Fast and flexible security protocol parser and generator
Project description
CryptoParser
What is it and what is it not?
As the project name CryptoParser implies, it is a cryptographic protocol parser. The main purpose of creating this library is the fact, that cryptography protocol analysis differs in many aspect from establishing a connection using a cryptographic protocol. Analysis is mostly testing where we trigger special and corner cases of the protocol and we also trying to establish connection with hardly supported, experimental, obsoleted or even deprecated mechanisms or algorithms which are may or may not supported by the latest or any version of an implementation of the cryptographic protocol.
As follows, it is neither a comprehensive nor a secure implementation of any cryptographic protocol. On the one hand library implements only the absolutely necessary parts of the protocol. On the other it contains completely insecure algorithms and mechanisms. It is not designed and contraindicated to use this library establishing secure connections. If you are searching for cryptographic protocol implementation, there are several existing wrappers and native implementations for Python (eg: M2Crypto, pyOpenSSL, Paramiko, ...).
Quick start
CryptoParser can be installed directly via pip:
$ pip install cryptoparser
Development environment
If you want to setup a development environment, you are in need of pipenv.
$ cd cryptoparser
$ pipenv install --dev
$ pipenv shell
Features
Protocols
- Secure Shell (SSH)
- Secure Socket Layer (SSL)
- Transport Layer Security (TLS)
Python implementation
- CPython (2.7, >=3.3)
- PyPy (2.7, 3.5)
Operating systems
- Linux
- macOS
- Windows
Protocol Specific Features
Hypertext Transfer Protocol (HTTP)
Headers
- supports header wire format parsing
- supports detailed parsing of generic headers (Content-Type, Server)
- supports detailed parsing of caching headers (Age, Cache-Control, Date, ETag, Expires, Last-Modified, Pragma)
- supports detailed parsing of security headers (Expect-CT, Expect-Staple, Referrer-Policy, Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options)
Transport Layer Security (TLS)
Only features that cannot be or difficultly implemented by some of the most popular SSL/TLS implementations (eg: GnuTls, LibreSSL, OpenSSL, wolfSSL, ...) are listed.
Generic
- supports Generate Random Extensions And Sustain
Extensibility (GREASE) values for
- protocol version
- extension type
- ciphers suite
- signature algorithms
- named group
- supports easy JA3 fingerprint generation
Protocol Versions
- support not only the final, but also draft versions
Cipher Suites
- supports each cipher suites discussed on ciphersuite.info
- supports GOST (national standards of the Russian Federation and CIS countries) cipher suites
Secure Shell (SSH)
Cipher Suites
- identifies as much encryption algorithms as possible (more than 200, compared to 70+ currently supported by OpenSSH)
License
The code is available under the terms of Mozilla Public License Version 2.0 (MPL 2.0).
A non-comprehensive, but straightforward description of MPL 2.0 can be found at Choose an open source license website.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cryptoparser-0.7.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4315cb25bab37da95d2a83c038c317a15539ce84c412bd7c06d8c49d8fb0d615 |
|
MD5 | c4d9ae77c6efb9365d37ff5cd9bcd7c8 |
|
BLAKE2b-256 | b19f7b5c1a862e6def5068c593790ebe1ac44f3fcf9c4350035e2b42042e2f4b |