Documentation ¶
Index ¶
- Constants
- func EncodeExtensions(extensions []Extension) []byte
- type Certificate
- type CertificateEntry
- type CertificateType
- type CertificateVerify
- type CipherSuite
- type ClientHello
- type EncryptedExtensions
- type Extension
- type ExtensionType
- type Finished
- type Handshake
- type HandshakeType
- type KeyShareClientHello
- type KeyShareEntry
- type KeyShareServerHello
- type NamedGroup
- type ProtocolVersion
- type ServerHello
- type SignatureScheme
- type SignatureSchemeList
- type SupportedGroupsExtention
- type SupportedVersionsExtention
- type UnknownExtention
Constants ¶
const ( TLS_AES_128_GCM_SHA256 CipherSuite = 0x1301 TLS_AES_256_GCM_SHA384 = 0x1302 TLS_CHACHA20_POLY1305_SHA256 = 0x1303 TLS_AES_128_CCM_SHA256 = 0x1304 TLS_AES_128_CCM_8_SHA256 = 0x1305 )
ref. https://datatracker.ietf.org/doc/html/rfc8446#appendix-B.4 +------------------------------+-------------+ | Description | Value | +------------------------------+-------------+ | TLS_AES_128_GCM_SHA256 | {0x13,0x01} | | | | | TLS_AES_256_GCM_SHA384 | {0x13,0x02} | | | | | TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} | | | | | TLS_AES_128_CCM_SHA256 | {0x13,0x04} | | | | | TLS_AES_128_CCM_8_SHA256 | {0x13,0x05} | +------------------------------+-------------+
const ( // RSASSA-PKCS1-v1_5 algorithms RsaPkcs1Sha256 SignatureScheme = 0x0401 RsaPkcs1Sha384 = 0x0501 RsaPkcs1Sha512 = 0x0601 // ECDSA algorithms EcdsaSecp256r1Sha256 = 0x0403 EcdsaSecp384r1Sha384 = 0x0503 EcdsaSecp521r1Sha512 = 0x0603 RsaPssRsaESha256 = 0x0804 RsaPssRsaESha384 = 0x0805 RsaPssRsaESha512 = 0x0806 Ed25519 = 0x0807 Ed448 = 0x0808 RsaPssPssSha256 = 0x0809 RsaPssPssSha384 = 0x080a RsaPssPssSha512 = 0x080b RsaPkcs1Sha1 = 0x0201 EcdsaSha1 = 0x0203 PrivateUse = 0xFE00 ReservedCodePointsStart = 0xFE00 ReservedCodePointsEnd = 0xFFFF )
Variables ¶
This section is empty.
Functions ¶
func EncodeExtensions ¶
Types ¶
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
func DecodeCertificate ¶
func DecodeCertificate(data []byte) Certificate
func (Certificate) Encode ¶
func (c Certificate) Encode() []byte
type CertificateEntry ¶
type CertificateEntry struct {
// contains filtered or unexported fields
}
type CertificateType ¶
type CertificateType byte
const ( X509 CertificateType = 0 RawPublicKey CertificateType = 2 )
type CertificateVerify ¶
type CertificateVerify struct {
// contains filtered or unexported fields
}
func DecodeCertificateVerify ¶
func DecodeCertificateVerify(data []byte) CertificateVerify
func (CertificateVerify) Encode ¶
func (c CertificateVerify) Encode() []byte
type CipherSuite ¶
type CipherSuite uint16
func DecodeCipherSuite ¶
func DecodeCipherSuite(b []byte) ([]byte, CipherSuite)
func (CipherSuite) Encode ¶
func (c CipherSuite) Encode() []byte
type ClientHello ¶
type ClientHello struct {
// contains filtered or unexported fields
}
func DecodeClientHello ¶
func DecodeClientHello(data []byte) ClientHello
func NewClientHello ¶
func NewClientHello(cipherSuites []CipherSuite, extensions []Extension) ClientHello
func (ClientHello) Encode ¶
func (ch ClientHello) Encode() []byte
type EncryptedExtensions ¶
type EncryptedExtensions struct {
// contains filtered or unexported fields
}
ref. https://datatracker.ietf.org/doc/html/rfc8446#section-4.3.1
struct { Extension extensions<0..2^16-1>; } EncryptedExtensions;
func DecodeEncryptedExtensions ¶
func DecodeEncryptedExtensions(data []byte) EncryptedExtensions
func NewEncryptedExtensions ¶
func NewEncryptedExtensions(extensions []Extension) EncryptedExtensions
func (EncryptedExtensions) Encode ¶
func (sh EncryptedExtensions) Encode() []byte
type Extension ¶
type Extension interface { Encode() []byte Type() ExtensionType }
type ExtensionType ¶
type ExtensionType uint16
