Documentation ¶
Index ¶
- Constants
- Variables
- type CipherCheck
- type Grade
- type IntList
- type IntSet
- func (a *IntSet) Clear()
- func (a *IntSet) Copy(b *IntSet)
- func (a *IntSet) Diff(b *IntSet) *IntSet
- func (a *IntSet) Equal(b *IntSet) bool
- func (a *IntSet) Has(elem int) bool
- func (a *IntSet) Insert(elem int)
- func (a *IntSet) Inter(b *IntSet) *IntSet
- func (a *IntSet) IsEmpty() bool
- func (a *IntSet) Len() int
- func (a *IntSet) List() IntList
- func (a *IntSet) String() string
- func (a *IntSet) Union(b *IntSet) *IntSet
- type IntSignature
- type Match
- type MitmInfo
- type RequestFingerprint
- type RequestSignature
- func (a *RequestSignature) Grade() Grade
- func (a *RequestSignature) IsPfs() bool
- func (a RequestSignature) Match(fingerprint RequestFingerprint) (Match, int)
- func (a RequestSignature) MatchMap(fingerprint RequestFingerprint) (map[string]Match, int)
- func (a RequestSignature) Merge(b RequestSignature) (merged RequestSignature)
- func (a *RequestSignature) Parse(s string) error
- func (a RequestSignature) String() string
- type StringList
- type StringSet
- type StringSignature
- type UAFingerprint
- type UASignature
- type UAVersion
- type UAVersionSignature
- type Version
- type VersionSignature
Constants ¶
const ( TypeEmpty uint8 = iota TypeAntivirus TypeFakeBrowser TypeMalware TypeParental TypeProxy )
Sources:
Variables ¶
var GlobalCipherCheck = NewCipherCheck()
GlobalCipherCheck is available to external packages.
Functions ¶
This section is empty.
Types ¶
type CipherCheck ¶
type CipherCheck struct {
// contains filtered or unexported fields
}
CipherCheck maps ciphers to their assigned security grades
func NewCipherCheck ¶
func NewCipherCheck() CipherCheck
NewCipherCheck returns a new CipherCheck initialized with a list of ciphers
func (CipherCheck) AnyKnownAttack ¶
func (a CipherCheck) AnyKnownAttack(cipherList IntList) bool
AnyKnownAttack returns true if any of the ciphers is vulnerable to a known attack
func (CipherCheck) AnyTriviallyBroken ¶
func (a CipherCheck) AnyTriviallyBroken(cipherList IntList) bool
AnyTriviallyBroken returns true if any of the ciphers is trivially broken
func (CipherCheck) Grade ¶
func (a CipherCheck) Grade(cipherList IntList) Grade
Grade returns the security grade of a list of ciphers
func (CipherCheck) IsFirstPfs ¶
func (a CipherCheck) IsFirstPfs(cipherList IntList) bool
IsFirstPfs checks if the first cipher suite has perfect forward secrecy
type Grade ¶
type Grade uint8
Grade represents a TLS client security grade
const ( GradeEmpty Grade = iota // no grade assigned GradeA // optimal GradeB // suboptimal GradeC // known attack GradeF // trivially broken )
Sources:
type IntList ¶
type IntList []int
IntList is a list of integers
func NewIntList ¶
NewIntList returns a string list parsed from a string.
type IntSet ¶
IntSet is a set of integers
func (*IntSet) Equal ¶ added in v1.0.2
IsEmpty a bool indicating whether two intsets are equal or not
func (*IntSet) Has ¶ added in v1.0.2
Has returns a bool indicating whether an intset actually contains the given elem or not.
func (*IntSet) IsEmpty ¶ added in v1.0.2
IsEmpty a bool indicating whether an intset is empty or not.
type IntSignature ¶
type IntSignature struct { OrderedList IntList RequiredSet *IntSet OptionalSet *IntSet UnlikelySet *IntSet ExcludedSet *IntSet }
An IntSignature is a signature on a list of integers.
func NewIntSignature ¶
func NewIntSignature(s string) (IntSignature, error)
NewIntSignature returns a new int signature parsed from a string.
func (IntSignature) Match ¶
func (a IntSignature) Match(list IntList) (Match, int)
Match an int list against the int signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (IntSignature) Merge ¶
func (a IntSignature) Merge(b IntSignature) (merged IntSignature)
Merge int signatures a and b to match fingerprints from both.
func (*IntSignature) Parse ¶
func (a *IntSignature) Parse(s string) error
Parse an int signature from a string and return an error on failure.
