Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

tls

package module

Go to main page

Versions in this module

v0

v0.0.5

Jul 20, 2023

v0.0.4

Jul 19, 2023

v0.0.3

Jul 19, 2023

Changes in this version

+ const DISABLED_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

+ const DISABLED_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

+ const DISABLED_TLS_RSA_WITH_AES_256_CBC_SHA256

+ const FAKE_OLD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

+ const FAKE_TLS_DHE_DSS_WITH_AES_128_CBC_SHA

+ const FAKE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA

+ const FAKE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

+ const FAKE_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

+ const FAKE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA

+ const FAKE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

+ const FAKE_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

+ const FAKE_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

+ const FAKE_TLS_EMPTY_RENEGOTIATION_INFO_SCSV

+ const FAKE_TLS_RSA_WITH_RC4_128_MD5

+ const GREASE_PLACEHOLDER

+ const OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

+ const OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

+ const PRNGSeedLength

+ const PskModeDHE

+ const PskModePlain

+ const TLS_AES_128_GCM_SHA256

+ const TLS_AES_256_GCM_SHA384

+ const TLS_CHACHA20_POLY1305_SHA256

+ const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

+ const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

+ const TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

+ const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

+ const TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

+ const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305

+ const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

+ const TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

+ const TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

+ const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

+ const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

+ const TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

+ const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

+ const TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

+ const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305

+ const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

+ const TLS_ECDHE_RSA_WITH_RC4_128_SHA

+ const TLS_FALLBACK_SCSV

+ const TLS_RSA_WITH_3DES_EDE_CBC_SHA

+ const TLS_RSA_WITH_AES_128_CBC_SHA

+ const TLS_RSA_WITH_AES_128_CBC_SHA256

+ const TLS_RSA_WITH_AES_128_GCM_SHA256

+ const TLS_RSA_WITH_AES_256_CBC_SHA

+ const TLS_RSA_WITH_AES_256_GCM_SHA384

+ const TLS_RSA_WITH_RC4_128_SHA

+ const VersionSSL30

+ const VersionTLS10

+ const VersionTLS11

+ const VersionTLS12

+ const VersionTLS13

+ var DefaultWeights = Weights

+ var ErrUnknownExtension = errors.New("extension name is unknown to the dictionary")

+ var FakeFFDHE2048 = uint16(0x0100)

+ var FakeFFDHE3072 = uint16(0x0101)

+ var Hello360_11_0 = ClientHelloID

+ var Hello360_7_5 = ClientHelloID

+ var Hello360_Auto = Hello360_7_5

+ var HelloAndroid_11_OkHttp = ClientHelloID

+ var HelloChrome_100 = ClientHelloID

+ var HelloChrome_100_PSK = ClientHelloID

+ var HelloChrome_102 = ClientHelloID

+ var HelloChrome_106_Shuffle = ClientHelloID

+ var HelloChrome_112_PSK_Shuf = ClientHelloID

+ var HelloChrome_58 = ClientHelloID

+ var HelloChrome_62 = ClientHelloID

+ var HelloChrome_70 = ClientHelloID

+ var HelloChrome_72 = ClientHelloID

+ var HelloChrome_83 = ClientHelloID

+ var HelloChrome_87 = ClientHelloID

+ var HelloChrome_96 = ClientHelloID

+ var HelloChrome_Auto = HelloChrome_106_Shuffle

+ var HelloCustom = ClientHelloID

+ var HelloEdge_106 = ClientHelloID

+ var HelloEdge_85 = ClientHelloID

+ var HelloEdge_Auto = HelloEdge_85

+ var HelloFirefox_102 = ClientHelloID

+ var HelloFirefox_105 = ClientHelloID

+ var HelloFirefox_55 = ClientHelloID

+ var HelloFirefox_56 = ClientHelloID

+ var HelloFirefox_63 = ClientHelloID

+ var HelloFirefox_65 = ClientHelloID

+ var HelloFirefox_99 = ClientHelloID

+ var HelloFirefox_Auto = HelloFirefox_105

+ var HelloGolang = ClientHelloID

+ var HelloIOS_11_1 = ClientHelloID

+ var HelloIOS_12_1 = ClientHelloID

+ var HelloIOS_13 = ClientHelloID

+ var HelloIOS_14 = ClientHelloID

+ var HelloIOS_Auto = HelloIOS_14

+ var HelloQQ_11_1 = ClientHelloID

+ var HelloQQ_Auto = HelloQQ_11_1

+ var HelloRandomized = ClientHelloID

+ var HelloRandomizedALPN = ClientHelloID

+ var HelloRandomizedNoALPN = ClientHelloID

+ var HelloSafari_16_0 = ClientHelloID

+ var HelloSafari_Auto = HelloSafari_16_0

+ func BoringPaddingStyle(unpaddedLen int) (int, bool)

+ func CipherSuiteName(id uint16) string

+ func DecryptTicketWith(encrypted []byte, tks TicketKeys) (plaintext []byte, usedOldKey bool)

+ func EnableWeakCiphers()

+ func GetBoringGREASEValue(greaseSeed [ssl_grease_last_index]uint16, index int) uint16

+ func Listen(network, laddr string, config *Config) (net.Listener, error)

+ func NewListener(inner net.Listener, config *Config) net.Listener

+ type ALPNExtension struct

+ AlpnProtocols []string

+ func (e *ALPNExtension) Len() int

+ func (e *ALPNExtension) Read(b []byte) (int, error)

+ func (e *ALPNExtension) UnmarshalJSON(b []byte) error

+ func (e *ALPNExtension) Write(b []byte) (int, error)

+ type ApplicationSettingsExtension struct

+ SupportedProtocols []string

+ func (e *ApplicationSettingsExtension) Len() int

+ func (e *ApplicationSettingsExtension) Read(b []byte) (int, error)

+ func (e *ApplicationSettingsExtension) UnmarshalJSON(b []byte) error

+ func (e *ApplicationSettingsExtension) Write(b []byte) (int, error)

+ type Boring struct

+ Enabled bool

+ func (*Boring) NewGCMTLS(_ cipher.Block) (cipher.AEAD, error)

+ func (*Boring) Unreachable()

+ type CertCompressionAlgo uint16

+ const CertCompressionBrotli

+ const CertCompressionZlib

+ const CertCompressionZstd

+ type Certificate struct

+ Certificate [][]byte

+ Leaf *x509.Certificate

+ OCSPStaple []byte

+ PrivateKey crypto.PrivateKey

+ SignedCertificateTimestamps [][]byte

+ SupportedSignatureAlgorithms []SignatureScheme

+ func LoadX509KeyPair(certFile, keyFile string) (Certificate, error)

+ func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error)

+ type CertificateRequestInfo struct

+ AcceptableCAs [][]byte

+ SignatureSchemes []SignatureScheme

+ Version uint16

+ func (c *CertificateRequestInfo) Context() context.Context

+ func (cri *CertificateRequestInfo) SupportsCertificate(c *Certificate) error

+ type CertificateRequestMsgTLS13 struct

+ CertificateAuthorities [][]byte

+ OcspStapling bool

+ Raw []byte

+ Scts bool

+ SupportedSignatureAlgorithms []SignatureScheme

+ SupportedSignatureAlgorithmsCert []SignatureScheme

+ type CipherSuite struct

+ ID uint16

+ Insecure bool

+ Name string

+ SupportedVersions []uint16

+ func CipherSuites() []*CipherSuite

+ func InsecureCipherSuites() []*CipherSuite

+ type CipherSuitesJSONUnmarshaler struct

+ func (c *CipherSuitesJSONUnmarshaler) CipherSuites() []uint16

+ func (c *CipherSuitesJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error

+ type ClientAuthType int

+ const NoClientCert

+ const RequestClientCert

+ const RequireAndVerifyClientCert

+ const RequireAnyClientCert

+ const VerifyClientCertIfGiven

+ func (i ClientAuthType) String() string

+ type ClientHelloID struct

+ Client string

+ Seed *PRNGSeed

+ Version string

+ Weights *Weights

+ func (p *ClientHelloID) IsSet() bool

+ func (p *ClientHelloID) Str() string

+ type ClientHelloInfo struct

+ CipherSuites []uint16

+ Conn net.Conn

+ ServerName string

+ SignatureSchemes []SignatureScheme

+ SupportedCurves []CurveID

+ SupportedPoints []uint8

+ SupportedProtos []string

+ SupportedVersions []uint16

+ func (c *ClientHelloInfo) Context() context.Context

+ func (chi *ClientHelloInfo) SupportsCertificate(c *Certificate) error

+ type ClientHelloSpec struct

+ CipherSuites []uint16

+ CompressionMethods []uint8

+ Extensions []TLSExtension

+ GetSessionID func(ticket []byte) [32]byte

+ TLSVersMax uint16

+ TLSVersMin uint16

+ func UTLSIdToSpec(id ClientHelloID) (ClientHelloSpec, error)

+ func (chs *ClientHelloSpec) AlwaysAddPadding()

+ func (chs *ClientHelloSpec) FromRaw(raw []byte, allowBluntMimicry ...bool) error

+ func (chs *ClientHelloSpec) ImportTLSClientHello(data map[string][]byte) error

+ func (chs *ClientHelloSpec) ImportTLSClientHelloFromJSON(jsonB []byte) error

+ func (chs *ClientHelloSpec) ReadCipherSuites(b []byte) error

+ func (chs *ClientHelloSpec) ReadCompressionMethods(compressionMethods []byte) error

+ func (chs *ClientHelloSpec) ReadTLSExtensions(b []byte, allowBluntMimicry bool) error

+ func (chs *ClientHelloSpec) UnmarshalJSON(jsonB []byte) error

+ type ClientHelloSpecJSONUnmarshaler struct

+ CipherSuites *CipherSuitesJSONUnmarshaler

+ CompressionMethods *CompressionMethodsJSONUnmarshaler

+ Extensions *TLSExtensionsJSONUnmarshaler

+ TLSVersMax uint16

+ TLSVersMin uint16

+ func (chsju *ClientHelloSpecJSONUnmarshaler) ClientHelloSpec() ClientHelloSpec

+ type ClientSessionCache interface

+ Get func(sessionKey string) (session *ClientSessionState, ok bool)

+ Put func(sessionKey string, cs *ClientSessionState)

+ func NewLRUClientSessionCache(capacity int) ClientSessionCache

+ type ClientSessionState struct

+ func MakeClientSessionState(SessionTicket []uint8, Vers uint16, CipherSuite uint16, MasterSecret []byte, ...) *ClientSessionState

+ func (css *ClientSessionState) CipherSuite() uint16

+ func (css *ClientSessionState) MasterSecret() []byte

+ func (css *ClientSessionState) ServerCertificates() []*x509.Certificate

+ func (css *ClientSessionState) SessionTicket() []uint8

+ func (css *ClientSessionState) SetCipherSuite(CipherSuite uint16)

+ func (css *ClientSessionState) SetMasterSecret(MasterSecret []byte)

+ func (css *ClientSessionState) SetServerCertificates(ServerCertificates []*x509.Certificate)

+ func (css *ClientSessionState) SetSessionTicket(SessionTicket []uint8)

+ func (css *ClientSessionState) SetVerifiedChains(VerifiedChains [][]*x509.Certificate)

+ func (css *ClientSessionState) SetVers(Vers uint16)

+ func (css *ClientSessionState) VerifiedChains() [][]*x509.Certificate

+ func (css *ClientSessionState) Vers() uint16

+ type CompressionMethodsJSONUnmarshaler struct

+ func (c *CompressionMethodsJSONUnmarshaler) CompressionMethods() []uint8

+ func (c *CompressionMethodsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error

+ type Config struct

+ ApplicationSettings map[string][]byte

+ Certificates []Certificate

+ CipherSuites []uint16

+ ClientAuth ClientAuthType

+ ClientCAs *x509.CertPool

+ ClientSessionCache ClientSessionCache

+ CurvePreferences []CurveID

+ DynamicRecordSizingDisabled bool

+ GetCertificate func(*ClientHelloInfo) (*Certificate, error)

+ GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)

+ GetConfigForClient func(*ClientHelloInfo) (*Config, error)

+ InsecureServerNameToVerify string

+ InsecureSkipTimeVerify bool

+ InsecureSkipVerify bool

+ KeyLogWriter io.Writer

+ MaxVersion uint16

+ MinVersion uint16

+ NameToCertificate map[string]*Certificate

+ NextProtos []string

+ PreferServerCipherSuites bool

+ Rand io.Reader

+ Renegotiation RenegotiationSupport

+ RootCAs *x509.CertPool

+ ServerName string

+ SessionTicketKey [32]byte

+ SessionTicketsDisabled bool

+ Time func() time.Time

+ VerifyConnection func(ConnectionState) error

+ VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error

+ func (c *Config) BuildNameToCertificate()

