Skip to content

Allows Windows Schannel CipherSuite and Elliptic Curve configuration.

Notifications You must be signed in to change notification settings

Rans4ckeR/CipherPunk

Repository files navigation

CipherPunk

Library & UI for Windows Schannel CipherSuite and Elliptic Curve configuration and remote server probing. Inspired by IISCrypto

Features

  • Supports SSL2.0, SSL3.0, TLS1.0, TLS1.1, TLS1.2 & TLS1.3
  • Remote server probing
  • Cipher Suite configuration
  • Elliptic Curve configuration
  • Windows 7 to 11 & Windows Server 2008 R2 to 2022
  • Configuration using local Group Policy (IISCrypto style)
  • Configuration using Schannel API

Available as a standalone Windows application (UI) and as a NuGet package (API).

Note: not all applications use Schannel, most browsers for example require separate configuration.

CipherPunk.UI

A Windows .NET WPF application for x86, x64 and ARM64.

ciphers

curves

remote server

documentation

CipherPunk

A NuGet package to manage Windows Schannel.

Usage Examples

using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using CipherPunk;

// Register the CipherPunk services in the dependency container using AddCipherPunk()
using IHost host = Host.CreateDefaultBuilder(args)
    .ConfigureServices((_, services) => services.AddCipherPunk())
    .Build();

using IServiceScope serviceScope = host.Services.CreateScope();
ICipherSuiteService cipherSuiteService = serviceScope.ServiceProvider.GetRequiredService<ICipherSuiteService>();
IEllipticCurveService ellipticCurveService = serviceScope.ServiceProvider.GetRequiredService<IEllipticCurveService>();

// Retrieve the currently active cipher suites ordered by priority
List<WindowsApiCipherSuiteConfiguration> cipherSuites = cipherSuiteService.GetOperatingSystemActiveCipherSuiteList();
cipherSuites.ForEach(q => Console.WriteLine(q.CipherSuiteName));

// Retrieve the currently active elliptic curves ordered by priority
List<WindowsApiEllipticCurveConfiguration> ellipticCurves = ellipticCurveService.GetOperatingSystemActiveEllipticCurveList();
ellipticCurves.ForEach(q => Console.WriteLine(q.pwszName));

// Retrieve the default cipher suites ordered by priority for the current OS
List<WindowsDocumentationCipherSuiteConfiguration> defaultCipherSuites = cipherSuiteService.GetOperatingSystemDocumentationDefaultCipherSuiteList();
defaultCipherSuites.ForEach(q => Console.WriteLine(q.CipherSuite));

// Retrieve the default elliptic curves ordered by priority for the current OS
List<WindowsDocumentationEllipticCurveConfiguration> defaultEllipticCurves = ellipticCurveService.GetOperatingSystemDefaultEllipticCurveList();
defaultEllipticCurves.ForEach(q => Console.WriteLine(q.Name));

// Add a cipher suite
cipherSuiteService.AddCipherSuite("TLS_AES_256_GCM_SHA384");

await host.RunAsync();