func (IntSignature) String ¶
func (a IntSignature) String() string
String returns a string representation of the int signature.
type Match ¶
type Match uint8
Match gives the match result for a comparison of a fingerprint to a signature.
type MitmInfo ¶
type MitmInfo struct { NameList StringList Type uint8 Grade Grade }
MitmInfo contains information about mitm software.
func NewMitmInfo ¶
NewMitmInfo returns a new MitmInfo struct parsed from a string.
func (MitmInfo) Match ¶
Match returns MatchPossible if the lists of mitm names are exactly the same or share a common mitm name, and returns MatchImpossible otherwise.
type RequestFingerprint ¶
type RequestFingerprint struct { Version Version Cipher IntList Extension IntList Curve IntList EcPointFmt IntList Header StringList Quirk StringList }
A RequestFingerprint represents the features of a client request, including client hello features, http headers, and any additional quirks.
func NewRequestFingerprint ¶
func NewRequestFingerprint(s string) (RequestFingerprint, error)
NewRequestFingerprint is a wrapper around RequestFingerprint.Parse
func (*RequestFingerprint) Parse ¶
func (a *RequestFingerprint) Parse(s string) error
Parse a fingerprint from a string and return an error on failure.
func (RequestFingerprint) String ¶
func (a RequestFingerprint) String() string
String returns a string representation of the fingerprint.
type RequestSignature ¶
type RequestSignature struct { Version VersionSignature Cipher IntSignature Extension IntSignature Curve IntSignature EcPointFmt IntSignature Header StringSignature Quirk StringSignature // contains filtered or unexported fields }
A RequestSignature represents a set of client request fingerprints. Many TLS/HTTPS implementations can be uniquely identified by their signatures.
func NewRequestSignature ¶
func NewRequestSignature(s string) (RequestSignature, error)
NewRequestSignature is a wrapper around RequestSignature.Parse
func (*RequestSignature) Grade ¶
func (a *RequestSignature) Grade() Grade
Grade returns the security grade for the request signature.
func (*RequestSignature) IsPfs ¶
func (a *RequestSignature) IsPfs() bool
IsPfs returns true if the request signature has perfect forward secrecy.
func (RequestSignature) Match ¶
func (a RequestSignature) Match(fingerprint RequestFingerprint) (Match, int)
Match a fingerprint against the signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (RequestSignature) MatchMap ¶
func (a RequestSignature) MatchMap(fingerprint RequestFingerprint) (map[string]Match, int)
MatchMap returns (1) a map of the match results of the fingerprint against the signature, and (2) the count of overlapping cipher, extension, curve, and ecpointfmt values. The second value helps a caller deduce the closest matching record in the case there is no "MatchPossible" match.
func (RequestSignature) Merge ¶
func (a RequestSignature) Merge(b RequestSignature) (merged RequestSignature)
Merge signatures a and b to match fingerprints from both.
func (*RequestSignature) Parse ¶
func (a *RequestSignature) Parse(s string) error
Parse a signature from a string and return an error on failure.
func (RequestSignature) String ¶
func (a RequestSignature) String() string
Returns a string representation of the signature.
type StringList ¶
type StringList []string
StringList is a list of strings
func NewStringList ¶
func NewStringList(s string) (StringList, error)
NewStringList returns a string list parsed from a string.
func (StringList) Contains ¶
func (a StringList) Contains(b StringList) bool
Contains returns true if b is an ordered subsequence of a
func (StringList) Equals ¶
func (a StringList) Equals(b StringList) bool
Equals returns true if a and b are equal
func (*StringList) Parse ¶
func (a *StringList) Parse(s string) error
Parse a stringlist from a string and return an error on failure
func (StringList) Set ¶
func (a StringList) Set() StringSet
Set returns a set representation of a list
func (StringList) String ¶
func (a StringList) String() string
String returns a comma-separated string of list elements
type StringSet ¶
StringSet is a set of strings
func (StringSet) List ¶
func (a StringSet) List() StringList
List returns a list representation of a set in sorted order
type StringSignature ¶
type StringSignature struct { OrderedList StringList RequiredSet StringSet OptionalSet StringSet UnlikelySet StringSet ExcludedSet StringSet }
A StringSignature is a signature on a list of strings.
func NewStringSignature ¶
func NewStringSignature(s string) (StringSignature, error)
NewStringSignature returns a new string signature parsed from a string.
func (StringSignature) Match ¶
func (a StringSignature) Match(list StringList) Match
Match a string list against the string signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (StringSignature) Merge ¶
func (a StringSignature) Merge(b StringSignature) (merged StringSignature)
Merge string signatures a and b to match fingerprints from both.