+ func (c *Config) Clone() *Config

+ func (c *Config) SetSessionTicketKeys(keys [][32]byte)

+ type Conn struct

+ func Client(conn net.Conn, config *Config) *Conn

+ func Dial(network, addr string, config *Config) (*Conn, error)

+ func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error)

+ func MakeConnWithCompleteHandshake(tcpConn net.Conn, version uint16, cipherSuite uint16, masterSecret []byte, ...) *Conn

+ func Server(conn net.Conn, config *Config) *Conn

+ func (c *Conn) Close() error

+ func (c *Conn) CloseWrite() error

+ func (c *Conn) ConnectionState() ConnectionState

+ func (c *Conn) Handshake() error

+ func (c *Conn) HandshakeContext(ctx context.Context) error

+ func (c *Conn) LocalAddr() net.Addr

+ func (c *Conn) NetConn() net.Conn

+ func (c *Conn) OCSPResponse() []byte

+ func (c *Conn) Read(b []byte) (int, error)

+ func (c *Conn) RemoteAddr() net.Addr

+ func (c *Conn) SetDeadline(t time.Time) error

+ func (c *Conn) SetReadDeadline(t time.Time) error

+ func (c *Conn) SetWriteDeadline(t time.Time) error

+ func (c *Conn) VerifyHostname(host string) error

+ func (c *Conn) Write(b []byte) (int, error)

+ type ConnectionState struct

+ CipherSuite uint16

+ DidResume bool

+ HandshakeComplete bool

+ NegotiatedProtocol string

+ NegotiatedProtocolIsMutual bool

+ OCSPResponse []byte

+ PeerApplicationSettings []byte

+ PeerCertificates []*x509.Certificate

+ ServerName string

+ SignedCertificateTimestamps [][]byte

+ TLSUnique []byte

+ VerifiedChains [][]*x509.Certificate

+ Version uint16

+ func (cs *ConnectionState) ExportKeyingMaterial(label string, context []byte, length int) ([]byte, error)

+ type CookieExtension struct

+ Cookie []byte

+ func (e *CookieExtension) Len() int

+ func (e *CookieExtension) Read(b []byte) (int, error)

+ func (e *CookieExtension) UnmarshalJSON(data []byte) error

+ type CurveID uint16

+ const CurveP256

+ const CurveP384

+ const CurveP521

+ const X25519

+ func (i CurveID) String() string

+ type DelegatedCredentialsExtension = FakeDelegatedCredentialsExtension

+ type Dialer struct

+ Config *Config

+ NetDialer *net.Dialer

+ func (d *Dialer) Dial(network, addr string) (net.Conn, error)

+ func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

+ type EcdheParameters interface

+ type FakeChannelIDExtension struct

+ OldExtensionID bool

+ func (e *FakeChannelIDExtension) Len() int

+ func (e *FakeChannelIDExtension) Read(b []byte) (int, error)

+ func (e *FakeChannelIDExtension) UnmarshalJSON(_ []byte) error

+ func (e *FakeChannelIDExtension) Write(_ []byte) (int, error)

+ type FakeDelegatedCredentialsExtension struct

+ SupportedSignatureAlgorithms []SignatureScheme

+ func (e *FakeDelegatedCredentialsExtension) Len() int

+ func (e *FakeDelegatedCredentialsExtension) Read(b []byte) (int, error)

+ func (e *FakeDelegatedCredentialsExtension) UnmarshalJSON(data []byte) error

+ func (e *FakeDelegatedCredentialsExtension) Write(b []byte) (int, error)

+ type FakePreSharedKeyExtension struct

+ PskBinders [][]byte

+ PskIdentities []PskIdentity

+ func (e *FakePreSharedKeyExtension) Len() int

+ func (e *FakePreSharedKeyExtension) Read(b []byte) (int, error)

+ func (e *FakePreSharedKeyExtension) UnmarshalJSON(data []byte) error

+ func (e *FakePreSharedKeyExtension) Write(b []byte) (n int, err error)

+ type FakeRecordSizeLimitExtension struct

+ Limit uint16

+ func (e *FakeRecordSizeLimitExtension) Len() int

+ func (e *FakeRecordSizeLimitExtension) Read(b []byte) (int, error)

+ func (e *FakeRecordSizeLimitExtension) UnmarshalJSON(data []byte) error

+ func (e *FakeRecordSizeLimitExtension) Write(b []byte) (int, error)

