# README
tls-ext
Go standard tls package (crypto/tls from Go 1.13.4) with support for adding new cipher suites (mainly for cipher suites without certficate exchange. See https://github.com/raff/tls-psk)
# Functions
No description provided by the author
No description provided by the author
Client returns a new TLS client side connection using conn as the underlying transport.
Dial connects to the given network address using net.Dial and then initiates a TLS handshake, returning the resulting TLS connection.
DialWithDialer connects to the given network address using dialer.Dial and then initiates a TLS handshake, returning the resulting TLS connection.
Listen creates a TLS listener accepting connections on the given network address using net.Listen.
LoadX509KeyPair reads and parses a public/private key pair from a pair of files.
MacSHA1 returns a macFunction for the given protocol version.
No description provided by the author
NewListener creates a Listener which accepts connections from an inner Listener and wraps each connection with Server.
NewLRUClientSessionCache returns a ClientSessionCache with the given capacity that uses an LRU strategy.
RegisterCipherSuites registers additional cipher suites.
Server returns a new TLS server side connection using conn as the underlying transport.
X509KeyPair parses a public/private key pair from a pair of PEM encoded data.
# Constants
No description provided by the author
No description provided by the author
No description provided by the author
ECDSA algorithms.
No description provided by the author
No description provided by the author
No description provided by the author
EdDSA algorithms.
No description provided by the author
Legacy signature and hash algorithms for TLS 1.2.
RSASSA-PKCS1-v1_5 algorithms.
No description provided by the author
No description provided by the author
RSASSA-PSS algorithms with public key OID rsaEncryption.
No description provided by the author
No description provided by the author
RenegotiateFreelyAsClient allows a remote server to repeatedly request renegotiation.
RenegotiateNever disables renegotiation.
RenegotiateOnceAsClient allows a remote server to request renegotiation once per connection.
No description provided by the author
No description provided by the author
No description provided by the author
suiteNoCerts indicates that this cipher suite does not use certificate exchange (i.e.
TLS 1.3 cipher suites.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator that the client is doing version fallback.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
TLS 1.0 - 1.2 cipher suites.
No description provided by the author
Deprecated: SSLv3 is cryptographically broken, and will be removed in Go 1.14.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
# Structs
A Certificate is a chain of one or more certificates, leaf first.
CertificateRequestInfo contains information from a server's CertificateRequest message, which is used to demand a certificate and proof of control from a client.
A CipherSuite is a specific combination of key agreement, cipher and MAC function.
ClientHelloInfo contains information from a ClientHello message in order to guide certificate selection in the GetCertificate callback.
No description provided by the author
No description provided by the author
ClientSessionState contains the state needed by clients to resume TLS sessions.
A Config structure is used to configure a TLS client or server.
A Conn represents a secured connection.
ConnectionState records basic TLS details about the connection.
RecordHeaderError is returned when a TLS record header is invalid.
No description provided by the author
No description provided by the author
# Interfaces
ClientSessionCache is a cache of ClientSessionState objects that can be used by a client to resume a TLS session with a given server.
a KeyAgreement implements the client and server side of a TLS key agreement protocol by generating and processing key exchange messages.
# Type aliases
ClientAuthType declares the policy the server will follow for TLS Client Authentication.
CurveID is the type of a TLS identifier for an elliptic curve.
RenegotiationSupport enumerates the different levels of support for TLS renegotiation.
SignatureScheme identifies a signature algorithm supported by TLS.