This repository has been archived by the owner on May 7, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 68
/
version.go
86 lines (79 loc) · 1.97 KB
/
version.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package fp
import (
"fmt"
"strconv"
)
// Version represents a TLS Version
type Version uint16
// NewVersion parses a version from a string, returning VersionEmpty if not recognized
func NewVersion(s string) (Version, error) {
var a Version
err := a.Parse(s)
return a, err
}
// Parse initializes a version from a string
func (a *Version) Parse(s string) error {
if len(s) == 0 {
*a = VersionEmpty
return nil
}
u, err := strconv.ParseUint(s, 16, 16)
if err != nil {
return err
}
switch u {
case 2, 0x0200: // version 2 is 0x0002 on the wire
*a = VersionSSL2
case 0x0300:
*a = VersionSSL3
case 0x0301:
*a = VersionTLS10
case 0x0302:
*a = VersionTLS11
case 0x0303:
*a = VersionTLS12
case 0x0304:
*a = VersionTLS13
default:
return fmt.Errorf("invalid tls version: %s", s)
}
return nil
}
// String returns a string representation of the version
func (a Version) String() string {
if a == VersionEmpty {
return ""
}
return fmt.Sprintf("%x", uint16(a))
}
// Grade returns a security grade for the version
func (a Version) Grade() Grade {
switch a {
case VersionEmpty:
return GradeEmpty
case VersionTLS13, VersionTLS12:
return GradeA
case VersionTLS11, VersionTLS10:
return GradeB
case VersionSSL3:
return GradeC
default:
return GradeF
}
}
// Source:
// - SSL0.2: https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html
// - SSL3.0: https://tools.ietf.org/html/draft-ietf-tls-ssl-version3-00#appendix-A.1.1
// - TLS1.0: https://tools.ietf.org/html/draft-ietf-tls-protocol-01#appendix-A.2
// - TLS1.1: https://www.ietf.org/rfc/rfc4346.txt
// - TLS1.2: https://www.ietf.org/rfc/rfc5246.txt
// - TLS1.3: https://tools.ietf.org/html/draft-ietf-tls-tls13-28#section-4.2.1
const (
VersionEmpty Version = 0
VersionSSL2 Version = 0x0200 // 0x0002 on the wire, so let's swap here
VersionSSL3 Version = 0x0300
VersionTLS10 Version = 0x0301
VersionTLS11 Version = 0x0302
VersionTLS12 Version = 0x0303
VersionTLS13 Version = 0x0304
)