+ type FakeTokenBindingExtension struct

+ KeyParameters []uint8

+ MajorVersion uint8

+ MinorVersion uint8

+ func (e *FakeTokenBindingExtension) Len() int

+ func (e *FakeTokenBindingExtension) Read(b []byte) (int, error)

+ func (e *FakeTokenBindingExtension) UnmarshalJSON(data []byte) error

+ func (e *FakeTokenBindingExtension) Write(b []byte) (int, error)

+ type Fingerprinter struct

+ AllowBluntMimicry bool

+ AlwaysAddPadding bool

+ func (f *Fingerprinter) FingerprintClientHello(data []byte) (clientHelloSpec *ClientHelloSpec, err error)

+ func (f *Fingerprinter) RawClientHello(raw []byte) (clientHelloSpec *ClientHelloSpec, err error)

+ func (f *Fingerprinter) UnmarshalJSONClientHello(json []byte) (clientHelloSpec *ClientHelloSpec, err error)

+ type FinishedHash struct

+ Buffer []byte

+ Client hash.Hash

+ ClientMD5 hash.Hash

+ Prf func(result, secret, label, seed []byte)

+ Server hash.Hash

+ ServerMD5 hash.Hash

+ Version uint16

+ type GenericExtension struct

+ Data []byte

+ Id uint16

+ func (e *GenericExtension) Len() int

+ func (e *GenericExtension) Read(b []byte) (int, error)

+ func (e *GenericExtension) UnmarshalJSON(b []byte) error

+ type KeyShare struct

+ Data []byte

+ Group CurveID

+ type KeyShareExtension struct

+ KeyShares []KeyShare

+ func (e *KeyShareExtension) Len() int

+ func (e *KeyShareExtension) Read(b []byte) (int, error)

+ func (e *KeyShareExtension) UnmarshalJSON(b []byte) error

+ func (e *KeyShareExtension) Write(b []byte) (int, error)

+ type KeyShares []KeyShare

+ func (KSS KeyShares) ToPrivate() []keyShare

+ type KeySharesEcdheParameters map[CurveID]ecdheParameters

+ func (keymap KeySharesEcdheParameters) AddEcdheParams(curveID CurveID, params ecdheParameters)

+ func (keymap KeySharesEcdheParameters) GetEcdheParams(curveID CurveID) (params ecdheParameters, ok bool)

+ func (keymap KeySharesEcdheParameters) GetPublicEcdheParams(curveID CurveID) (params EcdheParameters, ok bool)

+ type NPNExtension struct

+ NextProtos []string

+ func (e *NPNExtension) Len() int

+ func (e *NPNExtension) Read(b []byte) (int, error)

+ func (e *NPNExtension) UnmarshalJSON(_ []byte) error

+ func (e *NPNExtension) Write(_ []byte) (int, error)

+ type PRNGSeed [PRNGSeedLength]byte

+ func NewPRNGSeed() (*PRNGSeed, error)

+ type PSKKeyExchangeModesExtension struct

+ Modes []uint8

+ func (e *PSKKeyExchangeModesExtension) Len() int

+ func (e *PSKKeyExchangeModesExtension) Read(b []byte) (int, error)

+ func (e *PSKKeyExchangeModesExtension) UnmarshalJSON(b []byte) error

+ func (e *PSKKeyExchangeModesExtension) Write(b []byte) (int, error)

