You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
A server using brainpoolP512r1, brainpoolP384r1, or brainpoolP256r1 as the basis for ephmeral keys leads to an abort.
* Error when running --tlsv1_2:
You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:
* SSLyze version: 5.0.0
* Server: 127.0.0.1:443 - 127.0.0.1
* Scan command: tls_1_2_cipher_suites
Traceback (most recent call last):
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\sslyze\scanner\_mass_scanner.py", line 265, in _generate_result_for_completed_server_scan
scan_cmd_result = plugin_implementation_cls.result_for_completed_scan_jobs(
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\sslyze\plugins\openssl_cipher_suites\implementation.py", line 125, in result_for_completed_scan_jobs
cipher_suite_result = completed_job.get_result()
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\sslyze\plugins\plugin_base.py", line 62, in get_result
raise self._exception
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\sslyze\scanner\_jobs_worker_thread.py", line 50, in run
return_value = job_to_complete.function_to_call(*job_to_complete.function_arguments)
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\sslyze\plugins\openssl_cipher_suites\_test_cipher_suite.py", line 56, in connect_with_cipher_suite
ephemeral_key = ssl_connection.ssl_client.get_ephemeral_key()
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\nassl\ssl_client.py", line 326, in get_ephemeral_key
return NistEcDhKeyExchangeInfo(**dh_info)
File "<string>", line 9, in __init__
File "C:\Users\plc\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\nassl\ephemeral_key_info.py", line 142, in __post_init__
object.__setattr__(self, "curve_name", _OPENSSL_NID_TO_SECG_ANSI_X9_62[self.curve])
KeyError: 927
To Reproduce
Run against a server that has Brainpool curves enabled. The SSLyze client advertises Brainpool curves:
0:000 emSSL - SSL: ProcessSupportedGroupExtension
0:000 emSSL - | Group ID 001A - brainpoolP256r1 - selected
Expected behavior
Well, I expect it to correctly display the appropriate Brainpool curve name. :-)
Python environment (please complete the following information):
Python 3.9.9 on Windows.
Additional context
Adding a temporary measure to ephemeral_key_info.py...
Describe the bug
A server using brainpoolP512r1, brainpoolP384r1, or brainpoolP256r1 as the basis for ephmeral keys leads to an abort.
To Reproduce
Run against a server that has Brainpool curves enabled. The SSLyze client advertises Brainpool curves:
0:000 emSSL - SSL: ProcessSupportedGroupExtension
0:000 emSSL - | Group ID 001A - brainpoolP256r1 - selected
Expected behavior
Well, I expect it to correctly display the appropriate Brainpool curve name. :-)
Python environment (please complete the following information):
Python 3.9.9 on Windows.
Additional context
Adding a temporary measure to ephemeral_key_info.py...
...results in:
...which doesn't fault.
The text was updated successfully, but these errors were encountered: