mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-03-31 10:37:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

new: vendor godicttls package (#265)

Browse source 
For better maintainability we decided to vendor this package instead of importing it.
This commit is contained in:
Gaukas Wang 2023-12-11 21:02:16 -07:00 committed by GitHub
parent feb5a95fc8
commit 9521fba944
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
34 changed files with 2602 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

28
dicttls/LICENSE Normal file
View file

@ -0,0 +1,28 @@
BSD 3-Clause License
Copyright (c) 2023, Gaukas Wang
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

12
dicttls/README.md Normal file
View file

@ -0,0 +1,12 @@
# Dict TLS
This is a vendored version of [godicttls](https://github.com/gaukas/godicttls)
Below is a copy of the original README.md
# godicttls
Dictionary for TLS written in Go providing bidirectional mapping values to their names, plus enum convenience for values.
Last Update with data fetched from [IANA](www.iana.org) in March 2023:
- Transport Layer Security (TLS) Parameters [link](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml)
- Transport Layer Security (TLS) Extensions [link](https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml)

118
dicttls/alerts.go Normal file
View file

@ -0,0 +1,118 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-6
// last updated: March 2023
const (
Alert_close_notify uint8 = 0
Alert_unexpected_message uint8 = 10
Alert_bad_record_mac uint8 = 20
Alert_decryption_failed uint8 = 21
Alert_record_overflow uint8 = 22
Alert_decompression_failure uint8 = 30
Alert_handshake_failure uint8 = 40
Alert_no_certificate uint8 = 41
Alert_bad_certificate uint8 = 42
Alert_unsupported_certificate uint8 = 43
Alert_certificate_revoked uint8 = 44
Alert_certificate_expired uint8 = 45
Alert_certificate_unknown uint8 = 46
Alert_illegal_parameter uint8 = 47
Alert_unknown_ca uint8 = 48
Alert_access_denied uint8 = 49
Alert_decode_error uint8 = 50
Alert_decrypt_error uint8 = 51
Alert_too_many_cids_requested uint8 = 52
Alert_export_restriction uint8 = 60
Alert_protocol_version uint8 = 70
Alert_insufficient_security uint8 = 71
Alert_internal_error uint8 = 80
Alert_inappropriate_fallback uint8 = 86
Alert_user_canceled uint8 = 90
Alert_no_renegotiation uint8 = 100
Alert_missing_extension uint8 = 109
Alert_unsupported_extension uint8 = 110
Alert_certificate_unobtainable uint8 = 111
Alert_unrecognized_name uint8 = 112
Alert_bad_certificate_status_response uint8 = 113
Alert_bad_certificate_hash_value uint8 = 114
Alert_unknown_psk_identity uint8 = 115
Alert_certificate_required uint8 = 116
Alert_no_application_protocol uint8 = 120
)
var DictAlertValueIndexed = map[uint8]string{
0: "close_notify",
10: "unexpected_message",
20: "bad_record_mac",
21: "decryption_failed",
22: "record_overflow",
30: "decompression_failure",
40: "handshake_failure",
41: "no_certificate",
42: "bad_certificate",
43: "unsupported_certificate",
44: "certificate_revoked",
45: "certificate_expired",
46: "certificate_unknown",
47: "illegal_parameter",
48: "unknown_ca",
49: "access_denied",
50: "decode_error",
51: "decrypt_error",
52: "too_many_cids_requested",
60: "export_restriction",
70: "protocol_version",
71: "insufficient_security",
80: "internal_error",
86: "inappropriate_fallback",
90: "user_canceled",
100: "no_renegotiation",
109: "missing_extension",
110: "unsupported_extension",
111: "certificate_unobtainable",
112: "unrecognized_name",
113: "bad_certificate_status_response",
114: "bad_certificate_hash_value",
115: "unknown_psk_identity",
116: "certificate_required",
120: "no_application_protocol",
}
var DictAlertNameIndexed = map[string]uint8{
"close_notify": 0,
"unexpected_message": 10,
"bad_record_mac": 20,
"decryption_failed": 21,
"record_overflow": 22,
"decompression_failure": 30,
"handshake_failure": 40,
"no_certificate": 41,
"bad_certificate": 42,
"unsupported_certificate": 43,
"certificate_revoked": 44,
"certificate_expired": 45,
"certificate_unknown": 46,
"illegal_parameter": 47,
"unknown_ca": 48,
"access_denied": 49,
"decode_error": 50,
"decrypt_error": 51,
"too_many_cids_requested": 52,
"export_restriction": 60,
"protocol_version": 70,
"insufficient_security": 71,
"internal_error": 80,
"inappropriate_fallback": 86,
"user_canceled": 90,
"no_renegotiation": 100,
"missing_extension": 109,
"unsupported_extension": 110,
"certificate_unobtainable": 111,
"unrecognized_name": 112,
"bad_certificate_status_response": 113,
"bad_certificate_hash_value": 114,
"unknown_psk_identity": 115,
"certificate_required": 116,
"no_application_protocol": 120,
}

35
dicttls/authorization_data_formats.go Normal file
View file

@ -0,0 +1,35 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#authorization-data
// last updated: March 2023
const (
AuthData_x509_attr_cert uint16 = 0
AuthData_saml_assertion uint16 = 1
AuthData_x509_attr_cert_url uint16 = 2
AuthData_saml_assertion_url uint16 = 3
AuthData_keynote_assertion_list uint16 = 64
AuthData_keynote_assertion_list_url uint16 = 65
AuthData_dtcp_authorization uint16 = 66
)
var DictAuthorizationDataFormatValueIndexed = map[uint16]string{
0: "x509_attr_cert",
1: "saml_assertion",
2: "x509_attr_cert_url",
3: "saml_assertion_url",
64: "keynote_assertion_list",
65: "keynote_assertion_list_url",
66: "dtcp_authorization",
}
var DictAuthorizationDataFormatNameIndexed = map[string]uint16{
"x509_attr_cert": 0,
"saml_assertion": 1,
"x509_attr_cert_url": 2,
"saml_assertion_url": 3,
"Unassigned": 0,
"keynote_assertion_list": 64,
"keynote_assertion_list_url": 65,
"dtcp_authorization": 66,
}

19
dicttls/cachedinformationtype_values.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#cachedinformationtype
// last updated: March 2023
const (
CachedInformationType_cert uint8 = 1
CachedInformationType_cert_req uint8 = 2
)
var DictCachedInformationTypeValueIndexed = map[uint8]string{
1: "cert",
2: "cert_req",
}
var DictCachedInformationTypeNameIndexed = map[string]uint8{
"cert": 1,
"cert_req": 2,
}

22
dicttls/certificate_compression_algorithm_ids.go Normal file
View file

@ -0,0 +1,22 @@
package dicttls
// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-certificate-compression-algorithm-ids
// last updated: March 2023
const (
CertCompAlg_zlib uint16 = 1
CertCompAlg_brotli uint16 = 2
CertCompAlg_zstd uint16 = 3
)
var DictCertificateCompressionAlgorithmValueIndexed = map[uint16]string{
1: "zlib",
2: "brotli",
3: "zstd",
}
var DictCertificateCompressionAlgorithmNameIndexed = map[string]uint16{
"zlib": 1,
"brotli": 2,
"zstd": 3,
}

19
dicttls/certificate_status_types.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#certificate-status
// last updated: March 2023
const (
CertStatusType_ocsp uint8 = 1
CertStatusType_ocsp_multi uint8 = 2
)
var DictCertificateStatusTypeValueIndexed = map[uint8]string{
1: "ocsp",
2: "ocsp_multi",
}
var DictCertificateStatusTypeNameIndexed = map[string]uint8{
"ocsp": 1,
"ocsp_multi": 2,
}

