mirror of https://github.com/bjdgyc/anylink.git
127 lines
2.5 KiB
Go
127 lines
2.5 KiB
Go
// Package hash provides TLS HashAlgorithm as defined in TLS 1.2
|
|
package hash
|
|
|
|
import ( //nolint:gci
|
|
"crypto"
|
|
"crypto/md5" //nolint:gosec
|
|
"crypto/sha1" //nolint:gosec
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
)
|
|
|
|
// Algorithm is used to indicate the hash algorithm used
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
|
|
type Algorithm uint16
|
|
|
|
// Supported hash algorithms
|
|
const (
|
|
None Algorithm = 0 // Blacklisted
|
|
MD5 Algorithm = 1 // Blacklisted
|
|
SHA1 Algorithm = 2 // Blacklisted
|
|
SHA224 Algorithm = 3
|
|
SHA256 Algorithm = 4
|
|
SHA384 Algorithm = 5
|
|
SHA512 Algorithm = 6
|
|
Ed25519 Algorithm = 8
|
|
)
|
|
|
|
// String makes hashAlgorithm printable
|
|
func (a Algorithm) String() string {
|
|
switch a {
|
|
case None:
|
|
return "none"
|
|
case MD5:
|
|
return "md5" // [RFC3279]
|
|
case SHA1:
|
|
return "sha-1" // [RFC3279]
|
|
case SHA224:
|
|
return "sha-224" // [RFC4055]
|
|
case SHA256:
|
|
return "sha-256" // [RFC4055]
|
|
case SHA384:
|
|
return "sha-384" // [RFC4055]
|
|
case SHA512:
|
|
return "sha-512" // [RFC4055]
|
|
case Ed25519:
|
|
return "null"
|
|
default:
|
|
return "unknown or unsupported hash algorithm"
|
|
}
|
|
}
|
|
|
|
// Digest performs a digest on the passed value
|
|
func (a Algorithm) Digest(b []byte) []byte {
|
|
switch a {
|
|
case None:
|
|
return nil
|
|
case MD5:
|
|
hash := md5.Sum(b) // #nosec
|
|
return hash[:]
|
|
case SHA1:
|
|
hash := sha1.Sum(b) // #nosec
|
|
return hash[:]
|
|
case SHA224:
|
|
hash := sha256.Sum224(b)
|
|
return hash[:]
|
|
case SHA256:
|
|
hash := sha256.Sum256(b)
|
|
return hash[:]
|
|
case SHA384:
|
|
hash := sha512.Sum384(b)
|
|
return hash[:]
|
|
case SHA512:
|
|
hash := sha512.Sum512(b)
|
|
return hash[:]
|
|
default:
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// Insecure returns if the given HashAlgorithm is considered secure in DTLS 1.2
|
|
func (a Algorithm) Insecure() bool {
|
|
switch a {
|
|
case None, MD5, SHA1:
|
|
return true
|
|
default:
|
|
return false
|
|
}
|
|
}
|
|
|
|
// CryptoHash returns the crypto.Hash implementation for the given HashAlgorithm
|
|
func (a Algorithm) CryptoHash() crypto.Hash {
|
|
switch a {
|
|
case None:
|
|
return crypto.Hash(0)
|
|
case MD5:
|
|
return crypto.MD5
|
|
case SHA1:
|
|
return crypto.SHA1
|
|
case SHA224:
|
|
return crypto.SHA224
|
|
case SHA256:
|
|
return crypto.SHA256
|
|
case SHA384:
|
|
return crypto.SHA384
|
|
case SHA512:
|
|
return crypto.SHA512
|
|
case Ed25519:
|
|
return crypto.Hash(0)
|
|
default:
|
|
return crypto.Hash(0)
|
|
}
|
|
}
|
|
|
|
// Algorithms returns all the supported Hash Algorithms
|
|
func Algorithms() map[Algorithm]struct{} {
|
|
return map[Algorithm]struct{}{
|
|
None: {},
|
|
MD5: {},
|
|
SHA1: {},
|
|
SHA224: {},
|
|
SHA256: {},
|
|
SHA384: {},
|
|
SHA512: {},
|
|
Ed25519: {},
|
|
}
|
|
}
|