添加 github.com/pion/dtls 代码

2025-08-08 21:02:33 +08:00 · 2021-05-21 19:03:00 +08:00
parent 54a0cb7928
commit 28b5119f50
380 changed files with 16870 additions and 0 deletions
--- a/dtls-2.0.9/pkg/crypto/hash/hash.go
+++ b/dtls-2.0.9/pkg/crypto/hash/hash.go
@@ -0,0 +1,126 @@
+// Package hash provides TLS HashAlgorithm as defined in TLS 1.2
+package hash
+
+import ( //nolint:gci
+	"crypto"
+	"crypto/md5"  //nolint:gosec
+	"crypto/sha1" //nolint:gosec
+	"crypto/sha256"
+	"crypto/sha512"
+)
+
+// Algorithm is used to indicate the hash algorithm used
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
+type Algorithm uint16
+
+// Supported hash algorithms
+const (
+	None    Algorithm = 0 // Blacklisted
+	MD5     Algorithm = 1 // Blacklisted
+	SHA1    Algorithm = 2 // Blacklisted
+	SHA224  Algorithm = 3
+	SHA256  Algorithm = 4
+	SHA384  Algorithm = 5
+	SHA512  Algorithm = 6
+	Ed25519 Algorithm = 8
+)
+
+// String makes hashAlgorithm printable
+func (a Algorithm) String() string {
+	switch a {
+	case None:
+		return "none"
+	case MD5:
+		return "md5" // [RFC3279]
+	case SHA1:
+		return "sha-1" // [RFC3279]
+	case SHA224:
+		return "sha-224" // [RFC4055]
+	case SHA256:
+		return "sha-256" // [RFC4055]
+	case SHA384:
+		return "sha-384" // [RFC4055]
+	case SHA512:
+		return "sha-512" // [RFC4055]
+	case Ed25519:
+		return "null"
+	default:
+		return "unknown or unsupported hash algorithm"
+	}
+}
+
+// Digest performs a digest on the passed value
+func (a Algorithm) Digest(b []byte) []byte {
+	switch a {
+	case None:
+		return nil
+	case MD5:
+		hash := md5.Sum(b) // #nosec
+		return hash[:]
+	case SHA1:
+		hash := sha1.Sum(b) // #nosec
+		return hash[:]
+	case SHA224:
+		hash := sha256.Sum224(b)
+		return hash[:]
+	case SHA256:
+		hash := sha256.Sum256(b)
+		return hash[:]
+	case SHA384:
+		hash := sha512.Sum384(b)
+		return hash[:]
+	case SHA512:
+		hash := sha512.Sum512(b)
+		return hash[:]
+	default:
+		return nil
+	}
+}
+
+// Insecure returns if the given HashAlgorithm is considered secure in DTLS 1.2
+func (a Algorithm) Insecure() bool {
+	switch a {
+	case None, MD5, SHA1:
+		return true
+	default:
+		return false
+	}
+}
+
+// CryptoHash returns the crypto.Hash implementation for the given HashAlgorithm
+func (a Algorithm) CryptoHash() crypto.Hash {
+	switch a {
+	case None:
+		return crypto.Hash(0)
+	case MD5:
+		return crypto.MD5
+	case SHA1:
+		return crypto.SHA1
+	case SHA224:
+		return crypto.SHA224
+	case SHA256:
+		return crypto.SHA256
+	case SHA384:
+		return crypto.SHA384
+	case SHA512:
+		return crypto.SHA512
+	case Ed25519:
+		return crypto.Hash(0)
+	default:
+		return crypto.Hash(0)
+	}
+}
+
+// Algorithms returns all the supported Hash Algorithms
+func Algorithms() map[Algorithm]struct{} {
+	return map[Algorithm]struct{}{
+		None:    {},
+		MD5:     {},
+		SHA1:    {},
+		SHA224:  {},
+		SHA256:  {},
+		SHA384:  {},
+		SHA512:  {},
+		Ed25519: {},
+	}
+}
--- a/dtls-2.0.9/pkg/crypto/hash/hash_test.go
+++ b/dtls-2.0.9/pkg/crypto/hash/hash_test.go
@@ -0,0 +1,25 @@
+package hash
+
+import (
+	"testing"
+
+	"github.com/pion/dtls/v2/pkg/crypto/fingerprint"
+)
+
+func TestHashAlgorithm_StringRoundtrip(t *testing.T) {
+	for algo := range Algorithms() {
+		if algo == Ed25519 || algo == None {
+			continue
+		}
+
+		str := algo.String()
+		hash1 := algo.CryptoHash()
+		hash2, err := fingerprint.HashFromString(str)
+		if err != nil {
+			t.Fatalf("fingerprint.HashFromString failed: %v", err)
+		}
+		if hash1 != hash2 {
+			t.Errorf("Hash algorithm mismatch, input: %d, after roundtrip: %d", int(hash1), int(hash2))
+		}
+	}
+}