25
dicttls/certificte_types.go Normal file
View file

@ -0,0 +1,25 @@
package dicttls
// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3
// last updated: March 2023
const (
CertType_X509 uint8 = 0
CertType_OpenPGP uint8 = 1
CertType_Raw_Public_Key uint8 = 2
CertType_1609Dot2 uint8 = 3
)
var DictCertificateTypeValueIndexed = map[uint8]string{
0: "X509",
1: "OpenPGP",
2: "Raw Public Key",
3: "1609Dot2",
}
var DictCertificateTypeNameIndexed = map[string]uint8{
"X509": 0,
"OpenPGP": 1,
"Raw Public Key": 2,
"1609Dot2": 3,
}

1084
dicttls/cipher_suites.go Normal file
View file

File diff suppressed because it is too large Load diff

49
dicttls/clientcertificatetype_identifiers.go Normal file
View file

@ -0,0 +1,49 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-2
// last updated: March 2023
const (
ClientCertTypeIdentifier_rsa_sign uint8 = 1
ClientCertTypeIdentifier_dss_sign uint8 = 2
ClientCertTypeIdentifier_rsa_fixed_dh uint8 = 3
ClientCertTypeIdentifier_dss_fixed_dh uint8 = 4
ClientCertTypeIdentifier_rsa_ephemeral_dh uint8 = 5
ClientCertTypeIdentifier_dss_ephemeral_dh uint8 = 6
ClientCertTypeIdentifier_fortezza_dms uint8 = 20
ClientCertTypeIdentifier_ecdsa_sign uint8 = 64
ClientCertTypeIdentifier_rsa_fixed_ecdh uint8 = 65
ClientCertTypeIdentifier_ecdsa_fixed_ecdh uint8 = 66
ClientCertTypeIdentifier_gost_sign256 uint8 = 67
ClientCertTypeIdentifier_gost_sign512 uint8 = 68
)
var DictClientCertificateTypeIdentifierValueIndexed = map[uint8]string{
1: "rsa_sign",
2: "dss_sign",
3: "rsa_fixed_dh",
4: "dss_fixed_dh",
5: "rsa_ephemeral_dh",
6: "dss_ephemeral_dh",
20: "fortezza_dms",
64: "ecdsa_sign",
65: "rsa_fixed_ecdh",
66: "ecdsa_fixed_ecdh",
67: "gost_sign256",
68: "gost_sign512",
}
var DictClientCertificateTypeIdentifierNameIndexed = map[string]uint8{
"rsa_sign": 1,
"dss_sign": 2,
"rsa_fixed_dh": 3,
"dss_fixed_dh": 4,
"rsa_ephemeral_dh": 5,
"dss_ephemeral_dh": 6,
"fortezza_dms": 20,
"ecdsa_sign": 64,
"rsa_fixed_ecdh": 65,
"ecdsa_fixed_ecdh": 66,
"gost_sign256": 67,
"gost_sign512": 68,
}

22
dicttls/comp_meth_ids.go Normal file
View file

@ -0,0 +1,22 @@
package dicttls
// source: https://www.iana.org/assignments/comp-meth-ids/comp-meth-ids-2.csv
// last updated: March 2023
const (
CompMeth_NULL uint8 = 0
CompMeth_DEFLATE uint8 = 1
CompMeth_LZS uint8 = 64
)
var DictCompMethValueIndexed = map[uint8]string{
0: "NULL",
1: "DEFLATE",
64: "LZS",
}
var DictCompMethNameIndexed = map[string]uint8{
"NULL": 0,
"DEFLATE": 1,
"LZS": 64,
}

34
dicttls/contenttype.go Normal file
View file

@ -0,0 +1,34 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5
// last updated: March 2023
const (
ContentType_change_cipher_spec uint8 = 20
ContentType_alert uint8 = 21
ContentType_handshake uint8 = 22
ContentType_application_data uint8 = 23
ContentType_heartbeat uint8 = 24
ContentType_tls12_cid uint8 = 25
ContentType_ACK uint8 = 26
)
var DictContentTypeValueIndexed = map[uint8]string{
20: "change_cipher_spec",
21: "alert",
22: "handshake",
23: "application_data",
24: "heartbeat",
25: "tls12_cid",
26: "ACK",
}
var DictContentTypeNameIndexed = map[string]uint8{
"change_cipher_spec": 20,
"alert": 21,
"handshake": 22,
"application_data": 23,
"heartbeat": 24,
"tls12_cid": 25,
"ACK": 26,
}

22
dicttls/ec_curve_types.go Normal file
View file

@ -0,0 +1,22 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-10
// last updated: March 2023
const (
ECCurve_explicit_prime uint16 = 1
ECCurve_explicit_char2 uint16 = 2
ECCurve_named_curve uint16 = 3
)
var DictECCurveTypeValueIndexed = map[uint16]string{
1: "explicit_prime",
2: "explicit_char2",
3: "named_curve",
}
var DictECCurveTypeNameIndexed = map[string]uint16{
"explicit_prime": 1,
"explicit_char2": 2,
"named_curve": 3,
}

22
dicttls/ec_point_formats.go Normal file
View file

@ -0,0 +1,22 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-9
// last updated: March 2023
const (
ECPoint_uncompressed uint8 = 0
ECPoint_ansiX962_compressed_prime uint8 = 1
ECPoint_ansiX962_compressed_char2 uint8 = 2
)
var DictECPointFormatValueIndexed = map[uint8]string{
0: "uncompressed",
1: "ansiX962_compressed_prime",
2: "ansiX962_compressed_char2",
}
var DictECPointFormatNameIndexed = map[string]uint8{
"uncompressed": 0,
"ansiX962_compressed_prime": 1,
"ansiX962_compressed_char2": 2,
}

