tlcp

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2023 License: Apache-2.0 Imports: 35 Imported by: 1

Documentation

Index

Constants

View Source
const (
	TLCP_ECDHE_SM4_CBC_SM3  uint16 = 0xe011
	TLCP_ECDHE_SM4_GCM_SM3  uint16 = 0xe051
	TLCP_ECC_SM4_CBC_SM3    uint16 = 0xe013
	TLCP_ECC_SM4_GCM_SM3    uint16 = 0xe053
	TLCP_IBSDH_SM4_CBC_SM3  uint16 = 0xe015
	TLCP_IBSDH_SM4_GCM_SM3  uint16 = 0xe055
	TLCP_IBC_SM4_CBC_SM3    uint16 = 0xe017
	TLCP_IBC_SM4_GCM_SM3    uint16 = 0xe057
	TLCP_RSA_SM4_CBC_SM3    uint16 = 0xe019
	TLCP_RSA_SM4_GCM_SM3    uint16 = 0xe059
	TLCP_RSA_SM4_CBC_SHA256 uint16 = 0xe01e
	TLCP_RSA_SM4_GCM_SHA256 uint16 = 0xe05a

	ECDHE_SM4_CBC_SM3  uint16 = 0xe011
	ECDHE_SM4_GCM_SM3  uint16 = 0xe051
	ECC_SM4_CBC_SM3    uint16 = 0xe013
	ECC_SM4_GCM_SM3    uint16 = 0xe053
	IBSDH_SM4_CBC_SM3  uint16 = 0xe015
	IBSDH_SM4_GCM_SM3  uint16 = 0xe055
	IBC_SM4_CBC_SM3    uint16 = 0xe017
	IBC_SM4_GCM_SM3    uint16 = 0xe057
	RSA_SM4_CBC_SM3    uint16 = 0xe019
	RSA_SM4_GCM_SM3    uint16 = 0xe059
	RSA_SM4_CBC_SHA256 uint16 = 0xe01e
	RSA_SM4_GCM_SHA256 uint16 = 0xe05a
)
View Source
const (
	VersionTLCP = 0x0101
)

Variables

View Source
var DefaultHttpTransportOptions = &HttpTransportOptions{
	Dialer: &net.Dialer{
		Timeout:   30 * time.Second,
		KeepAlive: 60 * time.Second,
	},
	TLSHandshakeTimeout:    30 * time.Second,
	DisableKeepAlives:      false,
	DisableCompression:     false,
	MaxIdleConns:           0,
	MaxIdleConnsPerHost:    0,
	MaxConnsPerHost:        0,
	IdleConnTimeout:        30 * time.Second,
	ResponseHeaderTimeout:  0,
	ExpectContinueTimeout:  0,
	MaxResponseHeaderBytes: 0,
	WriteBufferSize:        0,
	ReadBufferSize:         0,
	ForceAttemptHTTP2:      false,
}

Functions

func AlertCN

func AlertCN(code uint8) string

func CipherSuiteName

func CipherSuiteName(id uint16) string

func HandshakeMessageTypeName

func HandshakeMessageTypeName(id uint8) string

func Listen

func Listen(network, laddr string, config *Config) (net.Listener, error)

func ListenWithAutoProtocolSwitcher

func ListenWithAutoProtocolSwitcher(network, addr string, config *Config, tlsConfig *tls.Config) (net.Listener, error)

func NewHttpTransport

func NewHttpTransport(config *Config, options *HttpTransportOptions) *http.Transport

func NewListener

func NewListener(inner net.Listener, config *Config) net.Listener

func NewProtocolSwitcherListener

func NewProtocolSwitcherListener(inner net.Listener, config *Config, tlsConfig *tls.Config) net.Listener

