59 lines
1.9 KiB
Python
59 lines
1.9 KiB
Python
import sys
|
|
sys.unraisablehook = lambda unraisable: None
|
|
|
|
import asyncio
|
|
import ssl
|
|
from argparse import ArgumentParser
|
|
|
|
from aioquic.asyncio import connect
|
|
from aioquic.quic.configuration import QuicConfiguration
|
|
|
|
TLS13_CIPHERS = [
|
|
'TLS_AES_128_GCM_SHA256',
|
|
'TLS_AES_256_GCM_SHA384',
|
|
'TLS_CHACHA20_POLY1305_SHA256',
|
|
'TLS_AES_128_CCM_SHA256'
|
|
]
|
|
|
|
def get_client_supported_tls13_ciphers():
|
|
"""Gibt die vom Client unterstützten TLS 1.3 Cipher-Suiten zurück."""
|
|
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|
supported = []
|
|
for cipher in ctx.get_ciphers():
|
|
if cipher['protocol'] == 'TLSv1.3' and cipher['name'] in TLS13_CIPHERS:
|
|
supported.append(cipher['name'])
|
|
return supported
|
|
|
|
async def check_cipher(host, port, cipher):
|
|
"""Versucht eine QUIC-Verbindung mit der angegebenen Cipher-Suite herzustellen."""
|
|
config = QuicConfiguration(is_client=True)
|
|
config.ciphers = [cipher]
|
|
config.verify_mode = ssl.CERT_NONE
|
|
config.alpn_protocols = ['h3'] # HTTP/3 ALPN
|
|
|
|
try:
|
|
async with asyncio.timeout(5):
|
|
async with connect(host, port, configuration=config):
|
|
return True
|
|
except Exception:
|
|
return False
|
|
|
|
async def main(host, port):
|
|
client_ciphers = get_client_supported_tls13_ciphers()
|
|
supported_ciphers = []
|
|
|
|
for cipher in client_ciphers:
|
|
if await check_cipher(host, port, cipher):
|
|
supported_ciphers.append(cipher)
|
|
|
|
for cipher in supported_ciphers:
|
|
print(cipher)
|
|
|
|
if __name__ == "__main__":
|
|
parser = ArgumentParser(description="Ermittelt die unterstützten TLS 1.3 Cipher-Suiten eines HTTP/3-Servers.")
|
|
parser.add_argument("host", help="Hostname des Servers")
|
|
parser.add_argument("-p", "--port", type=int, default=443, help="Port des Servers (Standard: 443)")
|
|
args = parser.parse_args()
|
|
|
|
asyncio.run(main(args.host, args.port))
|