209
dicttls/exttype_values.go Normal file
View file

@ -0,0 +1,209 @@
package dicttls
// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-1
// last updated: March 2023
const (
ExtType_server_name uint16 = 0
ExtType_max_fragment_length uint16 = 1
ExtType_client_certificate_url uint16 = 2
ExtType_trusted_ca_keys uint16 = 3
ExtType_truncated_hmac uint16 = 4
ExtType_status_request uint16 = 5
ExtType_user_mapping uint16 = 6
ExtType_client_authz uint16 = 7
ExtType_server_authz uint16 = 8
ExtType_cert_type uint16 = 9
ExtType_supported_groups uint16 = 10
ExtType_ec_point_formats uint16 = 11
ExtType_srp uint16 = 12
ExtType_signature_algorithms uint16 = 13
ExtType_use_srtp uint16 = 14
ExtType_heartbeat uint16 = 15
ExtType_application_layer_protocol_negotiation uint16 = 16
ExtType_status_request_v2 uint16 = 17
ExtType_signed_certificate_timestamp uint16 = 18
ExtType_client_certificate_type uint16 = 19
ExtType_server_certificate_type uint16 = 20
ExtType_padding uint16 = 21
ExtType_encrypt_then_mac uint16 = 22
ExtType_extended_master_secret uint16 = 23
ExtType_token_binding uint16 = 24
ExtType_cached_info uint16 = 25
ExtType_tls_lts uint16 = 26
ExtType_compress_certificate uint16 = 27
ExtType_record_size_limit uint16 = 28
ExtType_pwd_protect uint16 = 29
ExtType_pwd_clear uint16 = 30
ExtType_password_salt uint16 = 31
ExtType_ticket_pinning uint16 = 32
ExtType_tls_cert_with_extern_psk uint16 = 33
ExtType_delegated_credentials uint16 = 34 // IANA name: delegated_credentials, IETF name: delegated_credential
ExtType_session_ticket uint16 = 35
ExtType_TLMSP uint16 = 36
ExtType_TLMSP_proxying uint16 = 37
ExtType_TLMSP_delegate uint16 = 38
ExtType_supported_ekt_ciphers uint16 = 39
ExtType_pre_shared_key uint16 = 41
ExtType_early_data uint16 = 42
ExtType_supported_versions uint16 = 43
ExtType_cookie uint16 = 44
ExtType_psk_key_exchange_modes uint16 = 45
ExtType_certificate_authorities uint16 = 47
ExtType_oid_filters uint16 = 48
ExtType_post_handshake_auth uint16 = 49
ExtType_signature_algorithms_cert uint16 = 50
ExtType_key_share uint16 = 51
ExtType_transparency_info uint16 = 52
ExtType_connection_id_deprecated uint16 = 53 // deprecated
ExtType_connection_id uint16 = 54
ExtType_external_id_hash uint16 = 55
ExtType_external_session_id uint16 = 56
ExtType_quic_transport_parameters uint16 = 57
ExtType_ticket_request uint16 = 58
ExtType_dnssec_chain uint16 = 59
ExtType_renegotiation_info uint16 = 65281
)
// Not IANA assigned
const (
ExtType_next_protocol_negotiation uint16 = 13172 // https://datatracker.ietf.org/doc/html/draft-agl-tls-nextprotoneg-04
ExtType_application_settings uint16 = 17513 // https://www.ietf.org/archive/id/draft-vvv-tls-alps-01.html
ExtType_channel_id_old uint16 = 30031 // https://datatracker.ietf.org/doc/html/draft-balfanz-tls-channelid-01
ExtType_channel_id uint16 = 30032 // https://datatracker.ietf.org/doc/html/draft-balfanz-tls-channelid-01
)
var DictExtTypeValueIndexed = map[uint16]string{
0: "server_name",
1: "max_fragment_length",
2: "client_certificate_url",
3: "trusted_ca_keys",
4: "truncated_hmac",
5: "status_request",
6: "user_mapping",
7: "client_authz",
8: "server_authz",
9: "cert_type",
10: "supported_groups",
11: "ec_point_formats",
12: "srp",
13: "signature_algorithms",
14: "use_srtp",
15: "heartbeat",
16: "application_layer_protocol_negotiation",
17: "status_request_v2",
18: "signed_certificate_timestamp",
19: "client_certificate_type",
20: "server_certificate_type",
21: "padding",
22: "encrypt_then_mac",
23: "extended_master_secret",
24: "token_binding",
25: "cached_info",
26: "tls_lts",
27: "compress_certificate",
28: "record_size_limit",
29: "pwd_protect",
30: "pwd_clear",
31: "password_salt",
32: "ticket_pinning",
33: "tls_cert_with_extern_psk",
34: "delegated_credentials", // IANA name: delegated_credentials, IETF name: delegated_credential
35: "session_ticket",
36: "TLMSP",
37: "TLMSP_proxying",
38: "TLMSP_delegate",
39: "supported_ekt_ciphers",
41: "pre_shared_key",
42: "early_data",
43: "supported_versions",
44: "cookie",
45: "psk_key_exchange_modes",
47: "certificate_authorities",
48: "oid_filters",
49: "post_handshake_auth",
50: "signature_algorithms_cert",
51: "key_share",
52: "transparency_info",
53: "connection_id_deprecated", // deprecated
54: "connection_id",
55: "external_id_hash",
56: "external_session_id",
57: "quic_transport_parameters",
58: "ticket_request",
59: "dnssec_chain",
65281: "renegotiation_info",
13172: "next_protocol_negotiation",
17513: "application_settings",
30031: "channel_id_old",
30032: "channel_id",
}
var DictExtTypeNameIndexed = map[string]uint16{
"server_name": 0,
"max_fragment_length": 1,
"client_certificate_url": 2,
"trusted_ca_keys": 3,
"truncated_hmac": 4,
"status_request": 5,
"user_mapping": 6,
"client_authz": 7,
"server_authz": 8,
"cert_type": 9,
"supported_groups": 10,
"ec_point_formats": 11,
"srp": 12,
"signature_algorithms": 13,
"use_srtp": 14,
"heartbeat": 15,
"application_layer_protocol_negotiation": 16,
"status_request_v2": 17,
"signed_certificate_timestamp": 18,
"client_certificate_type": 19,
"server_certificate_type": 20,
"padding": 21,
"encrypt_then_mac": 22,
"extended_master_secret": 23,
"token_binding": 24,
"cached_info": 25,
"tls_lts": 26,
"compress_certificate": 27,
"record_size_limit": 28,
"pwd_protect": 29,
"pwd_clear": 30,
"password_salt": 31,
"ticket_pinning": 32,
"tls_cert_with_extern_psk": 33,
"delegated_credentials": 34, // IANA name: delegated_credentials
"delegated_credential": 34, // IETF name: delegated_credential
"session_ticket": 35,
"TLMSP": 36,
"TLMSP_proxying": 37,
"TLMSP_delegate": 38,
"supported_ekt_ciphers": 39,
"pre_shared_key": 41,
"early_data": 42,
"supported_versions": 43,
"cookie": 44,
"psk_key_exchange_modes": 45,
"certificate_authorities": 47,
"oid_filters": 48,
"post_handshake_auth": 49,
"signature_algorithms_cert": 50,
"key_share": 51,
"transparency_info": 52,
"connection_id_deprecated": 53, // deprecated
"connection_id": 54,
"external_id_hash": 55,
"external_session_id": 56,
"quic_transport_parameters": 57,
"ticket_request": 58,
"dnssec_chain": 59,
"renegotiation_info": 65281,
"next_protocol_negotiation": 13172,
"application_settings": 17513,
"channel_id_old": 30031,
"channel_id": 30032,
}

96
dicttls/handshaketype.go Normal file
View file

@ -0,0 +1,96 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7
// last updated: March 2023
const (
HandshakeType_hello_request uint8 = 0
HandshakeType_client_hello uint8 = 1
HandshakeType_server_hello uint8 = 2
HandshakeType_hello_verify_request uint8 = 3
HandshakeType_new_session_ticket uint8 = 4
HandshakeType_end_of_early_data uint8 = 5
HandshakeType_hello_retry_request uint8 = 6
HandshakeType_encrypted_extensions uint8 = 8
HandshakeType_request_connection_id uint8 = 9
HandshakeType_new_connection_id uint8 = 10
HandshakeType_certificate uint8 = 11
HandshakeType_server_key_exchange uint8 = 12
HandshakeType_certificate_request uint8 = 13
HandshakeType_server_hello_done uint8 = 14
HandshakeType_certificate_verify uint8 = 15
HandshakeType_client_key_exchange uint8 = 16
HandshakeType_client_certificate_request uint8 = 17
HandshakeType_finished uint8 = 20
HandshakeType_certificate_url uint8 = 21
HandshakeType_certificate_status uint8 = 22
HandshakeType_supplemental_data uint8 = 23
HandshakeType_key_update uint8 = 24
HandshakeType_compressed_certificate uint8 = 25
HandshakeType_ekt_key uint8 = 26
HandshakeType_message_hash uint8 = 254
// Not IANA assigned
HandshakeType_next_protocol uint8 = 67
)
var DictHandshakeTypeValueIndexed = map[uint8]string{
0: "hello_request",
1: "client_hello",
2: "server_hello",
3: "hello_verify_request",
4: "new_session_ticket",
5: "end_of_early_data",
6: "hello_retry_request",
7: "Unassigned",
8: "encrypted_extensions",
9: "request_connection_id",
10: "new_connection_id",
11: "certificate",
12: "server_key_exchange",
13: "certificate_request",
14: "server_hello_done",
15: "certificate_verify",
16: "client_key_exchange",
17: "client_certificate_request",
20: "finished",
21: "certificate_url",
22: "certificate_status",
23: "supplemental_data",
24: "key_update",
25: "compressed_certificate",
26: "ekt_key",
254: "message_hash",
67: "next_protocol",
}
var DictHandshakeTypeNameIndexed = map[string]uint8{
"hello_request": 0,
"client_hello": 1,
"server_hello": 2,
"hello_verify_request": 3,
"new_session_ticket": 4,
"end_of_early_data": 5,
"hello_retry_request": 6,
"encrypted_extensions": 8,
"request_connection_id": 9,
"new_connection_id": 10,
"certificate": 11,
"server_key_exchange": 12,
"certificate_request": 13,
"server_hello_done": 14,
"certificate_verify": 15,
"client_key_exchange": 16,
"client_certificate_request": 17,
"finished": 20,
"certificate_url": 21,
"certificate_status": 22,
"supplemental_data": 23,
"key_update": 24,
"compressed_certificate": 25,
"ekt_key": 26,
"message_hash": 254,
"next_protocol": 67,
}

