From 9521fba94493044ee71ee30f49426c0d80b404be Mon Sep 17 00:00:00 2001 From: Gaukas Wang Date: Mon, 11 Dec 2023 21:02:16 -0700 Subject: [PATCH] new: vendor godicttls package (#265) For better maintainability we decided to vendor this package instead of importing it. --- dicttls/LICENSE | 28 + dicttls/README.md | 12 + dicttls/alerts.go | 118 ++ dicttls/authorization_data_formats.go | 35 + dicttls/cachedinformationtype_values.go | 19 + .../certificate_compression_algorithm_ids.go | 22 + dicttls/certificate_status_types.go | 19 + dicttls/certificte_types.go | 25 + dicttls/cipher_suites.go | 1084 +++++++++++++++++ dicttls/clientcertificatetype_identifiers.go | 49 + dicttls/comp_meth_ids.go | 22 + dicttls/contenttype.go | 34 + dicttls/ec_curve_types.go | 22 + dicttls/ec_point_formats.go | 22 + dicttls/exttype_values.go | 209 ++++ dicttls/handshaketype.go | 96 ++ dicttls/hashalgorithm.go | 39 + dicttls/heartbeat_message_types.go | 19 + dicttls/heartbeat_mode.go | 19 + dicttls/kdf_identifiers.go | 19 + dicttls/kem_identifiers.go | 35 + dicttls/psk_key_exchange_mode.go | 19 + dicttls/quic_frame_types.go | 112 ++ dicttls/quic_transport_error_codes.go | 70 ++ dicttls/quic_transport_parameters.go | 91 ++ dicttls/signaturealgorithm.go | 41 + dicttls/signaturescheme.go | 116 ++ dicttls/supplemental_data_formats.go | 19 + dicttls/supported_groups.go | 157 +++ dicttls/usermappingtype_values.go | 16 + go.mod | 1 - go.sum | 2 - u_clienthello_json.go | 8 +- u_tls_extensions.go | 20 +- 34 files changed, 2602 insertions(+), 17 deletions(-) create mode 100644 dicttls/LICENSE create mode 100644 dicttls/README.md create mode 100644 dicttls/alerts.go create mode 100644 dicttls/authorization_data_formats.go create mode 100644 dicttls/cachedinformationtype_values.go create mode 100644 dicttls/certificate_compression_algorithm_ids.go create mode 100644 dicttls/certificate_status_types.go create mode 100644 dicttls/certificte_types.go create mode 100644 dicttls/cipher_suites.go create mode 100644 dicttls/clientcertificatetype_identifiers.go create mode 100644 dicttls/comp_meth_ids.go create mode 100644 dicttls/contenttype.go create mode 100644 dicttls/ec_curve_types.go create mode 100644 dicttls/ec_point_formats.go create mode 100644 dicttls/exttype_values.go create mode 100644 dicttls/handshaketype.go create mode 100644 dicttls/hashalgorithm.go create mode 100644 dicttls/heartbeat_message_types.go create mode 100644 dicttls/heartbeat_mode.go create mode 100644 dicttls/kdf_identifiers.go create mode 100644 dicttls/kem_identifiers.go create mode 100644 dicttls/psk_key_exchange_mode.go create mode 100644 dicttls/quic_frame_types.go create mode 100644 dicttls/quic_transport_error_codes.go create mode 100644 dicttls/quic_transport_parameters.go create mode 100644 dicttls/signaturealgorithm.go create mode 100644 dicttls/signaturescheme.go create mode 100644 dicttls/supplemental_data_formats.go create mode 100644 dicttls/supported_groups.go create mode 100644 dicttls/usermappingtype_values.go diff --git a/dicttls/LICENSE b/dicttls/LICENSE new file mode 100644 index 00000000..6b3bea46 --- /dev/null +++ b/dicttls/LICENSE @@ -0,0 +1,28 @@ +BSD 3-Clause License + +Copyright (c) 2023, Gaukas Wang + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/dicttls/README.md b/dicttls/README.md new file mode 100644 index 00000000..7a26134a --- /dev/null +++ b/dicttls/README.md @@ -0,0 +1,12 @@ +# Dict TLS + +This is a vendored version of [godicttls](https://github.com/gaukas/godicttls) + +Below is a copy of the original README.md + +# godicttls +Dictionary for TLS written in Go providing bidirectional mapping values to their names, plus enum convenience for values. + +Last Update with data fetched from [IANA](www.iana.org) in March 2023: +- Transport Layer Security (TLS) Parameters [link](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml) +- Transport Layer Security (TLS) Extensions [link](https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml) \ No newline at end of file diff --git a/dicttls/alerts.go b/dicttls/alerts.go new file mode 100644 index 00000000..ec1f4e7f --- /dev/null +++ b/dicttls/alerts.go @@ -0,0 +1,118 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-6 +// last updated: March 2023 + +const ( + Alert_close_notify uint8 = 0 + Alert_unexpected_message uint8 = 10 + Alert_bad_record_mac uint8 = 20 + Alert_decryption_failed uint8 = 21 + Alert_record_overflow uint8 = 22 + Alert_decompression_failure uint8 = 30 + Alert_handshake_failure uint8 = 40 + Alert_no_certificate uint8 = 41 + Alert_bad_certificate uint8 = 42 + Alert_unsupported_certificate uint8 = 43 + Alert_certificate_revoked uint8 = 44 + Alert_certificate_expired uint8 = 45 + Alert_certificate_unknown uint8 = 46 + Alert_illegal_parameter uint8 = 47 + Alert_unknown_ca uint8 = 48 + Alert_access_denied uint8 = 49 + Alert_decode_error uint8 = 50 + Alert_decrypt_error uint8 = 51 + Alert_too_many_cids_requested uint8 = 52 + Alert_export_restriction uint8 = 60 + Alert_protocol_version uint8 = 70 + Alert_insufficient_security uint8 = 71 + Alert_internal_error uint8 = 80 + Alert_inappropriate_fallback uint8 = 86 + Alert_user_canceled uint8 = 90 + Alert_no_renegotiation uint8 = 100 + Alert_missing_extension uint8 = 109 + Alert_unsupported_extension uint8 = 110 + Alert_certificate_unobtainable uint8 = 111 + Alert_unrecognized_name uint8 = 112 + Alert_bad_certificate_status_response uint8 = 113 + Alert_bad_certificate_hash_value uint8 = 114 + Alert_unknown_psk_identity uint8 = 115 + Alert_certificate_required uint8 = 116 + Alert_no_application_protocol uint8 = 120 +) + +var DictAlertValueIndexed = map[uint8]string{ + 0: "close_notify", + 10: "unexpected_message", + 20: "bad_record_mac", + 21: "decryption_failed", + 22: "record_overflow", + 30: "decompression_failure", + 40: "handshake_failure", + 41: "no_certificate", + 42: "bad_certificate", + 43: "unsupported_certificate", + 44: "certificate_revoked", + 45: "certificate_expired", + 46: "certificate_unknown", + 47: "illegal_parameter", + 48: "unknown_ca", + 49: "access_denied", + 50: "decode_error", + 51: "decrypt_error", + 52: "too_many_cids_requested", + 60: "export_restriction", + 70: "protocol_version", + 71: "insufficient_security", + 80: "internal_error", + 86: "inappropriate_fallback", + 90: "user_canceled", + 100: "no_renegotiation", + 109: "missing_extension", + 110: "unsupported_extension", + 111: "certificate_unobtainable", + 112: "unrecognized_name", + 113: "bad_certificate_status_response", + 114: "bad_certificate_hash_value", + 115: "unknown_psk_identity", + 116: "certificate_required", + 120: "no_application_protocol", +} + +var DictAlertNameIndexed = map[string]uint8{ + "close_notify": 0, + "unexpected_message": 10, + "bad_record_mac": 20, + "decryption_failed": 21, + "record_overflow": 22, + "decompression_failure": 30, + "handshake_failure": 40, + "no_certificate": 41, + "bad_certificate": 42, + "unsupported_certificate": 43, + "certificate_revoked": 44, + "certificate_expired": 45, + "certificate_unknown": 46, + "illegal_parameter": 47, + "unknown_ca": 48, + "access_denied": 49, + "decode_error": 50, + "decrypt_error": 51, + "too_many_cids_requested": 52, + "export_restriction": 60, + "protocol_version": 70, + "insufficient_security": 71, + "internal_error": 80, + "inappropriate_fallback": 86, + "user_canceled": 90, + "no_renegotiation": 100, + "missing_extension": 109, + "unsupported_extension": 110, + "certificate_unobtainable": 111, + "unrecognized_name": 112, + "bad_certificate_status_response": 113, + "bad_certificate_hash_value": 114, + "unknown_psk_identity": 115, + "certificate_required": 116, + "no_application_protocol": 120, +} diff --git a/dicttls/authorization_data_formats.go b/dicttls/authorization_data_formats.go new file mode 100644 index 00000000..5a1847e4 --- /dev/null +++ b/dicttls/authorization_data_formats.go @@ -0,0 +1,35 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#authorization-data +// last updated: March 2023 + +const ( + AuthData_x509_attr_cert uint16 = 0 + AuthData_saml_assertion uint16 = 1 + AuthData_x509_attr_cert_url uint16 = 2 + AuthData_saml_assertion_url uint16 = 3 + AuthData_keynote_assertion_list uint16 = 64 + AuthData_keynote_assertion_list_url uint16 = 65 + AuthData_dtcp_authorization uint16 = 66 +) + +var DictAuthorizationDataFormatValueIndexed = map[uint16]string{ + 0: "x509_attr_cert", + 1: "saml_assertion", + 2: "x509_attr_cert_url", + 3: "saml_assertion_url", + 64: "keynote_assertion_list", + 65: "keynote_assertion_list_url", + 66: "dtcp_authorization", +} + +var DictAuthorizationDataFormatNameIndexed = map[string]uint16{ + "x509_attr_cert": 0, + "saml_assertion": 1, + "x509_attr_cert_url": 2, + "saml_assertion_url": 3, + "Unassigned": 0, + "keynote_assertion_list": 64, + "keynote_assertion_list_url": 65, + "dtcp_authorization": 66, +} diff --git a/dicttls/cachedinformationtype_values.go b/dicttls/cachedinformationtype_values.go new file mode 100644 index 00000000..8e1469b1 --- /dev/null +++ b/dicttls/cachedinformationtype_values.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#cachedinformationtype +// last updated: March 2023 + +const ( + CachedInformationType_cert uint8 = 1 + CachedInformationType_cert_req uint8 = 2 +) + +var DictCachedInformationTypeValueIndexed = map[uint8]string{ + 1: "cert", + 2: "cert_req", +} + +var DictCachedInformationTypeNameIndexed = map[string]uint8{ + "cert": 1, + "cert_req": 2, +} diff --git a/dicttls/certificate_compression_algorithm_ids.go b/dicttls/certificate_compression_algorithm_ids.go new file mode 100644 index 00000000..e5ffca3f --- /dev/null +++ b/dicttls/certificate_compression_algorithm_ids.go @@ -0,0 +1,22 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-certificate-compression-algorithm-ids +// last updated: March 2023 + +const ( + CertCompAlg_zlib uint16 = 1 + CertCompAlg_brotli uint16 = 2 + CertCompAlg_zstd uint16 = 3 +) + +var DictCertificateCompressionAlgorithmValueIndexed = map[uint16]string{ + 1: "zlib", + 2: "brotli", + 3: "zstd", +} + +var DictCertificateCompressionAlgorithmNameIndexed = map[string]uint16{ + "zlib": 1, + "brotli": 2, + "zstd": 3, +} diff --git a/dicttls/certificate_status_types.go b/dicttls/certificate_status_types.go new file mode 100644 index 00000000..67e02852 --- /dev/null +++ b/dicttls/certificate_status_types.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#certificate-status +// last updated: March 2023 + +const ( + CertStatusType_ocsp uint8 = 1 + CertStatusType_ocsp_multi uint8 = 2 +) + +var DictCertificateStatusTypeValueIndexed = map[uint8]string{ + 1: "ocsp", + 2: "ocsp_multi", +} + +var DictCertificateStatusTypeNameIndexed = map[string]uint8{ + "ocsp": 1, + "ocsp_multi": 2, +} diff --git a/dicttls/certificte_types.go b/dicttls/certificte_types.go new file mode 100644 index 00000000..93a3285a --- /dev/null +++ b/dicttls/certificte_types.go @@ -0,0 +1,25 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3 +// last updated: March 2023 + +const ( + CertType_X509 uint8 = 0 + CertType_OpenPGP uint8 = 1 + CertType_Raw_Public_Key uint8 = 2 + CertType_1609Dot2 uint8 = 3 +) + +var DictCertificateTypeValueIndexed = map[uint8]string{ + 0: "X509", + 1: "OpenPGP", + 2: "Raw Public Key", + 3: "1609Dot2", +} + +var DictCertificateTypeNameIndexed = map[string]uint8{ + "X509": 0, + "OpenPGP": 1, + "Raw Public Key": 2, + "1609Dot2": 3, +} diff --git a/dicttls/cipher_suites.go b/dicttls/cipher_suites.go new file mode 100644 index 00000000..d7875210 --- /dev/null +++ b/dicttls/cipher_suites.go @@ -0,0 +1,1084 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 +// last updated: March 2023 + +const ( + TLS_NULL_WITH_NULL_NULL uint16 = 0x0000 + TLS_RSA_WITH_NULL_MD5 uint16 = 0x0001 + TLS_RSA_WITH_NULL_SHA uint16 = 0x0002 + TLS_RSA_EXPORT_WITH_RC4_40_MD5 uint16 = 0x0003 + TLS_RSA_WITH_RC4_128_MD5 uint16 = 0x0004 + TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005 + TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 uint16 = 0x0006 + TLS_RSA_WITH_IDEA_CBC_SHA uint16 = 0x0007 + TLS_RSA_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x0008 + TLS_RSA_WITH_DES_CBC_SHA uint16 = 0x0009 + TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000A + TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x000B + TLS_DH_DSS_WITH_DES_CBC_SHA uint16 = 0x000C + TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA uint16 = 0x000D + TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x000E + TLS_DH_RSA_WITH_DES_CBC_SHA uint16 = 0x000F + TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x0010 + TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x0011 + TLS_DHE_DSS_WITH_DES_CBC_SHA uint16 = 0x0012 + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA uint16 = 0x0013 + TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x0014 + TLS_DHE_RSA_WITH_DES_CBC_SHA uint16 = 0x0015 + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x0016 + TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 uint16 = 0x0017 + TLS_DH_anon_WITH_RC4_128_MD5 uint16 = 0x0018 + TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA uint16 = 0x0019 + TLS_DH_anon_WITH_DES_CBC_SHA uint16 = 0x001A + TLS_DH_anon_WITH_3DES_EDE_CBC_SHA uint16 = 0x001B + + TLS_KRB5_WITH_DES_CBC_SHA uint16 = 0x001E + TLS_KRB5_WITH_3DES_EDE_CBC_SHA uint16 = 0x001F + TLS_KRB5_WITH_RC4_128_SHA uint16 = 0x0020 + TLS_KRB5_WITH_IDEA_CBC_SHA uint16 = 0x0021 + TLS_KRB5_WITH_DES_CBC_MD5 uint16 = 0x0022 + TLS_KRB5_WITH_3DES_EDE_CBC_MD5 uint16 = 0x0023 + TLS_KRB5_WITH_RC4_128_MD5 uint16 = 0x0024 + TLS_KRB5_WITH_IDEA_CBC_MD5 uint16 = 0x0025 + TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA uint16 = 0x0026 + TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA uint16 = 0x0027 + TLS_KRB5_EXPORT_WITH_RC4_40_SHA uint16 = 0x0028 + TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 uint16 = 0x0029 + TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 uint16 = 0x002A + TLS_KRB5_EXPORT_WITH_RC4_40_MD5 uint16 = 0x002B + TLS_PSK_WITH_NULL_SHA uint16 = 0x002C + TLS_DHE_PSK_WITH_NULL_SHA uint16 = 0x002D + TLS_RSA_PSK_WITH_NULL_SHA uint16 = 0x002E + TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002F + TLS_DH_DSS_WITH_AES_128_CBC_SHA uint16 = 0x0030 + TLS_DH_RSA_WITH_AES_128_CBC_SHA uint16 = 0x0031 + TLS_DHE_DSS_WITH_AES_128_CBC_SHA uint16 = 0x0032 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0x0033 + TLS_DH_anon_WITH_AES_128_CBC_SHA uint16 = 0x0034 + TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035 + TLS_DH_DSS_WITH_AES_256_CBC_SHA uint16 = 0x0036 + TLS_DH_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0037 + TLS_DHE_DSS_WITH_AES_256_CBC_SHA uint16 = 0x0038 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0039 + TLS_DH_anon_WITH_AES_256_CBC_SHA uint16 = 0x003A + TLS_RSA_WITH_NULL_SHA256 uint16 = 0x003B + TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003C + TLS_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x003D + TLS_DH_DSS_WITH_AES_128_CBC_SHA256 uint16 = 0x003E + TLS_DH_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003F + TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 uint16 = 0x0040 + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0041 + TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0042 + TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0043 + TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0044 + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0045 + TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA uint16 = 0x0046 + + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x0067 + TLS_DH_DSS_WITH_AES_256_CBC_SHA256 uint16 = 0x0068 + TLS_DH_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x0069 + TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 uint16 = 0x006A + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x006B + TLS_DH_anon_WITH_AES_128_CBC_SHA256 uint16 = 0x006C + TLS_DH_anon_WITH_AES_256_CBC_SHA256 uint16 = 0x006D + + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0084 + TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0085 + TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0086 + TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0087 + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0088 + TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA uint16 = 0x0089 + TLS_PSK_WITH_RC4_128_SHA uint16 = 0x008A + TLS_PSK_WITH_3DES_EDE_CBC_SHA uint16 = 0x008B + TLS_PSK_WITH_AES_128_CBC_SHA uint16 = 0x008C + TLS_PSK_WITH_AES_256_CBC_SHA uint16 = 0x008D + TLS_DHE_PSK_WITH_RC4_128_SHA uint16 = 0x008E + TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA uint16 = 0x008F + TLS_DHE_PSK_WITH_AES_128_CBC_SHA uint16 = 0x0090 + TLS_DHE_PSK_WITH_AES_256_CBC_SHA uint16 = 0x0091 + TLS_RSA_PSK_WITH_RC4_128_SHA uint16 = 0x0092 + TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA uint16 = 0x0093 + TLS_RSA_PSK_WITH_AES_128_CBC_SHA uint16 = 0x0094 + TLS_RSA_PSK_WITH_AES_256_CBC_SHA uint16 = 0x0095 + TLS_RSA_WITH_SEED_CBC_SHA uint16 = 0x0096 + TLS_DH_DSS_WITH_SEED_CBC_SHA uint16 = 0x0097 + TLS_DH_RSA_WITH_SEED_CBC_SHA uint16 = 0x0098 + TLS_DHE_DSS_WITH_SEED_CBC_SHA uint16 = 0x0099 + TLS_DHE_RSA_WITH_SEED_CBC_SHA uint16 = 0x009A + TLS_DH_anon_WITH_SEED_CBC_SHA uint16 = 0x009B + TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009C + TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009D + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009E + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009F + TLS_DH_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x00A0 + TLS_DH_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x00A1 + TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 uint16 = 0x00A2 + TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 uint16 = 0x00A3 + TLS_DH_DSS_WITH_AES_128_GCM_SHA256 uint16 = 0x00A4 + TLS_DH_DSS_WITH_AES_256_GCM_SHA384 uint16 = 0x00A5 + TLS_DH_anon_WITH_AES_128_GCM_SHA256 uint16 = 0x00A6 + TLS_DH_anon_WITH_AES_256_GCM_SHA384 uint16 = 0x00A7 + TLS_PSK_WITH_AES_128_GCM_SHA256 uint16 = 0x00A8 + TLS_PSK_WITH_AES_256_GCM_SHA384 uint16 = 0x00A9 + TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 uint16 = 0x00AA + TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 uint16 = 0x00AB + TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 uint16 = 0x00AC + TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 uint16 = 0x00AD + TLS_PSK_WITH_AES_128_CBC_SHA256 uint16 = 0x00AE + TLS_PSK_WITH_AES_256_CBC_SHA384 uint16 = 0x00AF + TLS_PSK_WITH_NULL_SHA256 uint16 = 0x00B0 + TLS_PSK_WITH_NULL_SHA384 uint16 = 0x00B1 + TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 uint16 = 0x00B2 + TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 uint16 = 0x00B3 + TLS_DHE_PSK_WITH_NULL_SHA256 uint16 = 0x00B4 + TLS_DHE_PSK_WITH_NULL_SHA384 uint16 = 0x00B5 + TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 uint16 = 0x00B6 + TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 uint16 = 0x00B7 + TLS_RSA_PSK_WITH_NULL_SHA256 uint16 = 0x00B8 + TLS_RSA_PSK_WITH_NULL_SHA384 uint16 = 0x00B9 + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BA + TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BB + TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BC + TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BD + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BE + TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0x00BF + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C0 + TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C1 + TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C2 + TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C3 + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C4 + TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 uint16 = 0x00C5 + TLS_SM4_GCM_SM3 uint16 = 0x00C6 + TLS_SM4_CCM_SM3 uint16 = 0x00C7 + + TLS_EMPTY_RENEGOTIATION_INFO_SCSV uint16 = 0x00FF + + TLS_AES_128_GCM_SHA256 uint16 = 0x1301 + TLS_AES_256_GCM_SHA384 uint16 = 0x1302 + TLS_CHACHA20_POLY1305_SHA256 uint16 = 0x1303 + TLS_AES_128_CCM_SHA256 uint16 = 0x1304 + TLS_AES_128_CCM_8_SHA256 uint16 = 0x1305 + TLS_AEGIS_256_SHA384 uint16 = 0x1306 + TLS_AEGIS_128L_SHA256 uint16 = 0x1307 + + TLS_FALLBACK_SCSV uint16 = 0x5600 + + TLS_ECDH_ECDSA_WITH_NULL_SHA uint16 = 0xC001 + TLS_ECDH_ECDSA_WITH_RC4_128_SHA uint16 = 0xC002 + TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC003 + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xC004 + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xC005 + TLS_ECDHE_ECDSA_WITH_NULL_SHA uint16 = 0xC006 + TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xC007 + TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC008 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xC009 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xC00A + TLS_ECDH_RSA_WITH_NULL_SHA uint16 = 0xC00B + TLS_ECDH_RSA_WITH_RC4_128_SHA uint16 = 0xC00C + TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC00D + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA uint16 = 0xC00E + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA uint16 = 0xC00F + TLS_ECDHE_RSA_WITH_NULL_SHA uint16 = 0xC010 + TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xC011 + TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC012 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xC013 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xC014 + TLS_ECDH_anon_WITH_NULL_SHA uint16 = 0xC015 + TLS_ECDH_anon_WITH_RC4_128_SHA uint16 = 0xC016 + TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA uint16 = 0xC017 + TLS_ECDH_anon_WITH_AES_128_CBC_SHA uint16 = 0xC018 + TLS_ECDH_anon_WITH_AES_256_CBC_SHA uint16 = 0xC019 + TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC01A + TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xC01B + TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA uint16 = 0xC01C + TLS_SRP_SHA_WITH_AES_128_CBC_SHA uint16 = 0xC01D + TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA uint16 = 0xC01E + TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA uint16 = 0xC01F + TLS_SRP_SHA_WITH_AES_256_CBC_SHA uint16 = 0xC020 + TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA uint16 = 0xC021 + TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA uint16 = 0xC022 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xC023 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 uint16 = 0xC024 + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xC025 + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 uint16 = 0xC026 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xC027 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 uint16 = 0xC028 + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xC029 + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 uint16 = 0xC02A + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xC02B + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xC02C + TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xC02D + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xC02E + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xC02F + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xC030 + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xC031 + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xC032 + TLS_ECDHE_PSK_WITH_RC4_128_SHA uint16 = 0xC033 + TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA uint16 = 0xC034 + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA uint16 = 0xC035 + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA uint16 = 0xC036 + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 uint16 = 0xC037 + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 uint16 = 0xC038 + TLS_ECDHE_PSK_WITH_NULL_SHA uint16 = 0xC039 + TLS_ECDHE_PSK_WITH_NULL_SHA256 uint16 = 0xC03A + TLS_ECDHE_PSK_WITH_NULL_SHA384 uint16 = 0xC03B + TLS_RSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC03C + TLS_RSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC03D + TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC03E + TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC03F + TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC040 + TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC041 + TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC042 + TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC043 + TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC044 + TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC045 + TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC046 + TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC047 + TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC048 + TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC049 + TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC04A + TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC04B + TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC04C + TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC04D + TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC04E + TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC04F + TLS_RSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC050 + TLS_RSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC051 + TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC052 + TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC053 + TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC054 + TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC055 + TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC056 + TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC057 + TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC058 + TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC059 + TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC05A + TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC05B + TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC05C + TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC05D + TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC05E + TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC05F + TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC060 + TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC061 + TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC062 + TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC063 + TLS_PSK_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC064 + TLS_PSK_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC065 + TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC066 + TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC067 + TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC068 + TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC069 + TLS_PSK_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC06A + TLS_PSK_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC06B + TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC06C + TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC06D + TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 uint16 = 0xC06E + TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 uint16 = 0xC06F + TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 uint16 = 0xC070 + TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 uint16 = 0xC071 + TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC072 + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC073 + TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC074 + TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC075 + TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC076 + TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC077 + TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC078 + TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC079 + TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC07A + TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC07B + TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC07C + TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC07D + TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC07E + TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC07F + TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC080 + TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC081 + TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC082 + TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC083 + TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC084 + TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC085 + TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC086 + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC087 + TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC088 + TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC089 + TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC08A + TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC08B + TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC08C + TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC08D + TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC08E + TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC08F + TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC090 + TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC091 + TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 uint16 = 0xC092 + TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 uint16 = 0xC093 + TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC094 + TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC095 + TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC096 + TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC097 + TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC098 + TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC099 + TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 uint16 = 0xC09A + TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 uint16 = 0xC09B + TLS_RSA_WITH_AES_128_CCM uint16 = 0xC09C + TLS_RSA_WITH_AES_256_CCM uint16 = 0xC09D + TLS_DHE_RSA_WITH_AES_128_CCM uint16 = 0xC09E + TLS_DHE_RSA_WITH_AES_256_CCM uint16 = 0xC09F + TLS_RSA_WITH_AES_128_CCM_8 uint16 = 0xC0A0 + TLS_RSA_WITH_AES_256_CCM_8 uint16 = 0xC0A1 + TLS_DHE_RSA_WITH_AES_128_CCM_8 uint16 = 0xC0A2 + TLS_DHE_RSA_WITH_AES_256_CCM_8 uint16 = 0xC0A3 + TLS_PSK_WITH_AES_128_CCM uint16 = 0xC0A4 + TLS_PSK_WITH_AES_256_CCM uint16 = 0xC0A5 + TLS_DHE_PSK_WITH_AES_128_CCM uint16 = 0xC0A6 + TLS_DHE_PSK_WITH_AES_256_CCM uint16 = 0xC0A7 + TLS_PSK_WITH_AES_128_CCM_8 uint16 = 0xC0A8 + TLS_PSK_WITH_AES_256_CCM_8 uint16 = 0xC0A9 + TLS_PSK_DHE_WITH_AES_128_CCM_8 uint16 = 0xC0AA + TLS_PSK_DHE_WITH_AES_256_CCM_8 uint16 = 0xC0AB + TLS_ECDHE_ECDSA_WITH_AES_128_CCM uint16 = 0xC0AC + TLS_ECDHE_ECDSA_WITH_AES_256_CCM uint16 = 0xC0AD + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 uint16 = 0xC0AE + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 uint16 = 0xC0AF + TLS_ECCPWD_WITH_AES_128_GCM_SHA256 uint16 = 0xC0B0 + TLS_ECCPWD_WITH_AES_256_GCM_SHA384 uint16 = 0xC0B1 + TLS_ECCPWD_WITH_AES_128_CCM_SHA256 uint16 = 0xC0B2 + TLS_ECCPWD_WITH_AES_256_CCM_SHA384 uint16 = 0xC0B3 + TLS_SHA256_SHA256 uint16 = 0xC0B4 + TLS_SHA384_SHA384 uint16 = 0xC0B5 + + TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC uint16 = 0xC100 + TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC uint16 = 0xC101 + TLS_GOSTR341112_256_WITH_28147_CNT_IMIT uint16 = 0xC102 + TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L uint16 = 0xC103 +) + +var DictCipherSuiteValueIndexed = map[uint16]string{ + 0x0000: "TLS_NULL_WITH_NULL_NULL", + 0x0001: "TLS_RSA_WITH_NULL_MD5", + 0x0002: "TLS_RSA_WITH_NULL_SHA", + 0x0003: "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + 0x0004: "TLS_RSA_WITH_RC4_128_MD5", + 0x0005: "TLS_RSA_WITH_RC4_128_SHA", + 0x0006: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + 0x0007: "TLS_RSA_WITH_IDEA_CBC_SHA", + 0x0008: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0009: "TLS_RSA_WITH_DES_CBC_SHA", + 0x000A: "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + 0x000B: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", + 0x000C: "TLS_DH_DSS_WITH_DES_CBC_SHA", + 0x000D: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + 0x000E: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x000F: "TLS_DH_RSA_WITH_DES_CBC_SHA", + 0x0010: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + 0x0011: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + 0x0012: "TLS_DHE_DSS_WITH_DES_CBC_SHA", + 0x0013: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + 0x0014: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0015: "TLS_DHE_RSA_WITH_DES_CBC_SHA", + 0x0016: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + 0x0017: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + 0x0018: "TLS_DH_anon_WITH_RC4_128_MD5", + 0x0019: "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + 0x001A: "TLS_DH_anon_WITH_DES_CBC_SHA", + 0x001B: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + + 0x001E: "TLS_KRB5_WITH_DES_CBC_SHA", + 0x001F: "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", + 0x0020: "TLS_KRB5_WITH_RC4_128_SHA", + 0x0021: "TLS_KRB5_WITH_IDEA_CBC_SHA", + 0x0022: "TLS_KRB5_WITH_DES_CBC_MD5", + 0x0023: "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", + 0x0024: "TLS_KRB5_WITH_RC4_128_MD5", + 0x0025: "TLS_KRB5_WITH_IDEA_CBC_MD5", + 0x0026: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", + 0x0027: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", + 0x0028: "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", + 0x0029: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", + 0x002A: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", + 0x002B: "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", + 0x002C: "TLS_PSK_WITH_NULL_SHA", + 0x002D: "TLS_DHE_PSK_WITH_NULL_SHA", + 0x002E: "TLS_RSA_PSK_WITH_NULL_SHA", + 0x002F: "TLS_RSA_WITH_AES_128_CBC_SHA", + 0x0030: "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + 0x0031: "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + 0x0032: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + 0x0033: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + 0x0034: "TLS_DH_anon_WITH_AES_128_CBC_SHA", + 0x0035: "TLS_RSA_WITH_AES_256_CBC_SHA", + 0x0036: "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + 0x0037: "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + 0x0038: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + 0x0039: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + 0x003A: "TLS_DH_anon_WITH_AES_256_CBC_SHA", + 0x003B: "TLS_RSA_WITH_NULL_SHA256", + 0x003C: "TLS_RSA_WITH_AES_128_CBC_SHA256", + 0x003D: "TLS_RSA_WITH_AES_256_CBC_SHA256", + 0x003E: "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + 0x003F: "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + 0x0040: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + 0x0041: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0042: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + 0x0043: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0044: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + 0x0045: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0046: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + + 0x0067: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + 0x0068: "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + 0x0069: "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + 0x006A: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + 0x006B: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + 0x006C: "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + 0x006D: "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + + 0x0084: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0085: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + 0x0086: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0087: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + 0x0088: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0089: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + 0x008A: "TLS_PSK_WITH_RC4_128_SHA", + 0x008B: "TLS_PSK_WITH_3DES_EDE_CBC_SHA", + 0x008C: "TLS_PSK_WITH_AES_128_CBC_SHA", + 0x008D: "TLS_PSK_WITH_AES_256_CBC_SHA", + 0x008E: "TLS_DHE_PSK_WITH_RC4_128_SHA", + 0x008F: "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", + 0x0090: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", + 0x0091: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", + 0x0092: "TLS_RSA_PSK_WITH_RC4_128_SHA", + 0x0093: "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", + 0x0094: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", + 0x0095: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", + 0x0096: "TLS_RSA_WITH_SEED_CBC_SHA", + 0x0097: "TLS_DH_DSS_WITH_SEED_CBC_SHA", + 0x0098: "TLS_DH_RSA_WITH_SEED_CBC_SHA", + 0x0099: "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + 0x009A: "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + 0x009B: "TLS_DH_anon_WITH_SEED_CBC_SHA", + 0x009C: "TLS_RSA_WITH_AES_128_GCM_SHA256", + 0x009D: "TLS_RSA_WITH_AES_256_GCM_SHA384", + 0x009E: "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + 0x009F: "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + 0x00A0: "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + 0x00A1: "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + 0x00A2: "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + 0x00A3: "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + 0x00A4: "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + 0x00A5: "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + 0x00A6: "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + 0x00A7: "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + 0x00A8: "TLS_PSK_WITH_AES_128_GCM_SHA256", + 0x00A9: "TLS_PSK_WITH_AES_256_GCM_SHA384", + 0x00AA: "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", + 0x00AB: "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", + 0x00AC: "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", + 0x00AD: "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", + 0x00AE: "TLS_PSK_WITH_AES_128_CBC_SHA256", + 0x00AF: "TLS_PSK_WITH_AES_256_CBC_SHA384", + 0x00B0: "TLS_PSK_WITH_NULL_SHA256", + 0x00B1: "TLS_PSK_WITH_NULL_SHA384", + 0x00B2: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", + 0x00B3: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", + 0x00B4: "TLS_DHE_PSK_WITH_NULL_SHA256", + 0x00B5: "TLS_DHE_PSK_WITH_NULL_SHA384", + 0x00B6: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", + 0x00B7: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", + 0x00B8: "TLS_RSA_PSK_WITH_NULL_SHA256", + 0x00B9: "TLS_RSA_PSK_WITH_NULL_SHA384", + 0x00BA: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BB: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BC: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BD: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BE: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BF: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", + 0x00C0: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C1: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C2: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C3: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C4: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C5: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C6: "TLS_SM4_GCM_SM3", + 0x00C7: "TLS_SM4_CCM_SM3", + + 0x00FF: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", + + 0x1301: "TLS_AES_128_GCM_SHA256", + 0x1302: "TLS_AES_256_GCM_SHA384", + 0x1303: "TLS_CHACHA20_POLY1305_SHA256", + 0x1304: "TLS_AES_128_CCM_SHA256", + 0x1305: "TLS_AES_128_CCM_8_SHA256", + 0x1306: "TLS_AEGIS_256_SHA384", + 0x1307: "TLS_AEGIS_128L_SHA256", + + 0x5600: "TLS_FALLBACK_SCSV", + + 0xC001: "TLS_ECDH_ECDSA_WITH_NULL_SHA", + 0xC002: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + 0xC003: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + 0xC004: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + 0xC005: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + 0xC006: "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + 0xC007: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + 0xC008: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + 0xC009: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + 0xC00A: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + 0xC00B: "TLS_ECDH_RSA_WITH_NULL_SHA", + 0xC00C: "TLS_ECDH_RSA_WITH_RC4_128_SHA", + 0xC00D: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC00E: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + 0xC00F: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + 0xC010: "TLS_ECDHE_RSA_WITH_NULL_SHA", + 0xC011: "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + 0xC012: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC013: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + 0xC014: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + 0xC015: "TLS_ECDH_anon_WITH_NULL_SHA", + 0xC016: "TLS_ECDH_anon_WITH_RC4_128_SHA", + 0xC017: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + 0xC018: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + 0xC019: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + 0xC01A: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", + 0xC01B: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC01C: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", + 0xC01D: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", + 0xC01E: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", + 0xC01F: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", + 0xC020: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", + 0xC021: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", + 0xC022: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", + 0xC023: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + 0xC024: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + 0xC025: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + 0xC026: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + 0xC027: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + 0xC028: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + 0xC029: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + 0xC02A: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + 0xC02B: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + 0xC02C: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + 0xC02D: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + 0xC02E: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + 0xC02F: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + 0xC030: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + 0xC031: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + 0xC032: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + 0xC033: "TLS_ECDHE_PSK_WITH_RC4_128_SHA", + 0xC034: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", + 0xC035: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", + 0xC036: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", + 0xC037: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", + 0xC038: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", + 0xC039: "TLS_ECDHE_PSK_WITH_NULL_SHA", + 0xC03A: "TLS_ECDHE_PSK_WITH_NULL_SHA256", + 0xC03B: "TLS_ECDHE_PSK_WITH_NULL_SHA384", + 0xC03C: "TLS_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC03D: "TLS_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC03E: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", + 0xC03F: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", + 0xC040: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC041: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC042: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", + 0xC043: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", + 0xC044: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC045: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC046: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", + 0xC047: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", + 0xC048: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", + 0xC049: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", + 0xC04A: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", + 0xC04B: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", + 