprecateLegacyTLS = "https://datatracker.ietf.org/doc/html/rfc8996" + LinkECH = "https://blog.cloudflare.com/announcing-encrypted-client-hello/" + LinkExport = "https://freakattack.com" + LinkMD5 = "https://www.schneier.com/blog/archives/2008/12/forging_ssl_cer.html" + LinkNISTDSS = "https://csrc.nist.gov/pubs/fips/186-5/final" + LinkObsoleteKEX = "https://datatracker.ietf.org/doc/html/draft-ietf-tls-deprecate-obsolete-kex" + LinkRC2 = "https://www.schneier.com/wp-content/uploads/2016/02/paper-relatedkey.pdf" + LinkRC4 = "https://datatracker.ietf.org/doc/html/rfc7465" + LinkSHA1 = "https://shattered.io" +) diff --git a/pkg/httptls/problems.go b/pkg/httptls/problems.go new file mode 100644 index 0000000..9083bd4 --- /dev/null +++ b/pkg/httptls/problems.go @@ -0,0 +1,79 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type ( + Problem int + + ProblemData struct { + // Type is a string representation of the classification of the problem. + Type string `json:"type,omitempty"` + + // A friendly description of the problem. + Description string `json:"description,omitempty"` + + // A set of URLs with more information about this problem. + URLs []string `json:"urls,omitempty"` + } +) + +const ( + // Problem types + ProblemNonEphemeral Problem = iota + Problem3DES + ProblemCBC + ProblemRC4 + ProblemRSA + ProblemSHA1 + ProblemTLSVersion +) + +var ( + ProblemList = map[Problem]string{ + ProblemNonEphemeral: "Ephemeral exchange algorithms are more secure because they clean-up leftover data. " + + "Non-ephemeral exchange algorithms (like this one) leave leftover data behind, which can allow an " + + "attacker to gain access to the encryption keys.", + Problem3DES: "Though Triple-DES (3DES) has not yet been broken, it suffers from several vulnerabilities " + + "(known as 'Lucky 13').", + ProblemCBC: "The CBC encryption algorithm suffers from a handful of vulnerabilites (known as 'BEAST'). " + + "GCM encryption should be preferred over CBC.", + ProblemRC4: "The IETF has officially prohibited RC4 for use in TLS in RFC-7465.", + ProblemRSA: "While not a vulnerability, RSA authentication with keys longer than 3072 bits may experience " + + "heavy performance issues. This can lead to denial-of-service style attacks.", + ProblemSHA1: "The Secure Hash Algorithm 1 (SHA-1) was cracked in 2017", + ProblemTLSVersion: "The IETF has officially deprecated TLS versions 1.0 and 1.1 in RFC-8996. There are " + + "known vulnerabilities in this TLS versions.", + } + + ProblemTypeList = map[Problem]string{ + ProblemNonEphemeral: "Non-Ephemeral", + Problem3DES: "Triple-DES", + ProblemCBC: "CBC", + ProblemRC4: "RC4", + ProblemRSA: "RSA Authentication", + ProblemSHA1: "SHA-1", + ProblemTLSVersion: "Legacy TLS", + } + + ProblemURLList = map[Problem][]string{ + ProblemNonEphemeral: {LinkCSAWSALB, LinkCSCloudflare, LinkObsoleteKEX}, + Problem3DES: {LinkCSAWSALB, LinkCSCloudflare, Link3DES}, + ProblemCBC: {LinkCSAWSALB, LinkCSCloudflare, LinkCBC}, + ProblemRC4: {LinkCSAWSALB, LinkCSCloudflare, LinkRC4}, + ProblemRSA: {LinkCSAWSALB, LinkCSCloudflare}, + ProblemSHA1: {LinkCSAWSALB, LinkCSCloudflare, LinkSHA1}, + ProblemTLSVersion: {LinkCSAWSALB, LinkCSCloudflare, LinkDeprecateLegacyTLS}, + } +) diff --git a/pkg/httptls/signatures.go b/pkg/httptls/signatures.go new file mode 100644 index 0000000..340d86f --- /dev/null +++ b/pkg/httptls/signatures.go @@ -0,0 +1,48 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +type Signature int + +const ( + // Signature algorithms + SigAnonymous Signature = 0x0000 + SigRSA Signature = 0x0001 + SigDSA Signature = 0x0002 + SigECDSA Signature = 0x0003 + // 0x0004-0x0006 Reserved + SigED25519 Signature = 0x0007 + SigED448 Signature = 0x0008 + // 0x0009-0x003F Reserved + SigGOST256 Signature = 0x0040 + SigGOST512 Signature = 0x0041 + // 0x0042-0x00DF Reserved + // 0x00E0-0x00FF Reserved for Private Use + + // The following are not assigned real values from the IANA. + SigNULL Signature = 0x0100 +) + +var AuthenticationList = map[Signature]string{ + SigAnonymous: "Anonymous", + SigRSA: "RSA", + SigDSA: "NIST Digital Signature (DSA)", + SigECDSA: "Elliptic Curve Digital Signature (ECDSA)", + SigED25519: "Edwards-curve Digital Signature (ED25519)", + SigED448: "Edwards-curve Digital Signature (ED448)", + SigGOST256: "Russian GOST 256-bit", + SigGOST512: "Russian GOST 512-bit", + SigNULL: "NULL", +} diff --git a/pkg/httptls/structs.go b/pkg/httptls/structs.go new file mode 100644 index 0000000..5ccca63 --- /dev/null +++ b/pkg/httptls/structs.go @@ -0,0 +1,61 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +import ( + "encoding/json" + "fmt" +) + +type ( + TLSConnection struct { + // Version represents the version of TLS. + Version string `json:"version"` + + // CipherSuite represents the cipher suites that the connection advertises. + CipherSuites []CipherData `json:"cipherSuites"` + + // ECH represents whether or not the server supports Encrypted Client Hello. + ECH bool `json:"ech"` + } +) + +func (c *CipherData) Populate() { + c.Strength = StrengthList[c.strength] + c.KeyExchange = KeyExchangeList[c.keyExchange] + c.Authentication = AuthenticationList[c.authentication] + c.EncryptionAlgo = EncryptionAlgoList[c.encryptionAlgo] + c.Hash = HashList[c.hash] + + for i := range c.problems { + p := c.problems[i] + + c.Problems = append(c.Problems, ProblemData{ + Type: ProblemTypeList[p], + Description: ProblemList[p], + URLs: append(ProblemURLList[p], fmt.Sprintf(LinkCSInfo, c.IANAName)), + }) + } +} + +func (t *TLSConnection) ToJSON() (string, error) { + for i := range t.CipherSuites { + t.CipherSuites[i].Populate() + } + + b, err := json.Marshal(t) + + return string(b), err +} diff --git a/pkg/httptls/tls_versions.go b/pkg/httptls/tls_versions.go new file mode 100644 index 0000000..4a178fb --- /dev/null +++ b/pkg/httptls/tls_versions.go @@ -0,0 +1,24 @@ +// Copyright 2024, Northwood Labs +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package httptls + +var TLSVersion = map[uint16]string{ + 0x0002: "SSL v2", + 0x0300: "SSL v3", + 0x0301: "TLS 1.0", + 0x0302: "TLS 1.1", + 0x0303: "TLS 1.2", + 0x0304: "TLS 1.3", +} diff --git a/pkg/httptls/tmp.go b/pkg/httptls/tmp.go new file mode 100644 index 0000000..aa9c7f7 --- /dev/null +++ b/pkg/httptls/tmp.go @@ -0,0 +1,3067 @@ + 0x0017: { + IANAName: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptRC440, + hash: HashMD5, + }, + 0x001B: { + IANAName: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "ADH-DES-CBC3-SHA", + GNUTLSName: "TLS_DH_ANON_3DES_EDE_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0034: { + IANAName: "TLS_DH_anon_WITH_AES_128_CBC_SHA", + OpenSSLName: "ADH-AES128-SHA", + GNUTLSName: "TLS_DH_ANON_AES_128_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x006C: { + IANAName: "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ADH-AES128-SHA256", + GNUTLSName: "TLS_DH_ANON_AES_128_CBC_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0x00A6: { + IANAName: "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + OpenSSLName: "ADH-AES128-GCM-SHA256", + GNUTLSName: "TLS_DH_ANON_AES_128_GCM_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x003A: { + IANAName: "TLS_DH_anon_WITH_AES_256_CBC_SHA", + OpenSSLName: "ADH-AES256-SHA", + GNUTLSName: "TLS_DH_ANON_AES_256_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x006D: { + IANAName: "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + OpenSSLName: "ADH-AES256-SHA256", + GNUTLSName: "TLS_DH_ANON_AES_256_CBC_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0x00A7: { + IANAName: "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + OpenSSLName: "ADH-AES256-GCM-SHA384", + GNUTLSName: "TLS_DH_ANON_AES_256_GCM_SHA384", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC046: { + IANAName: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC05A: { + IANAName: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC047: { + IANAName: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC05B: { + IANAName: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0046: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + OpenSSLName: "ADH-CAMELLIA128-SHA", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_128_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BF: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "ADH-CAMELLIA128-SHA256", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_128_CBC_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC084: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_128_GCM_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0089: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + OpenSSLName: "ADH-CAMELLIA256-SHA", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_256_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C5: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", + OpenSSLName: "ADH-CAMELLIA256-SHA256", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_256_CBC_SHA256", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC085: { + IANAName: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_DH_ANON_CAMELLIA_256_GCM_SHA384", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0x001A: { + IANAName: "TLS_DH_anon_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0018: { + IANAName: "TLS_DH_anon_WITH_RC4_128_MD5", + GNUTLSName: "TLS_DH_ANON_ARCFOUR_128_MD5", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptRC4128, + hash: HashMD5, + }, + 0x009B: { + IANAName: "TLS_DH_anon_WITH_SEED_CBC_SHA", + OpenSSLName: "ADH-SEED-SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: SigAnonymous, + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0x000B: { + IANAName: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x000D: { + IANAName: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0030: { + IANAName: "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x003E: { + IANAName: "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0x00A4: { + IANAName: "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0036: { + IANAName: "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x0068: { + IANAName: "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0x00A5: { + IANAName: "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC03E: { + IANAName: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC058: { + IANAName: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC03F: { + IANAName: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC059: { + IANAName: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0042: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BB: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC082: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0085: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C1: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC083: { + IANAName: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0x000C: { + IANAName: "TLS_DH_DSS_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0097: { + IANAName: "TLS_DH_DSS_WITH_SEED_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "DSS", + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0x0011: { + IANAName: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x0013: { + IANAName: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DHE-DSS-DES-CBC3-SHA", + GNUTLSName: "TLS_DHE_DSS_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0032: { + IANAName: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + OpenSSLName: "DHE-DSS-AES128-SHA", + GNUTLSName: "TLS_DHE_DSS_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x0040: { + IANAName: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + OpenSSLName: "DHE-DSS-AES128-SHA256", + GNUTLSName: "TLS_DHE_DSS_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0x00A2: { + IANAName: "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + OpenSSLName: "DHE-DSS-AES128-GCM-SHA256", + GNUTLSName: "TLS_DHE_DSS_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0038: { + IANAName: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + OpenSSLName: "DHE-DSS-AES256-SHA", + GNUTLSName: "TLS_DHE_DSS_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x006A: { + IANAName: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + OpenSSLName: "DHE-DSS-AES256-SHA256", + GNUTLSName: "TLS_DHE_DSS_AES_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0x00A3: { + IANAName: "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + OpenSSLName: "DHE-DSS-AES256-GCM-SHA384", + GNUTLSName: "TLS_DHE_DSS_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC042: { + IANAName: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC056: { + IANAName: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC043: { + IANAName: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC057: { + IANAName: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0044: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + OpenSSLName: "DHE-DSS-CAMELLIA128-SHA", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BD: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "DHE-DSS-CAMELLIA128-SHA256", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC080: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0087: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + OpenSSLName: "DHE-DSS-CAMELLIA256-SHA", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C3: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + OpenSSLName: "DHE-DSS-CAMELLIA256-SHA256", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC081: { + IANAName: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_DHE_DSS_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0x0012: { + IANAName: "TLS_DHE_DSS_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0099: { + IANAName: "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + OpenSSLName: "DHE-DSS-SEED-SHA", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "DSS", + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0x008F: { + IANAName: "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DHE-PSK-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_DHE_PSK_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0090: { + IANAName: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", + OpenSSLName: "DHE-PSK-AES128-CBC-SHA", + GNUTLSName: "TLS_DHE_PSK_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x00B2: { + IANAName: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", + OpenSSLName: "DHE-PSK-AES128-CBC-SHA256", + GNUTLSName: "TLS_DHE_PSK_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC0A6: { + IANAName: "TLS_DHE_PSK_WITH_AES_128_CCM", + OpenSSLName: "DHE-PSK-AES128-CCM", + GNUTLSName: "TLS_DHE_PSK_AES_128_CCM", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0x00AA: { + IANAName: "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", + OpenSSLName: "DHE-PSK-AES128-GCM-SHA256", + GNUTLSName: "TLS_DHE_PSK_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0091: { + IANAName: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", + OpenSSLName: "DHE-PSK-AES256-CBC-SHA", + GNUTLSName: "TLS_DHE_PSK_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x00B3: { + IANAName: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", + OpenSSLName: "DHE-PSK-AES256-CBC-SHA384", + GNUTLSName: "TLS_DHE_PSK_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC0A7: { + IANAName: "TLS_DHE_PSK_WITH_AES_256_CCM", + OpenSSLName: "DHE-PSK-AES256-CCM", + GNUTLSName: "TLS_DHE_PSK_AES_256_CCM", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA256, + }, + 0x00AB: { + IANAName: "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", + OpenSSLName: "DHE-PSK-AES256-GCM-SHA384", + GNUTLSName: "TLS_DHE_PSK_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC066: { + IANAName: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC06C: { + IANAName: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC067: { + IANAName: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC06D: { + IANAName: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC096: { + IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "DHE-PSK-CAMELLIA128-SHA256", + GNUTLSName: "TLS_DHE_PSK_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC090: { + IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_DHE_PSK_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC097: { + IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "DHE-PSK-CAMELLIA256-SHA384", + GNUTLSName: "TLS_DHE_PSK_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC091: { + IANAName: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_DHE_PSK_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCAD: { + IANAName: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "DHE-PSK-CHACHA20-POLY1305", + GNUTLSName: "TLS_DHE_PSK_CHACHA20_POLY1305", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0x002D: { + IANAName: "TLS_DHE_PSK_WITH_NULL_SHA", + OpenSSLName: "DHE-PSK-NULL-SHA", + GNUTLSName: "TLS_DHE_PSK_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0x00B4: { + IANAName: "TLS_DHE_PSK_WITH_NULL_SHA256", + OpenSSLName: "DHE-PSK-NULL-SHA256", + GNUTLSName: "TLS_DHE_PSK_NULL_SHA256", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0x00B5: { + IANAName: "TLS_DHE_PSK_WITH_NULL_SHA384", + OpenSSLName: "DHE-PSK-NULL-SHA384", + GNUTLSName: "TLS_DHE_PSK_NULL_SHA384", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA384, + }, + 0x008E: { + IANAName: "TLS_DHE_PSK_WITH_RC4_128_SHA", + GNUTLSName: "TLS_DHE_PSK_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0x0014: { + IANAName: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x0016: { + IANAName: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DHE-RSA-DES-CBC3-SHA", + GNUTLSName: "TLS_DHE_RSA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0033: { + IANAName: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "DHE-RSA-AES128-SHA", + GNUTLSName: "TLS_DHE_RSA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x0067: { + IANAName: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "DHE-RSA-AES128-SHA256", + GNUTLSName: "TLS_DHE_RSA_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC09E: { + IANAName: "TLS_DHE_RSA_WITH_AES_128_CCM", + OpenSSLName: "DHE-RSA-AES128-CCM", + GNUTLSName: "TLS_DHE_RSA_AES_128_CCM", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xC0A2: { + IANAName: "TLS_DHE_RSA_WITH_AES_128_CCM_8", + OpenSSLName: "DHE-RSA-AES128-CCM8", + GNUTLSName: "TLS_DHE_RSA_AES_128_CCM_8", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0x009E: { + IANAName: "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "DHE-RSA-AES128-GCM-SHA256", + GNUTLSName: "TLS_DHE_RSA_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0039: { + IANAName: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "DHE-RSA-AES256-SHA", + GNUTLSName: "TLS_DHE_RSA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x006B: { + IANAName: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + OpenSSLName: "DHE-RSA-AES256-SHA256", + GNUTLSName: "TLS_DHE_RSA_AES_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0xC09F: { + IANAName: "TLS_DHE_RSA_WITH_AES_256_CCM", + OpenSSLName: "DHE-RSA-AES256-CCM", + GNUTLSName: "TLS_DHE_RSA_AES_256_CCM", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA256, + }, + 0xC0A3: { + IANAName: "TLS_DHE_RSA_WITH_AES_256_CCM_8", + OpenSSLName: "DHE-RSA-AES256-CCM8", + GNUTLSName: "TLS_DHE_RSA_AES_256_CCM_8", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CCM8, + hash: HashSHA256, + }, + 0x009F: { + IANAName: "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "DHE-RSA-AES256-GCM-SHA384", + GNUTLSName: "TLS_DHE_RSA_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC044: { + IANAName: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC052: { + IANAName: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC045: { + IANAName: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC053: { + IANAName: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0045: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + OpenSSLName: "DHE-RSA-CAMELLIA128-SHA", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BE: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "DHE-RSA-CAMELLIA128-SHA256", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC07C: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0088: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + OpenSSLName: "DHE-RSA-CAMELLIA256-SHA", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C4: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + OpenSSLName: "DHE-RSA-CAMELLIA256-SHA256", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC07D: { + IANAName: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_DHE_RSA_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCAA: { + IANAName: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "DHE-RSA-CHACHA20-POLY1305", + GNUTLSName: "TLS_DHE_RSA_CHACHA20_POLY1305", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0x0015: { + IANAName: "TLS_DHE_RSA_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x009A: { + IANAName: "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + OpenSSLName: "DHE-RSA-SEED-SHA", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "RSA", + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0x000E: { + IANAName: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x0010: { + IANAName: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0031: { + IANAName: "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x003F: { + IANAName: "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0x00A0: { + IANAName: "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0037: { + IANAName: "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x0069: { + IANAName: "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0x00A1: { + IANAName: "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC040: { + IANAName: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC054: { + IANAName: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC041: { + IANAName: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC055: { + IANAName: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0043: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BC: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC07E: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0086: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C2: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC07F: { + IANAName: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0x000F: { + IANAName: "TLS_DH_RSA_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0098: { + IANAName: "TLS_DH_RSA_WITH_SEED_CBC_SHA", + strength: StrengthWeak, + keyExchange: KexDH, + authentication: "RSA", + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0xC0B2: { + IANAName: "TLS_ECCPWD_WITH_AES_128_CCM_SHA256", + strength: StrengthSecure, + keyExchange: "ECCPWD", + authentication: "ECCPWD", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xC0B0: { + IANAName: "TLS_ECCPWD_WITH_AES_128_GCM_SHA256", + strength: StrengthRecommended, + keyExchange: "ECCPWD", + authentication: "ECCPWD", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC0B3: { + IANAName: "TLS_ECCPWD_WITH_AES_256_CCM_SHA384", + strength: StrengthSecure, + keyExchange: "ECCPWD", + authentication: "ECCPWD", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA384, + }, + 0xC0B1: { + IANAName: "TLS_ECCPWD_WITH_AES_256_GCM_SHA384", + strength: StrengthRecommended, + keyExchange: "ECCPWD", + authentication: "ECCPWD", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC017: { + IANAName: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "AECDH-DES-CBC3-SHA", + GNUTLSName: "TLS_ECDH_ANON_3DES_EDE_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: SigAnonymous, + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC018: { + IANAName: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + OpenSSLName: "AECDH-AES128-SHA", + GNUTLSName: "TLS_ECDH_ANON_AES_128_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: SigAnonymous, + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC019: { + IANAName: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + OpenSSLName: "AECDH-AES256-SHA", + GNUTLSName: "TLS_ECDH_ANON_AES_256_CBC_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: SigAnonymous, + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC015: { + IANAName: "TLS_ECDH_anon_WITH_NULL_SHA", + OpenSSLName: "AECDH-NULL-SHA", + GNUTLSName: "TLS_ECDH_ANON_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: SigAnonymous, + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC016: { + IANAName: "TLS_ECDH_anon_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDH_ANON_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: SigAnonymous, + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC003: { + IANAName: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC004: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC025: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC02D: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC005: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC026: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC02E: { + IANAName: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC04A: { + IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC05E: { + IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC04B: { + IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC05F: { + IANAName: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC074: { + IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC088: { + IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC075: { + IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC089: { + IANAName: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xC001: { + IANAName: "TLS_ECDH_ECDSA_WITH_NULL_SHA", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC002: { + IANAName: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: "ECDSA", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC008: { + IANAName: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "ECDHE-ECDSA-DES-CBC3-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC009: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "ECDHE-ECDSA-AES128-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC023: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ECDHE-ECDSA-AES128-SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC0AC: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + OpenSSLName: "ECDHE-ECDSA-AES128-CCM", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CCM", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xC0AE: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + OpenSSLName: "ECDHE-ECDSA-AES128-CCM8", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_CCM_8", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0xC02B: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "ECDHE-ECDSA-AES128-GCM-SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_128_GCM_SHA256", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC00A: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "ECDHE-ECDSA-AES256-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC024: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + OpenSSLName: "ECDHE-ECDSA-AES256-SHA384", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC0AD: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + OpenSSLName: "ECDHE-ECDSA-AES256-CCM", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_CCM", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA256, + }, + 0xC0AF: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + OpenSSLName: "ECDHE-ECDSA-AES256-CCM8", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_CCM_8", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256CCM8, + hash: HashSHA256, + }, + 0xC02C: { + IANAName: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "ECDHE-ECDSA-AES256-GCM-SHA384", + GNUTLSName: "TLS_ECDHE_ECDSA_AES_256_GCM_SHA384", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC048: { + IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC05C: { + IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC049: { + IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC05D: { + IANAName: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC072: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "ECDHE-ECDSA-CAMELLIA128-SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC086: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC073: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "ECDHE-ECDSA-CAMELLIA256-SHA384", + GNUTLSName: "TLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC087: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCA9: { + IANAName: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "ECDHE-ECDSA-CHACHA20-POLY1305", + GNUTLSName: "TLS_ECDHE_ECDSA_CHACHA20_POLY1305", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0xC006: { + IANAName: "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + OpenSSLName: "ECDHE-ECDSA-NULL-SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC007: { + IANAName: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDHE_ECDSA_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "ECDSA", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC034: { + IANAName: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "ECDHE-PSK-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_ECDHE_PSK_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC035: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", + OpenSSLName: "ECDHE-PSK-AES128-CBC-SHA", + GNUTLSName: "TLS_ECDHE_PSK_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC037: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ECDHE-PSK-AES128-CBC-SHA256", + GNUTLSName: "TLS_ECDHE_PSK_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xD003: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0xD005: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xD001: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC036: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", + OpenSSLName: "ECDHE-PSK-AES256-CBC-SHA", + GNUTLSName: "TLS_ECDHE_PSK_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC038: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", + OpenSSLName: "ECDHE-PSK-AES256-CBC-SHA384", + GNUTLSName: "TLS_ECDHE_PSK_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xD002: { + IANAName: "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC070: { + IANAName: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC071: { + IANAName: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC09A: { + IANAName: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "ECDHE-PSK-CAMELLIA128-SHA256", + GNUTLSName: "TLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC09B: { + IANAName: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "ECDHE-PSK-CAMELLIA256-SHA384", + GNUTLSName: "TLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xCCAC: { + IANAName: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "ECDHE-PSK-CHACHA20-POLY1305", + GNUTLSName: "TLS_ECDHE_PSK_CHACHA20_POLY1305", + strength: StrengthRecommended, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0xC039: { + IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA", + OpenSSLName: "ECDHE-PSK-NULL-SHA", + GNUTLSName: "TLS_ECDHE_PSK_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC03A: { + IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA256", + OpenSSLName: "ECDHE-PSK-NULL-SHA256", + GNUTLSName: "TLS_ECDHE_PSK_NULL_SHA256", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0xC03B: { + IANAName: "TLS_ECDHE_PSK_WITH_NULL_SHA384", + OpenSSLName: "ECDHE-PSK-NULL-SHA384", + GNUTLSName: "TLS_ECDHE_PSK_NULL_SHA384", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA384, + }, + 0xC033: { + IANAName: "TLS_ECDHE_PSK_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDHE_PSK_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "PSK", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC012: { + IANAName: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "ECDHE-RSA-DES-CBC3-SHA", + GNUTLSName: "TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC013: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "ECDHE-RSA-AES128-SHA", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC027: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "ECDHE-RSA-AES128-SHA256", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC02F: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "ECDHE-RSA-AES128-GCM-SHA256", + GNUTLSName: "TLS_ECDHE_RSA_AES_128_GCM_SHA256", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC014: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "ECDHE-RSA-AES256-SHA", + GNUTLSName: "TLS_ECDHE_RSA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC028: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + OpenSSLName: "ECDHE-RSA-AES256-SHA384", + GNUTLSName: "TLS_ECDHE_RSA_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC030: { + IANAName: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "ECDHE-RSA-AES256-GCM-SHA384", + GNUTLSName: "TLS_ECDHE_RSA_AES_256_GCM_SHA384", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC04C: { + IANAName: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC060: { + IANAName: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC04D: { + IANAName: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC061: { + IANAName: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC076: { + IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "ECDHE-RSA-CAMELLIA128-SHA256", + GNUTLSName: "TLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC08A: { + IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC077: { + IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "ECDHE-RSA-CAMELLIA256-SHA384", + GNUTLSName: "TLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC08B: { + IANAName: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCA8: { + IANAName: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "ECDHE-RSA-CHACHA20-POLY1305", + GNUTLSName: "TLS_ECDHE_RSA_CHACHA20_POLY1305", + strength: StrengthSecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0xC010: { + IANAName: "TLS_ECDHE_RSA_WITH_NULL_SHA", + OpenSSLName: "ECDHE-RSA-NULL-SHA", + GNUTLSName: "TLS_ECDHE_RSA_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC011: { + IANAName: "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_ECDHE_RSA_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "RSA", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC00D: { + IANAName: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC00E: { + IANAName: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC029: { + IANAName: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC031: { + IANAName: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0xC00F: { + IANAName: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC02A: { + IANAName: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC032: { + IANAName: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC04E: { + IANAName: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC062: { + IANAName: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC04F: { + IANAName: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC063: { + IANAName: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC078: { + IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC08C: { + IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC079: { + IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC08D: { + IANAName: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xC00B: { + IANAName: "TLS_ECDH_RSA_WITH_NULL_SHA", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0xC00C: { + IANAName: "TLS_ECDH_RSA_WITH_RC4_128_SHA", + strength: StrengthInsecure, + keyExchange: "ECDH", + authentication: "RSA", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC102: { + IANAName: "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT", + strength: StrengthInsecure, + keyExchange: "GOSTR341112 256", + authentication: "GOSTR341012", + encryptionAlgo: Encrypt28147CNT, + hash: HashGOST, + }, + 0xC100: { + IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC", + strength: StrengthInsecure, + keyExchange: "GOSTR341112 256", + authentication: "GOSTR341012", + encryptionAlgo: EncryptKUZNYECHIKCTR, + hash: HashGOST, + }, + 0xC103: { + IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "-", + encryptionAlgo: EncryptKUZNYECHIKMGML, + hash: HashNone, + }, + 0xC105: { + IANAName: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "-", + encryptionAlgo: EncryptKUZNYECHIKMGMS, + hash: HashNone, + }, + 0xC101: { + IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC", + strength: StrengthInsecure, + keyExchange: "GOSTR341112 256", + authentication: "GOSTR341012", + encryptionAlgo: EncryptMAGMACTR, + hash: HashGOST, + }, + 0xC104: { + IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "-", + encryptionAlgo: EncryptMAGMAMGML, + hash: HashNone, + }, + 0xC106: { + IANAName: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S", + strength: StrengthInsecure, + keyExchange: "ECDHE", + authentication: "-", + encryptionAlgo: EncryptMAGMAMGMS, + hash: HashNone, + }, + 0x0029: { + IANAName: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptDESCBC40, + hash: HashMD5, + }, + 0x0026: { + IANAName: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptDESCBC40, + hash: HashSHA1, + }, + 0x002A: { + IANAName: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC2CBC40, + hash: HashMD5, + }, + 0x0027: { + IANAName: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC2CBC40, + hash: HashSHA1, + }, + 0x002B: { + IANAName: "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC440, + hash: HashMD5, + }, + 0x0028: { + IANAName: "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC440, + hash: HashSHA1, + }, + 0x0023: { + IANAName: "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashMD5, + }, + 0x001F: { + IANAName: "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", + strength: StrengthWeak, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0022: { + IANAName: "TLS_KRB5_WITH_DES_CBC_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptDESCBC, + hash: HashMD5, + }, + 0x001E: { + IANAName: "TLS_KRB5_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0025: { + IANAName: "TLS_KRB5_WITH_IDEA_CBC_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptIDEACBC, + hash: HashMD5, + }, + 0x0021: { + IANAName: "TLS_KRB5_WITH_IDEA_CBC_SHA", + strength: StrengthWeak, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptIDEACBC, + hash: HashSHA1, + }, + 0x0024: { + IANAName: "TLS_KRB5_WITH_RC4_128_MD5", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC4128, + hash: HashMD5, + }, + 0x0020: { + IANAName: "TLS_KRB5_WITH_RC4_128_SHA", + strength: StrengthInsecure, + keyExchange: "KRB5", + authentication: "KRB5", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0xC0AA: { + IANAName: "TLS_PSK_DHE_WITH_AES_128_CCM_8", + OpenSSLName: "DHE-PSK-AES128-CCM8", + GNUTLSName: "TLS_DHE_PSK_AES_128_CCM_8", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0xC0AB: { + IANAName: "TLS_PSK_DHE_WITH_AES_256_CCM_8", + OpenSSLName: "DHE-PSK-AES256-CCM8", + GNUTLSName: "TLS_DHE_PSK_AES_256_CCM_8", + strength: StrengthWeak, + keyExchange: "DHE", + authentication: "PSK", + encryptionAlgo: EncryptAES256CCM8, + hash: HashSHA256, + }, + 0x008B: { + IANAName: "TLS_PSK_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "PSK-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_PSK_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x008C: { + IANAName: "TLS_PSK_WITH_AES_128_CBC_SHA", + OpenSSLName: "PSK-AES128-CBC-SHA", + GNUTLSName: "TLS_PSK_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x00AE: { + IANAName: "TLS_PSK_WITH_AES_128_CBC_SHA256", + OpenSSLName: "PSK-AES128-CBC-SHA256", + GNUTLSName: "TLS_PSK_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC0A4: { + IANAName: "TLS_PSK_WITH_AES_128_CCM", + OpenSSLName: "PSK-AES128-CCM", + GNUTLSName: "TLS_PSK_AES_128_CCM", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xC0A8: { + IANAName: "TLS_PSK_WITH_AES_128_CCM_8", + OpenSSLName: "PSK-AES128-CCM8", + GNUTLSName: "TLS_PSK_AES_128_CCM_8", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0x00A8: { + IANAName: "TLS_PSK_WITH_AES_128_GCM_SHA256", + OpenSSLName: "PSK-AES128-GCM-SHA256", + GNUTLSName: "TLS_PSK_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x008D: { + IANAName: "TLS_PSK_WITH_AES_256_CBC_SHA", + OpenSSLName: "PSK-AES256-CBC-SHA", + GNUTLSName: "TLS_PSK_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x00AF: { + IANAName: "TLS_PSK_WITH_AES_256_CBC_SHA384", + OpenSSLName: "PSK-AES256-CBC-SHA384", + GNUTLSName: "TLS_PSK_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0xC0A5: { + IANAName: "TLS_PSK_WITH_AES_256_CCM", + OpenSSLName: "PSK-AES256-CCM", + GNUTLSName: "TLS_PSK_AES_256_CCM", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA256, + }, + 0xC0A9: { + IANAName: "TLS_PSK_WITH_AES_256_CCM_8", + OpenSSLName: "PSK-AES256-CCM8", + GNUTLSName: "TLS_PSK_AES_256_CCM_8", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES256CCM8, + hash: HashSHA256, + }, + 0x00A9: { + IANAName: "TLS_PSK_WITH_AES_256_GCM_SHA384", + OpenSSLName: "PSK-AES256-GCM-SHA384", + GNUTLSName: "TLS_PSK_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC064: { + IANAName: "TLS_PSK_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC06A: { + IANAName: "TLS_PSK_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC065: { + IANAName: "TLS_PSK_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC06B: { + IANAName: "TLS_PSK_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC094: { + IANAName: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "PSK-CAMELLIA128-SHA256", + GNUTLSName: "TLS_PSK_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC08E: { + IANAName: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_PSK_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC095: { + IANAName: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "PSK-CAMELLIA256-SHA384", + GNUTLSName: "TLS_PSK_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC08F: { + IANAName: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_PSK_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCAB: { + IANAName: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "PSK-CHACHA20-POLY1305", + GNUTLSName: "TLS_PSK_CHACHA20_POLY1305", + strength: StrengthWeak, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0x002C: { + IANAName: "TLS_PSK_WITH_NULL_SHA", + OpenSSLName: "PSK-NULL-SHA", + GNUTLSName: "TLS_PSK_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0x00B0: { + IANAName: "TLS_PSK_WITH_NULL_SHA256", + OpenSSLName: "PSK-NULL-SHA256", + GNUTLSName: "TLS_PSK_NULL_SHA256", + strength: StrengthInsecure, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0x00B1: { + IANAName: "TLS_PSK_WITH_NULL_SHA384", + OpenSSLName: "PSK-NULL-SHA384", + GNUTLSName: "TLS_PSK_NULL_SHA384", + strength: StrengthInsecure, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA384, + }, + 0x008A: { + IANAName: "TLS_PSK_WITH_RC4_128_SHA", + GNUTLSName: "TLS_PSK_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "PSK", + authentication: "PSK", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0x0008: { + IANAName: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptDES40CBC, + hash: HashSHA1, + }, + 0x0006: { + IANAName: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptRC2CBC40, + hash: HashMD5, + }, + 0x0003: { + IANAName: "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptRC440, + hash: HashMD5, + }, + 0x0093: { + IANAName: "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "RSA-PSK-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_RSA_PSK_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x0094: { + IANAName: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", + OpenSSLName: "RSA-PSK-AES128-CBC-SHA", + GNUTLSName: "TLS_RSA_PSK_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x00B6: { + IANAName: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", + OpenSSLName: "RSA-PSK-AES128-CBC-SHA256", + GNUTLSName: "TLS_RSA_PSK_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0x00AC: { + IANAName: "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", + OpenSSLName: "RSA-PSK-AES128-GCM-SHA256", + GNUTLSName: "TLS_RSA_PSK_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0095: { + IANAName: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", + OpenSSLName: "RSA-PSK-AES256-CBC-SHA", + GNUTLSName: "TLS_RSA_PSK_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x00B7: { + IANAName: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", + OpenSSLName: "RSA-PSK-AES256-CBC-SHA384", + GNUTLSName: "TLS_RSA_PSK_AES_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA384, + }, + 0x00AD: { + IANAName: "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", + OpenSSLName: "RSA-PSK-AES256-GCM-SHA384", + GNUTLSName: "TLS_RSA_PSK_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC068: { + IANAName: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC06E: { + IANAName: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC069: { + IANAName: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC06F: { + IANAName: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0xC098: { + IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "RSA-PSK-CAMELLIA128-SHA256", + GNUTLSName: "TLS_RSA_PSK_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC092: { + IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_RSA_PSK_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0xC099: { + IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", + OpenSSLName: "RSA-PSK-CAMELLIA256-SHA384", + GNUTLSName: "TLS_RSA_PSK_CAMELLIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA384, + }, + 0xC093: { + IANAName: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_RSA_PSK_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0xCCAE: { + IANAName: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256", + OpenSSLName: "RSA-PSK-CHACHA20-POLY1305", + GNUTLSName: "TLS_RSA_PSK_CHACHA20_POLY1305", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptChaChaPoly, + hash: HashSHA256, + }, + 0x002E: { + IANAName: "TLS_RSA_PSK_WITH_NULL_SHA", + OpenSSLName: "RSA-PSK-NULL-SHA", + GNUTLSName: "TLS_RSA_PSK_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0x00B8: { + IANAName: "TLS_RSA_PSK_WITH_NULL_SHA256", + OpenSSLName: "RSA-PSK-NULL-SHA256", + GNUTLSName: "TLS_RSA_PSK_NULL_SHA256", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0x00B9: { + IANAName: "TLS_RSA_PSK_WITH_NULL_SHA384", + OpenSSLName: "RSA-PSK-NULL-SHA384", + GNUTLSName: "TLS_RSA_PSK_NULL_SHA384", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptNULL, + hash: HashSHA384, + }, + 0x0092: { + IANAName: "TLS_RSA_PSK_WITH_RC4_128_SHA", + GNUTLSName: "TLS_RSA_PSK_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "PSK", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0x000A: { + IANAName: "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "DES-CBC3-SHA", + GNUTLSName: "TLS_RSA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0x002F: { + IANAName: "TLS_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "AES128-SHA", + GNUTLSName: "TLS_RSA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0x003C: { + IANAName: "TLS_RSA_WITH_AES_128_CBC_SHA256", + OpenSSLName: "AES128-SHA256", + GNUTLSName: "TLS_RSA_AES_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA256, + }, + 0xC09C: { + IANAName: "TLS_RSA_WITH_AES_128_CCM", + OpenSSLName: "AES128-CCM", + GNUTLSName: "TLS_RSA_AES_128_CCM", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES128CCM, + hash: HashSHA256, + }, + 0xC0A0: { + IANAName: "TLS_RSA_WITH_AES_128_CCM_8", + OpenSSLName: "AES128-CCM8", + GNUTLSName: "TLS_RSA_AES_128_CCM_8", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES128CCM8, + hash: HashSHA256, + }, + 0x009C: { + IANAName: "TLS_RSA_WITH_AES_128_GCM_SHA256", + OpenSSLName: "AES128-GCM-SHA256", + GNUTLSName: "TLS_RSA_AES_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES128GCM, + hash: HashSHA256, + }, + 0x0035: { + IANAName: "TLS_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "AES256-SHA", + GNUTLSName: "TLS_RSA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0x003D: { + IANAName: "TLS_RSA_WITH_AES_256_CBC_SHA256", + OpenSSLName: "AES256-SHA256", + GNUTLSName: "TLS_RSA_AES_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA256, + }, + 0xC09D: { + IANAName: "TLS_RSA_WITH_AES_256_CCM", + OpenSSLName: "AES256-CCM", + GNUTLSName: "TLS_RSA_AES_256_CCM", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES256CCM, + hash: HashSHA256, + }, + 0xC0A1: { + IANAName: "TLS_RSA_WITH_AES_256_CCM_8", + OpenSSLName: "AES256-CCM8", + GNUTLSName: "TLS_RSA_AES_256_CCM_8", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES256CCM8, + hash: HashSHA256, + }, + 0x009D: { + IANAName: "TLS_RSA_WITH_AES_256_GCM_SHA384", + OpenSSLName: "AES256-GCM-SHA384", + GNUTLSName: "TLS_RSA_AES_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptAES256GCM, + hash: HashSHA384, + }, + 0xC03C: { + IANAName: "TLS_RSA_WITH_ARIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptARIA128CBC, + hash: HashSHA256, + }, + 0xC050: { + IANAName: "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptARIA128GCM, + hash: HashSHA256, + }, + 0xC03D: { + IANAName: "TLS_RSA_WITH_ARIA_256_CBC_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptARIA256CBC, + hash: HashSHA384, + }, + 0xC051: { + IANAName: "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptARIA256GCM, + hash: HashSHA384, + }, + 0x0041: { + IANAName: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + OpenSSLName: "CAMELLIA128-SHA", + GNUTLSName: "TLS_RSA_CAMELLIA_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA1, + }, + 0x00BA: { + IANAName: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + OpenSSLName: "CAMELLIA128-SHA256", + GNUTLSName: "TLS_RSA_CAMELLIA_128_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128CBC, + hash: HashSHA256, + }, + 0xC07A: { + IANAName: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", + GNUTLSName: "TLS_RSA_CAMELLIA_128_GCM_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA128GCM, + hash: HashSHA256, + }, + 0x0084: { + IANAName: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + OpenSSLName: "CAMELLIA256-SHA", + GNUTLSName: "TLS_RSA_CAMELLIA_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA1, + }, + 0x00C0: { + IANAName: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + OpenSSLName: "CAMELLIA256-SHA256", + GNUTLSName: "TLS_RSA_CAMELLIA_256_CBC_SHA256", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256CBC, + hash: HashSHA256, + }, + 0xC07B: { + IANAName: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", + GNUTLSName: "TLS_RSA_CAMELLIA_256_GCM_SHA384", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptCAMELLIA256GCM, + hash: HashSHA384, + }, + 0x0009: { + IANAName: "TLS_RSA_WITH_DES_CBC_SHA", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptDESCBC, + hash: HashSHA1, + }, + 0x0007: { + IANAName: "TLS_RSA_WITH_IDEA_CBC_SHA", + OpenSSLName: "IDEA-CBC-SHA", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptIDEACBC, + hash: HashSHA1, + }, + 0x0001: { + IANAName: "TLS_RSA_WITH_NULL_MD5", + OpenSSLName: "NULL-MD5", + GNUTLSName: "TLS_RSA_NULL_MD5", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptNULL, + hash: HashMD5, + }, + 0x0002: { + IANAName: "TLS_RSA_WITH_NULL_SHA", + OpenSSLName: "NULL-SHA", + GNUTLSName: "TLS_RSA_NULL_SHA1", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA1, + }, + 0x003B: { + IANAName: "TLS_RSA_WITH_NULL_SHA256", + OpenSSLName: "NULL-SHA256", + GNUTLSName: "TLS_RSA_NULL_SHA256", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0x0004: { + IANAName: "TLS_RSA_WITH_RC4_128_MD5", + GNUTLSName: "TLS_RSA_ARCFOUR_128_MD5", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptRC4128, + hash: HashMD5, + }, + 0x0005: { + IANAName: "TLS_RSA_WITH_RC4_128_SHA", + GNUTLSName: "TLS_RSA_ARCFOUR_128_SHA1", + strength: StrengthInsecure, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptRC4128, + hash: HashSHA1, + }, + 0x0096: { + IANAName: "TLS_RSA_WITH_SEED_CBC_SHA", + OpenSSLName: "SEED-SHA", + strength: StrengthWeak, + keyExchange: "RSA", + authentication: "RSA", + encryptionAlgo: EncryptSEEDCBC, + hash: HashSHA1, + }, + 0xC0B4: { + IANAName: "TLS_SHA256_SHA256", + strength: StrengthInsecure, + keyExchange: "-", + authentication: "SHA256", + encryptionAlgo: EncryptNULL, + hash: HashSHA256, + }, + 0xC0B5: { + IANAName: "TLS_SHA384_SHA384", + strength: StrengthInsecure, + keyExchange: "-", + authentication: "SHA384", + encryptionAlgo: EncryptNULL, + hash: HashSHA384, + }, + 0x00C7: { + IANAName: "TLS_SM4_CCM_SM3", + strength: StrengthInsecure, + keyExchange: "-", + authentication: "-", + encryptionAlgo: EncryptSM4CCM, + hash: HashSM3, + }, + 0x00C6: { + IANAName: "TLS_SM4_GCM_SM3", + strength: StrengthInsecure, + keyExchange: "-", + authentication: "-", + encryptionAlgo: EncryptSM4GCM, + hash: HashSM3, + }, + 0xC01C: { + IANAName: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "SRP-DSS-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA DSS", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC01F: { + IANAName: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", + OpenSSLName: "SRP-DSS-AES-128-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_DSS_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA DSS", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC022: { + IANAName: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", + OpenSSLName: "SRP-DSS-AES-256-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_DSS_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA DSS", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC01B: { + IANAName: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "SRP-RSA-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA RSA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC01E: { + IANAName: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", + OpenSSLName: "SRP-RSA-AES-128-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_RSA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA RSA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC021: { + IANAName: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", + OpenSSLName: "SRP-RSA-AES-256-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_RSA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA RSA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, + 0xC01A: { + IANAName: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", + OpenSSLName: "SRP-3DES-EDE-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_3DES_EDE_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA", + encryptionAlgo: Encrypt3DESEDECBC, + hash: HashSHA1, + }, + 0xC01D: { + IANAName: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", + OpenSSLName: "SRP-AES-128-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_AES_128_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA", + encryptionAlgo: EncryptAES128CBC, + hash: HashSHA1, + }, + 0xC020: { + IANAName: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", + OpenSSLName: "SRP-AES-256-CBC-SHA", + GNUTLSName: "TLS_SRP_SHA_AES_256_CBC_SHA1", + strength: StrengthWeak, + keyExchange: "SRP", + authentication: "SHA", + encryptionAlgo: EncryptAES256CBC, + hash: HashSHA1, + }, diff --git a/test.json b/test.json new file mode 100644 index 0000000..4dd84b2 --- /dev/null +++ b/test.json @@ -0,0 +1,13 @@ +{ + "domain": "https://ryanparman.com", + "ips": { + "2606:4700:3108::ac42:28d3": { + "http": { + "http1.1": true, + "http2": true, + "http3": true + }, + "tls": {} + } + } +} diff --git a/trivy-license.yaml b/trivy-license.yaml index 6ed7a2f..da6fdec 100644 --- a/trivy-license.yaml +++ b/trivy-license.yaml @@ -1,7 +1,6 @@ --- cache: backend: fs - clear: false db: download-java-only: false download-only: false @@ -15,12 +14,12 @@ db: dependency-tree: true exit-code: 0 format: table -ignore-policy: '' +ignore-policy: "" ignorefile: .trivyignore include-dev-deps: false insecure: false license: - confidencelevel: '0.9' + confidencelevel: "0.9" forbidden: - AGPL-1.0 - AGPL-3.0 @@ -170,13 +169,11 @@ list-all-pkgs: true misconfiguration: include-non-failures: false policy-bundle-repository: ghcr.io/aquasecurity/defsec:0 - reset-policy-bundle: false -output: '' +output: "" quiet: true -report: all -reset: false +report: summary scan: - compliance: '' + compliance: "" file-patterns: [] offline: false rekor-url: https://rekor.sigstore.dev diff --git a/trivy-vuln.yaml b/trivy-vuln.yaml index 124fd57..82f0118 100644 --- a/trivy-vuln.yaml +++ b/trivy-vuln.yaml @@ -1,15 +1,12 @@ --- cache: backend: fs - clear: false db: download-java-only: false download-only: false - java-repository: ghcr.io/aquasecurity/trivy-java-db java-skip-update: false light: false no-progress: false - repository: ghcr.io/aquasecurity/trivy-db skip-update: false # debug: false dependency-tree: true @@ -22,24 +19,18 @@ insecure: false list-all-pkgs: true misconfiguration: include-non-failures: false - policy-bundle-repository: ghcr.io/aquasecurity/defsec:0 - reset-policy-bundle: false output: "" quiet: true -report: all -reset: false +report: summary scan: compliance: "" file-patterns: [] offline: false - rekor-url: https://rekor.sigstore.dev - sbom-sources: [] scanners: - vuln - config - secret - skip-dirs: - - testdata + skip-dirs: [] skip-files: [] slow: false secret: diff --git a/unit-coverage.png b/unit-coverage.png new file mode 100644 index 0000000000000000000000000000000000000000..3152bdadfb96b5382e89d5da9f9649f8c2bbfc16 GIT binary patch literal 45032 zcmeFYhgVbE7C!3HBOVdqsGuSu7Ep?Uf`CX<5inFK0qH8eOYcMvM^U6m=rvLUp$Q@M z5CH+Hp#>zAPz0og9!LmzE8KhTy}$Ply!Xa2~uKM^8gZc9ri;OvR=<*@RHq)w|B3`&sd4Y|KDfr# zpR4(C)#uOuPW$y4S7Nz+4%~D&oe0|8w~M_xt~I1b_1R$bSznfB1jo!8tzNhR3t;P;{;9hR^wk`gLU!zS%!~~Moshgle)W%lzVf{XTa@b3 zD2p+C{wVcojpsl;hYfG3%U<3KwR+FOm&djeit={;ZaFnpk^mRuMSgS35`eITO#ZzM zyRUvxR&B&0d4+uY0w)0(s(ansceQ>;COt-=PA?$GJh&8oBRqkhJ6x4gtU0>cpq6yc zyfoxkUh(JE#MTJz9>cbTaA@PvYf;t9rB5zO=+=__OM0g@U22R!SgHyYnmNvNrTgew zzN!4O?HubrlcSb&+g$v7Bz5>d+k5ZSca4iSi~VBugt$t(jx253MG4ivMapcY@nk>r zoWod`YGN~$hck$hH8}2`u&^E_e|$HSD?3j=3x1niH-$!YWdms)j-(JKgqAOOin^yx~ls_BT-oU>0)%-qdkHFaoBU=BYe zy^hx$_VBu6-e0=QGp|cFAoy zY|o)YOTO}&ES?oNz6s|yu}?zzEZslflM!Un8O9^^v|&D9*aV~1OcImNb$rgormw+J zV6~6GV&aw`c9!uuS)O*Gkf-mao({IQ!|Egy+AYO(%lN8on(L!G+4g6YJr|e8#m1jM z?R;I&>O8J7<0zfy+a|7!eeaUS*;|BOaNmff?C!D9${znMa!HFWkzfD5*L;%iWssn@Q z!K$IA|2#0YQMNp;V@7v3d28ieXxFDGg@VdPB1X6QU6-)w4i-5|%*_d(4dFv4)2qw4 z5(Epq)JwLtQZ%`EqymcbhaKYh30!CW#;#dD|NQb8qG)1Mf4DYNr(uNWE)(GmO_e@-KLdKE^pz zSlUJBsY6*9Y_-_2>|HyUwHl1tjO0*%T=g>ar2Ye^a8xB(-`RZsl=hu6Tf?_LE0;rh zKldRF3#{@3Aig2P*K5)hI6$k1>6Av!3zZzb>E7f1#S%i4qva9hHr|KfXgba6@j{DYK6!W! z55i1{^Z@hMbD>C_g++Lyf@i>XKG4g54ysI96lhC(rJjDfJH|6?fuJcABWlq2%OmJr z*<;oG#a4-d6$^acZir6-ZHW?l&n8=zEk*}Sz=75mvv9{X7cR!VXn*d{Gex;Rng&sR z63pOmGF|2Q%fI{s*D~&Fz#ew-?VxMA1J!xQcaY(~{if>04II8czCnQv?~O z-|};j6Wq9%51TKAS3sTR7|SZ=!-0v6Ukzz41RLZBc^2G*8gLYb=P1k60&_`@h~jpg>vVS*Q4Y$a~I(YVr} zdWxZ>u-2L;`@~E!*aUkHR=l|=YUs&OSlHdV;jp%9F|gK^5a+%1c(|io05Vun6e~Xe zGDqVg`3(Aw;8WgQ#ga%@Y~d`&cu_YQTihum%~!W#CX4C_Ww?<>LRX@PF9?UQu{sk> z)5doz{X0|g2k~;5uXmnlr@XFuhVh$p!vyUL9lb7av2J#5Q?JBzANlzwKa~8V=oi{Q zAK$m@u+}3lejcmX&XT2L1WU_g??)tLp^PgsPfON1mQiof)ZFIS*JU_7d=qQx7&YQ9 zIGwl@kDqxcgE@+M0>;_{QPbMNdAd-PjLRqtK<0@Dq&O)zJJ2_;Ens~kK@h*-bOxB( zr42;`+EBXQ#xb(Nkdef|KEYOAEcFRo=BnwKLXc|wFTuFtXE{A*jTW|+=hW`O{?>+p zpyYv;#thZ#vcvF5ID9Yi5^km8h-V>gN!d z+&d*~R;tF5^)St5PrWET@Vldv<Ir_*e8`vPGt z0wxUn8xW2_jHJGqEjG&rR==D_{12qqOO^;`@uzwvi1;=7-r@<47M5~}<}X6HBmBEl zgc6$aBYd>=fLpJ2l3EU8oOxT}kTFrtsU4uIoFhe_Ib}WW9Rje_P<;}@0Uyp0*m8&E zcfrMRA)+r{3H1yIg2J)9ewc;MEU&aZ;|8Kb$0(<6*n5ITqzkbPD4Y z|J=J_w@aa6=!lYhcaI8y!wdmF)Z2T1#laiDOk7`$QLSUi=t{}&IOb|cA2=2(yXXPY zoyUuKZKIkU)_!1xcl@J)TaV|*_-*SLnN;@lU9psx*gR2hoM&!<*PZi0Iu3tvLlJ9~ zW*i3{hc>yx6l$Y74GQ{P>vR{dld_VrG|pjkK~1o@lBNq*>tTLdJEHOdz(gV*c6l|y zQ!Z!5Dv@FJv|f?!zc*9`X{EOO)wWh-IxdQHumS^If9!3C#4wm?aWgL--m&tuwUUvO z_*+oiy?wc5KU$DBpDGV*SgZg;>+<0O;IVUZ5`^j}9ja!i&JkCA>uxD)MQZrzZoUj) zSOu>dUV=l7kRhqXaaoKb6^5Cm%31+XJ*EiL=9ad|;uX_MKo@HT*aTkId-a9sGoY>` z8K@#zeh5t=QNZ%~Yh%T&FHFcM8Bk$0k9XHMu%DLa@Uy84^|33^k}xNrL|k+dT&r|Nk?JOw{2TjK`|~S>cl+Fo`)m`JX1G?U7J)hG9*Vl5L+L|dCrZ{k ze*ze@uu454&hq=OxzdDyViRb$w->@=mAG%f9aF;ePt@JNAnBzc@H2#^^pUv0wr9=( z`%r{b(IrG~kv1+5mFmodDw;?wgT~!!AZ#MtFTuLU$VEdahY>Bj$5VigQlSJ^=cJi_ z3vfj_{fpbx8gG5z1p0|7EBfP0e(>xmfsO$ManpzA!Z%TlK-(u3#e^v^k8&Vm0SHYo z{T6WP%p3u@J(0P!IdGm4W2%Mmf0^vyy|QK;(O_3!w~snxih{ zDi`_tcV`4{`FjN}T9>SifY1i))L@&Gz7@XgelHfdTTI~35@QN7fFIIJ_s?%yWDKlt zT+j1-8^9G#91ZkB(9?<7o$Rxi`CGQj(FtuN$)IhkPpB}_pw#Hr>!Gz=Jy+;@ zv*lJ0;zc_5oF7xj8#bt>&2x3>ce0u@yUALH%~Va|t2sJ6`>)*-(3+PRnsP1&BP&O# z<+~0v=v(5H>PfvP2Dt`iUIlaap)*dvKk|$_{3r38c$T&%(bHdodj!|7c0(fz1H1eQ zOJgOUIz6GTr2O`-VRxA{)EEL8b}}V0psH`j({XA7LR?o)o~oC3qk#1$DAKn=%;c4c)}M$%~s zVX!@jC{k}`Q4004$tI~VgH=m=YhZYT#PKsP&l4|IaWT-=n$e1$0nuvj*9&uz#DFEZ4W%=}YP*b6r5m zitzO}0WgS%)#CNifk#kA5KLtEx84nTiI|lxyzgk@D|nq~*EXZ;9Q+1Z=&l|~d-gIg z#CdScJ8Inq4+RLAxIHRDT%9{60I?r3ovpSRl)A;$i^&>dTf&mNVzW@~1!5q?K0=E_ zsT~U;Z&^Z&<##_hcrS19;}@4{t9l6Emn>;T@4J^Vl(eY2_C<@=PwG8KuiOdD1dCAK zTFig_<9rDfGL0W99%RtC+F*2R*8Dm+b}cIM6A%A`k_PIYJqX^jF{bc z(fK6luMqx_hqoBsh%nf*SxCCN?y#7neuaP90xK&vy=nSXYW$R63%gnI*nt%4_<jmKZpTz|ajL<|l0rgp{Mvk5Q>tuh;cj`ok z$#;(-R}V>kG4x%U_>Gyi(bn~tsarZjnL^IWbWO-}??0>UPBbzpz>)*`Eg!rdT4#W? zwo$gyaPmq4yS|Mp7+*hugQP#ZEbX7(d#gYFp4HO6yUaz0weJ?#7OfiJ@UVKbOgLXK zTt@uSpg|WG@oL9haLq;bTRiu*NR*52-{jk)RHmwW#S=A81`n>|_KblHz}$pDZkes5 zkTQI7fH6v+derFG1oIjNjvXW%DB2uZXqgBB|Ej?&h#ZF5SCtyLWnpnFpa< zwclbKa~j_sv-L2}y!tb*Sf@GHse~$8JH09znSyPUrw#qt^U8fy+O1kY2@8GmVQnP| z8}Wyhc3guK9NoQLU}ij0;m+Vgk|pyHIj&z4xl-dZ!y-(6mXGjokiW?1a=csCGQU)B z>(jW~gxTH4?GCs)u^AqjX}!RhgfPxDn6GGQT;Qmk3n0;+wVi1Zna{kl!e5-d$x}Q~ zF=wH}49M0~zLcfFkcVzf#~gQmsmnVzv8NhZt{FIuW+r-2h4|4QvO|U%2w%OvBpBv- zlY@@}FT^il1|6vosq;7nIc6a&17Gdt9oXk0aZ`6U&ffK9u+M;%5(ashp*Y`AQ-3D@ zVw|W+#GhYyk2Nn_F(R2QP7Rbz1x) zNKNid5~<%#m|LG3t9=4@*k(|x)pdbpfusa8TQd@c+Fz+0hsLCo=(Nuy*wNJcXUb$_ z?