39
dicttls/hashalgorithm.go Normal file
View file

@ -0,0 +1,39 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
// last updated: March 2023
const (
HashAlg_none uint8 = 0 // deprecated in TLS 1.3
HashAlg_md5 uint8 = 1 // deprecated in TLS 1.3
HashAlg_sha1 uint8 = 2
HashAlg_sha224 uint8 = 3 // deprecated in TLS 1.3
HashAlg_sha256 uint8 = 4
HashAlg_sha384 uint8 = 5
HashAlg_sha512 uint8 = 6
HashAlg_Intrinsic uint8 = 8
)
var DictHashAlgorithmValueIndexed = map[uint8]string{
0: "none",
1: "md5",
2: "sha1",
3: "sha224",
4: "sha256",
5: "sha384",
6: "sha512",
7: "Reserved",
8: "Intrinsic",
}
var DictHashAlgorithmNameIndexed = map[string]uint8{
"none": 0,
"md5": 1,
"sha1": 2,
"sha224": 3,
"sha256": 4,
"sha384": 5,
"sha512": 6,
"Reserved": 7,
"Intrinsic": 8,
}

19
dicttls/heartbeat_message_types.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/heartbeat-message-types.csv
// last updated: March 2023
const (
HeartbeatMessage_request uint8 = 1
HeartbeatMessage_response uint8 = 2
)
var DictHeartbeatMessageTypeValueIndexed = map[uint8]string{
1: "heartbeat_request",
2: "heartbeat_response",
}
var DictHeartbeatMessageTypeNameIndexed = map[string]uint8{
"heartbeat_request": 1,
"heartbeat_response": 2,
}

19
dicttls/heartbeat_mode.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/heartbeat-modes.csv
// last updated: March 2023
const (
HeartbeatMode_peer_allowed_to_send uint8 = 1
HeartbeatMode_peer_not_allowed_to_send uint8 = 2
)
var DictHeartbeatModeValueIndexed = map[uint8]string{
1: "peer_allowed_to_send",
2: "peer_not_allowed_to_send",
}
var DictHeartbeatModeNameIndexed = map[string]uint8{
"peer_allowed_to_send": 1,
"peer_not_allowed_to_send": 2,
}

19
dicttls/kdf_identifiers.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-kdf-ids.csv
// last updated: March 2023
const (
HKDF_SHA256 uint16 = 0x0001
HKDF_SHA384 uint16 = 0x0002
)
var DictKDFIdentifierValueIndexed = map[uint16]string{
0x0001: "HKDF_SHA256",
0x0002: "HKDF_SHA384",
}
var DictKDFIdentifierNameIndexed = map[string]uint16{
"HKDF_SHA256": 0x0001,
"HKDF_SHA384": 0x0002,
}

35
dicttls/kem_identifiers.go Normal file
View file

@ -0,0 +1,35 @@
package dicttls
// source: https://www.rfc-editor.org/rfc/rfc9180
// last updated: December 2023
const (
DHKEM_P256_HKDF_SHA256 uint16 = 0x0010 // RFC 5869
DHKEM_P384_HKDF_SHA384 uint16 = 0x0011 // RFC 5869
DHKEM_P521_HKDF_SHA512 uint16 = 0x0012 // RFC 5869
DHKEM_X25519_HKDF_SHA256 uint16 = 0x0020 // RFC 7748
DHKEM_X448_HKDF_SHA512 uint16 = 0x0021 // RFC 7748
)
var DictKEMIdentifierValueIndexed = map[uint16]string{
0x0000: "Reserved", // RFC 9180
0x0010: "DHKEM_P256_HKDF_SHA256",
0x0011: "DHKEM_P384_HKDF_SHA384",
0x0012: "DHKEM_P521_HKDF_SHA512",
0x0020: "DHKEM_X25519_HKDF_SHA256",
0x0021: "DHKEM_X448_HKDF_SHA512",
}
var DictKEMIdentifierNameIndexed = map[string]uint16{
"Reserved": 0x0000, // RFC 9180
"DHKEM_P256_HKDF_SHA256": 0x0010,
"DHKEM_P384_HKDF_SHA384": 0x0011,
"DHKEM_P521_HKDF_SHA512": 0x0012,
"DHKEM_X25519_HKDF_SHA256": 0x0020,
"DHKEM_X448_HKDF_SHA512": 0x0021,
}

19
dicttls/psk_key_exchange_mode.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-pskkeyexchangemode.csv
// last updated: March 2023
const (
PSKKeyExchangeMode_psk_ke uint8 = 0
PSKKeyExchangeMode_psk_dhe_ke uint8 = 1
)
var DictPSKKeyExchangeModeValueIndexed = map[uint8]string{
0: "psk_ke",
1: "psk_dhe_ke",
}
var DictPSKKeyExchangeModeNameIndexed = map[string]uint8{
"psk_ke": 0,
"psk_dhe_ke": 1,
}

112
dicttls/quic_frame_types.go Normal file
View file

@ -0,0 +1,112 @@
package dicttls
// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-frame-types
// last updated: July 2023
const (
QUICFrameType_PADDING uint8 = 0x00
QUICFrameType_PING uint8 = 0x01
QUICFrameType_ACK uint8 = 0x02
QUICFrameType_ACK_ecn uint8 = 0x03
QUICFrameType_RESET_STREAM uint8 = 0x04
QUICFrameType_STOP_SENDING uint8 = 0x05
QUICFrameType_CRYPTO uint8 = 0x06
QUICFrameType_NEW_TOKEN uint8 = 0x07
QUICFrameType_STREAM uint8 = 0x08
QUICFrameType_STREAM_fin uint8 = 0x09
QUICFrameType_STREAM_len uint8 = 0x0a
QUICFrameType_STREAM_len_fin uint8 = 0x0b
QUICFrameType_STREAM_off uint8 = 0x0c
QUICFrameType_STREAM_off_fin uint8 = 0x0d
QUICFrameType_STREAM_off_len uint8 = 0x0e
QUICFrameType_STREAM_off_len_fin uint8 = 0x0f
QUICFrameType_MAX_DATA uint8 = 0x10
QUICFrameType_MAX_STREAM_DATA uint8 = 0x11
QUICFrameType_MAX_STREAMS_bidi uint8 = 0x12
QUICFrameType_MAX_STREAMS_uni uint8 = 0x13
QUICFrameType_DATA_BLOCKED uint8 = 0x14
QUICFrameType_STREAM_DATA_BLOCKED uint8 = 0x15
QUICFrameType_STREAMS_BLOCKED_bidi uint8 = 0x16
QUICFrameType_STREAMS_BLOCKED_uni uint8 = 0x17
QUICFrameType_NEW_CONNECTION_ID uint8 = 0x18
QUICFrameType_RETIRE_CONNECTION_ID uint8 = 0x19
QUICFrameType_PATH_CHALLENGE uint8 = 0x1a
QUICFrameType_PATH_RESPONSE uint8 = 0x1b
QUICFrameType_CONNECTION_CLOSE uint8 = 0x1c
QUICFrameType_CONNECTION_CLOSE_app uint8 = 0x1d
QUICFrameType_HANDSHAKE_DONE uint8 = 0x1e
QUICFrameType_DATAGRAM uint8 = 0x30 // RFC9221
QUICFrameType_DATAGRAM_len uint8 = 0x31 // RFC9221
)
var DictQUICFrameTypeValueIndexed = map[uint8]string{
0x00: "PADDING",
0x01: "PING",
0x02: "ACK",
0x03: "ACK_ecn",
0x04: "RESET_STREAM",
0x05: "STOP_SENDING",
0x06: "CRYPTO",
0x07: "NEW_TOKEN",
0x08: "STREAM",
0x09: "STREAM_fin",
0x0a: "STREAM_len",
0x0b: "STREAM_len_fin",
0x0c: "STREAM_off",
0x0d: "STREAM_off_fin",
0x0e: "STREAM_off_len",
0x0f: "STREAM_off_len_fin",
0x10: "MAX_DATA",
0x11: "MAX_STREAM_DATA",
0x12: "MAX_STREAMS_bidi",
0x13: "MAX_STREAMS_uni",
0x14: "DATA_BLOCKED",
0x15: "STREAM_DATA_BLOCKED",
0x16: "STREAMS_BLOCKED_bidi",
0x17: "STREAMS_BLOCKED_uni",
0x18: "NEW_CONNECTION_ID",
0x19: "RETIRE_CONNECTION_ID",
0x1a: "PATH_CHALLENGE",
0x1b: "PATH_RESPONSE",
0x1c: "CONNECTION_CLOSE",
0x1d: "CONNECTION_CLOSE_app",
0x1e: "HANDSHAKE_DONE",
0x30: "DATAGRAM",
0x31: "DATAGRAM_len",
}
var DictQUICFrameTypeNameIndexed = map[string]uint8{
"PADDING": 0x00,
"PING": 0x01,
"ACK": 0x02,
"ACK_ecn": 0x03,
"RESET_STREAM": 0x04,
"STOP_SENDING": 0x05,
"CRYPTO": 0x06,
"NEW_TOKEN": 0x07,
"STREAM": 0x08,
"STREAM_fin": 0x09,
"STREAM_len": 0x0a,
"STREAM_len_fin": 0x0b,
"STREAM_off": 0x0c,
"STREAM_off_fin": 0x0d,
"STREAM_off_len": 0x0e,
"STREAM_off_len_fin": 0x0f,
"MAX_DATA": 0x10,
"MAX_STREAM_DATA": 0x11,
"MAX_STREAMS_bidi": 0x12,
"MAX_STREAMS_uni": 0x13,
"DATA_BLOCKED": 0x14,
"STREAM_DATA_BLOCKED": 0x15,
"STREAMS_BLOCKED_bidi": 0x16,
"STREAMS_BLOCKED_uni": 0x17,
"NEW_CONNECTION_ID": 0x18,
"RETIRE_CONNECTION_ID": 0x19,
"PATH_CHALLENGE": 0x1a,
"PATH_RESPONSE": 0x1b,
"CONNECTION_CLOSE": 0x1c,
"CONNECTION_CLOSE_app": 0x1d,
"HANDSHAKE_DONE": 0x1e,
"DATAGRAM": 0x30,
"DATAGRAM_len": 0x31,
}