const ( ServerName ExtensionType = 0 MaxFragmentLength ExtensionType = 1 StatusRequest ExtensionType = 5 SupportedGroups ExtensionType = 10 SignatureAlgorithms ExtensionType = 13 UseSRTP ExtensionType = 14 Heartbeat ExtensionType = 15 ApplicationLayerProtocolNegotiation ExtensionType = 16 SignedCertificateTimestamp ExtensionType = 18 ClientCertificateType ExtensionType = 19 ServerCertificateType ExtensionType = 20 Padding ExtensionType = 21 EarlyData ExtensionType = 42 SupportedVersions ExtensionType = 43 Cookie ExtensionType = 44 PSKKeyExchangeModes ExtensionType = 45 CertificateAuthorities ExtensionType = 47 OIDFilters ExtensionType = 48 PostHandshakeAuth ExtensionType = 49 SignatureAlgorithmsCert ExtensionType = 50 )
enum { server_name(0), /* RFC 6066 */ max_fragment_length(1), /* RFC 6066 */ status_request(5), /* RFC 6066 */ supported_groups(10), /* RFC 8422, 7919 */ signature_algorithms(13), /* RFC 8446 */ use_srtp(14), /* RFC 5764 */ heartbeat(15), /* RFC 6520 */ application_layer_protocol_negotiation(16), /* RFC 7301 */ signed_certificate_timestamp(18), /* RFC 6962 */ client_certificate_type(19), /* RFC 7250 */ server_certificate_type(20), /* RFC 7250 */ padding(21), /* RFC 7685 */ pre_shared_key(41), /* RFC 8446 */ early_data(42), /* RFC 8446 */ supported_versions(43), /* RFC 8446 */ cookie(44), /* RFC 8446 */ psk_key_exchange_modes(45), /* RFC 8446 */ certificate_authorities(47), /* RFC 8446 */ oid_filters(48), /* RFC 8446 */ post_handshake_auth(49), /* RFC 8446 */ signature_algorithms_cert(50), /* RFC 8446 */ key_share(51), /* RFC 8446 */ (65535) } ExtensionType;
func DecodeExtensionType ¶
func DecodeExtensionType(data []byte) ([]byte, ExtensionType)
func (ExtensionType) Encode ¶
func (e ExtensionType) Encode() []byte
type Handshake ¶
type Handshake struct { OriginalPayload []byte ServerHello ServerHello // end_of_early_data EndOfEarlyData EncryptedExtensions EncryptedExtensions // certificate_request CertificateRequest Certificate Certificate CertificateVerify CertificateVerify Finished Finished // contains filtered or unexported fields }
func NewHandshakeClientHello ¶
func NewHandshakeClientHello(msgType HandshakeType, clientHello ClientHello) Handshake
func NewHandshakeServerHello ¶
func NewHandshakeServerHello(msgType HandshakeType, serverHello ServerHello) Handshake
type HandshakeType ¶
type HandshakeType byte
const ( ClientHelloHandshakeType HandshakeType = 1 ServerHelloHandshakeType HandshakeType = 2 NewSessionTicketHandshakeType HandshakeType = 4 EndOfEarlyDataHandshakeType HandshakeType = 5 EncryptedExtensionsHandshakeType HandshakeType = 8 CertificateHandshakeType HandshakeType = 11 CertificateRequestHandshakeType HandshakeType = 13 CertificateVerifyHandshakeType HandshakeType = 15 FinishedHandshakeType HandshakeType = 20 KeyUpdateHandshakeType HandshakeType = 24 MessageHashHandshakeType HandshakeType = 254 HandshakeType255HandshakeType HandshakeType = 255 )
func DecodeHandshakeType ¶
func DecodeHandshakeType(data []byte) ([]byte, HandshakeType)
func (HandshakeType) Encode ¶
func (t HandshakeType) Encode() byte
type KeyShareClientHello ¶
type KeyShareClientHello struct {
// contains filtered or unexported fields
}
func DecodeKeyShareClientHello ¶
func DecodeKeyShareClientHello(data []byte) KeyShareClientHello
func NewKeyShareClientHello ¶
func NewKeyShareClientHello(clientShare []KeyShareEntry) KeyShareClientHello
func (KeyShareClientHello) Encode ¶
func (s KeyShareClientHello) Encode() []byte
func (KeyShareClientHello) Type ¶
func (s KeyShareClientHello) Type() ExtensionType
type KeyShareEntry ¶
type KeyShareEntry struct {}
func DecodeKeyShareEntry ¶
func DecodeKeyShareEntry(b []byte) ([]byte, KeyShareEntry)
func NewKeyShareEntry ¶
func NewKeyShareEntry(group NamedGroup, keyExchange []byte) KeyShareEntry
func (KeyShareEntry) Encode ¶
func (p KeyShareEntry) Encode() []byte
type KeyShareServerHello ¶
type KeyShareServerHello struct {
// contains filtered or unexported fields
}
func DecodeKeyShareServerHello ¶
func DecodeKeyShareServerHello(data []byte) KeyShareServerHello
func NewKeyShareServerHello ¶
func NewKeyShareServerHello(serverShare KeyShareEntry) KeyShareServerHello
func (KeyShareServerHello) Encode ¶
func (s KeyShareServerHello) Encode() []byte
func (KeyShareServerHello) Type ¶
func (s KeyShareServerHello) Type() ExtensionType
type NamedGroup ¶
type NamedGroup uint16
