Documentation
¶
Index ¶
- Constants
- Variables
- func AlertCN(code uint8) string
- func CipherSuiteName(id uint16) string
- func HandshakeMessageTypeName(id uint8) string
- func Listen(network, laddr string, config *Config) (net.Listener, error)
- func ListenWithAutoProtocolSwitcher(network, addr string, config *Config, tlsConfig *tls.Config) (net.Listener, error)
- func NewHttpTransport(config *Config, options *HttpTransportOptions) *http.Transport
- func NewListener(inner net.Listener, config *Config) net.Listener
- func NewProtocolSwitcherListener(inner net.Listener, config *Config, tlsConfig *tls.Config) net.Listener
- type Certificate
- type CertificateRequestInfo
- type CertificateVerificationError
- type CipherSuite
- type ClientAuthType
- type ClientHelloInfo
- type Config
- type Conn
- func (c *Conn) Close() error
- func (c *Conn) CloseWrite() error
- func (c *Conn) ConnectionState() ConnectionState
- func (c *Conn) Handshake() error
- func (c *Conn) HandshakeContext(ctx context.Context) error
- func (c *Conn) IsClient() bool
- func (c *Conn) LocalAddr() net.Addr
- func (c *Conn) NetConn() net.Conn
- func (c *Conn) PeerCertificates() []*smx509.Certificate
- func (c *Conn) Read(b []byte) (int, error)
- func (c *Conn) RemoteAddr() net.Addr
- func (c *Conn) SetDeadline(t time.Time) error
- func (c *Conn) SetReadDeadline(t time.Time) error
- func (c *Conn) SetWriteDeadline(t time.Time) error
- func (c *Conn) VerifyHostname(host string) error
- func (c *Conn) Write(b []byte) (int, error)
- type ConnectionState
- type CurveID
- type Dialer
- type HttpTransportOptions
- type ProtocolDetectConn
- type ProtocolNotSupportError
- type ProtocolSwitchServerConn
- type RecordHeaderError
- type SM2KeyAgreement
- type SessionCache
- type SessionState
- type SignatureAlgorithm
Constants ¶
View Source
const ( TLCP_ECDHE_SM4_CBC_SM3 uint16 = 0xe011 TLCP_ECDHE_SM4_GCM_SM3 uint16 = 0xe051 TLCP_ECC_SM4_CBC_SM3 uint16 = 0xe013 TLCP_ECC_SM4_GCM_SM3 uint16 = 0xe053 TLCP_IBSDH_SM4_CBC_SM3 uint16 = 0xe015 TLCP_IBSDH_SM4_GCM_SM3 uint16 = 0xe055 TLCP_IBC_SM4_CBC_SM3 uint16 = 0xe017 TLCP_IBC_SM4_GCM_SM3 uint16 = 0xe057 TLCP_RSA_SM4_CBC_SM3 uint16 = 0xe019 TLCP_RSA_SM4_GCM_SM3 uint16 = 0xe059 TLCP_RSA_SM4_CBC_SHA256 uint16 = 0xe01e TLCP_RSA_SM4_GCM_SHA256 uint16 = 0xe05a ECDHE_SM4_CBC_SM3 uint16 = 0xe011 ECDHE_SM4_GCM_SM3 uint16 = 0xe051 ECC_SM4_CBC_SM3 uint16 = 0xe013 ECC_SM4_GCM_SM3 uint16 = 0xe053 IBSDH_SM4_CBC_SM3 uint16 = 0xe015 IBSDH_SM4_GCM_SM3 uint16 = 0xe055 IBC_SM4_CBC_SM3 uint16 = 0xe017 IBC_SM4_GCM_SM3 uint16 = 0xe057 RSA_SM4_CBC_SM3 uint16 = 0xe019 RSA_SM4_GCM_SM3 uint16 = 0xe059 RSA_SM4_CBC_SHA256 uint16 = 0xe01e RSA_SM4_GCM_SHA256 uint16 = 0xe05a )
View Source
const (
VersionTLCP = 0x0101
)
Variables ¶
View Source
var DefaultHttpTransportOptions = &HttpTransportOptions{ Dialer: &net.Dialer{ Timeout: 30 * time.Second, KeepAlive: 60 * time.Second, }, TLSHandshakeTimeout: 30 * time.Second, DisableKeepAlives: false, DisableCompression: false, MaxIdleConns: 0, MaxIdleConnsPerHost: 0, MaxConnsPerHost: 0, IdleConnTimeout: 30 * time.Second, ResponseHeaderTimeout: 0, ExpectContinueTimeout: 0, MaxResponseHeaderBytes: 0, WriteBufferSize: 0, ReadBufferSize: 0, ForceAttemptHTTP2: false, }
Functions ¶
func CipherSuiteName ¶
func NewHttpTransport ¶
func NewHttpTransport(config *Config, options *HttpTransportOptions) *http.Transport
Types ¶
type Certificate ¶
type Certificate struct {
Certificate [][]byte
PrivateKey crypto.PrivateKey
Leaf *smx509.Certificate
}
func LoadX509KeyPair ¶
func LoadX509KeyPair(certFile, keyFile string) (Certificate, error)
func X509KeyPair ¶
func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error)
type CertificateRequestInfo ¶
type CertificateRequestInfo struct {
AcceptableCAs [][]byte
Version uint16
// contains filtered or unexported fields
}
func (*CertificateRequestInfo) Context ¶
func (cri *CertificateRequestInfo) Context() context.Context
func (*CertificateRequestInfo) SupportsCertificate ¶
func (cri *CertificateRequestInfo) SupportsCertificate(c *Certificate) error
type CertificateVerificationError ¶
type CertificateVerificationError struct {
UnverifiedCertificates []*smx509.Certificate
Err error
}
func (*CertificateVerificationError) Error ¶
func (e *CertificateVerificationError) Error() string
func (*CertificateVerificationError) Unwrap ¶