+ type PskIdentities []PskIdentity

+ func (PSS PskIdentities) ToPrivate() []pskIdentity

+ type PskIdentity struct

+ Label []byte

+ ObfuscatedTicketAge uint32

+ type PubCipherSuite struct

+ Aead func(key, fixedNonce []byte) aead

+ Cipher func(key, iv []byte, isRead bool) interface{}

+ Flags int

+ Id uint16

+ IvLen int

+ Ka func(version uint16) keyAgreement

+ KeyLen int

+ Mac func(macKey []byte) hash.Hash

+ MacLen int

+ type PubCipherSuiteTLS13 struct

+ Aead func(key, fixedNonce []byte) aead

+ Hash crypto.Hash

+ Id uint16

+ KeyLen int

+ type PubClientHandshakeState struct

+ C *Conn

+ Hello *PubClientHelloMsg

+ MasterSecret []byte

+ ServerHello *PubServerHelloMsg

+ Session *ClientSessionState

+ State12 TLS12OnlyState

+ State13 TLS13OnlyState

+ type PubClientHelloMsg struct

+ AlpnProtocols []string

+ CipherSuites []uint16

+ CompressionMethods []uint8

+ Cookie []byte

+ EarlyData bool

+ Ems bool

+ KeyShares []KeyShare

+ NextProtoNeg bool

+ OcspStapling bool

+ PskBinders [][]byte

+ PskIdentities []PskIdentity

+ PskModes []uint8

+ Random []byte

+ Raw []byte

+ Scts bool

+ SecureRenegotiation []byte

+ SecureRenegotiationSupported bool

+ ServerName string

+ SessionId []byte

+ SessionTicket []uint8

+ SupportedCurves []CurveID

+ SupportedPoints []uint8

+ SupportedSignatureAlgorithms []SignatureScheme

+ SupportedSignatureAlgorithmsCert []SignatureScheme

+ SupportedVersions []uint16

+ TicketSupported bool

+ Vers uint16

+ func UnmarshalClientHello(data []byte) *PubClientHelloMsg

+ func (chm *PubClientHelloMsg) Marshal() ([]byte, error)

+ type PubServerHelloMsg struct

+ AlpnProtocol string

+ CipherSuite uint16

+ CompressionMethod uint8

+ Cookie []byte

+ Ems bool

+ NextProtoNeg bool

+ NextProtos []string

+ OcspStapling bool

+ Random []byte

+ Raw []byte

+ Scts [][]byte

+ SecureRenegotiation []byte

+ SecureRenegotiationSupported bool

+ SelectedGroup CurveID

+ SelectedIdentity uint16

+ SelectedIdentityPresent bool

+ ServerShare keyShare

+ SessionId []byte

+ SupportedVersion uint16

+ TicketSupported bool

+ Vers uint16

+ type RecordHeaderError struct

+ Conn net.Conn

+ Msg string

+ RecordHeader [5]byte

+ func (e RecordHeaderError) Error() string

+ type RenegotiationInfoExtension struct

+ Renegotiation RenegotiationSupport

+ func (e *RenegotiationInfoExtension) Len() int

+ func (e *RenegotiationInfoExtension) Read(b []byte) (int, error)

+ func (e *RenegotiationInfoExtension) UnmarshalJSON(_ []byte) error

+ func (e *RenegotiationInfoExtension) Write(_ []byte) (int, error)

+ type RenegotiationSupport int

+ const RenegotiateFreelyAsClient

+ const RenegotiateNever

+ const RenegotiateOnceAsClient

+ type Roller struct

+ HelloIDMu sync.Mutex

+ HelloIDs []ClientHelloID

+ TcpDialTimeout time.Duration

+ TlsHandshakeTimeout time.Duration

+ WorkingHelloID *ClientHelloID

+ func NewRoller() (*Roller, error)

+ func (c *Roller) Dial(network, addr, serverName string) (*UConn, error)

+ type SCTExtension struct

+ func (e *SCTExtension) Len() int

+ func (e *SCTExtension) Read(b []byte) (int, error)

+ func (e *SCTExtension) UnmarshalJSON(_ []byte) error

+ func (e *SCTExtension) Write(_ []byte) (int, error)

+ type SNIExtension struct

+ ServerName string

+ func (e *SNIExtension) Len() int

+ func (e *SNIExtension) Read(b []byte) (int, error)

+ func (e *SNIExtension) UnmarshalJSON(_ []byte) error

+ func (e *SNIExtension) Write(b []byte) (int, error)

+ type SessionTicketExtension struct

+ Session *ClientSessionState

+ func (e *SessionTicketExtension) Len() int

+ func (e *SessionTicketExtension) Read(b []byte) (int, error)

+ func (e *SessionTicketExtension) UnmarshalJSON(_ []byte) error

+ func (e *SessionTicketExtension) Write(_ []byte) (int, error)

+ type SignatureAlgorithmsCertExtension struct

+ SupportedSignatureAlgorithms []SignatureScheme

+ func (e *SignatureAlgorithmsCertExtension) Len() int

+ func (e *SignatureAlgorithmsCertExtension) Read(b []byte) (int, error)

+ func (e *SignatureAlgorithmsCertExtension) UnmarshalJSON(data []byte) error

+ func (e *SignatureAlgorithmsCertExtension) Write(b []byte) (int, error)