0xC04C: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC04D: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC04E: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC04F: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC050: "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC051: "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC052: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC053: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC054: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC055: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC056: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + 0xC057: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + 0xC058: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", + 0xC059: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", + 0xC05A: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", + 0xC05B: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", + 0xC05C: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + 0xC05D: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + 0xC05E: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", + 0xC05F: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", + 0xC060: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC061: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC062: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC063: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC064: "TLS_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC065: "TLS_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC066: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC067: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC068: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC069: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC06A: "TLS_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06B: "TLS_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC06C: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06D: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC06E: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06F: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC070: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC071: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC072: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC073: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC074: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC075: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC076: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC077: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC078: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC079: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC07A: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07B: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC07C: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07D: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC07E: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07F: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC080: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", + 0xC081: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", + 0xC082: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", + 0xC083: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", + 0xC084: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", + 0xC085: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", + 0xC086: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC087: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC088: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC089: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08A: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08B: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08C: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08D: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08E: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08F: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC090: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC091: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC092: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC093: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC094: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC095: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC096: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC097: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC098: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC099: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC09A: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC09B: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC09C: "TLS_RSA_WITH_AES_128_CCM", + 0xC09D: "TLS_RSA_WITH_AES_256_CCM", + 0xC09E: "TLS_DHE_RSA_WITH_AES_128_CCM", + 0xC09F: "TLS_DHE_RSA_WITH_AES_256_CCM", + 0xC0A0: "TLS_RSA_WITH_AES_128_CCM_8", + 0xC0A1: "TLS_RSA_WITH_AES_256_CCM_8", + 0xC0A2: "TLS_DHE_RSA_WITH_AES_128_CCM_8", + 0xC0A3: "TLS_DHE_RSA_WITH_AES_256_CCM_8", + 0xC0A4: "TLS_PSK_WITH_AES_128_CCM", + 0xC0A5: "TLS_PSK_WITH_AES_256_CCM", + 0xC0A6: "TLS_DHE_PSK_WITH_AES_128_CCM", + 0xC0A7: "TLS_DHE_PSK_WITH_AES_256_CCM", + 0xC0A8: "TLS_PSK_WITH_AES_128_CCM_8", + 0xC0A9: "TLS_PSK_WITH_AES_256_CCM_8", + 0xC0AA: "TLS_PSK_DHE_WITH_AES_128_CCM_8", + 0xC0AB: "TLS_PSK_DHE_WITH_AES_256_CCM_8", + 0xC0AC: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + 0xC0AD: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + 0xC0AE: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + 0xC0AF: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + 0xC0B0: "TLS_ECCPWD_WITH_AES_128_GCM_SHA256", + 0xC0B1: "TLS_ECCPWD_WITH_AES_256_GCM_SHA384", + 0xC0B2: "TLS_ECCPWD_WITH_AES_128_CCM_SHA256", + 0xC0B3: "TLS_ECCPWD_WITH_AES_256_CCM_SHA384", + 0xC0B4: "TLS_SHA256_SHA256", + 0xC0B5: "TLS_SHA384_SHA384", + + 0xC100: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC", + 0xC101: "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC", + 0xC102: "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT", + 0xC103: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L", + 0xC104: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L", + 0xC105: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S", + 0xC106: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S", + + 0xCCA8: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCA9: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAA: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAB: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAC: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAD: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAE: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256", + + 0xD001: "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256", + 0xD002: "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384", + 0xD003: "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256", + 0xD005: "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256", +} + +var DictCipherSuiteNameIndexed = map[string]uint16{ + "TLS_NULL_WITH_NULL_NULL": 0x0000, + "TLS_RSA_WITH_NULL_MD5": 0x0001, + "TLS_RSA_WITH_NULL_SHA": 0x0002, + "TLS_RSA_EXPORT_WITH_RC4_40_MD5": 0x0003, + "TLS_RSA_WITH_RC4_128_MD5": 0x0004, + "TLS_RSA_WITH_RC4_128_SHA": 0x0005, + "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5": 0x0006, + "TLS_RSA_WITH_IDEA_CBC_SHA": 0x0007, + "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA": 0x0008, + "TLS_RSA_WITH_DES_CBC_SHA": 0x0009, + "TLS_RSA_WITH_3DES_EDE_CBC_SHA": 0x000A, + "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA": 0x000B, + "TLS_DH_DSS_WITH_DES_CBC_SHA": 0x000C, + "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA": 0x000D, + "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA": 0x000E, + "TLS_DH_RSA_WITH_DES_CBC_SHA": 0x000F, + "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA": 0x0010, + "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA": 0x0011, + "TLS_DHE_DSS_WITH_DES_CBC_SHA": 0x0012, + "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA": 0x0013, + "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA": 0x0014, + "TLS_DHE_RSA_WITH_DES_CBC_SHA": 0x0015, + "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA": 0x0016, + "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5": 0x0017, + "TLS_DH_anon_WITH_RC4_128_MD5": 0x0018, + "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA": 0x0019, + "TLS_DH_anon_WITH_DES_CBC_SHA": 0x001A, + "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA": 0x001B, + + "TLS_KRB5_WITH_DES_CBC_SHA": 0x001E, + "TLS_KRB5_WITH_3DES_EDE_CBC_SHA": 0x001F, + "TLS_KRB5_WITH_RC4_128_SHA": 0x0020, + "TLS_KRB5_WITH_IDEA_CBC_SHA": 0x0021, + "TLS_KRB5_WITH_DES_CBC_MD5": 0x0022, + "TLS_KRB5_WITH_3DES_EDE_CBC_MD5": 0x0023, + "TLS_KRB5_WITH_RC4_128_MD5": 0x0024, + "TLS_KRB5_WITH_IDEA_CBC_MD5": 0x0025, + "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA": 0x0026, + "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA": 0x0027, + "TLS_KRB5_EXPORT_WITH_RC4_40_SHA": 0x0028, + "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5": 0x0029, + "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5": 0x002A, + "TLS_KRB5_EXPORT_WITH_RC4_40_MD5": 0x002B, + "TLS_PSK_WITH_NULL_SHA": 0x002C, + "TLS_DHE_PSK_WITH_NULL_SHA": 0x002D, + "TLS_RSA_PSK_WITH_NULL_SHA": 0x002E, + "TLS_RSA_WITH_AES_128_CBC_SHA": 0x002F, + "TLS_DH_DSS_WITH_AES_128_CBC_SHA": 0x0030, + "TLS_DH_RSA_WITH_AES_128_CBC_SHA": 0x0031, + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA": 0x0032, + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA": 0x0033, + "TLS_DH_anon_WITH_AES_128_CBC_SHA": 0x0034, + "TLS_RSA_WITH_AES_256_CBC_SHA": 0x0035, + "TLS_DH_DSS_WITH_AES_256_CBC_SHA": 0x0036, + "TLS_DH_RSA_WITH_AES_256_CBC_SHA": 0x0037, + "TLS_DHE_DSS_WITH_AES_256_CBC_SHA": 0x0038, + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA": 0x0039, + "TLS_DH_anon_WITH_AES_256_CBC_SHA": 0x003A, + "TLS_RSA_WITH_NULL_SHA256": 0x003B, + "TLS_RSA_WITH_AES_128_CBC_SHA256": 0x003C, + "TLS_RSA_WITH_AES_256_CBC_SHA256": 0x003D, + "TLS_DH_DSS_WITH_AES_128_CBC_SHA256": 0x003E, + "TLS_DH_RSA_WITH_AES_128_CBC_SHA256": 0x003F, + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256": 0x0040, + "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA": 0x0041, + "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA": 0x0042, + "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA": 0x0043, + "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA": 0x0044, + "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA": 0x0045, + "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA": 0x0046, + + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256": 0x0067, + "TLS_DH_DSS_WITH_AES_256_CBC_SHA256": 0x0068, + "TLS_DH_RSA_WITH_AES_256_CBC_SHA256": 0x0069, + "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256": 0x006A, + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": 0x006B, + "TLS_DH_anon_WITH_AES_128_CBC_SHA256": 0x006C, + "TLS_DH_anon_WITH_AES_256_CBC_SHA256": 0x006D, + + "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA": 0x0084, + "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA": 0x0085, + "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA": 0x0086, + "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA": 0x0087, + "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA": 0x0088, + "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA": 0x0089, + "TLS_PSK_WITH_RC4_128_SHA": 0x008A, + "TLS_PSK_WITH_3DES_EDE_CBC_SHA": 0x008B, + "TLS_PSK_WITH_AES_128_CBC_SHA": 0x008C, + "TLS_PSK_WITH_AES_256_CBC_SHA": 0x008D, + "TLS_DHE_PSK_WITH_RC4_128_SHA": 0x008E, + "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA": 0x008F, + "TLS_DHE_PSK_WITH_AES_128_CBC_SHA": 0x0090, + "TLS_DHE_PSK_WITH_AES_256_CBC_SHA": 0x0091, + "TLS_RSA_PSK_WITH_RC4_128_SHA": 0x0092, + "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA": 0x0093, + "TLS_RSA_PSK_WITH_AES_128_CBC_SHA": 0x0094, + "TLS_RSA_PSK_WITH_AES_256_CBC_SHA": 0x0095, + "TLS_RSA_WITH_SEED_CBC_SHA": 0x0096, + "TLS_DH_DSS_WITH_SEED_CBC_SHA": 0x0097, + "TLS_DH_RSA_WITH_SEED_CBC_SHA": 0x0098, + "TLS_DHE_DSS_WITH_SEED_CBC_SHA": 0x0099, + "TLS_DHE_RSA_WITH_SEED_CBC_SHA": 0x009A, + "TLS_DH_anon_WITH_SEED_CBC_SHA": 0x009B, + "TLS_RSA_WITH_AES_128_GCM_SHA256": 0x009C, + "TLS_RSA_WITH_AES_256_GCM_SHA384": 0x009D, + "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256": 0x009E, + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384": 0x009F, + "TLS_DH_RSA_WITH_AES_128_GCM_SHA256": 0x00A0, + "TLS_DH_RSA_WITH_AES_256_GCM_SHA384": 0x00A1, + "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256": 0x00A2, + "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384": 0x00A3, + "TLS_DH_DSS_WITH_AES_128_GCM_SHA256": 0x00A4, + "TLS_DH_DSS_WITH_AES_256_GCM_SHA384": 0x00A5, + "TLS_DH_anon_WITH_AES_128_GCM_SHA256": 0x00A6, + "TLS_DH_anon_WITH_AES_256_GCM_SHA384": 0x00A7, + "TLS_PSK_WITH_AES_128_GCM_SHA256": 0x00A8, + "TLS_PSK_WITH_AES_256_GCM_SHA384": 0x00A9, + "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256": 0x00AA, + "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384": 0x00AB, + "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256": 0x00AC, + "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384": 0x00AD, + "TLS_PSK_WITH_AES_128_CBC_SHA256": 0x00AE, + "TLS_PSK_WITH_AES_256_CBC_SHA384": 0x00AF, + "TLS_PSK_WITH_NULL_SHA256": 0x00B0, + "TLS_PSK_WITH_NULL_SHA384": 0x00B1, + "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256": 0x00B2, + "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384": 0x00B3, + "TLS_DHE_PSK_WITH_NULL_SHA256": 0x00B4, + "TLS_DHE_PSK_WITH_NULL_SHA384": 0x00B5, + "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256": 0x00B6, + "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384": 0x00B7, + "TLS_RSA_PSK_WITH_NULL_SHA256": 0x00B8, + "TLS_RSA_PSK_WITH_NULL_SHA384": 0x00B9, + "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256": 0x00BA, + "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256": 0x00BB, + "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256": 0x00BC, + "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256": 0x00BD, + "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": 0x00BE, + "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256": 0x00BF, + "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256": 0x00C0, + "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256": 0x00C1, + "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256": 0x00C2, + "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256": 0x00C3, + "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256": 0x00C4, + "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256": 