Tlslite-ng
ChriDr opened this issue · 4 comments
Hi Jurriaan,
i have taken a look at the code of httpreplay, because i had some issues during the decrytion of https traffic with cuckoo. My thoughts about these issues are that you are using tlslite within the code, but tlslite does not support newer cipher suites. Whereas within the code of setup.py you are using tlslite-ng as dependency and not tlslite.
Is that just a typing error that smegma.py is using tlslite as importing library?!?
Cheers,
Hey :)
So the tlslite-ng is, let's say, tlslite plus more. However, the library is still imported through tlslite.
It is true that last I checked not all cipher suites are supported, this is quite a shame as it limits httpreplay's capabilities.. It is therefore somewhere on the todo list to replace the usage of tlslite-ng by mbedTLS, another open source project but better maintained given its wide usage (used to be PolarSSL and then got bought by ARM). As you can imagine this requires a couple of days of development which I unfortunately don't have free time available for.
Hope that cleared some up.. if you have any other questions please do let me know :)
Jurriaan
In recent developments, httpreplay is now able to decrypt those cipher suites that were causing issues before (namely, 0xc009 and 0xc00a). Please upgrade to the latest version ;-)
Let me know if you run into any other issues!
Jurriaan
Hi Jurriaan :). I will try it, but I am off for a week so I take a look into it in a week. I very much appreciate your efforts. Thank you so much!
Going to close this issue as resolved. Please feel free to open another issue if you run into any issues.