+ type SignatureAlgorithmsExtension struct

+ SupportedSignatureAlgorithms []SignatureScheme

+ func (e *SignatureAlgorithmsExtension) Len() int

+ func (e *SignatureAlgorithmsExtension) Read(b []byte) (int, error)

+ func (e *SignatureAlgorithmsExtension) UnmarshalJSON(data []byte) error

+ func (e *SignatureAlgorithmsExtension) Write(b []byte) (int, error)

+ type SignatureScheme uint16

+ const ECDSAWithP256AndSHA256

+ const ECDSAWithP384AndSHA384

+ const ECDSAWithP521AndSHA512

+ const ECDSAWithSHA1

+ const Ed25519

+ const PKCS1WithSHA1

+ const PKCS1WithSHA256

+ const PKCS1WithSHA384

+ const PKCS1WithSHA512

+ const PSSWithSHA256

+ const PSSWithSHA384

+ const PSSWithSHA512

+ var FakeECDSAWithSHA224 SignatureScheme = 0x0303

+ var FakePKCS1WithSHA224 SignatureScheme = 0x0301

+ var FakeSHA1WithDSA SignatureScheme = 0x0202

+ var FakeSHA256WithDSA SignatureScheme = 0x0402

+ func (i SignatureScheme) String() string

+ type StatusRequestExtension struct

+ func (e *StatusRequestExtension) Len() int

+ func (e *StatusRequestExtension) Read(b []byte) (int, error)

+ func (e *StatusRequestExtension) UnmarshalJSON(_ []byte) error

+ func (e *StatusRequestExtension) Write(b []byte) (int, error)

+ type StatusRequestV2Extension struct

+ func (e *StatusRequestV2Extension) Len() int

+ func (e *StatusRequestV2Extension) Read(b []byte) (int, error)

+ func (e *StatusRequestV2Extension) UnmarshalJSON(_ []byte) error

+ func (e *StatusRequestV2Extension) Write(b []byte) (int, error)

+ type SupportedCurvesExtension struct

+ Curves []CurveID

+ func (e *SupportedCurvesExtension) Len() int

+ func (e *SupportedCurvesExtension) Read(b []byte) (int, error)

+ func (e *SupportedCurvesExtension) UnmarshalJSON(data []byte) error

+ func (e *SupportedCurvesExtension) Write(b []byte) (int, error)

+ type SupportedPointsExtension struct

+ SupportedPoints []uint8

+ func (e *SupportedPointsExtension) Len() int

+ func (e *SupportedPointsExtension) Read(b []byte) (int, error)

+ func (e *SupportedPointsExtension) UnmarshalJSON(data []byte) error

+ func (e *SupportedPointsExtension) Write(b []byte) (int, error)

+ type SupportedVersionsExtension struct

+ Versions []uint16

+ func (e *SupportedVersionsExtension) Len() int

+ func (e *SupportedVersionsExtension) Read(b []byte) (int, error)

+ func (e *SupportedVersionsExtension) UnmarshalJSON(b []byte) error

+ func (e *SupportedVersionsExtension) Write(b []byte) (int, error)

+ type TLS12OnlyState struct

+ FinishedHash FinishedHash

+ Suite PubCipherSuite

+ type TLS13OnlyState struct

+ BinderKey []byte

+ CertReq *CertificateRequestMsgTLS13

+ EarlySecret []byte

+ EcdheParams EcdheParameters

+ KeySharesEcdheParams KeySharesEcdheParameters

+ SentDummyCCS bool

+ Suite *PubCipherSuiteTLS13

+ TrafficSecret []byte

+ Transcript hash.Hash

+ UsingPSK bool

+ type TLSExtension interface

+ Len func() int

+ Read func(p []byte) (n int, err error)

+ func ExtensionFromID(id uint16) TLSExtension

+ type TLSExtensionJSON interface

+ UnmarshalJSON func([]byte) error

+ type TLSExtensionWriter interface

+ Write func(b []byte) (n int, err error)

