Categorygithub.com/secure-for-ai/goktls
modulepackage
1.20.2-v0
Repository: https://github.com/secure-for-ai/goktls.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
43
Dependents
0
Files
11k SLOC

# README

A Fork of Golang TLS Library with Kernel TLS Implementation

This Repo is to add the Kernel TLS (KTLS) support on top of the standard Golang TLS library.

The library is 100% percent compatible with the original Golang TLS library.

The library enables the kernel TLS after the TLS handshake is completed. In other words, the handshake is implemented by golang itself, whereas the symmetric encryption is offloaded to kernel.

Benefits

With KTLS, one can offload the encryption to the kernel or even the NIC, depending on the kernel version and the hardware. This can significantly reduce the CPU utility and improve the throughput of the TLS connection.

How to use

An example of the echo server is available at https://github.com/secure-for-ai/goktls_examples.

  • Enable the Kernel TLS on Linux in your terminal.

    sudo modprobe tls

  • Add the package into go.mod

    require github.com/secure-for-ai/goktls v1.20.0-rc3.1

    The release version tracks the Golang main release with minor updates.

  • Drop in replacement

    Replace

    import "crypto/tls"

    With

    import tls "github.com/secure-for-ai/goktls"

  • Run your code with KTLS

    GOKTLS=1 go run main.go

  • Print out the debug information

    GOKTLS=1 go run -tag=debug main.go

    If KTLS is enabled, you should be able to see the following in kernel 5.15.

    2023/01/27 16:17:21 kTLS Enabled Status: true
2023/01/27 16:17:21 Kernel Version: 5.15.0-58-lowlatency
2023/01/27 16:17:21 ======Supported Features======
2023/01/27 16:17:21 kTLS TX: true
2023/01/27 16:17:21 kTLS RX: true
2023/01/27 16:17:21 kTLS TLS 1.3 TX: true
2023/01/27 16:17:21 kTLS TLS 1.3 RX: false
2023/01/27 16:17:21 kTLS TX ZeroCopy: false
2023/01/27 16:17:21 kTLS RX Expected No Pad: false
2023/01/27 16:17:21 =========CipherSuites=========
2023/01/27 16:17:21 kTLS AES-GCM-128: true
2023/01/27 16:17:21 kTLS AES-GCM-256: true
2023/01/27 16:17:21 kTLS CHACHA20POLY1305: true

    Once received the message, you will see

    2023/01/27 16:20:59 try to enable kernel tls AES_128_GCM for tls 1.2
2023/01/27 16:20:59
key: e3104f668dfa699b3bbc49b431a2f8dd
iv: 2cea73b9
seq: 0000000000000001
2023/01/27 16:20:59 kTLS: TLS_TX enabled
2023/01/27 16:20:59
key: 299c717c1fa903bbe56abd30567fe09e
iv: a8b78628
seq: 0000000000000001
2023/01/27 16:20:59 kTLS: TLS_RX enabled
2023/01/27 16:20:59 kTLS: recvmsg, type: 23, payload len: 6
2023/01/27 16:20:59 kTLS: recvmsg, type: 21, payload len: 2

Features

  • KTLS 1.2 TX & RX
  • KTLS 1.3 TX & RX
  • zerocopy and no pad for TLS 1.3
  • ciphersuites: AES-GCM-128, AES-GCM-256, CHACHA20POLY1305

TODO

  1. KTLS 1.3 RX disabled on kernel < 5.19 as it causes weird package lost
  2. zero copy and no pad have not been tested yet. zero copy is enabled on kernel >= 5.19, and no pad is enabled on kernel >= 6.0

Implementation

The implementation was based on @jim3m's implementation, which was based on @FiloSottile's implementation.

