Metadata-Version: 2.1
Name: cryptoparser
Version: 0.7.1
Summary: Fast and flexible security protocol parser and generator
Home-page: https://gitlab.com/coroner/cryptoparser
Author: Szilárd Pfeiffer
Author-email: coroner@pfeifferszilard.hu
License: MPL-2.0
Keywords: ssl tls gost ja3 ldap rdp ssh hsts
Platform: UNKNOWN
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Framework :: tox
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: Science/Research
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)
Classifier: Natural Language :: English
Classifier: Operating System :: MacOS
Classifier: Operating System :: Microsoft :: Windows
Classifier: Operating System :: POSIX
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Programming Language :: Python
Classifier: Topic :: Security
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: Software Development :: Testing :: Traffic Generation
Classifier: Topic :: Software Development :: Testing
Description-Content-Type: text/x-rst
Provides-Extra: test
Provides-Extra: pep8
Provides-Extra: pylint
License-File: LICENSE.txt

============
CryptoParser
============

What is it and what is it not?
==============================

As the project name CryptoParser implies, it is a cryptographic protocol parser. The main purpose of creating this
library is the fact, that cryptography protocol analysis differs in many aspect from establishing a connection using a 
cryptographic protocol.  Analysis is mostly testing where we trigger special and corner cases of the protocol and we 
also trying to establish connection with hardly supported, experimental, obsoleted or even deprecated mechanisms or 
algorithms which are may or may not supported by the latest or any version of an implementation of the cryptographic 
protocol.

As follows, it is neither a comprehensive nor a secure implementation of any cryptographic protocol. On the one hand
library implements only the absolutely necessary parts of the protocol. On the other it contains completely insecure
algorithms and mechanisms. It is not designed and contraindicated to use this library establishing secure connections.
If you are searching for cryptographic protocol implementation, there are several existing wrappers and native
implementations for Python (eg: M2Crypto, pyOpenSSL, Paramiko, ...).

Quick start
===========

CryptoParser can be installed directly via pip:

::

    pip install cryptoparser

Development environment
=======================

If you want to setup a development environment, you are in need of `pipenv <https://docs.pipenv.org/>`_.

::

    $ cd cryptoparser
    $ pipenv install --dev
    $ pipenv shell


Features
========

Protocols
---------

* Secure Shell (SSH)

  * `SSH 2.0 <https://tools.ietf.org/html/rfc4253>`_

* Secure Socket Layer (SSL)

  * `SSL 2.0 <https://tools.ietf.org/html/draft-hickman-netscape-ssl-00>`_
  * `SSL 3.0 <https://tools.ietf.org/html/rfc6101>`_

* Transport Layer Security (TLS)

  * `TLS 1.0 <https://tools.ietf.org/html/rfc2246>`_
  * `TLS 1.1 <https://tools.ietf.org/html/rfc4346>`_
  * `TLS 1.2 <https://tools.ietf.org/html/rfc5246>`_
  * `TLS 1.3 <https://tools.ietf.org/html/rfc8446>`_

Python implementation
---------------------

* CPython (2.7, >=3.3)
* PyPy (2.7, 3.5)

Operating systems
-----------------

* Linux
* macOS
* Windows

Protocol Specific Features
==========================

Hypertext Transfer Protocol (HTTP)
----------------------------------

Headers
^^^^^^^

#. supports header wire format parsing
#. supports detailed parsing of generic headers (\
   `Content-Type <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Type>`_, \
   `Server <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Server>`_)
#. supports detailed parsing of caching headers (\
   `Age <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Age>`_, \
   `Cache-Control <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control>`_, \
   `Date <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Date>`_, \
   `ETag <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag>`_, \
   `Expires <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expires>`_, \
   `Last-Modified <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified>`_, \
   `Pragma <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Pragma>`_)
#. supports detailed parsing of security headers (\
   `Expect-CT <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT>`_, \
   `Expect-Staple <https://scotthelme.co.uk/designing-a-new-security-header-expect-staple>`_, \
   `Referrer-Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy>`_, \
   `Strict-Transport-Security <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security>`_, \
   `X-Content-Type-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options>`_, \
   `X-Frame-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options>`_)

Transport Layer Security (TLS)
------------------------------

Only features that cannot be or difficultly implemented by some of the most popular SSL/TLS implementations (eg:
`GnuTls <https://www.gnutls.org/>`_, `LibreSSL <https://www.libressl.org/>`_, `OpenSSL <https://www.openssl.org/>`_,
`wolfSSL <https://www.wolfssl.com/>`_, ...) are listed.

Generic
^^^^^^^

#. supports `Generate Random Extensions And Sustain Extensibility <https://tools.ietf.org/html/draft-ietf-tls-grease-04>`_
   (GREASE) values for

   * protocol version
   * extension type
   * ciphers suite
   * signature algorithms
   * named group

#. supports easy `JA3 fingerprint <https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967>`_
   generation

Protocol Versions
^^^^^^^^^^^^^^^^^

#. support not only the final, but also draft versions

Cipher Suites
^^^^^^^^^^^^^

#. supports each cipher suites discussed on `ciphersuite.info <https://ciphersuite.info>`_
#. supports `GOST <https://en.wikipedia.org/wiki/GOST>`_ (national standards of the Russian Federation and CIS
   countries) cipher suites

Secure Shell (SSH)
------------------

Cipher Suites
^^^^^^^^^^^^^

#. identifies as much encryption algorithms as possible (more than 200, compared to 70+ currently supported by OpenSSH)

License
=======

The code is available under the terms of Mozilla Public License Version 2.0 (MPL 2.0).

A non-comprehensive, but straightforward description of MPL 2.0 can be found at `Choose an open source
license <https://choosealicense.com/licenses#mpl-2.0>`__ website.