func (e *CertificateVerificationError) Unwrap() error
type CipherSuite ¶
func CipherSuites ¶
func CipherSuites() []*CipherSuite
func InsecureCipherSuites ¶
func InsecureCipherSuites() []*CipherSuite
type ClientAuthType ¶
type ClientAuthType int
const ( NoClientCert ClientAuthType = iota RequestClientCert RequireAnyClientCert VerifyClientCertIfGiven RequireAndVerifyClientCert RequireAndVerifyAnyKeyUsageClientCert )
type ClientHelloInfo ¶
type ClientHelloInfo struct {
CipherSuites []uint16
ServerName string
SupportedVersions []uint16
Conn net.Conn
// contains filtered or unexported fields
}
func (*ClientHelloInfo) Context ¶
func (c *ClientHelloInfo) Context() context.Context
type Config ¶
type Config struct {
Rand io.Reader
Time func() time.Time
Certificates []Certificate
GetCertificate func(*ClientHelloInfo) (*Certificate, error)
GetKECertificate func(*ClientHelloInfo) (*Certificate, error)
GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)
GetClientKECertificate func(*CertificateRequestInfo) (*Certificate, error)
GetConfigForClient func(*ClientHelloInfo) (*Config, error)
VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*smx509.Certificate) error
VerifyConnection func(ConnectionState) error
RootCAs *smx509.CertPool
ServerName string
ClientAuth ClientAuthType
ClientCAs *smx509.CertPool
InsecureSkipVerify bool
CipherSuites []uint16
SessionCache SessionCache
MinVersion uint16
MaxVersion uint16
DynamicRecordSizingDisabled bool
OnAlert func(code uint8, conn *Conn)
ClientECDHEParamsAsVector bool
// contains filtered or unexported fields
}
type Conn ¶
type Conn struct {
// contains filtered or unexported fields
}
func DialWithDialer ¶
func (*Conn) CloseWrite ¶
func (*Conn) ConnectionState ¶
func (c *Conn) ConnectionState() ConnectionState
func (*Conn) PeerCertificates ¶
func (c *Conn) PeerCertificates() []*smx509.Certificate
func (*Conn) RemoteAddr ¶
func (*Conn) VerifyHostname ¶
type ConnectionState ¶
type ConnectionState struct {
Version uint16
HandshakeComplete bool
DidResume bool
CipherSuite uint16
ServerName string
PeerCertificates []*smx509.Certificate
VerifiedChains [][]*smx509.Certificate
}
type HttpTransportOptions ¶
type HttpTransportOptions struct {
Dialer *net.Dialer
TLSHandshakeTimeout time.Duration
DisableKeepAlives bool
DisableCompression bool
MaxIdleConns int
MaxIdleConnsPerHost int
MaxConnsPerHost int
IdleConnTimeout time.Duration
ResponseHeaderTimeout time.Duration
ExpectContinueTimeout time.Duration
MaxResponseHeaderBytes int64
WriteBufferSize int
ReadBufferSize int
ForceAttemptHTTP2 bool
}
type ProtocolDetectConn ¶
func (*ProtocolDetectConn) Raw ¶
func (c *ProtocolDetectConn) Raw() net.Conn
func (*ProtocolDetectConn) ReadFirstHeader ¶
func (c *ProtocolDetectConn) ReadFirstHeader() error
type ProtocolNotSupportError ¶
type ProtocolNotSupportError struct{}
func (ProtocolNotSupportError) Error ¶
func (ProtocolNotSupportError) Error() string
func (ProtocolNotSupportError) Temporary ¶
func (ProtocolNotSupportError) Temporary() bool
func (ProtocolNotSupportError) Timeout ¶
func (ProtocolNotSupportError) Timeout() bool
type ProtocolSwitchServerConn ¶
func (*ProtocolSwitchServerConn) ProtectedConn ¶
func (c *ProtocolSwitchServerConn) ProtectedConn() net.Conn
type RecordHeaderError ¶
func (RecordHeaderError) Error ¶
func (e RecordHeaderError) Error() string
type SM2KeyAgreement ¶
type SM2KeyAgreement interface {
GenerateAgreementData(sponsorId []byte, keyLen int) (sponsorPubKey, sponsorTmpPubKey *ecdh.PublicKey, err error)
GenerateKey(responseId []byte, responsePubKey, responseTmpPubKey *ecdh.PublicKey) ([]byte, error)
GenerateAgreementDataAndKey(responseId, sponsorId []byte, sponsorPubKey, sponsorTmpPubKey *ecdh.PublicKey, keyLen int) (*ecdh.PublicKey, []byte, error)
}
type SessionCache ¶
type SessionCache interface {
Get(sessionKey string) (session *SessionState, ok bool)
Put(sessionKey string, cs *SessionState)
}
func NewLRUSessionCache ¶
func NewLRUSessionCache(capacity int) SessionCache
type SessionState ¶
type SessionState struct {
// contains filtered or unexported fields
}
type SignatureAlgorithm ¶
type SignatureAlgorithm uint16
const ( NONE SignatureAlgorithm = 0 RSA_SHA256 SignatureAlgorithm = 1 RSA_SM3 SignatureAlgorithm = 2 ECC_SM3 SignatureAlgorithm = 3 IBS_SM3 SignatureAlgorithm = 4 )
Source Files
Click to show internal directories.
Click to hide internal directories.