0x00C5, + "TLS_SM4_GCM_SM3": 0x00C6, + "TLS_SM4_CCM_SM3": 0x00C7, + + "TLS_EMPTY_RENEGOTIATION_INFO_SCSV": 0x00FF, + + "TLS_AES_128_GCM_SHA256": 0x1301, + "TLS_AES_256_GCM_SHA384": 0x1302, + "TLS_CHACHA20_POLY1305_SHA256": 0x1303, + "TLS_AES_128_CCM_SHA256": 0x1304, + "TLS_AES_128_CCM_8_SHA256": 0x1305, + "TLS_AEGIS_256_SHA384": 0x1306, + "TLS_AEGIS_128L_SHA256": 0x1307, + + "TLS_FALLBACK_SCSV": 0x5600, + + "TLS_ECDH_ECDSA_WITH_NULL_SHA": 0xC001, + "TLS_ECDH_ECDSA_WITH_RC4_128_SHA": 0xC002, + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA": 0xC003, + "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA": 0xC004, + "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA": 0xC005, + "TLS_ECDHE_ECDSA_WITH_NULL_SHA": 0xC006, + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA": 0xC007, + "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA": 0xC008, + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": 0xC009, + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": 0xC00A, + "TLS_ECDH_RSA_WITH_NULL_SHA": 0xC00B, + "TLS_ECDH_RSA_WITH_RC4_128_SHA": 0xC00C, + "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA": 0xC00D, + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA": 0xC00E, + "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA": 0xC00F, + "TLS_ECDHE_RSA_WITH_NULL_SHA": 0xC010, + "TLS_ECDHE_RSA_WITH_RC4_128_SHA": 0xC011, + "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": 0xC012, + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 0xC013, + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": 0xC014, + "TLS_ECDH_anon_WITH_NULL_SHA": 0xC015, + "TLS_ECDH_anon_WITH_RC4_128_SHA": 0xC016, + "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA": 0xC017, + "TLS_ECDH_anon_WITH_AES_128_CBC_SHA": 0xC018, + "TLS_ECDH_anon_WITH_AES_256_CBC_SHA": 0xC019, + "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA": 0xC01A, + "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA": 0xC01B, + "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA": 0xC01C, + "TLS_SRP_SHA_WITH_AES_128_CBC_SHA": 0xC01D, + "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA": 0xC01E, + "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA": 0xC01F, + "TLS_SRP_SHA_WITH_AES_256_CBC_SHA": 0xC020, + "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA": 0xC021, + "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA": 0xC022, + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 0xC023, + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 0xC024, + "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256": 0xC025, + "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384": 0xC026, + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 0xC027, + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 0xC028, + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256": 0xC029, + "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384": 0xC02A, + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 0xC02B, + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 0xC02C, + "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256": 0xC02D, + "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384": 0xC02E, + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 0xC02F, + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 0xC030, + "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256": 0xC031, + "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384": 0xC032, + "TLS_ECDHE_PSK_WITH_RC4_128_SHA": 0xC033, + "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA": 0xC034, + "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA": 0xC035, + "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA": 0xC036, + "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256": 0xC037, + "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384": 0xC038, + "TLS_ECDHE_PSK_WITH_NULL_SHA": 0xC039, + "TLS_ECDHE_PSK_WITH_NULL_SHA256": 0xC03A, + "TLS_ECDHE_PSK_WITH_NULL_SHA384": 0xC03B, + "TLS_RSA_WITH_ARIA_128_CBC_SHA256": 0xC03C, + "TLS_RSA_WITH_ARIA_256_CBC_SHA384": 0xC03D, + "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256": 0xC03E, + "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384": 0xC03F, + "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256": 0xC040, + "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384": 0xC041, + "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256": 0xC042, + "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384": 0xC043, + "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256": 0xC044, + "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384": 0xC045, + "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256": 0xC046, + "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384": 0xC047, + "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256": 0xC048, + "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384": 0xC049, + "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256": 0xC04A, + "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384": 0xC04B, + "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256": 0xC04C, + "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384": 0xC04D, + "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256": 0xC04E, + "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384": 0xC04F, + "TLS_RSA_WITH_ARIA_128_GCM_SHA256": 0xC050, + "TLS_RSA_WITH_ARIA_256_GCM_SHA384": 0xC051, + "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256": 0xC052, + "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384": 0xC053, + "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256": 0xC054, + "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384": 0xC055, + "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256": 0xC056, + "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384": 0xC057, + "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256": 0xC058, + "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384": 0xC059, + "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256": 0xC05A, + "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384": 0xC05B, + "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256": 0xC05C, + "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384": 0xC05D, + "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256": 0xC05E, + "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384": 0xC05F, + "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256": 0xC060, + "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384": 0xC061, + "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256": 0xC062, + "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384": 0xC063, + "TLS_PSK_WITH_ARIA_128_CBC_SHA256": 0xC064, + "TLS_PSK_WITH_ARIA_256_CBC_SHA384": 0xC065, + "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256": 0xC066, + "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384": 0xC067, + "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256": 0xC068, + "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384": 0xC069, + "TLS_PSK_WITH_ARIA_128_GCM_SHA256": 0xC06A, + "TLS_PSK_WITH_ARIA_256_GCM_SHA384": 0xC06B, + "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256": 0xC06C, + "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384": 0xC06D, + "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256": 0xC06E, + "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384": 0xC06F, + "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256": 0xC070, + "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384": 0xC071, + "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": 0xC072, + "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": 0xC073, + "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256": 0xC074, + "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384": 0xC075, + "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256": 0xC076, + "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384": 0xC077, + "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256": 0xC078, + "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384": 0xC079, + "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC07A, + "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC07B, + "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC07C, + "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC07D, + "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC07E, + "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC07F, + "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256": 0xC080, + "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384": 0xC081, + "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256": 0xC082, + "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384": 0xC083, + "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256": 0xC084, + "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384": 0xC085, + "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC086, + "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC087, + "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC088, + "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC089, + "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC08A, + "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC08B, + "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256": 0xC08C, + "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384": 0xC08D, + "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256": 0xC08E, + "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384": 0xC08F, + "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256": 0xC090, + "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384": 0xC091, + "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256": 0xC092, + "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384": 0xC093, + "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256": 0xC094, + "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384": 0xC095, + "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": 0xC096, + "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": 0xC097, + "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256": 0xC098, + "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384": 0xC099, + "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256": 0xC09A, + "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384": 0xC09B, + "TLS_RSA_WITH_AES_128_CCM": 0xC09C, + "TLS_RSA_WITH_AES_256_CCM": 0xC09D, + "TLS_DHE_RSA_WITH_AES_128_CCM": 0xC09E, + "TLS_DHE_RSA_WITH_AES_256_CCM": 0xC09F, + "TLS_RSA_WITH_AES_128_CCM_8": 0xC0A0, + "TLS_RSA_WITH_AES_256_CCM_8": 0xC0A1, + "TLS_DHE_RSA_WITH_AES_128_CCM_8": 0xC0A2, + "TLS_DHE_RSA_WITH_AES_256_CCM_8": 0xC0A3, + "TLS_PSK_WITH_AES_128_CCM": 0xC0A4, + "TLS_PSK_WITH_AES_256_CCM": 0xC0A5, + "TLS_DHE_PSK_WITH_AES_128_CCM": 0xC0A6, + "TLS_DHE_PSK_WITH_AES_256_CCM": 0xC0A7, + "TLS_PSK_WITH_AES_128_CCM_8": 0xC0A8, + "TLS_PSK_WITH_AES_256_CCM_8": 0xC0A9, + "TLS_PSK_DHE_WITH_AES_128_CCM_8": 0xC0AA, + "TLS_PSK_DHE_WITH_AES_256_CCM_8": 0xC0AB, + "TLS_ECDHE_ECDSA_WITH_AES_128_CCM": 0xC0AC, + "TLS_ECDHE_ECDSA_WITH_AES_256_CCM": 0xC0AD, + "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8": 0xC0AE, + "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8": 0xC0AF, + "TLS_ECCPWD_WITH_AES_128_GCM_SHA256": 0xC0B0, + "TLS_ECCPWD_WITH_AES_256_GCM_SHA384": 0xC0B1, + "TLS_ECCPWD_WITH_AES_128_CCM_SHA256": 0xC0B2, + "TLS_ECCPWD_WITH_AES_256_CCM_SHA384": 0xC0B3, + "TLS_SHA256_SHA256": 0xC0B4, + "TLS_SHA384_SHA384": 0xC0B5, + + "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC": 0xC100, + "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC": 0xC101, + "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT": 0xC102, + "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L": 0xC103, + "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L": 0xC104, + "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S": 0xC105, + "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S": 0xC106, + + "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256": 0xCCA8, + "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": 0xCCA9, + "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256": 0xCCAA, + "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256": 0xCCAB, + "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256": 0xCCAC, + "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256": 0xCCAD, + "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256": 0xCCAE, + + "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256": 0xD001, + "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384": 0xD002, + "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256": 0xD003, + + "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256": 0xD005, +} diff --git a/dicttls/clientcertificatetype_identifiers.go b/dicttls/clientcertificatetype_identifiers.go new file mode 100644 index 00000000..c022bfdc --- /dev/null +++ b/dicttls/clientcertificatetype_identifiers.go @@ -0,0 +1,49 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-2 +// last updated: March 2023 + +const ( + ClientCertTypeIdentifier_rsa_sign uint8 = 1 + ClientCertTypeIdentifier_dss_sign uint8 = 2 + ClientCertTypeIdentifier_rsa_fixed_dh uint8 = 3 + ClientCertTypeIdentifier_dss_fixed_dh uint8 = 4 + ClientCertTypeIdentifier_rsa_ephemeral_dh uint8 = 5 + ClientCertTypeIdentifier_dss_ephemeral_dh uint8 = 6 + ClientCertTypeIdentifier_fortezza_dms uint8 = 20 + ClientCertTypeIdentifier_ecdsa_sign uint8 = 64 + ClientCertTypeIdentifier_rsa_fixed_ecdh uint8 = 65 + ClientCertTypeIdentifier_ecdsa_fixed_ecdh uint8 = 66 + ClientCertTypeIdentifier_gost_sign256 uint8 = 67 + ClientCertTypeIdentifier_gost_sign512 uint8 = 68 +) + +var DictClientCertificateTypeIdentifierValueIndexed = map[uint8]string{ + 1: "rsa_sign", + 2: "dss_sign", + 3: "rsa_fixed_dh", + 4: "dss_fixed_dh", + 5: "rsa_ephemeral_dh", + 6: "dss_ephemeral_dh", + 20: "fortezza_dms", + 64: "ecdsa_sign", + 65: "rsa_fixed_ecdh", + 66: "ecdsa_fixed_ecdh", + 67: "gost_sign256", + 68: "gost_sign512", +} + +var DictClientCertificateTypeIdentifierNameIndexed = map[string]uint8{ + "rsa_sign": 1, + "dss_sign": 2, + "rsa_fixed_dh": 3, + "dss_fixed_dh": 4, + "rsa_ephemeral_dh": 5, + "dss_ephemeral_dh": 6, + "fortezza_dms": 20, + "ecdsa_sign": 64, + "rsa_fixed_ecdh": 65, + "ecdsa_fixed_ecdh": 66, + "gost_sign256": 67, + "gost_sign512": 68, +} diff --git a/dicttls/comp_meth_ids.go b/dicttls/comp_meth_ids.go new file mode 100644 index 00000000..a3f951d3 --- /dev/null +++ b/dicttls/comp_meth_ids.go @@ -0,0 +1,22 @@ +package dicttls + +// source: https://www.iana.org/assignments/comp-meth-ids/comp-meth-ids-2.csv +// last updated: March 2023 + +const ( + CompMeth_NULL uint8 = 0 + CompMeth_DEFLATE uint8 = 1 + CompMeth_LZS uint8 = 64 +) + +var DictCompMethValueIndexed = map[uint8]string{ + 0: "NULL", + 1: "DEFLATE", + 64: "LZS", +} + +var DictCompMethNameIndexed = map[string]uint8{ + "NULL": 0, + "DEFLATE": 1, + "LZS": 64, +} diff --git a/dicttls/contenttype.go b/dicttls/contenttype.go new file mode 100644 index 00000000..b54c84dd --- /dev/null +++ b/dicttls/contenttype.go @@ -0,0 +1,34 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5 +// last updated: March 2023 + +const ( + ContentType_change_cipher_spec uint8 = 20 + ContentType_alert uint8 = 21 + ContentType_handshake uint8 = 22 + ContentType_application_data uint8 = 23 + ContentType_heartbeat uint8 = 24 + ContentType_tls12_cid uint8 = 25 + ContentType_ACK uint8 = 26 +) + +var DictContentTypeValueIndexed = map[uint8]string{ + 20: "change_cipher_spec", + 21: "alert", + 22: "handshake", + 23: "application_data", + 24: "heartbeat", + 25: "tls12_cid", + 26: "ACK", +} + +var DictContentTypeNameIndexed = map[string]uint8{ + "change_cipher_spec": 20, + "alert": 21, + "handshake": 22, + "application_data": 23, + "heartbeat": 24, + "tls12_cid": 25, + "ACK": 26, +} diff --git a/dicttls/ec_curve_types.go b/dicttls/ec_curve_types.go new file mode 100644 index 00000000..c15db247 --- /dev/null +++ b/dicttls/ec_curve_types.go @@ -0,0 +1,22 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-10 +// last updated: March 2023 + +const ( + ECCurve_explicit_prime uint16 = 1 + ECCurve_explicit_char2 uint16 = 2 + ECCurve_named_curve uint16 = 3 +) + +var DictECCurveTypeValueIndexed = map[uint16]string{ + 1: "explicit_prime", + 2: "explicit_char2", + 3: "named_curve", +} + +var DictECCurveTypeNameIndexed = map[string]uint16{ + "explicit_prime": 1, + "explicit_char2": 2, + "named_curve": 3, +} diff --git a/dicttls/ec_point_formats.go b/dicttls/ec_point_formats.go new file mode 100644 index 00000000..bfe44bba --- /dev/null +++ b/dicttls/ec_point_formats.go @@ -0,0 +1,22 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-9 +// last updated: March 2023 + +const ( + ECPoint_uncompressed uint8 = 0 + ECPoint_ansiX962_compressed_prime uint8 = 1 + ECPoint_ansiX962_compressed_char2 uint8 = 2 +) + +var DictECPointFormatValueIndexed = map[uint8]string{ + 0: "uncompressed", + 1: "ansiX962_compressed_prime", + 2: "ansiX962_compressed_char2", +} + +var DictECPointFormatNameIndexed = map[string]uint8{ + "uncompressed": 0, + "ansiX962_compressed_prime": 1, + "ansiX962_compressed_char2": 2, +} diff --git a/dicttls/exttype_values.go b/dicttls/exttype_values.go new file mode 100644 index 00000000..103e8800 --- /dev/null +++ b/dicttls/exttype_values.go @@ -0,0 +1,209 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-1 +// last updated: March 2023 + +const ( + ExtType_server_name uint16 = 0 + ExtType_max_fragment_length uint16 = 1 + ExtType_client_certificate_url uint16 = 2 + ExtType_trusted_ca_keys uint16 = 3 + ExtType_truncated_hmac uint16 = 4 + ExtType_status_request uint16 = 5 + ExtType_user_mapping uint16 = 6 + ExtType_client_authz uint16 = 7 + ExtType_server_authz uint16 = 8 + ExtType_cert_type uint16 = 9 + ExtType_supported_groups uint16 = 10 + ExtType_ec_point_formats uint16 = 11 + ExtType_srp uint16 = 12 + ExtType_signature_algorithms uint16 = 13 + ExtType_use_srtp uint16 = 14 + ExtType_heartbeat uint16 = 15 + ExtType_application_layer_protocol_negotiation uint16 = 16 + ExtType_status_request_v2 uint16 = 17 + ExtType_signed_certificate_timestamp uint16 = 18 + ExtType_client_certificate_type uint16 = 19 + ExtType_server_certificate_type uint16 = 20 + ExtType_padding uint16 = 21 + ExtType_encrypt_then_mac uint16 = 22 + ExtType_extended_master_secret uint16 = 23 + ExtType_token_binding uint16 = 24 + ExtType_cached_info uint16 = 25 + ExtType_tls_lts uint16 = 26 + ExtType_compress_certificate uint16 = 27 + ExtType_record_size_limit uint16 = 28 + ExtType_pwd_protect uint16 = 29 + ExtType_pwd_clear uint16 = 30 + ExtType_password_salt uint16 = 31 + ExtType_ticket_pinning uint16 = 32 + ExtType_tls_cert_with_extern_psk uint16 = 33 + ExtType_delegated_credentials uint16 = 34 // IANA name: delegated_credentials, IETF name: delegated_credential + ExtType_session_ticket uint16 = 35 + ExtType_TLMSP uint16 = 36 + ExtType_TLMSP_proxying uint16 = 37 + ExtType_TLMSP_delegate uint16 = 38 + ExtType_supported_ekt_ciphers uint16 = 39 + ExtType_pre_shared_key uint16 = 41 + ExtType_early_data uint16 = 42 + ExtType_supported_versions uint16 = 43 + ExtType_cookie uint16 = 44 + ExtType_psk_key_exchange_modes uint16 = 45 + ExtType_certificate_authorities uint16 = 47 + ExtType_oid_filters uint16 = 48 + ExtType_post_handshake_auth uint16 = 49 + ExtType_signature_algorithms_cert uint16 = 50 + ExtType_key_share uint16 = 51 + ExtType_transparency_info uint16 = 52 + ExtType_connection_id_deprecated uint16 = 53 // deprecated + ExtType_connection_id uint16 = 54 + ExtType_external_id_hash uint16 = 55 + ExtType_external_session_id uint16 = 56 + ExtType_quic_transport_parameters uint16 = 57 + ExtType_ticket_request uint16 = 58 + ExtType_dnssec_chain uint16 = 59 + ExtType_renegotiation_info uint16 = 65281 +) + +// Not IANA assigned +const ( + ExtType_next_protocol_negotiation uint16 = 13172 // https://datatracker.ietf.org/doc/html/draft-agl-tls-nextprotoneg-04 + ExtType_application_settings uint16 = 17513 // https://www.ietf.org/archive/id/draft-vvv-tls-alps-01.html + ExtType_channel_id_old uint16 = 30031 // https://datatracker.ietf.org/doc/html/draft-balfanz-tls-channelid-01 + ExtType_channel_id uint16 = 30032 // https://datatracker.ietf.org/doc/html/draft-balfanz-tls-channelid-01 +) + +var DictExtTypeValueIndexed = map[uint16]string{ + 0: "server_name", + 1: "max_fragment_length", + 2: "client_certificate_url", + 3: "trusted_ca_keys", + 4: "truncated_hmac", + 5: "status_request", + 6: "user_mapping", + 7: "client_authz", + 8: "server_authz", + 9: "cert_type", + 10: "supported_groups", + 11: "ec_point_formats", + 12: "srp", + 13: "signature_algorithms", + 14: "use_srtp", + 15: "heartbeat", + 16: "application_layer_protocol_negotiation", + 17: "status_request_v2", + 18: "signed_certificate_timestamp", + 19: "client_certificate_type", + 20: "server_certificate_type", + 21: "padding", + 22: "encrypt_then_mac", + 23: "extended_master_secret", + 24: "token_binding", + 25: "cached_info", + 26: "tls_lts", + 27: "compress_certificate", + 28: "record_size_limit", + 29: "pwd_protect", + 30: "pwd_clear", + 31: "password_salt", + 32: "ticket_pinning", + 33: "tls_cert_with_extern_psk", + 34: "delegated_credentials", // IANA name: delegated_credentials, IETF name: delegated_credential + 35: "session_ticket", + 36: "TLMSP", + 37: "TLMSP_proxying", + 38: "TLMSP_delegate", + 39: "supported_ekt_ciphers", + 41: "pre_shared_key", + 42: "early_data", + 43: "supported_versions", + 44: "cookie", + 45: "psk_key_exchange_modes", + 47: "certificate_authorities", + 48: "oid_filters", + 49: "post_handshake_auth", + 50: "signature_algorithms_cert", + 51: "key_share", + 52: "transparency_info", + 53: "connection_id_deprecated", // deprecated + 54: "connection_id", + 55: "external_id_hash", + 56: "external_session_id", + 57: "quic_transport_parameters", + 58: "ticket_request", + 59: "dnssec_chain", + 65281: "renegotiation_info", + + 13172: "next_protocol_negotiation", + 17513: "application_settings", + 30031: "channel_id_old", + 30032: "channel_id", +} + +var DictExtTypeNameIndexed = map[string]uint16{ + "server_name": 0, + "max_fragment_length": 1, + "client_certificate_url": 2, + "trusted_ca_keys": 3, + "truncated_hmac": 4, + "status_request": 5, + "user_mapping": 6, + "client_authz": 7, + "server_authz": 8, + "cert_type": 9, + "supported_groups": 10, + "ec_point_formats": 11, + "srp": 12, + "signature_algorithms": 13, + "use_srtp": 14, + "heartbeat": 15, + "application_layer_protocol_negotiation": 16, + "status_request_v2": 17, + "signed_certificate_timestamp": 18, + "client_certificate_type": 19, + "server_certificate_type": 20, + "padding": 21, + "encrypt_then_mac": 22, + "extended_master_secret": 23, + "token_binding": 24, + "cached_info": 25, + "tls_lts": 26, + "compress_certificate": 27, + "record_size_limit": 28, + "pwd_protect": 29, + "pwd_clear": 30, + "password_salt": 31, + "ticket_pinning": 32, + "tls_cert_with_extern_psk": 33, + "delegated_credentials": 34, // IANA name: delegated_credentials + "delegated_credential": 34, // IETF name: delegated_credential + "session_ticket": 35, + "TLMSP": 36, + "TLMSP_proxying": 37, + "TLMSP_delegate": 38, + "supported_ekt_ciphers": 39, + "pre_shared_key": 41, + "early_data": 42, + "supported_versions": 43, + "cookie": 44, + "psk_key_exchange_modes": 45, + "certificate_authorities": 47, + "oid_filters": 48, + "post_handshake_auth": 49, + "signature_algorithms_cert": 50, + "key_share": 51, + "transparency_info": 52, + "connection_id_deprecated": 53, // deprecated + "connection_id": 54, + "external_id_hash": 55, + "external_session_id": 56, + "quic_transport_parameters": 57, + "ticket_request": 58, + "dnssec_chain": 59, + "renegotiation_info": 65281, + + "next_protocol_negotiation": 13172, + "application_settings": 17513, + "channel_id_old": 30031, + "channel_id": 30032, +} diff --git a/dicttls/handshaketype.go b/dicttls/handshaketype.go new file mode 100644 index 00000000..798a1c37 --- /dev/null +++ b/dicttls/handshaketype.go @@ -0,0 +1,96 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7 +// last updated: March 2023 + +const ( + HandshakeType_hello_request uint8 = 0 + HandshakeType_client_hello uint8 = 1 + HandshakeType_server_hello uint8 = 2 + HandshakeType_hello_verify_request uint8 = 3 + HandshakeType_new_session_ticket uint8 = 4 + HandshakeType_end_of_early_data uint8 = 5 + HandshakeType_hello_retry_request uint8 = 6 + HandshakeType_encrypted_extensions uint8 = 8 + HandshakeType_request_connection_id uint8 = 9 + HandshakeType_new_connection_id uint8 = 10 + HandshakeType_certificate uint8 = 11 + HandshakeType_server_key_exchange uint8 = 12 + HandshakeType_certificate_request uint8 = 13 + HandshakeType_server_hello_done uint8 = 14 + HandshakeType_certificate_verify uint8 = 15 + HandshakeType_client_key_exchange uint8 = 16 + HandshakeType_client_certificate_request uint8 = 17 + HandshakeType_finished uint8 = 20 + HandshakeType_certificate_url uint8 = 21 + HandshakeType_certificate_status uint8 = 22 + HandshakeType_supplemental_data uint8 = 23 + HandshakeType_key_update uint8 = 24 + HandshakeType_compressed_certificate uint8 = 25 + HandshakeType_ekt_key uint8 = 26 + HandshakeType_message_hash uint8 = 254 + + // Not IANA assigned + HandshakeType_next_protocol uint8 = 67 +) + +var DictHandshakeTypeValueIndexed = map[uint8]string{ + 0: "hello_request", + 1: "client_hello", + 2: "server_hello", + 3: "hello_verify_request", + 4: "new_session_ticket", + 5: "end_of_early_data", + 6: "hello_retry_request", + 7: "Unassigned", + 8: "encrypted_extensions", + 9: "request_connection_id", + 10: "new_connection_id", + 11: "certificate", + 12: "server_key_exchange", + 13: "certificate_request", + 14: "server_hello_done", + 15: "certificate_verify", + 16: "client_key_exchange", + 17: "client_certificate_request", + 20: "finished", + 21: "certificate_url", + 22: "certificate_status", + 23: "supplemental_data", + 24: "key_update", + 25: "compressed_certificate", + 26: "ekt_key", + 254: "message_hash", + + 67: "next_protocol", +} + +var DictHandshakeTypeNameIndexed = map[string]uint8{ + "hello_request": 0, + "client_hello": 1, + "server_hello": 2, + "hello_verify_request": 3, + "new_session_ticket": 4, + "end_of_early_data": 5, + "hello_retry_request": 6, + "encrypted_extensions": 8, + "request_connection_id": 9, + "new_connection_id": 10, + "certificate": 11, + "server_key_exchange": 12, + "certificate_request": 13, + "server_hello_done": 14, + "certificate_verify": 15, + "client_key_exchange": 16, + "client_certificate_request": 17, + "finished": 20, + "certificate_url": 21, + "certificate_status": 22, + "supplemental_data": 23, + "key_update": 24, + "compressed_certificate": 25, + "ekt_key": 26, + "message_hash": 254, + + "next_protocol": 67, +} diff --git a/dicttls/hashalgorithm.go b/dicttls/hashalgorithm.go new file mode 100644 index 00000000..24e61586 --- /dev/null +++ b/dicttls/hashalgorithm.go @@ -0,0 +1,39 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18 +// last updated: March 2023 + +const ( + HashAlg_none uint8 = 0 // deprecated in TLS 1.3 + HashAlg_md5 uint8 = 1 // deprecated in TLS 1.3 + HashAlg_sha1 uint8 = 2 + HashAlg_sha224 uint8 = 3 // deprecated in TLS 1.3 + HashAlg_sha256 uint8 = 4 + HashAlg_sha384 uint8 = 5 + HashAlg_sha512 uint8 = 6 + HashAlg_Intrinsic uint8 = 8 +) + +var DictHashAlgorithmValueIndexed = map[uint8]string{ + 0: "none", + 1: "md5", + 2: "sha1", + 3: "sha224", + 4: "sha256", + 5: "sha384", + 6: "sha512", + 7: "Reserved", + 8: "Intrinsic", +} + +var DictHashAlgorithmNameIndexed = map[string]uint8{ + "none": 0, + "md5": 1, + "sha1": 2, + "sha224": 3, + "sha256": 4, + "sha384": 5, + "sha512": 6, + "Reserved": 7, + "Intrinsic": 8, +} diff --git a/dicttls/heartbeat_message_types.go b/dicttls/heartbeat_message_types.go new file mode 100644 index 00000000..0b076be1 --- /dev/null +++ b/dicttls/heartbeat_message_types.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/heartbeat-message-types.csv +// last updated: March 2023 + +const ( + HeartbeatMessage_request uint8 = 1 + HeartbeatMessage_response uint8 = 2 +) + +var DictHeartbeatMessageTypeValueIndexed = map[uint8]string{ + 1: "heartbeat_request", + 2: "heartbeat_response", +} + +var DictHeartbeatMessageTypeNameIndexed = map[string]uint8{ + "heartbeat_request": 1, + "heartbeat_response": 2, +} diff --git a/dicttls/heartbeat_mode.go b/dicttls/heartbeat_mode.go new file mode 100644 index 00000000..747ae6e1 --- /dev/null +++ b/dicttls/heartbeat_mode.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/heartbeat-modes.csv +// last updated: March 2023 + +const ( + HeartbeatMode_peer_allowed_to_send uint8 = 1 + HeartbeatMode_peer_not_allowed_to_send uint8 = 2 +) + +var DictHeartbeatModeValueIndexed = map[uint8]string{ + 1: "peer_allowed_to_send", + 2: "peer_not_allowed_to_send", +} + +var DictHeartbeatModeNameIndexed = map[string]uint8{ + "peer_allowed_to_send": 1, + "peer_not_allowed_to_send": 2, +} diff --git a/dicttls/kdf_identifiers.go b/dicttls/kdf_identifiers.go new file mode 100644 index 00000000..d7e07cdf --- /dev/null +++ b/dicttls/kdf_identifiers.