70
dicttls/quic_transport_error_codes.go Normal file
View file

@ -0,0 +1,70 @@
package dicttls
// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-transport-error-codes
// last updated: July 2023
const (
QUICTransportErrorCode_NO_ERROR uint16 = 0x0000
QUICTransportErrorCode_INTERNAL_ERROR uint16 = 0x0001
QUICTransportErrorCode_CONNECTION_REFUSED uint16 = 0x0002
QUICTransportErrorCode_FLOW_CONTROL_ERROR uint16 = 0x0003
QUICTransportErrorCode_STREAM_LIMIT_ERROR uint16 = 0x0004
QUICTransportErrorCode_STREAM_STATE_ERROR uint16 = 0x0005
QUICTransportErrorCode_FINAL_SIZE_ERROR uint16 = 0x0006
QUICTransportErrorCode_FRAME_ENCODING_ERROR uint16 = 0x0007
QUICTransportErrorCode_TRANSPORT_PARAMETER_ERROR uint16 = 0x0008
QUICTransportErrorCode_CONNECTION_ID_LIMIT_ERROR uint16 = 0x0009
QUICTransportErrorCode_PROTOCOL_VIOLATION uint16 = 0x000A
QUICTransportErrorCode_INVALID_TOKEN uint16 = 0x000B
QUICTransportErrorCode_APPLICATION_ERROR uint16 = 0x000C
QUICTransportErrorCode_CRYPTO_BUFFER_EXCEEDED uint16 = 0x000D
QUICTransportErrorCode_KEY_UPDATE_ERROR uint16 = 0x000E
QUICTransportErrorCode_AEAD_LIMIT_REACHED uint16 = 0x000F
QUICTransportErrorCode_NO_VIABLE_PATH uint16 = 0x0010
QUICTransportErrorCode_VERSION_NEGOTIATION_ERROR uint16 = 0x0011 // RFC9368
QUICTransportErrorCode_CRYPTO_ERROR uint16 = 0x0100 // 0x0100-0x01FF, use with bitwise operator
)
var DictQUICTransportErrorCodeValueIndexed = map[uint16]string{
0x0000: "NO_ERROR",
0x0001: "INTERNAL_ERROR",
0x0002: "CONNECTION_REFUSED",
0x0003: "FLOW_CONTROL_ERROR",
0x0004: "STREAM_LIMIT_ERROR",
0x0005: "STREAM_STATE_ERROR",
0x0006: "FINAL_SIZE_ERROR",
0x0007: "FRAME_ENCODING_ERROR",
0x0008: "TRANSPORT_PARAMETER_ERROR",
0x0009: "CONNECTION_ID_LIMIT_ERROR",
0x000A: "PROTOCOL_VIOLATION",
0x000B: "INVALID_TOKEN",
0x000C: "APPLICATION_ERROR",
0x000D: "CRYPTO_BUFFER_EXCEEDED",
0x000E: "KEY_UPDATE_ERROR",
0x000F: "AEAD_LIMIT_REACHED",
0x0010: "NO_VIABLE_PATH",
0x0011: "VERSION_NEGOTIATION_ERROR",
0x0100: "CRYPTO_ERROR",
}
var DictQUICTransportErrorCodeNameIndexed = map[string]uint16{
"NO_ERROR": 0x0000,
"INTERNAL_ERROR": 0x0001,
"CONNECTION_REFUSED": 0x0002,
"FLOW_CONTROL_ERROR": 0x0003,
"STREAM_LIMIT_ERROR": 0x0004,
"STREAM_STATE_ERROR": 0x0005,
"FINAL_SIZE_ERROR": 0x0006,
"FRAME_ENCODING_ERROR": 0x0007,
"TRANSPORT_PARAMETER_ERROR": 0x0008,
"CONNECTION_ID_LIMIT_ERROR": 0x0009,
"PROTOCOL_VIOLATION": 0x000A,
"INVALID_TOKEN": 0x000B,
"APPLICATION_ERROR": 0x000C,
"CRYPTO_BUFFER_EXCEEDED": 0x000D,
"KEY_UPDATE_ERROR": 0x000E,
"AEAD_LIMIT_REACHED": 0x000F,
"NO_VIABLE_PATH": 0x0010,
"VERSION_NEGOTIATION_ERROR": 0x0011,
"CRYPTO_ERROR": 0x0100,
}

