Skip to content

Commit ff0e5a3

Browse files
jtestajtesta
committed
Updated coloring of groups providing less than 128 bits of security. rbsec#333 
1 parent 997ec76 commit ff0e5a3

1 file changed

Lines changed: 7 additions & 7 deletions

File tree

sslscan.c

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5658,9 +5658,9 @@ int testSupportedGroups(struct sslCheckOptions *options) {
56585658
{0x0003, "sect163r2", 81, COL_RED, NID_sect163r2, NID_TYPE_ECDHE, 0},
56595659
{0x0004, "sect193r1", 96, COL_RED, NID_sect193r1, NID_TYPE_ECDHE, 0},
56605660
{0x0005, "sect193r2", 96, COL_RED, NID_sect193r2, NID_TYPE_ECDHE, 0},
5661-
{0x0006, "sect233k1", 116, COL_PLAIN, NID_sect233k1, NID_TYPE_ECDHE, 0},
5662-
{0x0007, "sect233r1", 116, COL_PLAIN, NID_sect233r1, NID_TYPE_ECDHE, 0},
5663-
{0x0008, "sect239k1", 119, COL_PLAIN, NID_sect239k1, NID_TYPE_ECDHE, 0},
5661+
{0x0006, "sect233k1", 116, COL_YELLOW, NID_sect233k1, NID_TYPE_ECDHE, 0},
5662+
{0x0007, "sect233r1", 116, COL_YELLOW, NID_sect233r1, NID_TYPE_ECDHE, 0},
5663+
{0x0008, "sect239k1", 119, COL_YELLOW, NID_sect239k1, NID_TYPE_ECDHE, 0},
56645664
{0x0009, "sect283k1", 141, COL_PLAIN, NID_sect283k1, NID_TYPE_ECDHE, 0},
56655665
{0x000a, "sect283r1", 141, COL_PLAIN, NID_sect283r1, NID_TYPE_ECDHE, 0},
56665666
{0x000b, "sect409k1", 204, COL_PLAIN, NID_sect409k1, NID_TYPE_ECDHE, 0},
@@ -5672,9 +5672,9 @@ int testSupportedGroups(struct sslCheckOptions *options) {
56725672
{0x0011, "secp160r2", 80, COL_RED, NID_secp160r2, NID_TYPE_ECDHE, 0},
56735673
{0x0012, "secp192k1", 96, COL_RED, NID_secp192k1, NID_TYPE_ECDHE, 0},
56745674
{0x0013, "secp192r1", 96, COL_RED, NID_X9_62_prime192v1, NID_TYPE_ECDHE, 0},
5675-
{0x0014, "secp224k1", 112, COL_PLAIN, NID_secp224k1, NID_TYPE_ECDHE, 0},
5676-
{0x0015, "secp224r1", 112, COL_PLAIN, NID_secp224r1, NID_TYPE_ECDHE, 0},
5677-
{0x0016, "secp256k1", 128, COL_GREEN, NID_secp256k1, NID_TYPE_ECDHE, 0},
5675+
{0x0014, "secp224k1", 112, COL_YELLOW, NID_secp224k1, NID_TYPE_ECDHE, 0},
5676+
{0x0015, "secp224r1", 112, COL_YELLOW, NID_secp224r1, NID_TYPE_ECDHE, 0},
5677+
{0x0016, "secp256k1", 128, COL_GREEN, NID_secp256k1, NID_TYPE_ECDHE, 0}, /* Marked green since this is the very well-tested Bitcoin curve. */
56785678
{0x0017, "secp256r1 (NIST P-256)", 128, COL_PLAIN, NID_X9_62_prime256v1, NID_TYPE_ECDHE, 0},
56795679
{0x0018, "secp384r1 (NIST P-384)", 192, COL_PLAIN, NID_secp384r1, NID_TYPE_ECDHE, 0},
56805680
{0x0019, "secp521r1 (NIST P-521)", 260, COL_PLAIN, NID_secp521r1, NID_TYPE_ECDHE, 0},
@@ -5687,7 +5687,7 @@ int testSupportedGroups(struct sslCheckOptions *options) {
56875687
{0x0020, "brainpoolP384r1tls13", 192, COL_PLAIN, -1, NID_TYPE_BRAINPOOL_TLS13, 0},
56885688
{0x0021, "brainpoolP512r1tls13", 256, COL_PLAIN, -1, NID_TYPE_BRAINPOOL_TLS13, 0},
56895689
{0x0029, "curveSM2", 128, COL_RED, NID_sm2, NID_TYPE_ECDHE, 0},
5690-
{0x0100, "ffdhe2048", 112, COL_PLAIN, NID_ffdhe2048, NID_TYPE_DHE, 256},
5690+
{0x0100, "ffdhe2048", 112, COL_YELLOW, NID_ffdhe2048, NID_TYPE_DHE, 256},
56915691
{0x0101, "ffdhe3072", 128, COL_PLAIN, NID_ffdhe3072, NID_TYPE_DHE, 384},
56925692
{0x0102, "ffdhe4096", 150, COL_PLAIN, NID_ffdhe4096, NID_TYPE_DHE, 512},
56935693
{0x0103, "ffdhe6144", 175, COL_PLAIN, NID_ffdhe6144, NID_TYPE_DHE, 768},

0 commit comments

Comments
 (0)