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-kdf-ids.csv +// last updated: March 2023 + +const ( + HKDF_SHA256 uint16 = 0x0001 + HKDF_SHA384 uint16 = 0x0002 +) + +var DictKDFIdentifierValueIndexed = map[uint16]string{ + 0x0001: "HKDF_SHA256", + 0x0002: "HKDF_SHA384", +} + +var DictKDFIdentifierNameIndexed = map[string]uint16{ + "HKDF_SHA256": 0x0001, + "HKDF_SHA384": 0x0002, +} diff --git a/dicttls/kem_identifiers.go b/dicttls/kem_identifiers.go new file mode 100644 index 00000000..02c7d226 --- /dev/null +++ b/dicttls/kem_identifiers.go @@ -0,0 +1,35 @@ +package dicttls + +// source: https://www.rfc-editor.org/rfc/rfc9180 +// last updated: December 2023 + +const ( + DHKEM_P256_HKDF_SHA256 uint16 = 0x0010 // RFC 5869 + DHKEM_P384_HKDF_SHA384 uint16 = 0x0011 // RFC 5869 + DHKEM_P521_HKDF_SHA512 uint16 = 0x0012 // RFC 5869 + + DHKEM_X25519_HKDF_SHA256 uint16 = 0x0020 // RFC 7748 + DHKEM_X448_HKDF_SHA512 uint16 = 0x0021 // RFC 7748 +) + +var DictKEMIdentifierValueIndexed = map[uint16]string{ + 0x0000: "Reserved", // RFC 9180 + + 0x0010: "DHKEM_P256_HKDF_SHA256", + 0x0011: "DHKEM_P384_HKDF_SHA384", + 0x0012: "DHKEM_P521_HKDF_SHA512", + + 0x0020: "DHKEM_X25519_HKDF_SHA256", + 0x0021: "DHKEM_X448_HKDF_SHA512", +} + +var DictKEMIdentifierNameIndexed = map[string]uint16{ + "Reserved": 0x0000, // RFC 9180 + + "DHKEM_P256_HKDF_SHA256": 0x0010, + "DHKEM_P384_HKDF_SHA384": 0x0011, + "DHKEM_P521_HKDF_SHA512": 0x0012, + + "DHKEM_X25519_HKDF_SHA256": 0x0020, + "DHKEM_X448_HKDF_SHA512": 0x0021, +} diff --git a/dicttls/psk_key_exchange_mode.go b/dicttls/psk_key_exchange_mode.go new file mode 100644 index 00000000..7f3cc388 --- /dev/null +++ b/dicttls/psk_key_exchange_mode.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-pskkeyexchangemode.csv +// last updated: March 2023 + +const ( + PSKKeyExchangeMode_psk_ke uint8 = 0 + PSKKeyExchangeMode_psk_dhe_ke uint8 = 1 +) + +var DictPSKKeyExchangeModeValueIndexed = map[uint8]string{ + 0: "psk_ke", + 1: "psk_dhe_ke", +} + +var DictPSKKeyExchangeModeNameIndexed = map[string]uint8{ + "psk_ke": 0, + "psk_dhe_ke": 1, +} diff --git a/dicttls/quic_frame_types.go b/dicttls/quic_frame_types.go new file mode 100644 index 00000000..a7dd0ac6 --- /dev/null +++ b/dicttls/quic_frame_types.go @@ -0,0 +1,112 @@ +package dicttls + +// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-frame-types +// last updated: July 2023 + +const ( + QUICFrameType_PADDING uint8 = 0x00 + QUICFrameType_PING uint8 = 0x01 + QUICFrameType_ACK uint8 = 0x02 + QUICFrameType_ACK_ecn uint8 = 0x03 + QUICFrameType_RESET_STREAM uint8 = 0x04 + QUICFrameType_STOP_SENDING uint8 = 0x05 + QUICFrameType_CRYPTO uint8 = 0x06 + QUICFrameType_NEW_TOKEN uint8 = 0x07 + QUICFrameType_STREAM uint8 = 0x08 + QUICFrameType_STREAM_fin uint8 = 0x09 + QUICFrameType_STREAM_len uint8 = 0x0a + QUICFrameType_STREAM_len_fin uint8 = 0x0b + QUICFrameType_STREAM_off uint8 = 0x0c + QUICFrameType_STREAM_off_fin uint8 = 0x0d + QUICFrameType_STREAM_off_len uint8 = 0x0e + QUICFrameType_STREAM_off_len_fin uint8 = 0x0f + QUICFrameType_MAX_DATA uint8 = 0x10 + QUICFrameType_MAX_STREAM_DATA uint8 = 0x11 + QUICFrameType_MAX_STREAMS_bidi uint8 = 0x12 + QUICFrameType_MAX_STREAMS_uni uint8 = 0x13 + QUICFrameType_DATA_BLOCKED uint8 = 0x14 + QUICFrameType_STREAM_DATA_BLOCKED uint8 = 0x15 + QUICFrameType_STREAMS_BLOCKED_bidi uint8 = 0x16 + QUICFrameType_STREAMS_BLOCKED_uni uint8 = 0x17 + QUICFrameType_NEW_CONNECTION_ID uint8 = 0x18 + QUICFrameType_RETIRE_CONNECTION_ID uint8 = 0x19 + QUICFrameType_PATH_CHALLENGE uint8 = 0x1a + QUICFrameType_PATH_RESPONSE uint8 = 0x1b + QUICFrameType_CONNECTION_CLOSE uint8 = 0x1c + QUICFrameType_CONNECTION_CLOSE_app uint8 = 0x1d + QUICFrameType_HANDSHAKE_DONE uint8 = 0x1e + QUICFrameType_DATAGRAM uint8 = 0x30 // RFC9221 + QUICFrameType_DATAGRAM_len uint8 = 0x31 // RFC9221 +) + +var DictQUICFrameTypeValueIndexed = map[uint8]string{ + 0x00: "PADDING", + 0x01: "PING", + 0x02: "ACK", + 0x03: "ACK_ecn", + 0x04: "RESET_STREAM", + 0x05: "STOP_SENDING", + 0x06: "CRYPTO", + 0x07: "NEW_TOKEN", + 0x08: "STREAM", + 0x09: "STREAM_fin", + 0x0a: "STREAM_len", + 0x0b: "STREAM_len_fin", + 0x0c: "STREAM_off", + 0x0d: "STREAM_off_fin", + 0x0e: "STREAM_off_len", + 0x0f: "STREAM_off_len_fin", + 0x10: "MAX_DATA", + 0x11: "MAX_STREAM_DATA", + 0x12: "MAX_STREAMS_bidi", + 0x13: "MAX_STREAMS_uni", + 0x14: "DATA_BLOCKED", + 0x15: "STREAM_DATA_BLOCKED", + 0x16: "STREAMS_BLOCKED_bidi", + 0x17: "STREAMS_BLOCKED_uni", + 0x18: "NEW_CONNECTION_ID", + 0x19: "RETIRE_CONNECTION_ID", + 0x1a: "PATH_CHALLENGE", + 0x1b: "PATH_RESPONSE", + 0x1c: "CONNECTION_CLOSE", + 0x1d: "CONNECTION_CLOSE_app", + 0x1e: "HANDSHAKE_DONE", + 0x30: "DATAGRAM", + 0x31: "DATAGRAM_len", +} + +var DictQUICFrameTypeNameIndexed = map[string]uint8{ + "PADDING": 0x00, + "PING": 0x01, + "ACK": 0x02, + "ACK_ecn": 0x03, + "RESET_STREAM": 0x04, + "STOP_SENDING": 0x05, + "CRYPTO": 0x06, + "NEW_TOKEN": 0x07, + "STREAM": 0x08, + "STREAM_fin": 0x09, + "STREAM_len": 0x0a, + "STREAM_len_fin": 0x0b, + "STREAM_off": 0x0c, + "STREAM_off_fin": 0x0d, + "STREAM_off_len": 0x0e, + "STREAM_off_len_fin": 0x0f, + "MAX_DATA": 0x10, + "MAX_STREAM_DATA": 0x11, + "MAX_STREAMS_bidi": 0x12, + "MAX_STREAMS_uni": 0x13, + "DATA_BLOCKED": 0x14, + "STREAM_DATA_BLOCKED": 0x15, + "STREAMS_BLOCKED_bidi": 0x16, + "STREAMS_BLOCKED_uni": 0x17, + "NEW_CONNECTION_ID": 0x18, + "RETIRE_CONNECTION_ID": 0x19, + "PATH_CHALLENGE": 0x1a, + "PATH_RESPONSE": 0x1b, + "CONNECTION_CLOSE": 0x1c, + "CONNECTION_CLOSE_app": 0x1d, + "HANDSHAKE_DONE": 0x1e, + "DATAGRAM": 0x30, + "DATAGRAM_len": 0x31, +} diff --git a/dicttls/quic_transport_error_codes.go b/dicttls/quic_transport_error_codes.go new file mode 100644 index 00000000..52d2c8bd --- /dev/null +++ b/dicttls/quic_transport_error_codes.go @@ -0,0 +1,70 @@ +package dicttls + +// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-transport-error-codes +// last updated: July 2023 + +const ( + QUICTransportErrorCode_NO_ERROR uint16 = 0x0000 + QUICTransportErrorCode_INTERNAL_ERROR uint16 = 0x0001 + QUICTransportErrorCode_CONNECTION_REFUSED uint16 = 0x0002 + QUICTransportErrorCode_FLOW_CONTROL_ERROR uint16 = 0x0003 + QUICTransportErrorCode_STREAM_LIMIT_ERROR uint16 = 0x0004 + QUICTransportErrorCode_STREAM_STATE_ERROR uint16 = 0x0005 + QUICTransportErrorCode_FINAL_SIZE_ERROR uint16 = 0x0006 + QUICTransportErrorCode_FRAME_ENCODING_ERROR uint16 = 0x0007 + QUICTransportErrorCode_TRANSPORT_PARAMETER_ERROR uint16 = 0x0008 + QUICTransportErrorCode_CONNECTION_ID_LIMIT_ERROR uint16 = 0x0009 + QUICTransportErrorCode_PROTOCOL_VIOLATION uint16 = 0x000A + QUICTransportErrorCode_INVALID_TOKEN uint16 = 0x000B + QUICTransportErrorCode_APPLICATION_ERROR uint16 = 0x000C + QUICTransportErrorCode_CRYPTO_BUFFER_EXCEEDED uint16 = 0x000D + QUICTransportErrorCode_KEY_UPDATE_ERROR uint16 = 0x000E + QUICTransportErrorCode_AEAD_LIMIT_REACHED uint16 = 0x000F + QUICTransportErrorCode_NO_VIABLE_PATH uint16 = 0x0010 + QUICTransportErrorCode_VERSION_NEGOTIATION_ERROR uint16 = 0x0011 // RFC9368 + QUICTransportErrorCode_CRYPTO_ERROR uint16 = 0x0100 // 0x0100-0x01FF, use with bitwise operator +) + +var DictQUICTransportErrorCodeValueIndexed = map[uint16]string{ + 0x0000: "NO_ERROR", + 0x0001: "INTERNAL_ERROR", + 0x0002: "CONNECTION_REFUSED", + 0x0003: "FLOW_CONTROL_ERROR", + 0x0004: "STREAM_LIMIT_ERROR", + 0x0005: "STREAM_STATE_ERROR", + 0x0006: "FINAL_SIZE_ERROR", + 0x0007: "FRAME_ENCODING_ERROR", + 0x0008: "TRANSPORT_PARAMETER_ERROR", + 0x0009: "CONNECTION_ID_LIMIT_ERROR", + 0x000A: "PROTOCOL_VIOLATION", + 0x000B: "INVALID_TOKEN", + 0x000C: "APPLICATION_ERROR", + 0x000D: "CRYPTO_BUFFER_EXCEEDED", + 0x000E: "KEY_UPDATE_ERROR", + 0x000F: "AEAD_LIMIT_REACHED", + 0x0010: "NO_VIABLE_PATH", + 0x0011: "VERSION_NEGOTIATION_ERROR", + 0x0100: "CRYPTO_ERROR", +} + +var DictQUICTransportErrorCodeNameIndexed = map[string]uint16{ + "NO_ERROR": 0x0000, + "INTERNAL_ERROR": 0x0001, + "CONNECTION_REFUSED": 0x0002, + "FLOW_CONTROL_ERROR": 0x0003, + "STREAM_LIMIT_ERROR": 0x0004, + "STREAM_STATE_ERROR": 0x0005, + "FINAL_SIZE_ERROR": 0x0006, + "FRAME_ENCODING_ERROR": 0x0007, + "TRANSPORT_PARAMETER_ERROR": 0x0008, + "CONNECTION_ID_LIMIT_ERROR": 0x0009, + "PROTOCOL_VIOLATION": 0x000A, + "INVALID_TOKEN": 0x000B, + "APPLICATION_ERROR": 0x000C, + "CRYPTO_BUFFER_EXCEEDED": 0x000D, + "KEY_UPDATE_ERROR": 0x000E, + "AEAD_LIMIT_REACHED": 0x000F, + "NO_VIABLE_PATH": 0x0010, + "VERSION_NEGOTIATION_ERROR": 0x0011, + "CRYPTO_ERROR": 0x0100, +} diff --git a/dicttls/quic_transport_parameters.go b/dicttls/quic_transport_parameters.go new file mode 100644 index 00000000..66eb881b --- /dev/null +++ b/dicttls/quic_transport_parameters.go @@ -0,0 +1,91 @@ +package dicttls + +// source: https://www.iana.org/assignments/quic/quic.xhtml#quic-transport +// last updated: July 2023 + +const ( + QUICTransportParameter_original_destination_connection_id uint64 = 0x00 + QUICTransportParameter_max_idle_timeout uint64 = 0x01 + QUICTransportParameter_stateless_reset_token uint64 = 0x02 + QUICTransportParameter_max_udp_payload_size uint64 = 0x03 + QUICTransportParameter_initial_max_data uint64 = 0x04 + QUICTransportParameter_initial_max_stream_data_bidi_local uint64 = 0x05 + QUICTransportParameter_initial_max_stream_data_bidi_remote uint64 = 0x06 + QUICTransportParameter_initial_max_stream_data_uni uint64 = 0x07 + QUICTransportParameter_initial_max_streams_bidi uint64 = 0x08 + QUICTransportParameter_initial_max_streams_uni uint64 = 0x09 + QUICTransportParameter_ack_delay_exponent uint64 = 0x0a + QUICTransportParameter_max_ack_delay uint64 = 0x0b + QUICTransportParameter_disable_active_migration uint64 = 0x0c + QUICTransportParameter_preferred_address uint64 = 0x0d + QUICTransportParameter_active_connection_id_limit uint64 = 0x0e + QUICTransportParameter_initial_source_connection_id uint64 = 0x0f + QUICTransportParameter_retry_source_connection_id uint64 = 0x10 + QUICTransportParameter_version_information uint64 = 0x11 // RFC9368 + QUICTransportParameter_max_datagram_frame_size uint64 = 0x20 // RFC9221 + QUICTransportParameter_discard uint64 = 0x173e // David_Schinazi: Receiver silently discards. https://github.com/quicwg/base-drafts/wiki/Quantum-Readiness-test + QUICTransportParameter_google_handshake_message uint64 = 0x26ab // Google: Used to carry Google internal handshake message + QUICTransportParameter_grease_quic_bit uint64 = 0x2ab2 // RFC9287 + QUICTransportParameter_initial_rtt uint64 = 0x3127 // Google: Initial RTT in microseconds + QUICTransportParameter_google_connection_options uint64 = 0x3128 // Google: Google connection options for experimentation + QUICTransportParameter_user_agent uint64 = 0x3129 // Google: User agent string (deprecated) + QUICTransportParameter_google_version uint64 = 0x4752 // Google: Google QUIC version downgrade prevention +) + +var DictQUICTransportParameterValueIndexed = map[uint64]string{ + 0x00: "original_destination_connection_id", + 0x01: "max_idle_timeout", + 0x02: "stateless_reset_token", + 0x03: "max_udp_payload_size", + 0x04: "initial_max_data", + 0x05: "initial_max_stream_data_bidi_local", + 0x06: "initial_max_stream_data_bidi_remote", + 0x07: "initial_max_stream_data_uni", + 0x08: "initial_max_streams_bidi", + 0x09: "initial_max_streams_uni", + 0x0a: "ack_delay_exponent", + 0x0b: "max_ack_delay", + 0x0c: "disable_active_migration", + 0x0d: "preferred_address", + 0x0e: "active_connection_id_limit", + 0x0f: "initial_source_connection_id", + 0x10: "retry_source_connection_id", + 0x11: "version_information", + 0x20: "max_datagram_frame_size", + 0x173e: "discard", + 0x26ab: "google handshake message", + 0x2ab2: "grease_quic_bit", + 0x3127: "initial_rtt", + 0x3128: "google_connection_options", + 0x3129: "user_agent", + 0x4752: "google_version", +} + +var DictQUICTransportParameterNameIndexed = map[string]uint64{ + "original_destination_connection_id": 0x00, + "max_idle_timeout": 0x01, + "stateless_reset_token": 0x02, + "max_udp_payload_size": 0x03, + "initial_max_data": 0x04, + "initial_max_stream_data_bidi_local": 0x05, + "initial_max_stream_data_bidi_remote": 0x06, + "initial_max_stream_data_uni": 0x07, + "initial_max_streams_bidi": 0x08, + "initial_max_streams_uni": 0x09, + "ack_delay_exponent": 0x0a, + "max_ack_delay": 0x0b, + "disable_active_migration": 0x0c, + "preferred_address": 0x0d, + "active_connection_id_limit": 0x0e, + "initial_source_connection_id": 0x0f, + "retry_source_connection_id": 0x10, + "version_information": 0x11, + "max_datagram_frame_size": 0x20, + "discard": 0x173e, + "google handshake message": 0x26ab, + "grease_quic_bit": 0x2ab2, + "initial_rtt": 0x3127, + "google_connection_options": 0x3128, + "user_agent": 0x3129, + "google_version": 0x4752, +} diff --git a/dicttls/signaturealgorithm.go b/dicttls/signaturealgorithm.go new file mode 100644 index 00000000..65c40c4f --- /dev/null +++ b/dicttls/signaturealgorithm.go @@ -0,0 +1,41 @@ +package dicttls + +// Note: values in this file was used in TLS 1.2's signature_algorithms extension +// in combination with the values in hashalgorithm.go. +// signature_algorithms extension in TLS 1.3 uses values in signaturescheme.go + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16 +// last updated: March 2023 + +const ( + SigAlg_anonymous uint8 = 0 // deprecated in TLS 1.3 + SigAlg_rsa uint8 = 1 + SigAlg_dsa uint8 = 2 // deprecated in TLS 1.3 + SigAlg_ecdsa uint8 = 3 + SigAlg_ed25519 uint8 = 7 + SigAlg_ed448 uint8 = 8 + SigAlg_gostr34102012_256 uint8 = 64 // value changed in TLS 1.3, to 0x0709-0x070C + SigAlg_gostr34102012_512 uint8 = 65 // value changed in TLS 1.3, to 0x070D-0x070F +) + +var DictSignatureAlgorithmValueIndexed = map[uint8]string{ + 0: "anonymous", + 1: "rsa", + 2: "dsa", + 3: "ecdsa", + 7: "ed25519", + 8: "ed448", + 64: "gostr34102012_256", + 65: "gostr34102012_512", +} + +var DictSignatureAlgorithmNameIndexed = map[string]uint8{ + "anonymous": 0, + "rsa": 1, + "dsa": 2, + "ecdsa": 3, + "ed25519": 7, + "ed448": 8, + "gostr34102012_256": 64, + "gostr34102012_512": 65, +} diff --git a/dicttls/signaturescheme.go b/dicttls/signaturescheme.go new file mode 100644 index 00000000..d0b9803f --- /dev/null +++ b/dicttls/signaturescheme.go @@ -0,0 +1,116 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-signaturescheme.csv +// last updated: March 2023 + +const ( + SigScheme_rsa_pkcs1_sha1 uint16 = 0x0201 + SigScheme_ecdsa_sha1 uint16 = 0x0203 + SigScheme_rsa_pkcs1_sha256 uint16 = 0x0401 + SigScheme_ecdsa_secp256r1_sha256 uint16 = 0x0403 + SigScheme_rsa_pkcs1_sha256_legacy uint16 = 0x0420 + SigScheme_rsa_pkcs1_sha384 uint16 = 0x0501 + SigScheme_ecdsa_secp384r1_sha384 uint16 = 0x0503 + SigScheme_rsa_pkcs1_sha384_legacy uint16 = 0x0520 + SigScheme_rsa_pkcs1_sha512 uint16 = 0x0601 + SigScheme_ecdsa_secp521r1_sha512 uint16 = 0x0603 + SigScheme_rsa_pkcs1_sha512_legacy uint16 = 0x0620 + SigScheme_eccsi_sha256 uint16 = 0x0704 + SigScheme_iso_ibs1 uint16 = 0x0705 + SigScheme_iso_ibs2 uint16 = 0x0706 + SigScheme_iso_chinese_ibs uint16 = 