91
dicttls/quic_transport_parameters.go Normal file
View file

@ -0,0 +1,91 @@
package dicttls
// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-transport
// last updated: July 2023
const (
QUICTransportParameter_original_destination_connection_id uint64 = 0x00
QUICTransportParameter_max_idle_timeout uint64 = 0x01
QUICTransportParameter_stateless_reset_token uint64 = 0x02
QUICTransportParameter_max_udp_payload_size uint64 = 0x03
QUICTransportParameter_initial_max_data uint64 = 0x04
QUICTransportParameter_initial_max_stream_data_bidi_local uint64 = 0x05
QUICTransportParameter_initial_max_stream_data_bidi_remote uint64 = 0x06
QUICTransportParameter_initial_max_stream_data_uni uint64 = 0x07
QUICTransportParameter_initial_max_streams_bidi uint64 = 0x08
QUICTransportParameter_initial_max_streams_uni uint64 = 0x09
QUICTransportParameter_ack_delay_exponent uint64 = 0x0a
QUICTransportParameter_max_ack_delay uint64 = 0x0b
QUICTransportParameter_disable_active_migration uint64 = 0x0c
QUICTransportParameter_preferred_address uint64 = 0x0d
QUICTransportParameter_active_connection_id_limit uint64 = 0x0e
QUICTransportParameter_initial_source_connection_id uint64 = 0x0f
QUICTransportParameter_retry_source_connection_id uint64 = 0x10
QUICTransportParameter_version_information uint64 = 0x11 // RFC9368
QUICTransportParameter_max_datagram_frame_size uint64 = 0x20 // RFC9221
QUICTransportParameter_discard uint64 = 0x173e // David_Schinazi: Receiver silently discards. https://github.com/quicwg/base-drafts/wiki/Quantum-Readiness-test
QUICTransportParameter_google_handshake_message uint64 = 0x26ab // Google: Used to carry Google internal handshake message
QUICTransportParameter_grease_quic_bit uint64 = 0x2ab2 // RFC9287
QUICTransportParameter_initial_rtt uint64 = 0x3127 // Google: Initial RTT in microseconds
QUICTransportParameter_google_connection_options uint64 = 0x3128 // Google: Google connection options for experimentation
QUICTransportParameter_user_agent uint64 = 0x3129 // Google: User agent string (deprecated)
QUICTransportParameter_google_version uint64 = 0x4752 // Google: Google QUIC version downgrade prevention
)
var DictQUICTransportParameterValueIndexed = map[uint64]string{
0x00: "original_destination_connection_id",
0x01: "max_idle_timeout",
0x02: "stateless_reset_token",
0x03: "max_udp_payload_size",
0x04: "initial_max_data",
0x05: "initial_max_stream_data_bidi_local",
0x06: "initial_max_stream_data_bidi_remote",
0x07: "initial_max_stream_data_uni",
0x08: "initial_max_streams_bidi",
0x09: "initial_max_streams_uni",
0x0a: "ack_delay_exponent",
0x0b: "max_ack_delay",
0x0c: "disable_active_migration",
0x0d: "preferred_address",
0x0e: "active_connection_id_limit",
0x0f: "initial_source_connection_id",
0x10: "retry_source_connection_id",
0x11: "version_information",
0x20: "max_datagram_frame_size",
0x173e: "discard",
0x26ab: "google handshake message",
0x2ab2: "grease_quic_bit",
0x3127: "initial_rtt",
0x3128: "google_connection_options",
0x3129: "user_agent",
0x4752: "google_version",
}
var DictQUICTransportParameterNameIndexed = map[string]uint64{
"original_destination_connection_id": 0x00,
"max_idle_timeout": 0x01,
"stateless_reset_token": 0x02,
"max_udp_payload_size": 0x03,
"initial_max_data": 0x04,
"initial_max_stream_data_bidi_local": 0x05,
"initial_max_stream_data_bidi_remote": 0x06,
"initial_max_stream_data_uni": 0x07,
"initial_max_streams_bidi": 0x08,
"initial_max_streams_uni": 0x09,
"ack_delay_exponent": 0x0a,
"max_ack_delay": 0x0b,
"disable_active_migration": 0x0c,
"preferred_address": 0x0d,
"active_connection_id_limit": 0x0e,
"initial_source_connection_id": 0x0f,
"retry_source_connection_id": 0x10,
"version_information": 0x11,
"max_datagram_frame_size": 0x20,
"discard": 0x173e,
"google handshake message": 0x26ab,
"grease_quic_bit": 0x2ab2,
"initial_rtt": 0x3127,
"google_connection_options": 0x3128,
"user_agent": 0x3129,
"google_version": 0x4752,
}

41
dicttls/signaturealgorithm.go Normal file
View file

@ -0,0 +1,41 @@
package dicttls
// Note: values in this file was used in TLS 1.2's signature_algorithms extension
// in combination with the values in hashalgorithm.go.
// signature_algorithms extension in TLS 1.3 uses values in signaturescheme.go
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
// last updated: March 2023
const (
SigAlg_anonymous uint8 = 0 // deprecated in TLS 1.3
SigAlg_rsa uint8 = 1
SigAlg_dsa uint8 = 2 // deprecated in TLS 1.3
SigAlg_ecdsa uint8 = 3
SigAlg_ed25519 uint8 = 7
SigAlg_ed448 uint8 = 8
SigAlg_gostr34102012_256 uint8 = 64 // value changed in TLS 1.3, to 0x0709-0x070C
SigAlg_gostr34102012_512 uint8 = 65 // value changed in TLS 1.3, to 0x070D-0x070F
)
var DictSignatureAlgorithmValueIndexed = map[uint8]string{
0: "anonymous",
1: "rsa",
2: "dsa",
3: "ecdsa",
7: "ed25519",
8: "ed448",
64: "gostr34102012_256",
65: "gostr34102012_512",
}
var DictSignatureAlgorithmNameIndexed = map[string]uint8{
"anonymous": 0,
"rsa": 1,
"dsa": 2,
"ecdsa": 3,
"ed25519": 7,
"ed448": 8,
"gostr34102012_256": 64,
"gostr34102012_512": 65,
}

