Code

Code/venv/cipher.py

@@ -0,0 +1,58 @@
+import sys
+sys.unraisablehook = lambda unraisable: None
+
+import asyncio
+import ssl
+from argparse import ArgumentParser
+
+from aioquic.asyncio import connect
+from aioquic.quic.configuration import QuicConfiguration
+
+TLS13_CIPHERS = [
+    'TLS_AES_128_GCM_SHA256',
+    'TLS_AES_256_GCM_SHA384',
+    'TLS_CHACHA20_POLY1305_SHA256',
+    'TLS_AES_128_CCM_SHA256'
+]
+
+def get_client_supported_tls13_ciphers():
+    """Gibt die vom Client unterstützten TLS 1.3 Cipher-Suiten zurück."""
+    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+    supported = []
+    for cipher in ctx.get_ciphers():
+        if cipher['protocol'] == 'TLSv1.3' and cipher['name'] in TLS13_CIPHERS:
+            supported.append(cipher['name'])
+    return supported
+
+async def check_cipher(host, port, cipher):
+    """Versucht eine QUIC-Verbindung mit der angegebenen Cipher-Suite herzustellen."""
+    config = QuicConfiguration(is_client=True)
+    config.ciphers = [cipher]
+    config.verify_mode = ssl.CERT_NONE
+    config.alpn_protocols = ['h3']  # HTTP/3 ALPN
+
+    try:
+        async with asyncio.timeout(5):
+            async with connect(host, port, configuration=config):
+                return True
+    except Exception:
+        return False
+
+async def main(host, port):
+    client_ciphers = get_client_supported_tls13_ciphers()
+    supported_ciphers = []
+
+    for cipher in client_ciphers:
+        if await check_cipher(host, port, cipher):
+            supported_ciphers.append(cipher)
+
+    for cipher in supported_ciphers:
+        print(cipher)
+
+if __name__ == "__main__":
+    parser = ArgumentParser(description="Ermittelt die unterstützten TLS 1.3 Cipher-Suiten eines HTTP/3-Servers.")
+    parser.add_argument("host", help="Hostname des Servers")
+    parser.add_argument("-p", "--port", type=int, default=443, help="Port des Servers (Standard: 443)")
+    args = parser.parse_args()
+
+    asyncio.run(main(args.host, args.port))