Types

type Certificate

type Certificate struct {
	Certificate [][]byte
	PrivateKey  crypto.PrivateKey
	Leaf        *smx509.Certificate
}

func LoadX509KeyPair

func LoadX509KeyPair(certFile, keyFile string) (Certificate, error)

func X509KeyPair

func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error)

type CertificateRequestInfo

type CertificateRequestInfo struct {
	AcceptableCAs [][]byte
	Version       uint16
	// contains filtered or unexported fields
}

func (*CertificateRequestInfo) Context

func (cri *CertificateRequestInfo) Context() context.Context

func (*CertificateRequestInfo) SupportsCertificate

func (cri *CertificateRequestInfo) SupportsCertificate(c *Certificate) error

type CertificateVerificationError

type CertificateVerificationError struct {
	UnverifiedCertificates []*smx509.Certificate
	Err                    error
}

func (*CertificateVerificationError) Error

func (*CertificateVerificationError) Unwrap

func (e *CertificateVerificationError) Unwrap() error

type CipherSuite

type CipherSuite struct {
	ID                uint16
	Name              string
	SupportedVersions []uint16
	Insecure          bool
}

func CipherSuites

func CipherSuites() []*CipherSuite

func InsecureCipherSuites

func InsecureCipherSuites() []*CipherSuite

type ClientAuthType

type ClientAuthType int
const (
	NoClientCert ClientAuthType = iota
	RequestClientCert
	RequireAnyClientCert
	VerifyClientCertIfGiven
	RequireAndVerifyClientCert
	RequireAndVerifyAnyKeyUsageClientCert
)

type ClientHelloInfo

type ClientHelloInfo struct {
	CipherSuites      []uint16
	ServerName        string
	SupportedVersions []uint16
	Conn              net.Conn
	// contains filtered or unexported fields
}

func (*ClientHelloInfo) Context

func (c *ClientHelloInfo) Context() context.Context

type Config

type Config struct {
	Rand                        io.Reader
	Time                        func() time.Time
	Certificates                []Certificate
	GetCertificate              func(*ClientHelloInfo) (*Certificate, error)
	GetKECertificate            func(*ClientHelloInfo) (*Certificate, error)
	GetClientCertificate        func(*CertificateRequestInfo) (*Certificate, error)
	GetClientKECertificate      func(*CertificateRequestInfo) (*Certificate, error)
	GetConfigForClient          func(*ClientHelloInfo) (*Config, error)
	VerifyPeerCertificate       func(rawCerts [][]byte, verifiedChains [][]*smx509.Certificate) error
	VerifyConnection            func(ConnectionState) error
	RootCAs                     *smx509.CertPool
	ServerName                  string
	ClientAuth                  ClientAuthType
	ClientCAs                   *smx509.CertPool
	InsecureSkipVerify          bool
	CipherSuites                []uint16
	SessionCache                SessionCache
	MinVersion                  uint16
	MaxVersion                  uint16
	DynamicRecordSizingDisabled bool
	OnAlert                     func(code uint8, conn *Conn)

	ClientECDHEParamsAsVector bool
	// contains filtered or unexported fields
}

func (*Config) Clone

func (c *Config) Clone() *Config

type Conn

type Conn struct {
	// contains filtered or unexported fields
}

func Client

func Client(conn net.Conn, config *Config) *Conn

func Dial

func Dial(network, addr string, config *Config) (*Conn, error)

func DialWithDialer

func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error)

func Server

func Server(conn net.Conn, config *Config) *Conn

func (*Conn) Close

func (c *Conn) Close() error

func (*Conn) CloseWrite

func (c *Conn) CloseWrite() error

func (*Conn) ConnectionState

func (c *Conn) ConnectionState() ConnectionState

func (*Conn) Handshake

func (c *Conn) Handshake() error

func (*Conn) HandshakeContext

func (c *Conn) HandshakeContext(ctx context.Context) error

func (*Conn) IsClient

func (c *Conn) IsClient() bool

func (*Conn) LocalAddr

func (c *Conn) LocalAddr() net.Addr

func (*Conn) NetConn

func (c *Conn) NetConn() net.Conn

func (*Conn) PeerCertificates

func (c *Conn) PeerCertificates() []*smx509.Certificate

func (*Conn) Read

func (c *Conn) Read(b []byte) (int, error)

func (*Conn) RemoteAddr

func (c *Conn) RemoteAddr() net.Addr

func (*Conn) SetDeadline

func (c *Conn) SetDeadline(t time.Time) error

func (*Conn) SetReadDeadline

func (c *Conn) SetReadDeadline(t time.Time) error

func (*Conn) SetWriteDeadline

func (c *Conn) SetWriteDeadline(t time.Time) error

func (*Conn) VerifyHostname

func (c *Conn) VerifyHostname(host string) error

func (*Conn) Write

func (c *Conn) Write(b []byte) (int, error)