+ type TLSExtensionsJSONUnmarshaler struct

+ func (e *TLSExtensionsJSONUnmarshaler) Extensions() []TLSExtension

+ func (e *TLSExtensionsJSONUnmarshaler) UnmarshalJSON(jsonStr []byte) error

+ type TicketKey struct

+ AesKey [16]byte

+ HmacKey [16]byte

+ KeyName [ticketKeyNameLen]byte

+ func TicketKeyFromBytes(b [32]byte) TicketKey

+ func (TK TicketKey) ToPrivate() ticketKey

+ type TicketKeys []TicketKey

+ func (TKS TicketKeys) ToPrivate() []ticketKey

+ type UConn struct

+ ClientHelloBuilt bool

+ ClientHelloID ClientHelloID

+ Extensions []TLSExtension

+ GetSessionID func(ticket []byte) [32]byte

+ HandshakeState PubClientHandshakeState

+ func UClient(conn net.Conn, config *Config, clientHelloID ClientHelloID) *UConn

+ func (c *UConn) Handshake() error

+ func (c *UConn) HandshakeContext(ctx context.Context) error

+ func (c *UConn) Write(b []byte) (int, error)

+ func (uconn *UConn) ApplyConfig() error

+ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error

+ func (uconn *UConn) BuildHandshakeState() error

+ func (uconn *UConn) GetOutKeystream(length int) ([]byte, error)

+ func (uconn *UConn) GetUnderlyingConn() net.Conn

+ func (uconn *UConn) MarshalClientHello() error

+ func (uconn *UConn) RemoveSNIExtension() error

+ func (uconn *UConn) SetClientRandom(r []byte) error

+ func (uconn *UConn) SetSNI(sni string)

+ func (uconn *UConn) SetSessionCache(cache ClientSessionCache)

+ func (uconn *UConn) SetSessionState(session *ClientSessionState) error

+ func (uconn *UConn) SetTLSVers(minTLSVers, maxTLSVers uint16, specExtensions []TLSExtension) error

+ func (uconn *UConn) SetUnderlyingConn(c net.Conn)

+ type UtlsCompressCertExtension struct

+ Algorithms []CertCompressionAlgo

+ func (e *UtlsCompressCertExtension) Len() int

+ func (e *UtlsCompressCertExtension) Read(b []byte) (int, error)

+ func (e *UtlsCompressCertExtension) UnmarshalJSON(b []byte) error

+ func (e *UtlsCompressCertExtension) Write(b []byte) (int, error)

+ type UtlsExtendedMasterSecretExtension struct

+ func (e *UtlsExtendedMasterSecretExtension) Len() int

+ func (e *UtlsExtendedMasterSecretExtension) Read(b []byte) (int, error)

+ func (e *UtlsExtendedMasterSecretExtension) UnmarshalJSON(_ []byte) error

+ func (e *UtlsExtendedMasterSecretExtension) Write(_ []byte) (int, error)

+ type UtlsGREASEExtension struct

+ Body []byte

+ Value uint16

+ func (e *UtlsGREASEExtension) Len() int

+ func (e *UtlsGREASEExtension) Read(b []byte) (int, error)

+ func (e *UtlsGREASEExtension) UnmarshalJSON(b []byte) error

+ func (e *UtlsGREASEExtension) Write(b []byte) (int, error)

+ type UtlsPaddingExtension struct

+ GetPaddingLen func(clientHelloUnpaddedLen int) (paddingLen int, willPad bool)

+ PaddingLen int

+ WillPad bool

+ func (e *UtlsPaddingExtension) Len() int

+ func (e *UtlsPaddingExtension) Read(b []byte) (int, error)

+ func (e *UtlsPaddingExtension) UnmarshalJSON(b []byte) error

+ func (e *UtlsPaddingExtension) Update(clientHelloUnpaddedLen int)

+ func (e *UtlsPaddingExtension) Write(_ []byte) (int, error)

+ type Weights struct

+ CipherSuites_Remove_RandomCiphers float64

+ CurveIDs_Append_CurveP521 float64

+ CurveIDs_Append_X25519 float64

+ Extensions_Append_ALPN float64

+ Extensions_Append_ALPS float64

+ Extensions_Append_EMS float64

+ Extensions_Append_Padding float64

+ Extensions_Append_Reneg float64

+ Extensions_Append_SCT float64

+ Extensions_Append_Status float64

+ FirstKeyShare_Set_CurveP256 float64

+ SigAndHashAlgos_Append_ECDSAWithP521AndSHA512 float64

+ SigAndHashAlgos_Append_ECDSAWithSHA1 float64

+ SigAndHashAlgos_Append_PSSWithSHA256 float64

+ SigAndHashAlgos_Append_PSSWithSHA384_PSSWithSHA512 float64

+ TLSVersMax_Set_VersionTLS13 float64