0x0707 + SigScheme_sm2sig_sm3 uint16 = 0x0708 + SigScheme_gostr34102012_256a uint16 = 0x0709 + SigScheme_gostr34102012_256b uint16 = 0x070A + SigScheme_gostr34102012_256c uint16 = 0x070B + SigScheme_gostr34102012_256d uint16 = 0x070C + SigScheme_gostr34102012_512a uint16 = 0x070D + SigScheme_gostr34102012_512b uint16 = 0x070E + SigScheme_gostr34102012_512c uint16 = 0x070F + SigScheme_rsa_pss_rsae_sha256 uint16 = 0x0804 + SigScheme_rsa_pss_rsae_sha384 uint16 = 0x0805 + SigScheme_rsa_pss_rsae_sha512 uint16 = 0x0806 + SigScheme_ed25519 uint16 = 0x0807 + SigScheme_ed448 uint16 = 0x0808 + SigScheme_rsa_pss_pss_sha256 uint16 = 0x0809 + SigScheme_rsa_pss_pss_sha384 uint16 = 0x080A + SigScheme_rsa_pss_pss_sha512 uint16 = 0x080B + SigScheme_ecdsa_brainpoolP256r1tls13_sha256 uint16 = 0x081A + SigScheme_ecdsa_brainpoolP384r1tls13_sha384 uint16 = 0x081B + SigScheme_ecdsa_brainpoolP512r1tls13_sha512 uint16 = 0x081C +) + +var DictSignatureSchemeValueIndexed = map[uint16]string{ + 0x0201: "rsa_pkcs1_sha1", + 0x0203: "ecdsa_sha1", + 0x0401: "rsa_pkcs1_sha256", + 0x0403: "ecdsa_secp256r1_sha256", + 0x0420: "rsa_pkcs1_sha256_legacy", + 0x0501: "rsa_pkcs1_sha384", + 0x0503: "ecdsa_secp384r1_sha384", + 0x0520: "rsa_pkcs1_sha384_legacy", + 0x0601: "rsa_pkcs1_sha512", + 0x0603: "ecdsa_secp521r1_sha512", + 0x0620: "rsa_pkcs1_sha512_legacy", + 0x0704: "eccsi_sha256", + 0x0705: "iso_ibs1", + 0x0706: "iso_ibs2", + 0x0707: "iso_chinese_ibs", + 0x0708: "sm2sig_sm3", + 0x0709: "gostr34102012_256a", + 0x070A: "gostr34102012_256b", + 0x070B: "gostr34102012_256c", + 0x070C: "gostr34102012_256d", + 0x070D: "gostr34102012_512a", + 0x070E: "gostr34102012_512b", + 0x070F: "gostr34102012_512c", + 0x0804: "rsa_pss_rsae_sha256", + 0x0805: "rsa_pss_rsae_sha384", + 0x0806: "rsa_pss_rsae_sha512", + 0x0807: "ed25519", + 0x0808: "ed448", + 0x0809: "rsa_pss_pss_sha256", + 0x080A: "rsa_pss_pss_sha384", + 0x080B: "rsa_pss_pss_sha512", + 0x081A: "ecdsa_brainpoolP256r1tls13_sha256", + 0x081B: "ecdsa_brainpoolP384r1tls13_sha384", + 0x081C: "ecdsa_brainpoolP512r1tls13_sha512", +} + +var DictSignatureSchemeNameIndexed = map[string]uint16{ + "rsa_pkcs1_sha1": 0x0201, + "Reserved for backward compatibility": 0x0202, + "ecdsa_sha1": 0x0203, + "rsa_pkcs1_sha256": 0x0401, + "ecdsa_secp256r1_sha256": 0x0403, + "rsa_pkcs1_sha256_legacy": 0x0420, + "rsa_pkcs1_sha384": 0x0501, + "ecdsa_secp384r1_sha384": 0x0503, + "rsa_pkcs1_sha384_legacy": 0x0520, + "rsa_pkcs1_sha512": 0x0601, + "ecdsa_secp521r1_sha512": 0x0603, + "rsa_pkcs1_sha512_legacy": 0x0620, + "eccsi_sha256": 0x0704, + "iso_ibs1": 0x0705, + "iso_ibs2": 0x0706, + "iso_chinese_ibs": 0x0707, + "sm2sig_sm3": 0x0708, + "gostr34102012_256a": 0x0709, + "gostr34102012_256b": 0x070A, + "gostr34102012_256c": 0x070B, + "gostr34102012_256d": 0x070C, + "gostr34102012_512a": 0x070D, + "gostr34102012_512b": 0x070E, + "gostr34102012_512c": 0x070F, + "rsa_pss_rsae_sha256": 0x0804, + "rsa_pss_rsae_sha384": 0x0805, + "rsa_pss_rsae_sha512": 0x0806, + "ed25519": 0x0807, + "ed448": 0x0808, + "rsa_pss_pss_sha256": 0x0809, + "rsa_pss_pss_sha384": 0x080A, + "rsa_pss_pss_sha512": 0x080B, + "ecdsa_brainpoolP256r1tls13_sha256": 0x081A, + "ecdsa_brainpoolP384r1tls13_sha384": 0x081B, + "ecdsa_brainpoolP512r1tls13_sha512": 0x081C, +} diff --git a/dicttls/supplemental_data_formats.go b/dicttls/supplemental_data_formats.go new file mode 100644 index 00000000..9dd7f176 --- /dev/null +++ b/dicttls/supplemental_data_formats.go @@ -0,0 +1,19 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-12 +// last updated: March 2023 + +const ( + SupplementalDataType_user_mapping_data uint16 = 0 + SupplementalDataType_authz_data uint16 = 16386 +) + +var DictSupplementalDataFormatValueIndexed = map[uint16]string{ + 0: "user_mapping_data", + 16386: "authz_data", +} + +var DictSupplementalDataFormatNameIndexed = map[string]uint16{ + "user_mapping_data": 0, + "authz_data": 16386, +} diff --git a/dicttls/supported_groups.go b/dicttls/supported_groups.go new file mode 100644 index 00000000..7c5cb541 --- /dev/null +++ b/dicttls/supported_groups.go @@ -0,0 +1,157 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 +// last updated: March 2023 + +const ( + SupportedGroups_sect163k1 uint16 = 1 + SupportedGroups_sect163r1 uint16 = 2 + SupportedGroups_sect163r2 uint16 = 3 + SupportedGroups_sect193r1 uint16 = 4 + SupportedGroups_sect193r2 uint16 = 5 + SupportedGroups_sect233k1 uint16 = 6 + SupportedGroups_sect233r1 uint16 = 7 + SupportedGroups_sect239k1 uint16 = 8 + SupportedGroups_sect283k1 uint16 = 9 + SupportedGroups_sect283r1 uint16 = 10 + SupportedGroups_sect409k1 uint16 = 11 + SupportedGroups_sect409r1 uint16 = 12 + SupportedGroups_sect571k1 uint16 = 13 + SupportedGroups_sect571r1 uint16 = 14 + SupportedGroups_secp160k1 uint16 = 15 + SupportedGroups_secp160r1 uint16 = 16 + SupportedGroups_secp160r2 uint16 = 17 + SupportedGroups_secp192k1 uint16 = 18 + SupportedGroups_secp192r1 uint16 = 19 + SupportedGroups_secp224k1 uint16 = 20 + SupportedGroups_secp224r1 uint16 = 21 + SupportedGroups_secp256k1 uint16 = 22 + SupportedGroups_secp256r1 uint16 = 23 + SupportedGroups_secp384r1 uint16 = 24 + SupportedGroups_secp521r1 uint16 = 25 + SupportedGroups_brainpoolP256r1 uint16 = 26 + SupportedGroups_brainpoolP384r1 uint16 = 27 + SupportedGroups_brainpoolP512r1 uint16 = 28 + SupportedGroups_x25519 uint16 = 29 + SupportedGroups_x448 uint16 = 30 + SupportedGroups_brainpoolP256r1tls13 uint16 = 31 + SupportedGroups_brainpoolP384r1tls13 uint16 = 32 + SupportedGroups_brainpoolP512r1tls13 uint16 = 33 + SupportedGroups_GC256A uint16 = 34 + SupportedGroups_GC256B uint16 = 35 + SupportedGroups_GC256C uint16 = 36 + SupportedGroups_GC256D uint16 = 37 + SupportedGroups_GC512A uint16 = 38 + SupportedGroups_GC512B uint16 = 39 + SupportedGroups_GC512C uint16 = 40 + SupportedGroups_curveSM2 uint16 = 41 + SupportedGroups_ffdhe2048 uint16 = 256 + SupportedGroups_ffdhe3072 uint16 = 257 + SupportedGroups_ffdhe4096 uint16 = 258 + SupportedGroups_ffdhe6144 uint16 = 259 + SupportedGroups_ffdhe8192 uint16 = 260 + SupportedGroups_arbitrary_explicit_prime_curves uint16 = 65281 + SupportedGroups_arbitrary_explicit_char2_curves uint16 = 65282 +) + +var DictSupportedGroupsValueIndexed = map[uint16]string{ + 1: "sect163k1", + 2: "sect163r1", + 3: "sect163r2", + 4: "sect193r1", + 5: "sect193r2", + 6: "sect233k1", + 7: "sect233r1", + 8: "sect239k1", + 9: "sect283k1", + 10: "sect283r1", + 11: "sect409k1", + 12: "sect409r1", + 13: "sect571k1", + 14: "sect571r1", + 15: "secp160k1", + 16: "secp160r1", + 17: "secp160r2", + 18: "secp192k1", + 19: "secp192r1", + 20: "secp224k1", + 21: "secp224r1", + 22: "secp256k1", + 23: "secp256r1", + 24: "secp384r1", + 25: "secp521r1", + 26: "brainpoolP256r1", + 27: "brainpoolP384r1", + 28: "brainpoolP512r1", + 29: "x25519", + 30: "x448", + 31: "brainpoolP256r1tls13", + 32: "brainpoolP384r1tls13", + 33: "brainpoolP512r1tls13", + 34: "GC256A", + 35: "GC256B", + 36: "GC256C", + 37: "GC256D", + 38: "GC512A", + 39: "GC512B", + 40: "GC512C", + 41: "curveSM2", + 256: "ffdhe2048", + 257: "ffdhe3072", + 258: "ffdhe4096", + 259: "ffdhe6144", + 260: "ffdhe8192", + 65281: "arbitrary_explicit_prime_curves", + 65282: "arbitrary_explicit_char2_curves", +} + +var DictSupportedGroupsNameIndexed = map[string]uint16{ + "sect163k1": 1, + "sect163r1": 2, + "sect163r2": 3, + "sect193r1": 4, + "sect193r2": 5, + "sect233k1": 6, + "sect233r1": 7, + "sect239k1": 8, + "sect283k1": 9, + "sect283r1": 10, + "sect409k1": 11, + "sect409r1": 12, + "sect571k1": 13, + "sect571r1": 14, + "secp160k1": 15, + "secp160r1": 16, + "secp160r2": 17, + "secp192k1": 18, + "secp192r1": 19, + "secp224k1": 20, + "secp224r1": 21, + "secp256k1": 22, + "secp256r1": 23, + "secp384r1": 24, + "secp521r1": 25, + "brainpoolP256r1": 26, + "brainpoolP384r1": 27, + "brainpoolP512r1": 28, + "x25519": 29, + "x448": 30, + "brainpoolP256r1tls13": 31, + "brainpoolP384r1tls13": 32, + "brainpoolP512r1tls13": 33, + "GC256A": 34, + "GC256B": 35, + "GC256C": 36, + "GC256D": 37, + "GC512A": 38, + "GC512B": 39, + "GC512C": 40, + "curveSM2": 41, + "ffdhe2048": 256, + "ffdhe3072": 257, + "ffdhe4096": 258, + "ffdhe6144": 259, + "ffdhe8192": 260, + "arbitrary_explicit_prime_curves": 65281, + "arbitrary_explicit_char2_curves": 65282, +} diff --git a/dicttls/usermappingtype_values.go b/dicttls/usermappingtype_values.go new file mode 100644 index 00000000..a16d071f --- /dev/null +++ b/dicttls/usermappingtype_values.go @@ -0,0 +1,16 @@ +package dicttls + +// source: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-14 +// last updated: March 2023 + +const ( + UserMappingType_upn_domain_hint uint8 = 64 +) + +var DictUserMappingTypeValueIndexed = map[uint8]string{ + 64: "upn_domain_hint", +} + +var DictUserMappingTypeNameIndexed = map[string]uint8{ + "upn_domain_hint": 64, +} diff --git a/go.mod b/go.mod index bed9e74a..458928cd 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,6 @@ retract ( require ( github.com/andybalholm/brotli v1.0.5 github.com/cloudflare/circl v1.3.3 - github.com/gaukas/godicttls v0.0.4 github.com/klauspost/compress v1.16.7 github.com/quic-go/quic-go v0.37.4 golang.org/x/crypto v0.14.0 diff --git a/go.sum b/go.sum index aa2b945a..ef6e9f8b 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,6 @@ github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/ github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= -github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk= -github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= diff --git a/u_clienthello_json.go b/u_clienthello_json.go index 70044c7c..027e082c 100644 --- a/u_clienthello_json.go +++ b/u_clienthello_json.go @@ -6,7 +6,7 @@ import ( "fmt" "os" - "github.com/gaukas/godicttls" + "github.com/refraction-networking/utls/dicttls" ) var ErrUnknownExtension = errors.New("extension name is unknown to the dictionary") @@ -45,7 +45,7 @@ func (c *CipherSuitesJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error { continue } - if id, ok := godicttls.DictCipherSuiteNameIndexed[name]; ok { + if id, ok := dicttls.DictCipherSuiteNameIndexed[name]; ok { c.cipherSuites = append(c.cipherSuites, id) } else { return fmt.Errorf("unknown cipher suite name: %s", name) @@ -70,7 +70,7 @@ func (c *CompressionMethodsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error } for _, name := range compressionMethodNames { - if id, ok := godicttls.DictCompMethNameIndexed[name]; ok { + if id, ok := dicttls.DictCompMethNameIndexed[name]; ok { c.compressionMethods = append(c.compressionMethods, id) } else { return fmt.Errorf("unknown compression method name: %s", name) @@ -103,7 +103,7 @@ func (e *TLSExtensionsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error { continue } - if extID, ok := godicttls.DictExtTypeNameIndexed[accepter.extNameOnly.Name]; !ok { + if extID, ok := dicttls.DictExtTypeNameIndexed[accepter.extNameOnly.Name]; !ok { return fmt.Errorf("%w: %s", ErrUnknownExtension, accepter.extNameOnly.Name) } else { // get extension type from ID diff --git a/u_tls_extensions.go b/u_tls_extensions.go index d944f55b..4ccdb85f 100644 --- a/u_tls_extensions.go +++ b/u_tls_extensions.go @@ -11,7 +11,7 @@ import ( "io" "strings" - "github.com/gaukas/godicttls" + "github.com/refraction-networking/utls/dicttls" "golang.org/x/crypto/cryptobyte" ) @@ -294,7 +294,7 @@ func (e *SupportedCurvesExtension) UnmarshalJSON(data []byte) error { continue } - if group, ok := godicttls.DictSupportedGroupsNameIndexed[namedGroup]; ok { + if group, ok := dicttls.DictSupportedGroupsNameIndexed[namedGroup]; ok { e.Curves = append(e.Curves, CurveID(group)) } else { return fmt.Errorf("unknown named group: %s", namedGroup) @@ -363,7 +363,7 @@ func (e *SupportedPointsExtension) UnmarshalJSON(data []byte) error { } for _, pointFormat := range pointFormatList.ECPointFormatList { - if format, ok := godicttls.DictECPointFormatNameIndexed[pointFormat]; ok { + if format, ok := dicttls.DictECPointFormatNameIndexed[pointFormat]; ok { e.SupportedPoints = append(e.SupportedPoints, format) } else { return fmt.Errorf("unknown point format: %s", pointFormat) @@ -431,7 +431,7 @@ func (e *SignatureAlgorithmsExtension) UnmarshalJSON(data []byte) error { continue } - if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { + if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme)) } else { return fmt.Errorf("unknown signature scheme: %s", sigScheme) @@ -561,7 +561,7 @@ func (e *SignatureAlgorithmsCertExtension) UnmarshalJSON(data []byte) error { continue } - if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { + if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme)) } else { return fmt.Errorf("unknown cert signature scheme: %s", sigScheme) @@ -837,7 +837,7 @@ func (e *GenericExtension) UnmarshalJSON(b []byte) error { } // lookup extension ID by name - if id, ok := godicttls.DictExtTypeNameIndexed[genericExtension.Name]; ok { + if id, ok := dicttls.DictExtTypeNameIndexed[genericExtension.Name]; ok { e.Id = id } else { return fmt.Errorf("unknown extension name %s", genericExtension.Name) @@ -1154,7 +1154,7 @@ func (e *UtlsCompressCertExtension) UnmarshalJSON(b []byte) error { } for _, algorithm := range certificateCompressionAlgorithms.Algorithms { - if alg, ok := godicttls.DictCertificateCompressionAlgorithmNameIndexed[algorithm]; ok { + if alg, ok := dicttls.DictCertificateCompressionAlgorithmNameIndexed[algorithm]; ok { e.Algorithms = append(e.Algorithms, CertCompressionAlgo(alg)) } else { return fmt.Errorf("unknown certificate compression algorithm %s", algorithm) @@ -1260,7 +1260,7 @@ func (e *KeyShareExtension) UnmarshalJSON(b []byte) error { continue } - if groupID, ok := godicttls.DictSupportedGroupsNameIndexed[clientShare.Group]; ok { + if groupID, ok := dicttls.DictSupportedGroupsNameIndexed[clientShare.Group]; ok { ks := KeyShare{ Group: CurveID(groupID), Data: clientShare.KeyExchange, @@ -1374,7 +1374,7 @@ func (e *PSKKeyExchangeModesExtension) UnmarshalJSON(b []byte) error { } for _, mode := range pskKeyExchangeModes.Modes { - if modeID, ok := godicttls.DictPSKKeyExchangeModeNameIndexed[mode]; ok { + if modeID, ok := dicttls.DictPSKKeyExchangeModeNameIndexed[mode]; ok { e.Modes = append(e.Modes, modeID) } else { return fmt.Errorf("unknown PSK Key Exchange Mode %s", mode) @@ -1852,7 +1852,7 @@ func (e *FakeDelegatedCredentialsExtension) UnmarshalJSON(data []byte) error { continue } - if scheme, ok := godicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { + if scheme, ok := dicttls.DictSignatureSchemeNameIndexed[sigScheme]; ok { e.SupportedSignatureAlgorithms = append(e.SupportedSignatureAlgorithms, SignatureScheme(scheme)) } else { return fmt.Errorf("unknown delegated credentials signature scheme: %s", sigScheme)