116
dicttls/signaturescheme.go Normal file
View file

@ -0,0 +1,116 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-signaturescheme.csv
// last updated: March 2023
const (
SigScheme_rsa_pkcs1_sha1 uint16 = 0x0201
SigScheme_ecdsa_sha1 uint16 = 0x0203
SigScheme_rsa_pkcs1_sha256 uint16 = 0x0401
SigScheme_ecdsa_secp256r1_sha256 uint16 = 0x0403
SigScheme_rsa_pkcs1_sha256_legacy uint16 = 0x0420
SigScheme_rsa_pkcs1_sha384 uint16 = 0x0501
SigScheme_ecdsa_secp384r1_sha384 uint16 = 0x0503
SigScheme_rsa_pkcs1_sha384_legacy uint16 = 0x0520
SigScheme_rsa_pkcs1_sha512 uint16 = 0x0601
SigScheme_ecdsa_secp521r1_sha512 uint16 = 0x0603
SigScheme_rsa_pkcs1_sha512_legacy uint16 = 0x0620
SigScheme_eccsi_sha256 uint16 = 0x0704
SigScheme_iso_ibs1 uint16 = 0x0705
SigScheme_iso_ibs2 uint16 = 0x0706
SigScheme_iso_chinese_ibs uint16 = 0x0707
SigScheme_sm2sig_sm3 uint16 = 0x0708
SigScheme_gostr34102012_256a uint16 = 0x0709
SigScheme_gostr34102012_256b uint16 = 0x070A
SigScheme_gostr34102012_256c uint16 = 0x070B
SigScheme_gostr34102012_256d uint16 = 0x070C
SigScheme_gostr34102012_512a uint16 = 0x070D
SigScheme_gostr34102012_512b uint16 = 0x070E
SigScheme_gostr34102012_512c uint16 = 0x070F
SigScheme_rsa_pss_rsae_sha256 uint16 = 0x0804
SigScheme_rsa_pss_rsae_sha384 uint16 = 0x0805
SigScheme_rsa_pss_rsae_sha512 uint16 = 0x0806
SigScheme_ed25519 uint16 = 0x0807
SigScheme_ed448 uint16 = 0x0808
SigScheme_rsa_pss_pss_sha256 uint16 = 0x0809
SigScheme_rsa_pss_pss_sha384 uint16 = 0x080A
SigScheme_rsa_pss_pss_sha512 uint16 = 0x080B
SigScheme_ecdsa_brainpoolP256r1tls13_sha256 uint16 = 0x081A
SigScheme_ecdsa_brainpoolP384r1tls13_sha384 uint16 = 0x081B
SigScheme_ecdsa_brainpoolP512r1tls13_sha512 uint16 = 0x081C
)
var DictSignatureSchemeValueIndexed = map[uint16]string{
0x0201: "rsa_pkcs1_sha1",
0x0203: "ecdsa_sha1",
0x0401: "rsa_pkcs1_sha256",
0x0403: "ecdsa_secp256r1_sha256",
0x0420: "rsa_pkcs1_sha256_legacy",
0x0501: "rsa_pkcs1_sha384",
0x0503: "ecdsa_secp384r1_sha384",
0x0520: "rsa_pkcs1_sha384_legacy",
0x0601: "rsa_pkcs1_sha512",
0x0603: "ecdsa_secp521r1_sha512",
0x0620: "rsa_pkcs1_sha512_legacy",
0x0704: "eccsi_sha256",
0x0705: "iso_ibs1",
0x0706: "iso_ibs2",
0x0707: "iso_chinese_ibs",
0x0708: "sm2sig_sm3",
0x0709: "gostr34102012_256a",
0x070A: "gostr34102012_256b",
0x070B: "gostr34102012_256c",
0x070C: "gostr34102012_256d",
0x070D: "gostr34102012_512a",
0x070E: "gostr34102012_512b",
0x070F: "gostr34102012_512c",
0x0804: "rsa_pss_rsae_sha256",
0x0805: "rsa_pss_rsae_sha384",
0x0806: "rsa_pss_rsae_sha512",
0x0807: "ed25519",
0x0808: "ed448",
0x0809: "rsa_pss_pss_sha256",
0x080A: "rsa_pss_pss_sha384",
0x080B: "rsa_pss_pss_sha512",
0x081A: "ecdsa_brainpoolP256r1tls13_sha256",
0x081B: "ecdsa_brainpoolP384r1tls13_sha384",
0x081C: "ecdsa_brainpoolP512r1tls13_sha512",
}
var DictSignatureSchemeNameIndexed = map[string]uint16{
"rsa_pkcs1_sha1": 0x0201,
"Reserved for backward compatibility": 0x0202,
"ecdsa_sha1": 0x0203,
"rsa_pkcs1_sha256": 0x0401,
"ecdsa_secp256r1_sha256": 0x0403,
"rsa_pkcs1_sha256_legacy": 0x0420,
"rsa_pkcs1_sha384": 0x0501,
"ecdsa_secp384r1_sha384": 0x0503,
"rsa_pkcs1_sha384_legacy": 0x0520,
"rsa_pkcs1_sha512": 0x0601,
"ecdsa_secp521r1_sha512": 0x0603,
"rsa_pkcs1_sha512_legacy": 0x0620,
"eccsi_sha256": 0x0704,
"iso_ibs1": 0x0705,
"iso_ibs2": 0x0706,
"iso_chinese_ibs": 0x0707,
"sm2sig_sm3": 0x0708,
"gostr34102012_256a": 0x0709,
"gostr34102012_256b": 0x070A,
"gostr34102012_256c": 0x070B,
"gostr34102012_256d": 0x070C,
"gostr34102012_512a": 0x070D,
"gostr34102012_512b": 0x070E,
"gostr34102012_512c": 0x070F,
"rsa_pss_rsae_sha256": 0x0804,
"rsa_pss_rsae_sha384": 0x0805,
"rsa_pss_rsae_sha512": 0x0806,
"ed25519": 0x0807,
"ed448": 0x0808,
"rsa_pss_pss_sha256": 0x0809,
"rsa_pss_pss_sha384": 0x080A,
"rsa_pss_pss_sha512": 0x080B,
"ecdsa_brainpoolP256r1tls13_sha256": 0x081A,
"ecdsa_brainpoolP384r1tls13_sha384": 0x081B,
"ecdsa_brainpoolP512r1tls13_sha512": 0x081C,
}

19
dicttls/supplemental_data_formats.go Normal file
View file

@ -0,0 +1,19 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-12
// last updated: March 2023
const (
SupplementalDataType_user_mapping_data uint16 = 0
SupplementalDataType_authz_data uint16 = 16386
)
var DictSupplementalDataFormatValueIndexed = map[uint16]string{
0: "user_mapping_data",
16386: "authz_data",
}
var DictSupplementalDataFormatNameIndexed = map[string]uint16{
"user_mapping_data": 0,
"authz_data": 16386,
}

157
dicttls/supported_groups.go Normal file
View file

@ -0,0 +1,157 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
// last updated: March 2023
const (
SupportedGroups_sect163k1 uint16 = 1
SupportedGroups_sect163r1 uint16 = 2
SupportedGroups_sect163r2 uint16 = 3
SupportedGroups_sect193r1 uint16 = 4
SupportedGroups_sect193r2 uint16 = 5
SupportedGroups_sect233k1 uint16 = 6
SupportedGroups_sect233r1 uint16 = 7
SupportedGroups_sect239k1 uint16 = 8
SupportedGroups_sect283k1 uint16 = 9
SupportedGroups_sect283r1 uint16 = 10
SupportedGroups_sect409k1 uint16 = 11
SupportedGroups_sect409r1 uint16 = 12
SupportedGroups_sect571k1 uint16 = 13
SupportedGroups_sect571r1 uint16 = 14
SupportedGroups_secp160k1 uint16 = 15
SupportedGroups_secp160r1 uint16 = 16
SupportedGroups_secp160r2 uint16 = 17
SupportedGroups_secp192k1 uint16 = 18
SupportedGroups_secp192r1 uint16 = 19
SupportedGroups_secp224k1 uint16 = 20
SupportedGroups_secp224r1 uint16 = 21
SupportedGroups_secp256k1 uint16 = 22
SupportedGroups_secp256r1 uint16 = 23
SupportedGroups_secp384r1 uint16 = 24
SupportedGroups_secp521r1 uint16 = 25
SupportedGroups_brainpoolP256r1 uint16 = 26
SupportedGroups_brainpoolP384r1 uint16 = 27
SupportedGroups_brainpoolP512r1 uint16 = 28
SupportedGroups_x25519 uint16 = 29
SupportedGroups_x448 uint16 = 30
SupportedGroups_brainpoolP256r1tls13 uint16 = 31
SupportedGroups_brainpoolP384r1tls13 uint16 = 32
SupportedGroups_brainpoolP512r1tls13 uint16 = 33
SupportedGroups_GC256A uint16 = 34
SupportedGroups_GC256B uint16 = 35
SupportedGroups_GC256C uint16 = 36
SupportedGroups_GC256D uint16 = 37
SupportedGroups_GC512A uint16 = 38
SupportedGroups_GC512B uint16 = 39
SupportedGroups_GC512C uint16 = 40
SupportedGroups_curveSM2 uint16 = 41
SupportedGroups_ffdhe2048 uint16 = 256
SupportedGroups_ffdhe3072 uint16 = 257
SupportedGroups_ffdhe4096 uint16 = 258
SupportedGroups_ffdhe6144 uint16 = 259
SupportedGroups_ffdhe8192 uint16 = 260
SupportedGroups_arbitrary_explicit_prime_curves uint16 = 65281
SupportedGroups_arbitrary_explicit_char2_curves uint16 = 65282
)
var DictSupportedGroupsValueIndexed = map[uint16]string{
1: "sect163k1",
2: "sect163r1",
3: "sect163r2",
4: "sect193r1",
5: "sect193r2",
6: "sect233k1",
7: "sect233r1",
8: "sect239k1",
9: "sect283k1",
10: "sect283r1",
11: "sect409k1",
12: "sect409r1",
13: "sect571k1",
14: "sect571r1",
15: "secp160k1",
16: "secp160r1",
17: "secp160r2",
18: "secp192k1",
19: "secp192r1",
20: "secp224k1",
21: "secp224r1",
22: "secp256k1",
23: "secp256r1",
24: "secp384r1",
25: "secp521r1",
26: "brainpoolP256r1",
27: "brainpoolP384r1",
28: "brainpoolP512r1",
29: "x25519",
30: "x448",
31: "brainpoolP256r1tls13",
32: "brainpoolP384r1tls13",
33: "brainpoolP512r1tls13",
34: "GC256A",
35: "GC256B",
36: "GC256C",
37: "GC256D",
38: "GC512A",
39: "GC512B",
40: "GC512C",
41: "curveSM2",
256: "ffdhe2048",
257: "ffdhe3072",
258: "ffdhe4096",
259: "ffdhe6144",
260: "ffdhe8192",
65281: "arbitrary_explicit_prime_curves",
65282: "arbitrary_explicit_char2_curves",
}
var DictSupportedGroupsNameIndexed = map[string]uint16{
"sect163k1": 1,
"sect163r1": 2,
"sect163r2": 3,
"sect193r1": 4,
"sect193r2": 5,
"sect233k1": 6,
"sect233r1": 7,
"sect239k1": 8,
"sect283k1": 9,
"sect283r1": 10,
"sect409k1": 11,
"sect409r1": 12,
"sect571k1": 13,
"sect571r1": 14,
"secp160k1": 15,
"secp160r1": 16,
"secp160r2": 17,
"secp192k1": 18,
"secp192r1": 19,
"secp224k1": 20,
"secp224r1": 21,
"secp256k1": 22,
"secp256r1": 23,
"secp384r1": 24,
"secp521r1": 25,
"brainpoolP256r1": 26,
"brainpoolP384r1": 27,
"brainpoolP512r1": 28,
"x25519": 29,
"x448": 30,
"brainpoolP256r1tls13": 31,
"brainpoolP384r1tls13": 32,
"brainpoolP512r1tls13": 33,
"GC256A": 34,
"GC256B": 35,
"GC256C": 36,
"GC256D": 37,
"GC512A": 38,
"GC512B": 39,
"GC512C": 40,
"curveSM2": 41,
"ffdhe2048": 256,
"ffdhe3072": 257,
"ffdhe4096": 258,
"ffdhe6144": 259,
"ffdhe8192": 260,
"arbitrary_explicit_prime_curves": 65281,
"arbitrary_explicit_char2_curves": 65282,
}

