1package main 2 3import ( 4 "crypto/tls" 5 "io" 6 "log" 7 "strings" 8) 9 10func writeTLSSupportedCipherStrings(w io.Writer, min uint16) error { 11 for _, c := range tls.CipherSuites() { 12 var found bool 13 14 for _, v := range c.SupportedVersions { 15 if v >= min { 16 found = true 17 } 18 } 19 20 if !found { 21 continue 22 } 23 24 _, err := w.Write([]byte(c.Name + "\n")) 25 if err != nil { 26 return err 27 } 28 } 29 30 return nil 31} 32 33// getTLSMinVersion converts a version string into a TLS version ID. 34func getTLSMinVersion(v string) uint16 { 35 switch v { 36 case "1.0": 37 return tls.VersionTLS10 38 case "1.1": 39 return tls.VersionTLS11 40 case "1.2", "": 41 return tls.VersionTLS12 42 case "1.3": 43 return tls.VersionTLS13 44 default: 45 log.Fatalln("error: unknown minimum TLS version:", v) 46 return 0 47 } 48} 49 50// getTLSCipherSuites converts a comma separated list of cipher suites into a 51// slice of TLS cipher suite IDs. 52func getTLSCipherSuites(v string) []uint16 { 53 supported := tls.CipherSuites() 54 55 if v == "" { 56 suites := make([]uint16, len(supported)) 57 58 for _, cs := range supported { 59 suites = append(suites, cs.ID) 60 } 61 62 return suites 63 } 64 65 var found bool 66 txts := strings.Split(v, ",") 67 suites := make([]uint16, len(txts)) 68 69 for _, want := range txts { 70 found = false 71 72 for _, cs := range supported { 73 if want == cs.Name { 74 suites = append(suites, cs.ID) 75 found = true 76 } 77 } 78 79 if !found { 80 log.Fatalln("error: unknown TLS cipher suite:", want) 81 } 82 } 83 84 return suites 85} 86