*e3$vYTXh758gIfVfK>QNyjcOV-YL=a63IRN(HJ)$Y^dhkk&>!qK&E<2~Nx@i_|J zbNB)yaBy*b5>{uRo=2H}-RrJDbeFjD9{+*N%6IEqe-_%yK{iu(rA&4nqZ4AQVVCT;H{Z+*hotOWZ)3NusIm1p zcK!O!MGrtV>DSn%j=-ju2u(-7H3K`ZY2fZ@ZM0Ym;22ny7Xv{H$d*&q^Yu-g=(5Ku zf?$iBgJuPwg`{kN07U?yl}X)vIvhqY7r8QkS7CRuO7aNE4=})C`-03>YuNi5pof;? zpyHwL+Mi27`c7GVyLSotKc>9uQ|sp$(w6^tJD`Cs@kyE`J6uXH}@#_g82+SInWN`dJj_f2>1WB-7+ZQT?`ddd><5`|};b z_SWH;(=+A6`lT<>{6fH<0T`+!1sakl7f@*>d#di$v3GXw5z>#%j}VxK85Dr-`L)TjUT4> zz+$E7Tc>0k9XMsJ9%NDeKCz{E<2+s@w^Z5foMqDpPiU~}+c!cWR&(%Yy7`Jn89{D=5gd@ZOFnxM z0kI!4C0Q zva#OZKa&t}HmFmEZY3fbjjd~}WW0Wzwb*(A)nmimo+jCfj`9J?bihhwR;F$WQa&TC z-?qxuk76HUQoO7@k1ISaCSDi|D>@O2a{frT;dh7=G#l%06RT)Qu zD#Qe-!TCTTMQSX>Bw-VHB7L@2!SWlsocg4hteU$k># z8n!StHdm8v>Rk%bLSYNEITK1eQetW#`3)P3^_Xn4?e$>Gg>(A16S0a%w(!rECiWHZ ziGVYG9$3hFPIS9YP>11kJwlOW8xD8`NFU&X=?-#`bLJCCM&vTt^2G?B@=1I@e}2Qc zzyGoNLy-i4`S3Nas7EQ%(1o}J;TN0LVcfnIR|CA`Fq-N{7ZTI#Ke&s{JF!y~Y{Wcn z&>Lkd;sDwJv_^+r>33k;AC-{hVVD(D=)4hiGE|5ai`+~t={`eVbV z#$jwWG2v&)^5sWj&R~P_b;~R=C=_O<;f9=b%je5pDO(m>dkbfbGC3lvx8~0Q1p+m! z(0MUIn+F!nY;q>c=E24wWr9{Wr#&E1dKvl^4n@o&l>4x<`LuwUoC=VYa{x6bWJvgG zOc5PD``zAytnMmu zOAlnqtnZ_sD}^!&%cfGb6>{sb{P}G~L;eDuw{)Vzc-FxQsq$Lh{9D?Rys?EA)XBt!iaB=XpNlC!3_Oh5n|3lCQD+B_wd#$V<7o zJ$Tc;#PO4N7k`OA2qU$Iw$IS!zuoC&)d)A-t%*=5jR!@gM%Vf{HWshM{kliV)>Rzm z*#K$xBWT55NIY>A(Kc%20o<7C?E6>DtUGxuC}j%JYeY=UfY+cbk-i;Jf9~5%UooTZ z8aEq=J9$ns$t)!%{X&(#UFLdkW!V1d1rW2qn#1+|KL__x)S-J#+Mu?wu-CxDM5kQR zPM>wJn`N&cumyCqO>GILE7w_U&jcRp)`4-@`gT`&Yd)iDGK2sK#j=FhOMWAvN&`bD zx*UY{o_qmH3bl$74VAYXhfx3C;PGwQUn>I~XV?l!_0*Vb071KEH88HoG%JX2A74Uk{!jk-OL}RVLIu+F-1r2 z(HQDHb|t_*$-!fTlTe8S=B7s^oQVq_;}TB{C$6pYs3rMkbiQ~2s!sXqUOY@!)^DTd zi`-U|{SuBAxN55DQm>*D6yPvpEsgS@6UA4vAdyU}U*xue)?3m|gRWwEcs4-r?)p%s zgEBIaH0;~ih`Z}j4qPT?C0BN)u*l12!ZZK*{$b^<<@}!?TiflVIsj_f&Ag*_0hS(6 z$Gfujmu^fPD5Qoh4MSTdE)$kUZ<)M^2KpVwJ8EHXsJ+P_Y&krU57rk`Naq+B! zdp`j+T4j`jD>Rr&)KLQ!VV01G-8J_KD;;s@T$SjtT0uY}h#x)L_WX99yGNu`=q+Hy zMbOT#Xv|7{?a#s@*?R_%{L`)B12u|tLHgdY`eg-!`~A$y=I(5;qeuV6!VJvZ(6-9I0gB&EiAB)5 zPgy)sL;O4&Y8YeUbyPWQWkk<@NK5yXN{s_$B>~h-y2uC=JV(*7RlPrIA@v{k@*1|h z{6m+W@_6XRSy5BppF!62iC@x}6yD})rkoYZzxO#)cg!}BnnGo@Cq8B}w=0Es>&Wm= zK)~_e|46#l$Q2v=`PY6>+y(_^Hw4?)?zP?8wzsIW$~X0618f=k>K!Gx4-{fhKdO}B0q75sY@1M5r`6&#_&fbHbS?rj2D=7t;mD$C0On!QQ~gvT-0t* zXz=qzhnD(^eDnrjT?ohE^z`%LD$2Y+kh@O>It&CeJp%Ac`~F~AzBV0~H1}RCkL+}w zE&;46;8)G9K`;xu)ME%W@yT0CAh4=w={||4==N^IbqPx&VvdXP<1^MX3h0*+XFr~9 z31@br_#qM-KF31N+2cpZwA77^N8hBX;pST-&SvCu^!O! z{0ZtGwh(PW)#h6fzz6fmYXDaQDnj{yaFY)xlfDir4((}Mej&7vp%tBQuyL?xtDr zxAQzNL6x;r#9t+y2nMBW<;tRe%yYZi{zWufS><#@n^BEZj&=DrEA368R z*7NY#Y3_^_4}~7>EYawqysC!#074o1BE3QRO7G;Q|7jUZJ&z1HOb;JFg55ph)5dvv zX}F{23TPGq3EZCEd9Hs9^3b6PPpfU8LpNfC?mh;b(}Ds`o>@#{qJ^5j9wikT9F>OX zfix6K-4GKttM4Oa{AY%T4(%<4Yke-kO`8K?C<0{5Ec~0dwg(#(r6Tw98(q)Rg#M?G z?CbnbaJei%yt{93BD82ES8RIb*Kfa9FR??NM~VTb4-5UD72JzR?LEHf585vPjREM& zF;d2VXMIRZPX+cr7a#gM|N8%EOS}4p{l8bg&X(}x@J#5voDl8vue#*Dvn)tG7UW{$ zh)kCaq;>q@;#Hbg9qEd;kFC|=AfF*`;&4$KuIXTu37?#{KB$^m>3-tKEu2%iQ^Ug> zSFSQY`Z_Nhv}>G0FK;2eNPPvqiA`^_i5Z?;^*Mj=&D6n*Ht3~U(!TcZxnT=u{yfP% zJK;H7o;br=z9SnRGYe!=X-ZP8a zv@hDrNTc(%K$=u04{q_VKmRXm+54ZpKLmOR5w}5O*r~bHESr*jlMm9Qsed=keRX3E z|7eg>Thjka(}OEH`k(X2Ps~QT<80Ss;MW-toh((6%Q8j;9%-s9|G|=9UCgY-=zTO1 z)9V*$c>-rsnLX&s`pS2lbXfZkXbr;R=}Nm2HaoJM2iLFiaNe>g;47(9wdQf(<2}H< zUpc_M9(1GBV4?pKqt+o48PXcFzBLi`{&(u}pN08bK7Sm1Hu3u_{h=M%gN=C2_vIM1 zp5oz z841{~zkieG?5(H{i!XsTM2X06F;{Pj5CvR`MSucLMJol{aK|#hOIIU`9e5slQXP3_ zogQ}3Gq!W&@|*GZ?;nP61+)pUlKWMgJ?7et%!-&h0cH+?7ZhvBuFwm@Z1D;&6=xIA zTWiA1a`OaduxmA7b-ghUq!YUw)_=y7J#MudvW#lK$en*ZO7V)JbCJ_7D3kUbJ@LbY zmno&y&|ZgjXnU$>eMQ}R`Vv>%!Y(ljU~I?9?~Bk1`xN-QZM_27V*RO}dSSDKq96-V z0}^FFn$plvNkoIhzpn!H7%8WyvU)B2U zY1b;946_WMjIE5p zv&W+3b8SlMuBt+Fw&f{x3){R39S2K&Epf1tTAItC?X7pHiqFsBRv-S*OR!~RruXyp z@1a4pcI@oTo^39?TV6f>j{;+DtcrRG)-Y~_BIx$S;$$kVhB)RE(`aI4M;axUFXh^^ zzW<|t;;lri_`=2Jtwq!xIoO-S?sguTh8MalY-*7v-zy=D^$d!9x4&AC6FqQcU!#5; z!Jfj%dgr|y7KgwE6wF6lYBifJI(3FCNy4<`0%)xVGW^Y(u$0@Sy$YG{I1Kx`q#ZlB z40rhPC$Gm$l~g?fK}mbv6y9EM#t-nwBVvW#3@Q#aR!`4P0|v@e5_HEj-70+&p&K3*w27m-9< z+rP++rZI+jykvYdzp|IZ@_cQZz_mEJJtt>h>dBIvu@k|j^YdqzcUx_JbeR4}Dh313 zUeHXj5);1v%v>+)FUoivzfrA^;}_@AzdwYf-P0K!G8YMWk%4zpdhj~@$`z1#w?7x> zm78#Hi%+-#63dM@GgAllb+11sQbBe0)AP8(u_dT^G+Iw$I>52vi=&+NcDn;!JE3V3 zio0I<0IqMSI}0@j9EFLJoOPFL-D9|ZnN5tg92bAjfk)u@@H^EFHU4wo-8nLHO~z(< zP&1!G64QHDW$JAbvYbXBpoVLpAf7+$O7`QG2o3Epf0kE6r)dXHFc)?x^ruuw|B3TO#uYulxCqZ)QDZcvCYp3<~)3uiqG{e4|eEBVmCh z7!16R4#TaZSZKFs-qGHQd!G*X_r>lmDaKNV0=Q&e{#{m5ts>wtm)_&S91FxW1I!4P z)r9(XPRdu#?G@kAW?J!KpSmS3sQX~GVFcPHN7}eVq4Zz=$a2DDLg)6ozjtDf=GNj& z6FO7oM!sH_DL|Ebty{?m3&+ZNp&I=uYx!qKQE^xC@`fp*7fYNgNx5UN0F4pkXvR8U zeCp~ycaEoRalo?^SC-?%{XY-g@v!@nY%Xaa>G$@AlN^Wxdjhy8@MQBlxxN0gpC-;o zT|b!brYdON{aw;oIHc_-^sIz;DoVQ0a4l6PU0lz%iiVWbfa}*fr+CY+z6KFU90BXL zE!h~Ltr$L!VQUWOE%@G`#5q_S1*`@7Jm$JM%f``v`M*}3GVhPxK}*39EV&ks+8S`= z>_=xMn~LiyCDfG!dEhn%Fpq0+KF2QZ_z8k8np&-Ad4|>VU)`7E--CKQgAN5n`q}Ia z0=2t9erEEP1lRagB{*kt^wp4I8tEYT9I_Qf|0_oZ?#!?w7poxGdPf~yb1 z;juwIgtv5`uAmzT|mhFML6ICq+ zD=NYNk95z(d5tNz`K5=AO~Q z!N!BD;%f)Go%&)yt$lM#CPBn`>Cfh^Wz+(Fmna+XMs3h#ZQ%HOHocXC}{7l zRAf9XIh(+-uNN?P6W%d-@94j}z3=gUdZ4HlS74a$zJ+3ms&=YSq1^I`O(^iDc_ZA_ zUuKG@`>CX~M8%+MY8oosVy+8amfWhcJb3J5g3>bc%5E;y!U6nB`PNx2pPm2oH#Gz0 zO?Lef$S^z!v!!fS+o073owkKXc1BH9Pu)5&4UMKtzf>DuO%!dO5n8UN&7cZm(7Cy# z54ni-A?;^_0vcQY=dqHVmn_s%iH(hQ!RbBqAVUWRTQ=^i#8jZrFQP-Q%$Yy<9s{^ay|Gn@$q+mCBT1`I~V-gz$fs(Eq6q|e{%#{{qpUSfWQr_ z_s%eCjP6RkiB6NMV4nzp7*ehDd zcGxp_hj*xAgRNXm)Oh)PZ213V8+M7kqys(t_bOi9zx;os8~?ZGW#oH!Z0@$txbMpT zi)W4e(D3|IsunENO~Vv!b$3S=FvQ(|uq0$p?^Zg8JQUscU^@i6$3ow)S4w9EOImGC zyi;a$c<zWM?1_{dU~*-=bu` zJwANkO8C7a7^$3{AXs;68gjtbijBaXo~ zgm`IBTfQDT$*_(G@!~2`%CPbrU(eT)ak&|{XA*jZd9shgPvS5#(CJ_$pg@w7b=SY& zR3PdXnf&zNoa%FsiQ8s={UL~fO`Nqh4}Np=)C=O;_#D#7$?~-_FJG+^_ZbzDdotz% z1=49{r5p)zg$QOk&@a*|xLETM1e$4~s2k3me@f!~{yKe(5?xfj7aMtyaz4O*dx+&4 zysC8kh`${*@pnRI_k}t?G=ZssH74HC*#ck&;+bQC!3UD0pB7NvdE_^e8_1 zK$&&_uI$tw+&V`C*721LV13MY9lb?dX#rijf?pu&;%5*x5;|5s@eda`?wt$om>CK< zFv%U*_KIwM!NNY@j>whczc-Etd4> z1R%3xzIc=Rwed_wg}sE+^DuSwvYj;{BkIqA`_9H3D+rc|jt%0GGkrEYU+*sVUlX$k zQk5z)Gqmfcf2T`K|0OcMjusTQ{}gFS(eP`n@LS$LZY1fUmA1$!eN&x=4b62+U>~k4 z6<5D5mllV|J*zY`vcDgGDSbWC8ST)LTIlOylk75b?IT~(=DQBuBvo129yj#q?s7jk zm9iJVSeAgXi)Xj=*7ggnFp_nBF-ux|E>&b?SgTnuJMaIiKFMoM(*8%TbOqOONNlPvBfM0EuX#%7|S8_SG_+@2*lVyAJ^G566BwPc6 z0Z`?LdFO1BQ*Iw)JTfTu%=A1m-p3(>`)auH{P=t$-~klRL;&vn2& zo~EH(a=KD-M^q^tA7M38IbFhiGoN~m_BS_grtLVvlZBmlx5wloh!vgf^J3OBC(wGm zX!UpvU+Pv2Cs$6BLQ|RBd|0C!rnt8pLL^Jvj38F}jm-V#x}?4}+r`|{a$=4}ymnB= z;JuwOLC4{n%;8R&NaB;LPplJzqJ}Pv;Eb}oi~3zkt_V2}%Q>3+3!EUsXD9z zS8*jX-9i0doC|JNIR+Y^B;L72bxo)q8r4}$+Dst_oFE4+ITw`cZ!RQDH66>%uG2A) zla~0%mzKKFm13c2fevGNkF;&+z|TXP*U*qw&xic1+U#TSLLJ?VHOo9!@0 zy&2^00KU0V#B+`-XY5jK?!31=+RxJZto){x0dBLscE{?_j_V|}kOGOyYMJ>uNB-V( zLc8M4VD>UhgNR;`?g?Lqn5na@Zx)Y=rWSt5VG7zxkyStvmM<^ z3Qk+bZ4K+Yj;C(Z*gAr>O;hBH6{MR_cIfK&T^GTv$a7Yf@%k=jhBgHCGtB~Sh^5-K-99uBJR{sT0+LTwDc&s07v3Vsbi5;QRqsn zo7ia5b^tlvYvWuF-CW6iqI^VRweXB1#_>muvWns>BVm89E~4Lw{`uF@GEVzDp4`%? zamNIyg74#%X0cdu)jg&C)&7gOcUwGZzk<8*K)lv+tDnH`CS8@B~ zY<>C-w5!x^c6?C}j#iqJk9~-fmjSyo`&vla`d71JN22O}Jj+bP0yY@VCb#%4ylUSE z*nqczMoOF+p03j(4^vec+nNinS;P;o#g?2U#sd>OHN+4-5=@QIcP`Y3xs)bBebZ4! zRx->6=IiPQJUlRw+!0TF&qr8%h|O3U^LM;8`0mLI(kKj!QV!M^NaB|_ntLw2oPAN=TE}o*zd^tMZ|6+5MU()ht{f$6{>0DBhjt^bN`Q5T9k}(oE z`F)AD8Ye{lAq6R$7P9ENBBuChg^%$hLvte-L(}amhrF{0_TEl;rOEWE+!FgJC&n@! zyNEAboV4`#DpAP~IU9jUyo9)S`xw5uZJ1EFjo#};uB^Q}HXtgwLcy8r`89TR`9Vsx>xs35`v48$6RuAJHL?p}KJ=Rqtt0Z<` zzS%m5(Wm;yR~WlQ59!z#J73IEA4PbIe`Nb?yC!o#`)z)F^(4ZqX2$|u;mPnh+0@Nu zjlFHW#9VvwZ%#Aq1a7|#GP()UIx`s+EDz~A_wLHM^!QrUVBwDI+UoE+|5hcLiTRX8 ztat6HkeJNOQK{#qQlchFVXp}8Y_>XOlJ-I@W--UEbB;T?N_ajvJ4&}};oC}EdNoyQL>*X^AjtAn`Iuvu-x#|d za)A;v?OFCVd6Hg@3K>bw>^jlnvc!MY>6J}$;8JPZiWNOBQ8@a2LR^aYZh$QahNS)H zL^9Td8a$V%AxqOX!o6~XCx^0v6?B}KGc)L4i3~0CYijYw6>`SKT1^a-ItKdjc>1wR z30lX(JAtBne~k!~X9md(GbCL#n;~S;v0QsmH_@$rCmO=-MX?Z{dbi=>fe1ne_x5#G zO|)g#k#VV!4qdnZeeSU7cy^pzacIXNHDIOl;MSGDck`2c~pDp2T4 zi~%np7yWq1jXetke6mSDX=*CGZkIA#<)nN`VRP##9Yeb@5a?G+6RWoDd9l^~1c1Mt z+eUl8vgLex62x6*&Flw?y=G1Q)TM5k8~k7pL$s~>QIdXB>WZSB`!3QiUwO;SWsfSX zesVIc7l)KhjJF=B_qQ!vhvrClcZ;=%#Pps>-$s8ZKZF{@sFGXHKf_dd?dk4iw0&32 zl6yDA$d@#o8aj82NROtm)7Z896~-1fv2#d{w&J;c!OCsg69e2c ziA$+L!x6)j3=#3Ybu`dUGxO^CaVOJ?s}kL~t5^jOJGj;Au3~p;flEggV&9y&RH3Ir zf*DZ}{(#kgL#oqQ=cGHj7^j|UCcl>QtF~8>i$4g0xXX%xi ziy5*xemI5UFIIk+?(gkv(i#$2p+^3J?xrjVn1jpM+SfA~hji))_&+K}rh+nGgM< zZC$_EG!1})Bz}9DFRmGyF)q9@{EO#q-EuNfz~r*|f<0v&Np|VK1>g;J? zO^SaB)}dudW4A#J?XsV#Uqt#eY&h^cXn*w!G6<-RR_fb*9ql(cs_wu`TX5#!hxqf+ zdimR!IH+w}kClc@4-TF+^>TC}&GgiH&PTjm9*Z1R^r&F_y14Ok4N3T$K_K|8;fDyj zH^X@1b98DAFbW?5EOBg~<>cZT*U)gV`Kxl+dG3)=J%3X0xb<*dzKc zSRJYWB~G3VK)>kiyE{^ESj0Uo%b5DsS-0wnX~&4wk=OK#Ob`Hs_V0ehqPAtzZoyr;FUKPD z%bUZ;pajl@dIi-NRM&muXSoFq^mm2HGB-M|;}qCOQQ2;O z-gE*-*+lUgb9{iF!P8udH*&zg{-S!sQQ>-rP(oei?FbdF;i2WxQ$7ENdXU9nx`q# zvlR7hFP^*EjaH-usa;60?WtDuZ)GAA)aV1M)BeTF!bI@37zPgjzFUiDY zbeQ{|;uuMVmzX`*d(3w0qlaT$6e3_*5zc>$#R(wZaUCT}p3w;{VRqoN9d2p;QsJxPvpY9beq?u2Bf>F^uv?eyn^!qj#9URZ6VsZWvn zE($29#ZFK^(QCNe#!M|m`j*p3-3v>m!89s`XHHFdo<|1=`}?TF@A@{)l{yS|%x@(r zNz6tUh_A`o+DryT**0b7BzX@udlh2=8kf3hWbQaZRaSQ#YMtLpjfgH(r>BkK- z_AzMyVD$@@*O8!yEt?r*9|lz~(3UIdRS@bW}y+#?ME?|lfH)(>M9h(%&6Zayo6)DWqc8LoyIc91DL~i zwB(5NRe8|LdG6dhu@cOWjg+|xS#VaQ5MkN)1cm4oKH8J?y#?*XqIXoS3mE4(PA-B` zq{mo6Nlpz)_~b~1nvR>&_?)^7_Bpd-JfSuC8ww%Ux-!NPAmFK%gxs zA|fi2%v!4$Mg;)@Au0-Gj50$=LhHa?6;MW*LRAKlNro_m5ETI#qs$PJfJj1sBtSv} z8Q*>A-TVFPeXjS9?|HuO`Yz9PrJkOIv-eqht>0SfxAxilN@X@DEtfG+J(YlH*m(1Z zd2_hw5I`-#l(L+(?yL7Ua%vtGc3|jF<*Y0?x_OG<6&Z2HbRjdWHa%rb}zK0`1#3Of+@h| zB+5=N(hYj1f;kQX=e>`sl9IbYSl|da6LU?YgRYH-JhO%$+;Y8;k%MV9uam~ESzraM z&Nraarl%jn&NIQY@{i6|_xz66?Eb_l@Cj}}y2!?>=CW?WQ3h{4Jlw7WbsmBU4{}w& zk0+|DL;Lx;T;*NFh?>{MI}7c{+Pg|l%R+-g4T3)$g4Ko$*2fDkHp(EtyQ^XWnmkfRFA1Mp z050Vy;1qUacV!!eraj%NSR46q(O?Vomk^Gk=AOora5x)B8c(d6D08xFk|iBDczECy zJi$~8VQE8>Ef~bj|EoISb=K>Zynf*jt~r!(%TP9uZQcq^i-OUMo?82}!m}n&90%X6{{C zU}4k93I7#qJ!d*mA0Il&GCKfL;v80+lo=DZGD+P1I}bCYT%cf)s0G! zt=iw0lKp#>FmCH! zp-iXUS5dz7$jy*ZBv4LqnAP_i0149|$WP;-7>qM2+7{aA{t`JG9)uHJbfuyJ*sie^ z5-WRhi4v>pelu8?2%6s1tp${I%hP494YF{mKH8^5JU^xzc5xHXt{|&P8o7WGSsgYd z9SG6WpQ@uh<#-ESah;NHr!l|DNo?Mx=wSAth{zBPGvQlvM49rgUAxeS%YMxV3|#HU z36*99k;I^)Y_dlT2xWkD4PkTd4&M1dNEo_8Xg)TIg*$1KtP)D{jTdEQL&$` zQm1ioWBnL?SpR*w(~1ky{(Z^4P+BcWpjJXrhmz(-Ka_Pt{0LquOkxV288ALPbMC9J zlV1GQgHU!bxS_RKMi2iT*6;lgR(o~f!JC$NkX>ls?{w~~g^`L`YASlqADy*D3e`aKx)IiD93nm%V+M0d})nDjy|Tvzqt>{xV9KoZ64Zat?6Tk^gZZN zB`p>4-XIM6BV;k>&Dj=~?FJSWcqu&zApf6JIL3KgmM&#d0QeLaK;BWL7ebgKLm7rM zA(wFEAM>&wTQFiRSX$-~yrQn!y?ITeU`RBswT)=dBziQ36Lmq4XopWttXsGVWO05y?O5XPM?v*G$XIWyfn|fOu08x6< zQnY@|c5_Q54e^}iTEF4y`z!F?CB3k!p=fp#SX>}JVc}16k!lR{q4pXyv2Xc`;7wfi zJ{Xkyftcj6aYRtHavMa^0+V-)j~sYa*XF@kXAw7Y-Yhl7)DAIehs3QQ8rZ}es=i>v z@-m0Q3Qa9Qwo_o>HTLZkT}M%5bsh2MSc<1vsQYGCwKhjNcv!FhAx&nKiWa_|vYgK|H>2ucs(%{BCi zn~OinFI0Xp)a2b&kuP=0vUW3ky_C5K2G**{iM-!?zjJ@vYSx>E%1o#Gw2o^pD<@MY z^>-2Qb9^7AUadm&ADvON4=lwWsslhm5`^;x+HmEgH;NRT7s+~f!6Sg5+1R!iEWcc6 zpD0DtFatsaZX)n)s&P?t~2HZ!xd;d1FZ<{csBHu(0*z@&1EstUvU?X-sODY`; z*wH_)U_i3ZrmPEByx)k0J-t!Lyj7OB{ZwnS4b0_|R~m@?e$MOBFFf6t$}R+&;&S0q zKDBEvHX5l|#zf|2F;~iNLD%m2`YiV4!^QKTE+AeUY-M>|a?ed$J);{q*fgNr_*CCe zu>pUhw>jJ2-$EXH@$EVAhd}*D;Jzk!nppz~*A2tQ`40e>E5Po~7gNwiO& zRsqBz2;=P`8p1qfLMt?ewhxf}dHb!*$I5!lH{RB{5aJ?)2^-Hd2s0b;=WlIgN>@@p zb=Zfk%cO&9a+(iXqI%Y|cNzcsaP*d_wEeMF+VJhNYKqN|Aki%Z{$)_IQ(-?0BDtYj z5D3_Md9+JuCZ}S0ppXLvR(TjT@XGB<**MvvVX}Wto$Sw(&z_?m?J8e%{H`B+jdc+z106HA@@hLF9T` z@Y&rqCi~nLO+Wp1i7A{_@WUJt|@C zqxvo%o<+>CUYP~~Zy1k}{wuc-A9;4Hz4H^`4T034gl{vc85Bh%%@y||AZE&E{c7a$ zlE|ew$Po)tl)kp55{M+ezJ5Jmu7-rYa8ZPOce)f}B65%vAKhTePpCHDisf2m;dROH z9S}(m4S&(|1He@einz9)M!Y%BBQ1&$t8!%&4OKqw?CY%qajt`G4L%f^$7XWpoS}?% zTj3l?TXJogL~aQa%-b0aMh9O$%-8-!4Q-}OdNf3rdnBOIX6qhQCLoFf0J zXwq|%_Q(jRGaXXzV&{NlTf3~x&O~CGeQl15(<@OVE>$>KGne}C8*Le&dgfbbb!cZB zZ}vi!S31C~`aLgw%-M|rX+_-MkaIvbq*`6$xxhk8X+1O)1Z(8Q7p87=9bm53ek=U7 z(xJATF5>dDpJn!Wrj8&<*!9I9zFm7CnR!rhlY8BZ;%L-BKvbsXeiNeye_Sw9=j#Mm z<)NT4G$e2AdQTa|m%(cJnRlS-qXl+#B;F?P^sEm3k#oUA<2uGZz%Q*ogOhw4eIIWr zMQH)*fj&akbm%P*mC%&hG8A@f+*@VIX~S~)Of1%RtZz5MH2f^2}0hzyc?DURy$08olWIoQwuGcFuoe~enLlV29;zZ!vbo2x!u*% zE6du3aB$+EgKf%+s>TkCo5-;VYYttsK#@Wr`cQ6EpkV@_&5ezM83QDci1mYt0rMs4 zr4ji`USAup6QYq7$@LD4uO+U7MV5|@id$%kvo~p=sCCOXrI15e_3Qx&H)V7~8wFl?q6L+G%WV_&Nwe zuH&mU3(P#IUW@t3_{evE(y;kvfUgGeKuN`Q?i-962+JC@wqEZMU~-rYUzg)06{qVW zW$Rl4snyO_O(Sr{@q0ycf~Mz{KuiKOBw7` zXISTmd(CVVo98)(C7K;^R_0 ziI;D>ld#z!J--kv>YOWw7|XzO)B_gM`Cce$h+__#UdYzd?`C^Q4jRBC0w4;l;(A?1 z!>?J;e1_*fi}mVl_7G#Kq_LX$<|qWk*QcJ>s~-icdETqLI$6=zygKUj`b#;@d}EaP z+=w$f^IloR;7aZaXJb9imQ#QuSd=Vw#1wy+I?YKqVFd*Mm2+p)uT2yM-htU7hS9@e z%;V9d40oe}1!aam2okRW8fOGaP1`@mjQ+GG(D)_71o5J0u(X6e7tF4R2|w@I>kp{~ zWCYx>mc}DrmqQK@RNxF*%E}`x#OO)PFA!}3ra)Y1QqIDKV4-IL{sBZQjH#N%E1o7B zYYWxD^OcYviArGtr-_%pdIGF|zxc%R73Mx5Uyskt>iQCo5=gCdE6uiqSlS^~!y^=I zer}bsB^R5D`8a>8w&p1;t=@8N*fpET*eTBY`u*Zc_15`wg=zOXRYc>o2pYP}pQX2L zA#`YMxdveCIjpc#g%iPn(sKVVBB}SUU?jvoVsL^#++AjvUF+U&D3tbwlM`=(lzG~Q zg!ws9N-LRjA_o9B$jK?_hn?CRDhImcg42M9rG=+Z0zX6tqFi(QFI zN?Smu_9v`-f;0fCV?`4`=6i|UoiMtjd?C57d0|xPc?{@C!k#|y>&e3((a71W?%_?qhGM|6mN}Q3)!(2-cV~aj99i+<&0^g|a{9Jq1kkpKkxN z#hfG)R_92`y@QZV4ia1;{s+uhs0&%G2T26+fxeu$8k$bSCdU>U_V3UCKCQv&gC;y{(l@Qd9p5Qfi2l*G)Y66 zpPp`}{p}C8Px`-f_~uyIpLdQO_~~Cij2;YH8_c>t)zb1k2bY2)?DkR^K1_J-QF$+M zDC*UgFHe7Y`@)ysU;FCJe!s-qx4(Ut5H35R_2|z7?|xgh48A^hjX@Df*abG!e2FKq zZgXP1oZO%P{Oe_|&u5TR7Cz&_rXqaC#Lt-c852Ka;^#Q=GZKDA z!p}(fe}#lEo;=!Ic%yv)LQ?W@Ndtz$T6^u1SJTJDy!bpLuD z-0{`Fyv+g=?&~CLGLOnl-wd7DznIGVO76(Ve?a8c<+l#`X820$<&j4k@^YhJ-?Gn= zofqWs=Ts_HMa!2ucD(X?xBTJ}cKSSQv+i)FZ#wOIvS)2bQI}j|7w*G0wg&S%x#{zM zH;Vo)RwUZWZ~41e@!yvM|1E}Cv6mUzL9e9BbkI-k)okahdzs12QLi-u?_8b+25IrMO;)G{Yx5%ZcJ>xW$SJFgtHtXnZeCiVm zY)xU*0?wqaW5cbw|r;t6W9hT?GZN+L8Js@o_&oW#s)E zq{dy)9!wBY*L^m1`T4%hy%=A}9(YvGSJ0~sn~IBD^i z_4b`xj$GZUkheisPUd}|>UB%Y>Mw1Ole1L)3K~b~c$oP2LJpb#EoT*{?(TQo(@fBL zfVlkLTVHPZ+;+#kHiKGn%f}gbXnncqqoJ2?yksia5F|DdtnU#-r&gP6*eWKlaELZ~ zG{PWIOwY6YD3X8WM?sNR{glNow{ATXuPvw1b@vQ3HC8S$>8kLF$XGI6+6d+mg^esP zYqbc@IMbdn6|5>*DK?`c46p*m3+#b&dtY`Dxfo4_Bwo2`#|E5IUG zuKR3|IEW7wd73MPEth?cGFtEB#Tde~UH924%=2<5Hq~`hQBT=GrJ2A1AMm4^kJt_^ zt1sj>1^TMx%G}`f)ZWd%Ub6gh`uwYa&Cy!C>sIcLF*CZ7Kvu_uq{mD)SfFFw>c9?I z?vBZ{3!2>z7EBRYaA!h#j38uo9`XJvoS+Z9^YIO<)W@cK=d zaH_eVuwH9C>M#)}YKWUS?;}Z(k-^Pbv4b}$sM)0|Buxj+us_PmK{jrDr(kkCKGHs{ zfUFpR9io_uuT};tY*irhJVlM&zlltY011J(7J0fG zGddWzt!1Sz!Yitf%WJG`YW}=FoacLvauRl^a*RaD89SjY5s+)^>`(%t=`I6)P;>= z2B_v9L9exZNY{y)KOGPy=#LO~d(+0$ZG?eHqO3Ah^0a-dMetZR-F&_^b?vPOv9%H& zehrD`-{o&i+t3h{=q^pNtIaB(?jxKHTYsyZ+cH+A9{<6U#m_=ArfwAKM7=UAjahet z2Qp+Erj0kOZW zbg4B(JQ1fZrWm?ctK(OOcL@1i^TCHSiOf!Qp`?yHU*;S(+GS14NB9h4O9@XHmsW~99cjO=wWv!)a2$6r z1wmJ^9*L5zbeAkO_&M9mswb0U7jDJx5aml7_?9e1A8u7@^u(gH@@sDg4wx((LDh(q zVyb*C!qSt?*YN@M6IVzfqg_&XW5P^p1FGYw`b}1|)yzhc_@=>6a+qUZK!EacV9%aC zzh+}BpCB}aJ#7tL=L_n%5vsl|73$9BRa>{ZSChGvY6LH1twl()nff@<7{z4}Kj_1c zS9fC?LWg#Y2duTQWPAhfXoe3(+#CUEY{US*={|fF%uv8&n_|cJRmY;>sKM`0H_PR{ z!pW@-=#>aH{D-aOV-6xNYI4m{hhL!OG@ngtdg*QO_(M#}@h5ZJlyPKlr=Vx0tPkoo zO|_i8QC9_1$4XzQJ0-y2$kj(at38+{;SgzIpiml8DMD<#X`fsvnr&HtJ9Dt!bR%E@ z9<9;>{bor@C&Hw18+?7?aKdYvOxO`bG^C!Fm+xQ4o5nEQ4D%wW9R-+a@cN5vfNwEd z5X!5!(&({KkeebsE^{@XF4tTrAtewriE{+V?&%5Kr~cx8HMPBlLiA!Ivf~3w*tt_g z{h$-I_@!YkX2MzY8irUDDq$%N)yGS$oUG#3CSMU)ySW8 z!tg@e#L~+E6UjqK%SuIc#mXMw4;B_;&_%%PSm>VM(H12+aZNO8s9Y78V1I&4C3p%A zhRmzs@{DSuVu}idUE10Zm+f04OpxFT#Y33-pt&CGy1*d#V^*FUt{=$%wT49u3ppl! zo}MFP^s(1pXHsrXIG3y9SGFemBCe7pjmkzxf`(NW*&@s>h1v#gbcfY_yhN033VhjO zDDk>Ig81x(J~rlD-rkqarulILs;M<0uisR~3A$AGS`D*h3$0(q8hr=lqlrjO#eB;9-0u9v}zk{fFl_{VYB` zH6%-h)73=fP15wnHbkYU`qJtNuoITwj6zpR;H04-Orm2|LvfB{sS@dM{!o={dP2Wd z7$AsiMcS0Fv1#|VDqS0Hs&Pv$Xp!bd^fjZ_q{N1``>C<7y0DT=&IMzZ3ewnrAwvOY zDkrvGexg1TW_XDkmX_;UKukAFoD^&t8v8{Ixz?p^^@%{9IU?@KeZ=3=u3 z3TXX>Rsys@vZ2#9Zp;z>ddu%jBS2YBoQ=%gIi6guW{jTF#0i=L)l7~@J2YZt5`Qrz zZ%hbm86`B0*r6mlNm?7-cDND(rM6DitZClpi(Ptn$y3d$w$PpdGDXxeEum?&EC!fD zl2F_Z9C)7eq@mm^`JATy-N}?2lB|C3_b)PuGCNMU1qJC&5gc3*dByeN_}SB-J;Z{uiPyF*; zo5L|tG)E#i+WqSI&L0k`d_`i+zP{Dh%*Yot8?GOJ6FeZ;&cRE}>KsK*ny9Bi#91(SU32a#&1|cW(N2{U_32s-BUn-7N0)%B%ap(xm;~Y1$*J?+viHzCvTVG<7t( z>!bMNvPuq{p zD#6oeSW)qJF@4IxF$sjq9a)A=teQiTszy1I>ZVg&ZgsJVa!DahmrsO`r5)N>z@)?z z&K=k;i(B}Rqysad3GtWWKISyD9T`Q$N-HFG`DtImY@mgNN?0^0nIdNsoXkvi(%Gg$ zLa^P0OcJofi)&O{S{hJ9h-iT#7Qu6w!5KI&*v7JalArKd zD5mdSCv7U{)1!bi5{jYLX~{XMiSkG*Dk(dfzN4Tp+!?`^;;R`?CGf1I!>vDcOy(XE zf9%o}L~O5*q2D#M$!f6R^uETdwC&xHNuB)(Ya`7IO0yQKg!js zjuh;qfrIx->jrBgPn%qdS$r=gV|A?=>eZxA${LneX)2|JYwPhIhEH@A(4Pw0tJgxu z^A~C2N0DI7nY+xPGkZ-(*BatRsbtDPs=cIM*X+|y4ymHC%^Wru|4y2N;d>8RMsU9W=FTDUs?Hg4 z5*LWjRX@8E|LrY0{j_W~XRnZ{ z^y$ykHa#vC8Sjskt}exi&$n~6yW5q0GTm&52XU49X1pQIJvXuP){*|^nz09BFl@Lj zrf$o$Zquwx?B`PHFBOsA&0wMi-gEo6-RYC0+t|%E#1a@Qw#7iIx&og62V3dkGWUpe zIO@3Z&fL4Cx~>|7zE4^^dh`P@(d*fSEZMYjAYOvaP+f>v7?C|{m(jIy1X$C#d9HMS zSAvKWAu~lENf75Z5)ZqkSYBIST)1pTSTwy3)Mp2REZU{>iC1}lbLXB+fxfr$ zj8CWGB8MH4;dhIy`s}@CKV{fNzMk`pn20LN8_Ydr6F15!V1zO+)+P)eJSz8~I(KE0 zTAD6<962vul1UBkW+Q#pl^FEjFvKGiy|HVBW7zz_E`5izL+f0DHf+=f6~UHuDjkzm zG}1rmwWR}$i{OfE3Lt>mD;vTLvLQM2dvX7J|1q!EC(llTDLd zn2RI{Ty`>kH0epB-&A~I@d?@ z;5m!b^_dF7>fMH@jdwxNXpR4C=Za5c8I;k){adHzRu|q8$ zmAxM^mNxfgE8>~ZTRv8hUa##Ny9Pd%wFKmWuV~@?fI42QX6en&`jFNYKCcm{1FN!J z>5J5d8}B7?BuSWF7G|Zx!SaUFevRX%BX;}7TIm&$2;|{dS&4q!w0PUyEMH2=;85pme+V^nGgM{|#qo7-DWI?Z+J=VcR)DC#0S-r3{NHWqCZYytQO+&oM7jHCxyZjVX>mFG;I)aH1icT z9TtD&8m>J*8K&7BD#0~A zSa0F}mXxNQr%Wm6zt7e{NmHt}M@A;cNm*U&cb7e!HKY@ner+c2sT+^$JQR98rINzb zardB*clHJn|FGj+KL}I$W;NCaoFjOq()eLMADLY&pIc2F>)@w zGe45q7*5ed{hBmJo}=Lp7>Ea(pEV!|B54Tt=5^SYfs#m^*O#vZpn9tbX|08C2=A(j!+<~GWDNmMAvRB{bHK=X$M4)CsIz37S>>C z**>yc73(t{o|t}prYGTWM@x$l%hbw{CcYQa!c4IQs5)z@D`y!KRqd7i{WoSTQ=4vJ z=Rc`c!86!yi!Lv!?T7kQa@Mju{3XVX*G5Rys+{v%V$(JwvEF2_2kPG&PhL zp1WwzsvmI)u+;?|#*r~Uk6vSCT_xkDu}l9CHTg-)cA+<2&E zMH{-`w>=G|^-$8Y`*t<>CFP5_I&HisPTJ1k%^tb zhe%Ei%l!whYZ*^hEZfWrEPF>TdNsWs5OoJ2GrT4G>I6#&vsa%1WBH)qVHUnRf)& z{ELN?sQo4NW48;eyGAvqj?(#U__1Qa0M0q;m(5X?OZ2fjf!VriA%?wG7Vhobg1B^) z9$b*E4~u%a8u=hoo9S79FnOCmMcQ)CW3p^k#P%taUeB{7o+~Sv9V|8AZSJuLI(_g9 zp<&taPV*&;b71QM?ieOLh&GQWA;Zweea0-8>yzEW7GXGIey%Mg%6I$^&)z)z5Fc^B zGoe!Q20ug$8FIx!mIsc@9^CCbpCa>fPF*DBQZNYLs|5|N=6)G?{OXysYnR=SlWi#b ztsXJjumv)lZO5X_QDUo^%=-Aff^?}7QI_^KD_c*1MWjB!r)lsnKG<}*VG_8o)l*4QZ_l)0NX_p2m2})4q++R<3Sa07@xj2Gl zFJ|eC1bLBSPnuU>%4LI2ME#k6SGn)q+p)uEpUnIrnY{?KpsPbrJPCLD1{N3LoSRaR zldGZ+whHqL4Jt8K;@C8mXcc%&71|-;TgRfn4vSw0n%{I%-H|7~P2DsVV4mn33c|zZ zSSn}9ag9abPP5wt1Jf-7^{B8#Z)5pk!lxqHLnt7!2sZ z+p$Au(}vlAnVAhJWp>mJ*8S=>Ie_1%PP~}^I;w!#c607r-{J3Fm`lzieWife>?+6N za?G$L(5>Q?=cqHG&S|fs)F;5&ZmvP0XIV?#OkkFIL}^};i(}fb1EM=apjn`;Ycv8i z8fcAe0)g20@tvj|HxBV#Z;V=RaOzP3 z=S|QX!jKITt%REwInssp|MZ=R1f9`)D@h(`9XC!u5bqPKN z24+9(UZrALfmtBgy0Wa$#yHpp?fHTt&xAMVA|N)g?iJOhM1WlFa!XEZ-3xcz_1GF%wrKpA(WzpBsrLX;-_al^ zvqe(6qyLh3Pf^Ta(Dh1Y)2FuKft)3$f4^D%!ygv!WB%y$<0G}PI_)bht;GV}g2wko zkpn;b=%!Pn-`?O=6`1Mn^o=@~R>T-hvfVorvG~GhuNj}hfDI;moSFeUK?IUr=I0u) zr6$1 zGpnS-nyq8+JncG+3XfR82ID3q&TM(e(}M%Az6G^6B$YWLU3IlMe}zm7z6X191kBd|MUWXc**QXT%CreOIvH11kT&rH%7&EYE zS?{!6^0EjBPb=bJ*Pc1KGUx5nh7BI`-?^;+-4gKZ4wG%ah*Gj_WQ519lB#)@{XGQy zcS~|s0e+_| zZV%B*SLP*y34>FhYbNx%kvzCLZvwfyQWfWbl&$KY66ISWhHw7e;q-k|g(u0JimG}+ z%2Zp_{Nn3=idI85|JQ+6FZlJcC3Z%Map|y2VM%tMQ-4FiZNXH7IZou@Kub%`;SJnr z?{X9MGTQ>L1LQa3MR6`q%0yVBz1CLA29q)K72u?F9swWRw%btRl7&RZg)0z9dYLIKl zb65@TN2oXJPCTJ}Y4OIVIA%+bXM?zlmBV9exgOZ%%3N?}6bqnl%4~j}+(Faysq9m&sWaLoOjY23Cyj9)+7WB?@5s%2X$3!)@%`JyWX4IL|wR;W;?XS!7 z4EMnXBY9{hJ~&jE72-f6s2yYWX`N|>v-(CO#R)6t)(`I*B0kmEuReZxxL~@t%n|lu z`$;rD%R@6mDl#nw?qIsJ>OzacnW-6CRL7u$q)xdsO!{7S!`s=$$k;V+Fs?)5DP!un z*2UPrD3CxtKiBy&R~z#Ni1xvC?n=^w%@k%i{GJKbTRX zj*WTK%O~B=X4%k#6>a;@wtr`MhU5b8$xsr%e%z%EX@l#4`TmjL!Vmh$>*7Xr?tD=C z5n&$YueyV**FkUjjx6HPGUz)Q*WLtjH8)}jx5^>~rL8zq%2?%DL9*Um`S@?{7!@8f z=+`0H7e6yC(=8sqfN$Rb4>lfWh-fp+^paJ9y%U!c25Y0+V^fzOeEU8|i=6GQDf!tY z_gE+Y=7s0_#YSbk$D;4O7i<%(UWVH@NY@7(WFPg;V9THEFTR@#BD!Mpb1<4ua93>m zgN<#_ez2BNLmW>NsunnXHS~0S9lu=RMs0}PXegd49BCk3M6Z(GEQ;qOWqidFPRwH3 zQ72dGWL{M-$C<0^M>GC+u(f<~>Nn|LckqpNStP#{gr`sVHJo`3XOJI|rBrSa=|kjH zACHPNkr4?ZL2~Vm>EqI7>RK1>=aWUh9MIl%$}Z|*(cNDk$p2H>@9~4qx820Izl~5R zr*)oL?AU+zz`>(-H{Ndz`F+dxc2Ay;;Ul!}{bO=9gF{(cn+%I>+ju~V;2^^>3CnJ( zuBq2!{R0-rwnILwB2?7Aa*wd<3_Q1tvt06TXY>;NMSP)<+jljrkdQGWZ;_@wW@DMR z!YDNqE@9vFvIkl8Q3ml7KQ)^Z;v<|FJs{qg9$?^9QU1;)R10jTfk9E!OuV~tcCGmZ zdq2T1omk|t{%0bYhz6EZ+dLM3_)}0u7f0rDhl&F%FIHy#;iq7DbLsNFu8|m%Iu>ri zZs3c*ez|U1z4-6b6aP=;%CNx$oAs@E1g%vP@74cd5bRHqh~H}-Wu9tqsA@5n|L#T` zn(=nO{?&&|GX5n#DyE9}py#i*Yfc5G8Vzcw9JT_fOOt)6JNbPSo8x)k>6vf*o04xg zXHwc(qE=^%a9;5siw=p)cHY~ctfip2@IaWH+1DzAoxZhiYv?nG--)5Zj;cw=J_dKU>g uo>P~Wmcp5vTfP2u<@104&k}gACf#z(^|(MYmAlFBz)m~;QuXuY-~SiP_h)?o literal 0 HcmV?d00001 diff --git a/unit-coverage.svg b/unit-coverage.svg new file mode 100644 index 0000000..5f3d276 --- /dev/null +++ b/unit-coverage.svg @@ -0,0 +1,137 @@ + + + + + + +github.com/northwood-labs/devsec-tools + + + + + + + +cmd + + + + + + + + + + + + + + + + + + + +pkg + + + + + + + +docs.go + + + + + + + +hasher.go + + + + + + + +root.go + + + + + + + +version.go + + + + + + + +hasher/hasher.go + + + + + + + +http/http.go + + + + \ No newline at end of file