const ( // Elliptic Curve Groups (ECDHE) Secp256r1 NamedGroup = 0x0017 Secp384r1 NamedGroup = 0x0018 Secp521r1 NamedGroup = 0x0019 X25519 NamedGroup = 0x001D X448 NamedGroup = 0x001E // Finite Field Groups (DHE) Ffdhe2048 NamedGroup = 0x0100 Ffdhe3072 NamedGroup = 0x0101 Ffdhe4096 NamedGroup = 0x0102 Ffdhe6144 NamedGroup = 0x0103 Ffdhe8192 NamedGroup = 0x0104 // Reserved Code Points FfdhePrivateUseStart NamedGroup = 0x01FC FfdhePrivateUseEnd NamedGroup = 0x01FF EcdhePrivateUseStart NamedGroup = 0xFE00 EcdhePrivateUseEnd NamedGroup = 0xFEFF ReservedCodePoint NamedGroup = 0xFFFF )
func DecodeNamedGroup ¶
func DecodeNamedGroup(b []byte) ([]byte, NamedGroup)
func (NamedGroup) Encode ¶
func (p NamedGroup) Encode() []byte
type ProtocolVersion ¶
type ProtocolVersion uint16
func DecodeProtocolVersion ¶
func DecodeProtocolVersion(b []byte) ([]byte, ProtocolVersion)
func (ProtocolVersion) Encode ¶
func (p ProtocolVersion) Encode() []byte
type ServerHello ¶
type ServerHello struct {
// contains filtered or unexported fields
}
func DecodeServerHello ¶
func DecodeServerHello(data []byte) ServerHello
func NewServerHello ¶
func NewServerHello( legacyVersion ProtocolVersion, random [32]byte, legacySessionIdEcho []byte, cipherSuite CipherSuite, legacyCompressionMethod byte, extensions []Extension) ServerHello
func (ServerHello) Encode ¶
func (sh ServerHello) Encode() []byte
func (ServerHello) GetKeyShareExtenson ¶
func (sh ServerHello) GetKeyShareExtenson() KeyShareEntry
type SignatureScheme ¶
type SignatureScheme uint16
func DecodeSignatureScheme ¶
func DecodeSignatureScheme(b []byte) ([]byte, SignatureScheme)
func (SignatureScheme) Encode ¶
func (p SignatureScheme) Encode() []byte
type SignatureSchemeList ¶
type SignatureSchemeList struct {
// contains filtered or unexported fields
}
func DecodeSignatureAlgorithmExtention ¶
func DecodeSignatureAlgorithmExtention(data []byte) SignatureSchemeList
func NewSignatureAlgorithmExtention ¶
func NewSignatureAlgorithmExtention(supportedSignatureAlgorithms []SignatureScheme) SignatureSchemeList
func (SignatureSchemeList) Encode ¶
func (s SignatureSchemeList) Encode() []byte
func (SignatureSchemeList) Type ¶
func (s SignatureSchemeList) Type() ExtensionType
type SupportedGroupsExtention ¶
type SupportedGroupsExtention struct {
// contains filtered or unexported fields
}
func DecodeSupportedGroups ¶
func DecodeSupportedGroups(data []byte) SupportedGroupsExtention
func NewSupportedGroupsExtention ¶
func NewSupportedGroupsExtention(namedGroupList []NamedGroup) SupportedGroupsExtention
func (SupportedGroupsExtention) Encode ¶
func (s SupportedGroupsExtention) Encode() []byte
func (SupportedGroupsExtention) Type ¶
func (s SupportedGroupsExtention) Type() ExtensionType
type SupportedVersionsExtention ¶
type SupportedVersionsExtention struct {
// contains filtered or unexported fields
}
func DecodeSupportedVersion ¶
func DecodeSupportedVersion(data []byte, isClientHello bool) SupportedVersionsExtention
func NewSupportedVersionsForClient ¶
func NewSupportedVersionsForClient(versions []ProtocolVersion) SupportedVersionsExtention
func NewSupportedVersionsForServer ¶
func NewSupportedVersionsForServer(version ProtocolVersion) SupportedVersionsExtention
func (SupportedVersionsExtention) Encode ¶
func (s SupportedVersionsExtention) Encode() []byte
func (SupportedVersionsExtention) Type ¶
func (s SupportedVersionsExtention) Type() ExtensionType
type UnknownExtention ¶
type UnknownExtention struct {
// contains filtered or unexported fields
}
func (UnknownExtention) Encode ¶
func (s UnknownExtention) Encode() []byte
func (UnknownExtention) Type ¶
func (s UnknownExtention) Type() ExtensionType
Source Files ¶
- certificate.go
- certificate_verify.go
- cipher_suite.go
- client_hello.go
- encrypted_extensions.go
- extension.go
- extension_type.go
- finished.go
- handshake.go
- handshake_type.go
- keyshare.go
- keyshare_client_hello.go
- keyshare_server_hello.go
- named_group.go
- protocol_version.go
- server_hello.go
- signature_algorithm.go
- signature_scheme.go
- supported_groups.go
- supported_versions.go
- unknown_extension.go