Added ciphersuite to tls data + misc

integration_tests/ssl/custom-cipher.yaml

@@ -11,6 +11,6 @@ ssl:
       - TLS_AES_128_GCM_SHA256
     matchers:
       - type: word
-        part: cipher_matched
+        part: response
         words:
-          - "true"
+          - "TLS_AES_128_GCM_SHA256"

integration_tests/ssl/custom-version.yaml

@@ -13,4 +13,4 @@ ssl:
       - type: word
         part: response
         words:
-          - '"tls_version":"TLS12"'
+          - 'TLS12'

v2/go.mod

@@ -26,7 +26,7 @@ require (
 	github.com/owenrumney/go-sarif v1.1.1
 	github.com/pkg/errors v0.9.1
 	github.com/projectdiscovery/clistats v0.0.8
-	github.com/projectdiscovery/cryptoutil v0.0.0-20220124150510-1f21e1ec3143
+	github.com/projectdiscovery/cryptoutil v1.0.0
 	github.com/projectdiscovery/fastdialer v0.0.15-0.20220127193345-f06b0fd54d47
 	github.com/projectdiscovery/filekv v0.0.0-20210915124239-3467ef45dd08
 	github.com/projectdiscovery/fileutil v0.0.0-20210928100737-cab279c5d4b5

v2/go.sum

@@ -415,6 +415,10 @@ github.com/projectdiscovery/clistats v0.0.8/go.mod h1:lV6jUHAv2bYWqrQstqW8iVIydK
 github.com/projectdiscovery/cryptoutil v0.0.0-20210805184155-b5d2512f9345/go.mod h1:clhQmPnt35ziJW1AhJRKyu8aygXCSoyWj6dtmZBRjjc=
 github.com/projectdiscovery/cryptoutil v0.0.0-20220124150510-1f21e1ec3143 h1:ulWFeH179xgDUfNQT/LyimW1znNlivsqv2d/lNFZU30=
 github.com/projectdiscovery/cryptoutil v0.0.0-20220124150510-1f21e1ec3143/go.mod h1:VJvSNE8f8A1MgpjgAL2GPJSQcJa4jbdaeQJstARFrU4=
+github.com/projectdiscovery/cryptoutil v0.0.0-20220308134124-226941faf57b h1:BTOdZSqMTDGa+RE2d0qyE9SGoj9E1+/gTp6dTHHMA74=
+github.com/projectdiscovery/cryptoutil v0.0.0-20220308134124-226941faf57b/go.mod h1:clhQmPnt35ziJW1AhJRKyu8aygXCSoyWj6dtmZBRjjc=
+github.com/projectdiscovery/cryptoutil v1.0.0 h1:5rQfnWDthJ5ZFcqze+rmT1N7l1HJQ6EB26MrjaYB7I0=
+github.com/projectdiscovery/cryptoutil v1.0.0/go.mod h1:VJvSNE8f8A1MgpjgAL2GPJSQcJa4jbdaeQJstARFrU4=
 github.com/projectdiscovery/fastdialer v0.0.12/go.mod h1:RkRbxqDCcCFhfNUbkzBIz/ieD4uda2JuUA4WJ+RLee0=
 github.com/projectdiscovery/fastdialer v0.0.15-0.20220127193345-f06b0fd54d47 h1:TUsZiwez9uFmph1hlTsiH7rdB+wi4524+lMuV2z6FaM=
 github.com/projectdiscovery/fastdialer v0.0.15-0.20220127193345-f06b0fd54d47/go.mod h1:GbQvP1ezGlQn0af3lVcl08b5eRQu960T7A9pwazybSo=

v2/pkg/protocols/ssl/ssl.go

@@ -189,7 +189,6 @@ func (request *Request) ExecuteWithResults(input string, dynamicValues, previous
 	var (
 		tlsData      interface{}
 		certNotAfter int64
-		gotCipher    uint16
 	)
 	if request.options.Options.ZTLS {
 		connTLS, ok := conn.(*ztls.Conn)
@@ -202,7 +201,6 @@ func (request *Request) ExecuteWithResults(input string, dynamicValues, previous
 		}
 		tlsData = cryptoutil.ZTLSGrab(connTLS)
 		cert := connTLS.ConnectionState().PeerCertificates[0]
-		gotCipher = state.CipherSuite
 		certNotAfter = cert.NotAfter.Unix()
 	} else {
 		connTLS, ok := conn.(*tls.Conn)
@@ -215,16 +213,8 @@ func (request *Request) ExecuteWithResults(input string, dynamicValues, previous
 		}
 		tlsData = cryptoutil.TLSGrab(&state)
 		cert := connTLS.ConnectionState().PeerCertificates[0]
-		gotCipher = state.CipherSuite
 		certNotAfter = cert.NotAfter.Unix()
 	}
-	var cipherSuiteMatched bool
-	for _, cipher := range request.cipherSuites {
-		if cipher == gotCipher {
-			cipherSuiteMatched = true
-		}
-	}
-
 	jsonData, _ := jsoniter.Marshal(tlsData)
 	jsonDataString := string(jsonData)
 
@@ -233,7 +223,6 @@ func (request *Request) ExecuteWithResults(input string, dynamicValues, previous
 	data["type"] = request.Type().String()
 	data["response"] = jsonDataString
 	data["host"] = input
-	data["cipher_matched"] = cipherSuiteMatched
 	data["matched"] = addressToDial
 	data["not_after"] = float64(certNotAfter)
 	data["ip"] = request.dialer.GetDialedIP(hostname)