type ConnectionState

type ConnectionState struct {
	Version           uint16
	HandshakeComplete bool
	DidResume         bool
	CipherSuite       uint16
	ServerName        string
	PeerCertificates  []*smx509.Certificate
	VerifiedChains    [][]*smx509.Certificate
}

type CurveID

type CurveID uint16
const (
	CurveSM2 CurveID = 41
)

type Dialer

type Dialer struct {
	NetDialer *net.Dialer
	Config    *Config
}

func (*Dialer) Dial

func (d *Dialer) Dial(network, addr string) (net.Conn, error)

func (*Dialer) DialContext

func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

type HttpTransportOptions

type HttpTransportOptions struct {
	Dialer                 *net.Dialer
	TLSHandshakeTimeout    time.Duration
	DisableKeepAlives      bool
	DisableCompression     bool
	MaxIdleConns           int
	MaxIdleConnsPerHost    int
	MaxConnsPerHost        int
	IdleConnTimeout        time.Duration
	ResponseHeaderTimeout  time.Duration
	ExpectContinueTimeout  time.Duration
	MaxResponseHeaderBytes int64
	WriteBufferSize        int
	ReadBufferSize         int
	ForceAttemptHTTP2      bool
}

type ProtocolDetectConn

type ProtocolDetectConn struct {
	net.Conn
	// contains filtered or unexported fields
}

func (*ProtocolDetectConn) Raw

func (c *ProtocolDetectConn) Raw() net.Conn

func (*ProtocolDetectConn) Read

func (c *ProtocolDetectConn) Read(b []byte) (n int, err error)

func (*ProtocolDetectConn) ReadFirstHeader

func (c *ProtocolDetectConn) ReadFirstHeader() error

type ProtocolNotSupportError

type ProtocolNotSupportError struct{}

func (ProtocolNotSupportError) Error

func (ProtocolNotSupportError) Temporary

func (ProtocolNotSupportError) Temporary() bool

func (ProtocolNotSupportError) Timeout

func (ProtocolNotSupportError) Timeout() bool

type ProtocolSwitchServerConn

type ProtocolSwitchServerConn struct {
	net.Conn
	// contains filtered or unexported fields
}

func (*ProtocolSwitchServerConn) ProtectedConn

func (c *ProtocolSwitchServerConn) ProtectedConn() net.Conn

func (*ProtocolSwitchServerConn) Read

func (c *ProtocolSwitchServerConn) Read(b []byte) (n int, err error)

func (*ProtocolSwitchServerConn) Write

func (c *ProtocolSwitchServerConn) Write(b []byte) (n int, err error)

type RecordHeaderError

type RecordHeaderError struct {
	Msg          string
	RecordHeader [5]byte
	Conn         net.Conn
}

func (RecordHeaderError) Error

func (e RecordHeaderError) Error() string

type SM2KeyAgreement

type SM2KeyAgreement interface {
	GenerateAgreementData(sponsorId []byte, keyLen int) (sponsorPubKey, sponsorTmpPubKey *ecdh.PublicKey, err error)
	GenerateKey(responseId []byte, responsePubKey, responseTmpPubKey *ecdh.PublicKey) ([]byte, error)
	GenerateAgreementDataAndKey(responseId, sponsorId []byte, sponsorPubKey, sponsorTmpPubKey *ecdh.PublicKey, keyLen int) (*ecdh.PublicKey, []byte, error)
}

type SessionCache

type SessionCache interface {
	Get(sessionKey string) (session *SessionState, ok bool)
	Put(sessionKey string, cs *SessionState)
}

func NewLRUSessionCache

func NewLRUSessionCache(capacity int) SessionCache

type SessionState

type SessionState struct {
	// contains filtered or unexported fields
}

type SignatureAlgorithm

type SignatureAlgorithm uint16
const (
	NONE       SignatureAlgorithm = 0
	RSA_SHA256 SignatureAlgorithm = 1
	RSA_SM3    SignatureAlgorithm = 2
	ECC_SM3    SignatureAlgorithm = 3
	IBS_SM3    SignatureAlgorithm = 4
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL