DefaultLoadKey attempts to load a private key from PEM or DER.

DefaultServeConfig constructs a default ServeConfig with the following values: - The number of ECDSA workers is max(2, runtime.NumCPU()) - The number of RSA workers is max(2, runtime.NumCPU()) - The number of other workers is 2 - The TCP connection timeout is 30 seconds - The Unix connection timeout is 1 hour - All connections have full power.

NewDefaultKeystore returns a new DefaultKeystore.

NewKeystoreFromDir creates a keystore populated from all of the ".key" files in dir.

NewServer prepares a TLS server capable of receiving connections from keyless clients.

NewServerFromFile reads certificate, key, and CA files in order to create a Server.

ClientInfo has information on the client of the connection.

DefaultKeystore is a simple in-memory Keystore.

ServeConfig is used to configure a call to Server.Serve.

Server is a Keyless Server capable of performing opaque key operations.

Keystore is an abstract container for a server's private keys, allowing lookup of keys based on incoming `Operation` requests.

Sealer is an interface for an handler for OpSeal and OpUnseal.

CustomOpFunction is the signature for custom opcode functions.

GetCert is a function that returns a certificate given a request.