crypto/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Links

Open Source Insights

README ¶

mtls/crypto/tls

1. mtls/crypto/tls is based on Golang1.12.7's standard library crypto/tls
2. Add tls_custom.go that support smooth upgrade on TLS
3. Modify import paths
4. Call TransferSetTLSInfo() to set transfer info when TLS handshake is successful
5. Reuse tls Conn's outBuf to reduce memory in large number of idle connection
6. add HasMoreData to let user know whether the tls buffer has unread data
7. tls_custom.go: add a certificates cache to reduce memory usage.
8. use certificates cache to optimize handshake:
   handshake_client.go: verifyServerCertificate use LoadOrStoreCertificate instead of x509.ParseCertificate
   handshake_server.go: processCertsFromClient use LoadOrStoreCertificate instead of x509.ParseCertificate 
Maybe we can optimize it in x509.ParseCertificate / add cache expire later.
9. tls_custom.go: add mtls/crypto/tls.Conn.SetConnectionState() to manually set the tls connection state.
10. tls_custom.go: add mtls/crypto/tls.Conn.SetConfig() to manually set tls config

add supports for tls1.3-gm
see draft:https://datatracker.ietf.org/doc/draft-yang-tls-tls13-sm-suites/

run tls test
    a. go to pkg/mtls
    b. go test -v ./...

Directories ¶

Path	Synopsis
tls Package tls partially implements TLS 1.2, as specified in RFC 5246, and TLS 1.3, as specified in RFC 8446.	Package tls partially implements TLS 1.2, as specified in RFC 5246, and TLS 1.3, as specified in RFC 8446.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL