iamrameshkumar/ossl-ciphers-to-java.py

## ossl-ciphers-to-java.py
#!/usr/bin/env python

import sys
from os.path import basename
from subprocess import Popen, PIPE

"""Map of OpenSSL symmetric cipher names to cipher/block size tuples."""
CIPHERS={
  'AES': ('AES', 128),
  'AES128': ('AES', 128),
  'AES256': ('AES', 256),
  '3DES': ('3DES_EDE', 112),
  'DES': ('3DES_EDE', 112),
  'RC4': ('RC4', 128),
  'SEED': ('SEED', 128),
  'CAMELLIA128': ('CAMELLIA', 128),
  'CAMELLIA256': ('CAMELLIA', 256),
  'IDEA': ('IDEA', 128)
}

"""Map of OpenSSL key exchange protocol names to corresponding Java name."""
KX_PROTOS={
  'AECDH':'ECDH_anon',
  'ADH':'DH_anon',
  'DH':'DH',
  'DHE':'DHE',
  'ECDH':'ECDH',
  'ECDHE':'ECDHE',
  'EDH':'EDH',
  'PSK':'PSK',
  'RSA':'RSA',
  'SRP':'SRP'
}

"""Authentication protocol names."""
AUTH_PROTOS=(
  'DSS',
  'ECDSA',
  'PSK',
  'RSA',
  'SRP'
)

"""Digest algorithm names."""
DIGESTS=(
  'MD5',
  'SHA',
  'SHA256',
  'SHA384'
)

class JavaCipher(object):
  """TLS cipher suite descriptor."""

  def __init__(self):
    self.proto = 'TLS'
    self.kx = 'RSA'
    self.auth = 'RSA'
    self.enc = 'AES'
    self.enc_size = 128
    self.enc_pad = 'CBC'
    self.mac = 'SHA'

  def __str__(self):
    if self.kx == self.auth:
      s = '{0.proto}_{0.kx}_WITH_{0.enc}'.format(self)
    else:
      s = '{0.proto}_{0.kx}_{0.auth}_WITH_{0.enc}'.format(self)
    if self.enc != '3DES_EDE' and self.enc != 'SEED':
      s += '_{0.enc_size}'.format(self)
    if self.enc != 'RC4':
      s += '_{0.enc_pad}'.format(self)
    return s + '_{0.mac}'.format(self)

def parse(cipher_spec):
  """Parse an OpenSSL TLS cipher specification into a JavaCipher object."""
  parts = cipher_spec.split('-')
  jc = JavaCipher()
  enc_idx = 0
  if parts[0] in KX_PROTOS.keys():
    jc.kx = KX_PROTOS[parts[0]]
    if parts[1] in AUTH_PROTOS:
      jc.auth = parts[1]
      enc_idx = 2
    else:
      jc.auth = jc.kx
      enc_idx = 1
  (jc.enc, jc.enc_size) = CIPHERS[parts[enc_idx]]
  if parts[enc_idx+1] in DIGESTS:
    jc.mac = parts[enc_idx+1]
  else:
    jc.enc_pad = parts[enc_idx+1][0:3]
    jc.mac = parts[enc_idx+2]
  return jc


if len(sys.argv) < 2:
  print """USAGE: {0} List:of:OpenSSL:ciphers\nEXAMPLE:
    {0} 'EECDH+AESGCM:ECDHE+AESGCM:HIGH:!MD5:!RC4:!aNULL'
  """.format(basename(sys.argv[0]))
  sys.exit(0)

ossl_cmd = "openssl ciphers '%s'" % sys.argv[1]
output = Popen(ossl_cmd, shell=True, stdout=PIPE).stdout.readlines()
ciphers = output[0].strip().split(':')
for cipher in ciphers:
  print parse(cipher)
	#!/usr/bin/env python

	import sys
	from os.path import basename
	from subprocess import Popen, PIPE

	"""Map of OpenSSL symmetric cipher names to cipher/block size tuples."""
	CIPHERS={
	'AES': ('AES', 128),
	'AES128': ('AES', 128),
	'AES256': ('AES', 256),
	'3DES': ('3DES_EDE', 112),
	'DES': ('3DES_EDE', 112),
	'RC4': ('RC4', 128),
	'SEED': ('SEED', 128),
	'CAMELLIA128': ('CAMELLIA', 128),
	'CAMELLIA256': ('CAMELLIA', 256),
	'IDEA': ('IDEA', 128)
	}

	"""Map of OpenSSL key exchange protocol names to corresponding Java name."""
	KX_PROTOS={
	'AECDH':'ECDH_anon',
	'ADH':'DH_anon',
	'DH':'DH',
	'DHE':'DHE',
	'ECDH':'ECDH',
	'ECDHE':'ECDHE',
	'EDH':'EDH',
	'PSK':'PSK',
	'RSA':'RSA',
	'SRP':'SRP'
	}

	"""Authentication protocol names."""
	AUTH_PROTOS=(
	'DSS',
	'ECDSA',
	'PSK',
	'RSA',
	'SRP'
	)

	"""Digest algorithm names."""
	DIGESTS=(
	'MD5',
	'SHA',
	'SHA256',
	'SHA384'
	)

	class JavaCipher(object):
	"""TLS cipher suite descriptor."""

	def __init__(self):
	self.proto = 'TLS'
	self.kx = 'RSA'
	self.auth = 'RSA'
	self.enc = 'AES'
	self.enc_size = 128
	self.enc_pad = 'CBC'
	self.mac = 'SHA'

	def __str__(self):
	if self.kx == self.auth:
	s = '{0.proto}_{0.kx}_WITH_{0.enc}'.format(self)
	else:
	s = '{0.proto}_{0.kx}_{0.auth}_WITH_{0.enc}'.format(self)
	if self.enc != '3DES_EDE' and self.enc != 'SEED':
	s += '_{0.enc_size}'.format(self)
	if self.enc != 'RC4':
	s += '_{0.enc_pad}'.format(self)
	return s + '_{0.mac}'.format(self)

	def parse(cipher_spec):
	"""Parse an OpenSSL TLS cipher specification into a JavaCipher object."""
	parts = cipher_spec.split('-')
	jc = JavaCipher()
	enc_idx = 0
	if parts[0] in KX_PROTOS.keys():
	jc.kx = KX_PROTOS[parts[0]]
	if parts[1] in AUTH_PROTOS:
	jc.auth = parts[1]
	enc_idx = 2
	else:
	jc.auth = jc.kx
	enc_idx = 1
	(jc.enc, jc.enc_size) = CIPHERS[parts[enc_idx]]
	if parts[enc_idx+1] in DIGESTS:
	jc.mac = parts[enc_idx+1]
	else:
	jc.enc_pad = parts[enc_idx+1][0:3]
	jc.mac = parts[enc_idx+2]
	return jc


	if len(sys.argv) < 2:
	print """USAGE: {0} List:of:OpenSSL:ciphers\nEXAMPLE:
	{0} 'EECDH+AESGCM:ECDHE+AESGCM:HIGH:!MD5:!RC4:!aNULL'
	""".format(basename(sys.argv[0]))
	sys.exit(0)

	ossl_cmd = "openssl ciphers '%s'" % sys.argv[1]
	output = Popen(ossl_cmd, shell=True, stdout=PIPE).stdout.readlines()
	ciphers = output[0].strip().split(':')
	for cipher in ciphers:
	print parse(cipher)