16
dicttls/usermappingtype_values.go Normal file
View file

@ -0,0 +1,16 @@
package dicttls
// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-14
// last updated: March 2023
const (
UserMappingType_upn_domain_hint uint8 = 64
)
var DictUserMappingTypeValueIndexed = map[uint8]string{
64: "upn_domain_hint",
}
var DictUserMappingTypeNameIndexed = map[string]uint8{
"upn_domain_hint": 64,
}

1
go.mod
View file

@ -10,7 +10,6 @@ retract (
require (
github.com/andybalholm/brotli v1.0.5
github.com/cloudflare/circl v1.3.3
github.com/gaukas/godicttls v0.0.4
github.com/klauspost/compress v1.16.7
github.com/quic-go/quic-go v0.37.4
golang.org/x/crypto v0.14.0

2
go.sum
View file

@ -2,8 +2,6 @@ github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/
github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs=
github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk=
github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI=
github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=

8
u_clienthello_json.go
View file

@ -6,7 +6,7 @@ import (
"fmt"
"os"
"github.com/gaukas/godicttls"
"github.com/refraction-networking/utls/dicttls"
)
var ErrUnknownExtension = errors.New("extension name is unknown to the dictionary")
@ -45,7 +45,7 @@ func (c *CipherSuitesJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error {
continue
}
if id, ok := godicttls.DictCipherSuiteNameIndexed[name]; ok {
if id, ok := dicttls.DictCipherSuiteNameIndexed[name]; ok {
c.cipherSuites = append(c.cipherSuites, id)
} else {
return fmt.Errorf("unknown cipher suite name: %s", name)
@ -70,7 +70,7 @@ func (c *CompressionMethodsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error
}
for _, name := range compressionMethodNames {
if id, ok := godicttls.DictCompMethNameIndexed[name]; ok {
if id, ok := dicttls.DictCompMethNameIndexed[name]; ok {
c.compressionMethods = append(c.compressionMethods, id)
} else {
return fmt.Errorf("unknown compression method name: %s", name)
@ -103,7 +103,7 @@ func (e *TLSExtensionsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error {
continue
}
if extID, ok := godicttls.DictExtTypeNameIndexed[accepter.extNameOnly.Name]; !ok {
if extID, ok := dicttls.DictExtTypeNameIndexed[accepter.extNameOnly.Name]; !ok {
return fmt.Errorf("%w: %s", ErrUnknownExtension, accepter.extNameOnly.Name)
} else {
// get extension type from ID

20
u_tls_extensions.go
View file

@ -11,7 +11,7 @@ import (
"io"
"strings"
"github.com/gaukas/godicttls"
"github.com/refraction-networking/utls/dicttls"
"golang.org/x/crypto/cryptobyte"
)
@ -294,7 +294,7 @@ func (e *SupportedCurvesExtension) UnmarshalJSON(data []byte) error {
continue
}
if group, ok := godicttls.DictSupportedGroupsNameIndexed[namedGroup]; ok {
if group, ok := dicttls.DictSupportedGroupsNameIndexed[namedGroup]; ok {
e.Curves = append(e.Curves, CurveID(group))
} else {
return fmt.Errorf("unknown named group: %s", namedGroup)
@ -363,7 +363,7 @@ func (e *SupportedPointsExtension) UnmarshalJSON(data []byte) error {
}
for _, pointFormat := range pointFormatList.ECPointFormatList {
if format, ok := godicttls.DictECPointFormatNameIndexed[pointFormat]; ok {
if format, ok := dicttls.DictECPointFormatNameIndexed[pointFormat]; ok {
e.SupportedPoints = append(e.SupportedPoints, format)
} else {
return fmt.Errorf("unknown point format: %s", pointFormat)
@ -431,7 +431,7 @@ func (e *SignatureAlgorithmsExtension) UnmarshalJSON(data []byte) error {
continue
}
if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme))
} else {
return fmt.Errorf("unknown signature scheme: %s", sigScheme)
@ -561,7 +561,7 @@ func (e *SignatureAlgorithmsCertExtension) UnmarshalJSON(data []byte) error {
continue
}
if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme))
} else {
return fmt.Errorf("unknown cert signature scheme: %s", sigScheme)
@ -837,7 +837,7 @@ func (e *GenericExtension) UnmarshalJSON(b []byte) error {
}
// lookup extension ID by name
if id, ok := godicttls.DictExtTypeNameIndexed[genericExtension.Name]; ok {
if id, ok := dicttls.DictExtTypeNameIndexed[genericExtension.Name]; ok {
e.Id = id
} else {
return fmt.Errorf("unknown extension name %s", genericExtension.Name)
@ -1154,7 +1154,7 @@ func (e *UtlsCompressCertExtension) UnmarshalJSON(b []byte) error {
}
for _, algorithm := range certificateCompressionAlgorithms.Algorithms {
if alg, ok := godicttls.DictCertificateCompressionAlgorithmNameIndexed[algorithm]; ok {
if alg, ok := dicttls.DictCertificateCompressionAlgorithmNameIndexed[algorithm]; ok {
e.Algorithms = append(e.Algorithms, CertCompressionAlgo(alg))
} else {
return fmt.Errorf("unknown certificate compression algorithm %s", algorithm)
@ -1260,7 +1260,7 @@ func (e *KeyShareExtension) UnmarshalJSON(b []byte) error {
continue
}
if groupID, ok := godicttls.DictSupportedGroupsNameIndexed[clientShare.Group]; ok {
if groupID, ok := dicttls.DictSupportedGroupsNameIndexed[clientShare.Group]; ok {
ks := KeyShare{
Group: CurveID(groupID),
Data: clientShare.KeyExchange,
@ -1374,7 +1374,7 @@ func (e *PSKKeyExchangeModesExtension) UnmarshalJSON(b []byte) error {
}
for _, mode := range pskKeyExchangeModes.Modes {
if modeID, ok := godicttls.DictPSKKeyExchangeModeNameIndexed[mode]; ok {
if modeID, ok := dicttls.DictPSKKeyExchangeModeNameIndexed[mode]; ok {
e.Modes = append(e.Modes, modeID)
} else {
return fmt.Errorf("unknown PSK Key Exchange Mode %s", mode)
@ -1852,7 +1852,7 @@ func (e *FakeDelegatedCredentialsExtension) UnmarshalJSON(data []byte) error {
continue
}
if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok {
e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme))
} else {
return fmt.Errorf("unknown delegated credentials signature scheme: %s", sigScheme)