func (*StringSignature) Parse ¶
func (a *StringSignature) Parse(s string) error
Parse a string signature from a string and return an error on failure.
func (StringSignature) String ¶
func (a StringSignature) String() string
String returns a string representation of the string signature.
type UAFingerprint ¶
type UAFingerprint struct { BrowserName int BrowserVersion UAVersion OSPlatform int OSName int OSVersion UAVersion DeviceType int Quirk StringList }
UAFingerprint is a fingerprint for a user agent
func NewUAFingerprint ¶
func NewUAFingerprint(s string) (UAFingerprint, error)
NewUAFingerprint returns a new user agent fingerprint parsed from a string
func (*UAFingerprint) Parse ¶
func (a *UAFingerprint) Parse(s string) error
Parse a user agent fingerprint from a string and return an error on failure
func (UAFingerprint) String ¶
func (a UAFingerprint) String() string
String returns a string representation of a fingerprint
type UASignature ¶
type UASignature struct { BrowserName int BrowserVersion UAVersionSignature OSPlatform int OSName int OSVersion UAVersionSignature DeviceType int Quirk StringSignature }
A UASignature represents a set of user agents
func NewUASignature ¶
func NewUASignature(s string) (UASignature, error)
NewUASignature returns a new user agent signature parsed from a string
func (UASignature) Match ¶
func (a UASignature) Match(fingerprint UAFingerprint) Match
Match a user agent against the user agent signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (UASignature) Merge ¶
func (a UASignature) Merge(b UASignature) UASignature
Merge user agent signatures a and b to match fingerprints from both.
func (*UASignature) Parse ¶
func (a *UASignature) Parse(s string) error
Parse a user agent signature from a string and return an error on failure
func (UASignature) String ¶
func (a UASignature) String() string
String returns a string representation of a signature
type UAVersion ¶
UAVersion represents a user agent browser or OS version.
type UAVersionSignature ¶
A UAVersionSignature matches a range of possible user agent versions
func (UAVersionSignature) Match ¶
func (a UAVersionSignature) Match(fingerprint UAVersion) Match
Match a user agent fingerprint against the signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (UAVersionSignature) Merge ¶
func (a UAVersionSignature) Merge(b UAVersionSignature) UAVersionSignature
Merge signatures a and b to match fingerprints from both.
func (*UAVersionSignature) Parse ¶
func (a *UAVersionSignature) Parse(s string) error
Parse a user agent version signature from a string and return an error on failure.
func (UAVersionSignature) String ¶
func (a UAVersionSignature) String() string
type Version ¶
type Version uint16
Version represents a TLS Version
const ( VersionEmpty Version = 0 VersionSSL2 Version = 0x0200 // 0x0002 on the wire, so let's swap here VersionSSL3 Version = 0x0300 VersionTLS10 Version = 0x0301 VersionTLS11 Version = 0x0302 VersionTLS12 Version = 0x0303 VersionTLS13 Version = 0x0304 )
Source:
- SSL0.2: https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html
- SSL3.0: https://tools.ietf.org/html/draft-ietf-tls-ssl-version3-00#appendix-A.1.1
- TLS1.0: https://tools.ietf.org/html/draft-ietf-tls-protocol-01#appendix-A.2
- TLS1.1: https://www.ietf.org/rfc/rfc4346.txt
- TLS1.2: https://www.ietf.org/rfc/rfc5246.txt
- TLS1.3: https://tools.ietf.org/html/draft-ietf-tls-tls13-28#section-4.2.1
func NewVersion ¶
NewVersion parses a version from a string, returning VersionEmpty if not recognized
type VersionSignature ¶
A VersionSignature is a signature for a TLS version.
func NewVersionSignature ¶ added in v1.0.1
func NewVersionSignature(s string) (VersionSignature, error)
NewVersionSignature returns a new int signature parsed from a string.
func (VersionSignature) Match ¶
func (a VersionSignature) Match(version Version) Match
Match a version against the version signature. Returns MatchImpossible if no match is possible, MatchUnlikely if the match is possible with an unlikely configuration, and MatchPossible otherwise.
func (VersionSignature) Merge ¶
func (a VersionSignature) Merge(b VersionSignature) (merged VersionSignature)
Merge version signatures a and b to match fingerprints from both.
func (*VersionSignature) Parse ¶
func (a *VersionSignature) Parse(s string) error
Parse a version signature from a string and return an error on failure.
func (VersionSignature) String ¶
func (a VersionSignature) String() string
Return a string representation of the version signature.