# Functions

CipherSuiteName returns the standard name for the passed cipher suite ID (e.g.
CipherSuites returns a list of cipher suites currently implemented by this package, excluding those with security issues, which are returned by InsecureCipherSuites.
Client returns a new TLS client side connection using conn as the underlying transport.
No description provided by the author
No description provided by the author
Dial connects to the given network address using net.Dial and then initiates a TLS handshake, returning the resulting TLS connection.
DialWithDialer connects to the given network address using dialer.Dial and then initiates a TLS handshake, returning the resulting TLS connection.
InsecureCipherSuites returns a list of cipher suites currently implemented by this package and which have security issues.
LimitWriter is a copy of the standard library ioutils.LimitReader, applied to the writer interface.
Listen creates a TLS listener accepting connections on the given network address using net.Listen.
LoadX509KeyPair reads and parses a public/private key pair from a pair of files.
NewListener creates a Listener which accepts connections from an inner Listener and wraps each connection with Server.
NewLRUClientSessionCache returns a ClientSessionCache with the given capacity that uses an LRU strategy.
Server returns a new TLS server side connection using conn as the underlying transport.
X509KeyPair parses a public/private key pair from a pair of PEM encoded data.

# Constants

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
ECDSA algorithms.
No description provided by the author
No description provided by the author
No description provided by the author
EdDSA algorithms.
NoClientCert indicates that no client certificate should be requested during the handshake, and if any certificates are sent they will not be verified.
Legacy signature and hash algorithms for TLS 1.2.
RSASSA-PKCS1-v1_5 algorithms.
No description provided by the author
No description provided by the author
RSASSA-PSS algorithms with public key OID rsaEncryption.
No description provided by the author
No description provided by the author
RenegotiateFreelyAsClient allows a remote server to repeatedly request renegotiation.
RenegotiateNever disables renegotiation.
RenegotiateOnceAsClient allows a remote server to request renegotiation once per connection.
RequestClientCert indicates that a client certificate should be requested during the handshake, but does not require that the client send any certificates.
RequireAndVerifyClientCert indicates that a client certificate should be requested during the handshake, and that at least one valid certificate is required to be sent by the client.
RequireAnyClientCert indicates that a client certificate should be requested during the handshake, and that at least one certificate is required to be sent by the client, but that certificate is not required to be valid.
No description provided by the author
No description provided by the author
TLS 1.3 cipher suites.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
Legacy names for the corresponding cipher suites with the correct _SHA256 suffix, retained for backward compatibility.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator that the client is doing version fallback.
No description provided by the author
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
A list of cipher suite IDs that are, or have been, implemented by this package.
TLS 1.0 - 1.2 cipher suites.
No description provided by the author
Attempt opportunistic zero-copy, TLS 1.3 only.
No description provided by the author
No description provided by the author
TX zerocopy (only sendfile now).
VerifyClientCertIfGiven indicates that a client certificate should be requested during the handshake, but does not require that the client sends a certificate.
Deprecated: SSLv3 is cryptographically broken, and is no longer supported by this package.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Structs

A Certificate is a chain of one or more certificates, leaf first.
CertificateRequestInfo contains information from a server's CertificateRequest message, which is used to demand a certificate and proof of control from a client.
CertificateVerificationError is returned when certificate verification fails during the handshake.
CipherSuite is a TLS cipher suite.
ClientHelloInfo contains information from a ClientHello message in order to guide application logic in the GetCertificate and GetConfigForClient callbacks.
ClientSessionState contains the state needed by clients to resume TLS sessions.
A Config structure is used to configure a TLS client or server.
A Conn represents a secured connection.
ConnectionState records basic TLS details about the connection.
Dialer dials TLS connections given a configuration and a Dialer for the underlying connection.
A LimitedWriter writes to W but limits the amount of data returned to just N bytes.
RecordHeaderError is returned when a TLS record header is invalid.

# Interfaces

ClientSessionCache is a cache of ClientSessionState objects that can be used by a client to resume a TLS session with a given server.

# Type aliases

ClientAuthType declares the policy the server will follow for TLS Client Authentication.
CurveID is the type of a TLS identifier for an elliptic curve.
RenegotiationSupport enumerates the different levels of support for TLS renegotiation.
SignatureScheme identifies a signature algorithm supported by TLS.