File: hash.go

package info (click to toggle)
golang-github-pion-dtls-v3 3.0.7-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 2,124 kB
  • sloc: makefile: 4
file content (136 lines) | stat: -rw-r--r-- 2,673 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
 
// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
// SPDX-License-Identifier: MIT

// Package hash provides TLS HashAlgorithm as defined in TLS 1.2
package hash

import ( //nolint:gci
	"crypto"
	"crypto/md5"  //nolint:gosec
	"crypto/sha1" //nolint:gosec
	"crypto/sha256"
	"crypto/sha512"
)

// Algorithm is used to indicate the hash algorithm used
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
type Algorithm uint16

// Supported hash algorithms.
const (
	None    Algorithm = 0 // Blacklisted
	MD5     Algorithm = 1 // Blacklisted
	SHA1    Algorithm = 2 // Blacklisted
	SHA224  Algorithm = 3
	SHA256  Algorithm = 4
	SHA384  Algorithm = 5
	SHA512  Algorithm = 6
	Ed25519 Algorithm = 8
)

// String makes hashAlgorithm printable.
func (a Algorithm) String() string {
	switch a {
	case None:
		return "none"
	case MD5:
		return "md5" // [RFC3279]
	case SHA1:
		return "sha-1" // [RFC3279]
	case SHA224:
		return "sha-224" // [RFC4055]
	case SHA256:
		return "sha-256" // [RFC4055]
	case SHA384:
		return "sha-384" // [RFC4055]
	case SHA512:
		return "sha-512" // [RFC4055]
	case Ed25519:
		return "null"
	default:
		return "unknown or unsupported hash algorithm"
	}
}

// Digest performs a digest on the passed value.
func (a Algorithm) Digest(b []byte) []byte {
	switch a {
	case None:
		return nil
	case MD5:
		hash := md5.Sum(b) // #nosec

		return hash[:]
	case SHA1:
		hash := sha1.Sum(b) // #nosec

		return hash[:]
	case SHA224:
		hash := sha256.Sum224(b)

		return hash[:]
	case SHA256:
		hash := sha256.Sum256(b)

		return hash[:]
	case SHA384:
		hash := sha512.Sum384(b)

		return hash[:]
	case SHA512:
		hash := sha512.Sum512(b)

		return hash[:]
	default:
		return nil
	}
}

// Insecure returns if the given HashAlgorithm is considered secure in DTLS 1.2
// .
func (a Algorithm) Insecure() bool {
	switch a {
	case None, MD5, SHA1:
		return true
	default:
		return false
	}
}

// CryptoHash returns the crypto.Hash implementation for the given HashAlgorithm.
func (a Algorithm) CryptoHash() crypto.Hash {
	switch a {
	case None:
		return crypto.Hash(0)
	case MD5:
		return crypto.MD5
	case SHA1:
		return crypto.SHA1
	case SHA224:
		return crypto.SHA224
	case SHA256:
		return crypto.SHA256
	case SHA384:
		return crypto.SHA384
	case SHA512:
		return crypto.SHA512
	case Ed25519:
		return crypto.Hash(0)
	default:
		return crypto.Hash(0)
	}
}

// Algorithms returns all the supported Hash Algorithms.
func Algorithms() map[Algorithm]struct{} {
	return map[Algorithm]struct{}{
		None:    {},
		MD5:     {},
		SHA1:    {},
		SHA224:  {},
		SHA256:  {},
		SHA384:  {},
		SHA512:  {},
		Ed25519: {},
	}
}