initial release

Author: noraj

.editorconfig

@@ -0,0 +1,16 @@
+# EditorConfig: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+# ruby
+[*.rb]
+charset = utf-8
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true

.github/workflows/ruby.yml

@@ -0,0 +1,34 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['3.0', '2.7', '2.6']
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: Run lint
+      run: bundle exec rubocop

.gitignore

@@ -0,0 +1,60 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+# Used by dotenv library to load environment variables.
+# .env
+
+# Ignore Byebug command history file.
+.byebug_history
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+
+# Used by RuboCop. Remote config files pulled in from inherit_from directive.
+# .rubocop-https?--*
+
+# PoC and tests
+poc.rb
+test.rb

.rubocop.yml

@@ -0,0 +1,13 @@
+AllCops:
+  TargetRubyVersion: 2.6
+  NewCops: enable
+  Exclude:
+    - 'test/*.rb'
+  SuggestExtensions: false
+Layout/HashAlignment:
+  Exclude:
+    - '*.gemspec'
+Metrics/AbcSize:
+  Enabled: false
+Style/OptionalBooleanParameter:
+  Enabled: false

.tool-versions

@@ -0,0 +1,2 @@
+ruby 3.0.1
+nodejs 14.15.1

.yardopts

@@ -0,0 +1,4 @@
+--output-dir docs/yard
+-
+--main README.md
+LICENSE

Gemfile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in .gemspec
+gemspec

Gemfile.lock

@@ -0,0 +1,57 @@
+PATH
+  remote: .
+  specs:
+    tls-map (1.0.0)
+      docopt (~> 0.6)
+      paint (~> 2.2)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    commonmarker (0.21.2)
+      ruby-enum (~> 0.5)
+    concurrent-ruby (1.1.8)
+    docopt (0.6.1)
+    github-markup (4.0.0)
+    i18n (1.8.10)
+      concurrent-ruby (~> 1.0)
+    paint (2.2.1)
+    parallel (1.20.1)
+    parser (3.0.1.0)
+      ast (~> 2.4.1)
+    rainbow (3.0.0)
+    redcarpet (3.5.1)
+    regexp_parser (2.1.1)
+    rexml (3.2.5)
+    rubocop (1.13.0)
+      parallel (~> 1.10)
+      parser (>= 3.0.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.2.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.4.1)
+      parser (>= 2.7.1.5)
+    ruby-enum (0.9.0)
+      i18n
+    ruby-progressbar (1.11.0)
+    unicode-display_width (2.0.0)
+    yard (0.9.26)
+
+PLATFORMS
+  x86_64-linux
+
+DEPENDENCIES
+  bundler (>= 2.1.0, < 2.3)
+  commonmarker (~> 0.21)
+  github-markup (~> 4.0)
+  redcarpet (~> 3.5)
+  rubocop (~> 1.10)
+  tls-map!
+  yard (~> 0.9)
+
+BUNDLED WITH
+   2.2.15

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Alexandre ZANNI at SEC-IT
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,44 @@
+# TLS map
+
+[![Gem Version](https://badge.fury.io/rb/tls-map.svg)](https://badge.fury.io/rb/tls-map)
+![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/sec-it/tls-map)
+[![GitHub forks](https://img.shields.io/github/forks/sec-it/tls-map)](https://github.com/sec-it/tls-map/network)
+[![GitHub stars](https://img.shields.io/github/stars/sec-it/tls-map)](https://github.com/sec-it/tls-map/stargazers)
+[![GitHub license](https://img.shields.io/github/license/sec-it/tls-map)](https://github.com/sec-it/tls-map/blob/master/LICENSE.txt)
+[![Rawsec's CyberSecurity Inventory](https://inventory.rawsec.ml/img/badges/Rawsec-inventoried-FF5050_flat.svg)](https://inventory.rawsec.ml/tools.html#TLS%20map)
+
+[![Packaging status](https://repology.org/badge/vertical-allrepos/tls-map.svg)](https://repology.org/project/tls-map/versions)
+
+![logo](docs/_media/logo.png)
+
+> CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS, NSS
+
+**CLI**
+
+[![asciicast](https://asciinema.org/a/410877.svg)](https://asciinema.org/a/410877)
+
+**Library**
+
+![library example](https://i.imgur.com/3KZgZ6b.png)
+
+## Features
+
+- CLI and library
+- Search feature: hexadecimal codepoint and major TLS libraries cipher algorithm name: IANA, OpenSSL, GnuTLS, NSS
+- Export to files: markdown table, expanded JSON, minified JSON, Ruby marshalized hash
+
+## Installation
+
+```plaintext
+$ gem install tls-map
+```
+
+Check the [installation](https://sec-it.github.io/tls-map/) page on the documentation to discover more methods.
+
+## Documentation
+
+Homepage / Documentation: https://sec-it.github.io/tls-map/
+
+## Author
+
+Made by Alexandre ZANNI ([@noraj](https://pwn.by/noraj/)), pentester at [SEC-IT](https://sec-it.fr).

bin/tls-map

@@ -0,0 +1,64 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# Ruby internal
+require 'pp'
+# Project internal
+require 'tls_map'
+require 'tls_map/cli'
+# External
+require 'docopt'
+require 'paint'
+
+doc = <<~DOCOPT
+  TLS map
+
+  Usage:
+    tls-map search <critera> <term> [-o <output> --force] [--no-color --debug]
+    tls-map export <filename> <format> [--force] [--debug]
+    tls-map update [--debug]
+    tls-map -h | --help
+    tls-map --version
+
+  Search options: (offline)
+    <critera>               The type of term. Accepted values: codepoint, iana, openssl, gnutls, nss.
+    <term>                  The cipher algorithm name.
+    -o, --output <output>   Displayed fields. Accepted values: all, codepoint, iana, openssl, gnutls, nss. [default: all]
+
+  Export options: (offline)
+    <filename>              The output file name to write to.
+    <format>                Supported formats: markdown (a markdown table), json_pretty (expanded JSON), json_compact (minified JSON), marshal (Ruby marshalized hash).
+
+  Update options: (online) DANGEROUS, will break database integrity, force option will be required
+
+  Other options:
+    --force     Force parsing even if intigrity check failed (DANGEROUS, may result in command execution vulnerability)
+    --no-color  Disable colorized output
+    --debug     Display arguments
+    -h, --help  Show this screen
+    --version   Show version
+DOCOPT
+
+begin
+  args = Docopt.docopt(doc, version: TLSmap::VERSION)
+  Paint.mode = 0 if args['--no-color']
+  pp args if args['--debug']
+  if args['search']
+    cli = TLSmap::CLI.new(args['--force'])
+    res = cli.search(args['<critera>'].to_sym, args['<term>'], args['--output'].to_sym)
+    puts Paint['No match found', :red] if res.empty?
+    res.each do |k, v|
+      puts "#{Paint[k, :green]}: #{Paint[v, :white]}"
+    end
+  elsif args['export']
+    cli = TLSmap::CLI.new(args['--force'])
+    cli.export(args['<filename>'], args['<format>'].to_sym)
+    puts "#{args['<filename>']} exported"
+  elsif args['update']
+    cli = TLSmap::CLI.new
+    cli.update
+    puts 'Database updated'
+  end
+rescue Docopt::Exit => e
+  puts e.message
+end

bin/tls-map_console

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'tls_map'
+require 'irb'
+
+IRB.start(__FILE__)