tlsdefs

package module

v0.0.4 Latest Latest Go to latest Published: Apr 13, 2020 License: BSD-3-Clause Imports: 1 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/adedayo/tls-definitions

Links

Open Source Insights

README ¶

TLS Definitions

TLS Definitions contains useful definitions that I reuse in a number of TLS-related projects

Documentation ¶

Index ¶

Variables

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	//SupportedGroups are named elliptic curve
	//see https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
	SupportedGroups = map[uint16]string{
		0:     "Reserved",
		1:     "sect163k1",
		2:     "sect163r1",
		3:     "sect163r2",
		4:     "sect193r1",
		5:     "sect193r2",
		6:     "sect233k1",
		7:     "sect233r1",
		8:     "sect239k1",
		9:     "sect283k1",
		10:    "sect283r1",
		11:    "sect409k1",
		12:    "sect409r1",
		13:    "sect571k1",
		14:    "sect571r1",
		15:    "secp160k1",
		16:    "secp160r1",
		17:    "secp160r2",
		18:    "secp192k1",
		19:    "secp192r1",
		20:    "secp224k1",
		21:    "secp224r1",
		22:    "secp256k1",
		23:    "secp256r1",
		24:    "secp384r1",
		25:    "secp521r1",
		26:    "brainpoolP256r1",
		27:    "brainpoolP384r1",
		28:    "brainpoolP512r1",
		29:    "x25519",
		30:    "x448",
		256:   "ffdhe2048",
		257:   "ffdhe3072",
		258:   "ffdhe4096",
		259:   "ffdhe6144",
		260:   "ffdhe8192",
		65281: "arbitrary_explicit_prime_curves",
		65282: "arbitrary_explicit_char2_curves",
	}

	//SupportedGroupStrength maps named eliptic curve to comparable RSA length
	//For comparable strengths of EC named curves see
	//1. https://www.ietf.org/rfc/rfc5114.txt (see section 4, security considerations)
	//2. https://www.ietf.org/rfc/rfc5480.txt and
	//3. pp 133 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf
	SupportedGroupStrength = map[uint16]int{
		0:     -1,
		1:     -1,
		2:     -1,
		3:     -1,
		4:     -1,
		5:     -1,
		6:     -1,
		7:     -1,
		8:     -1,
		9:     -1,
		10:    -1,
		11:    -1,
		12:    -1,
		13:    -1,
		14:    -1,
		15:    -1,
		16:    -1,
		17:    -1,
		18:    -1,
		19:    1024,
		20:    2048,
		21:    2048,
		22:    3072,
		23:    3072,
		24:    7680,
		25:    15360,
		26:    3072,
		27:    7680,
		28:    15360,
		29:    3072,
		30:    7680,
		256:   2048,
		257:   3072,
		258:   4096,
		259:   6144,
		260:   8192,
		65281: -1,
		65282: -1,
	}

	//AllSupportedGroups are IANA-defined supported groups. Please see https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
	AllSupportedGroups []uint16 = getAllSupportedGroupIDs()

	// CipherSuiteMap - list of ciphersuites based on: http://www.iana.org/assignments/tls-parameters/tls-parameters.xml
	// For CSV: https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv
	// reserved/unknown/unassigned items are excluded.
	CipherSuiteMap = map[uint16]string{}/* 339 elements not displayed */

	//CipherSuiteNameToID is a mapping of ciphersuite name to corresponding ID
	CipherSuiteNameToID = map[string]uint16{}

	//TLS13Ciphers are newly-introduced IANA ciphers for TLS v1.3
	TLS13Ciphers = []uint16{
		0x1301, 0x1302, 0x1303, 0x1304, 0x1305,
	}
	// AllCipherSuites is the numerical values of IANA ciphersuites
	// with the exception of TLS_FALLBACK_SCSV (0x5600) and TLS_NULL_WITH_NULL_NULL (0x0000)
	AllCipherSuites []uint16 = getAllCipherSuiteIDs()

	//VersionSSL20 is the protocol code of SSL v2.0
	VersionSSL20 uint16 = 0x0002

	//VersionTLS13 is the protocol code of TLS v1.3 see https://datatracker.ietf.org/doc/rfc8446
	VersionTLS13 uint16 = 0x0304
	//TLSVersions an array of supported TLS versions
	TLSVersions = []uint16{VersionSSL20, tls.VersionSSL30, tls.VersionTLS10, tls.VersionTLS11, tls.VersionTLS12, tls.VersionTLS13}
	//TLSVersionMap a mapping from TLS version to a string representation
	TLSVersionMap = map[uint16]string{
		VersionSSL20:     "SSL v2.0",
		tls.VersionSSL30: "SSL v3.0",
		tls.VersionTLS10: "TLS v1.0",
		tls.VersionTLS11: "TLS v1.1",
		tls.VersionTLS12: "TLS v1.2",
		tls.VersionTLS13: "TLS v1.3",
	}

	//AllALPNProtos Application Layer Protocol Negotiation. See defined list at https://tools.ietf.org/html/rfc7301#section-6
	AllALPNProtos = []string{"spdy/3", "spdy/2", "spdy/1", "http/1.1"}

	//AEADProtocols are TLS protocols that are capable of Authenticated Encryption with Associated Data
	AEADProtocols = []uint16{tls.VersionTLS12, tls.VersionTLS13}

	//SignatureSchemes os the string representation of signature schemes
	SignatureSchemes = map[uint16]string{
		0x0401: "PKCS1WithSHA256",
		0x0501: "PKCS1WithSHA384",
		0x0601: "PKCS1WithSHA512",

		0x0804: "PSSWithSHA256",
		0x0805: "PSSWithSHA384",
		0x0806: "PSSWithSHA512",

		0x0403: "ECDSAWithP256AndSHA256",
		0x0503: "ECDSAWithP384AndSHA384",
		0x0603: "ECDSAWithP521AndSHA512",

		0x0201: "PKCS1WithSHA1",
		0x0203: "ECDSAWithSHA1",
	}
)

Functions ¶

This section is empty.

Types ¶

This section is empty.

Source Files ¶

View all Source files

definitions.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL