ccfos
/
nightingale
Not watched
1
0
Fork 0
Code
Releases 20 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 765b3a57fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '765b3a57fe'
${ noResults }
nightingale/pkg/tlsx/common.go

67 lines
3.1 kB
Raw Blame History 

  1. package tlsx

  2. 

  3. import (

  4. 	"crypto/tls"

  5. 	"fmt"

  6. )

  7. 

  8. var tlsVersionMap = map[string]uint16{

  9. 	"TLS10": tls.VersionTLS10,

  10. 	"TLS11": tls.VersionTLS11,

  11. 	"TLS12": tls.VersionTLS12,

  12. 	"TLS13": tls.VersionTLS13,

  13. }

  14. 

  15. var tlsCipherMap = map[string]uint16{

  16. 	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":    tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,

  17. 	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305":  tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,

  18. 	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,

  19. 	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,

  20. 	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":   tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,

  21. 	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,

  22. 	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,

  23. 	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,

  24. 	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,

  25. 	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,

  26. 	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,

  27. 	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,

  28. 	"TLS_RSA_WITH_AES_128_GCM_SHA256":         tls.TLS_RSA_WITH_AES_128_GCM_SHA256,

  29. 	"TLS_RSA_WITH_AES_256_GCM_SHA384":         tls.TLS_RSA_WITH_AES_256_GCM_SHA384,

  30. 	"TLS_RSA_WITH_AES_128_CBC_SHA256":         tls.TLS_RSA_WITH_AES_128_CBC_SHA256,

  31. 	"TLS_RSA_WITH_AES_128_CBC_SHA":            tls.TLS_RSA_WITH_AES_128_CBC_SHA,

  32. 	"TLS_RSA_WITH_AES_256_CBC_SHA":            tls.TLS_RSA_WITH_AES_256_CBC_SHA,

  33. 	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":     tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,

  34. 	"TLS_RSA_WITH_3DES_EDE_CBC_SHA":           tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,

  35. 	"TLS_RSA_WITH_RC4_128_SHA":                tls.TLS_RSA_WITH_RC4_128_SHA,

  36. 	"TLS_ECDHE_RSA_WITH_RC4_128_SHA":          tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,

  37. 	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":        tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,

  38. 	"TLS_AES_128_GCM_SHA256":                  tls.TLS_AES_128_GCM_SHA256,

  39. 	"TLS_AES_256_GCM_SHA384":                  tls.TLS_AES_256_GCM_SHA384,

  40. 	"TLS_CHACHA20_POLY1305_SHA256":            tls.TLS_CHACHA20_POLY1305_SHA256,

  41. }

  42. 

  43. // ParseCiphers returns a `[]uint16` by received `[]string` key that represents ciphers from crypto/tls.

  44. // If some of ciphers in received list doesn't exists  ParseCiphers returns nil with error

  45. func ParseCiphers(ciphers []string) ([]uint16, error) {

  46. 	suites := []uint16{}

  47. 

  48. 	for _, cipher := range ciphers {

  49. 		v, ok := tlsCipherMap[cipher]

  50. 		if !ok {

  51. 			return nil, fmt.Errorf("unsupported cipher %q", cipher)

  52. 		}

  53. 		suites = append(suites, v)

  54. 	}

  55. 

  56. 	return suites, nil

  57. }

  58. 

  59. // ParseTLSVersion returns a `uint16` by received version string key that represents tls version from crypto/tls.

  60. // If version isn't supported ParseTLSVersion returns 0 with error

  61. func ParseTLSVersion(version string) (uint16, error) {

  62. 	if v, ok := tlsVersionMap[version]; ok {

  63. 		return v, nil

  64. 	}

  65. 	return 0, fmt.Errorf("unsupported version %q", version)

  66. }