Cipherscan json output uses string datatype for many boolean values

[Brcrwilliams]

When used with the -j option, cipherscan outputs many boolean values as strings. This makes parsing difficult.

./cipherscan -j github.com | jq

{
  "target": "github.com:443",
  "utctimestamp": "2018-12-29T17:38:51.0Z",
  "serverside": "True", // wrong
  "ciphersuite": [
    {
      "cipher": "ECDHE-RSA-AES128-GCM-SHA256",
      "protocols": [
        "TLSv1.2"
      ],
      "pubkey": [
        "2048"
      ],
      "sigalg": [
        "sha256WithRSAEncryption"
      ],
      "trusted": "True", // wrong
      "ticket_hint": "None",
      "ocsp_stapling": "False", // wrong
      "npn": [
        "None"
      ],
      "pfs": "ECDH,P-256,256bits",
      "curves": [
        "prime256v1"
      ],
      "curves_ordering": "server"
    },
    ...
  ],
  "curves_fallback": "False", // wrong
  "renegotiation": "secure",
  "compression": "NONE",
  "configs": {
    "big-SSLv3": {
      "tolerant": "False" // wrong
    },
    "big-TLSv1.2": {
      "tolerant": "True", // wrong
      "proto": "TLSv1.2",
      "cipher": "ECDHE-RSA-AES128-GCM-SHA256",
      "trusted": "True" // wrong
    },
    "big-TLSv1.1": {
      "tolerant": "False"// wrong
    },
    "big-TLSv1.0": {
      "tolerant": "False" // wrong
    }
  },
  // These are right though
  "intolerancies": {
    "TLS 1.4": false,
    "TLS 1.3": false,
    "TLS 1.2": false,
    "TLS 1.1": true,
    "TLS 1.0": true,
    "SSL 3.254": false
  }
}

[jvehent]

Yep, we got those wrong when the JSON was originally created. But that was years ago and changing it now will break a number of unknown relying clients, so 🤷‍♂️

[Brcrwilliams]

Y'all don't have any versioning?

[jvehent]

Nope. That's what happens when a hackish tools grows into real software. 😞

[tomato42]

also, while they look boolean, many of them do not output only two values ("True" and "False")