Client returns a new TLS client side connection using conn as the underlying transport.

Dial connects to the given network address using net.Dial and then initiates a TLS handshake, returning the resulting TLS connection.

DialWithDialer connects to the given network address using dialer.Dial and then initiates a TLS handshake, returning the resulting TLS connection.

X509KeyPair parses a public/private key pair from a pair of PEM encoded data.

one cert for enc and sign.

Listen creates a TLS listener accepting connections on the given network address using net.Listen.

add by syl add sigle key pair sitiation.

LoadGMX509KeyPairs reads and parses two public/private key pairs from pairs of files.

LoadX509KeyPair reads and parses a public/private key pair from a pair of files.

NewAuthHTTPSClient 创建双向身份认证国密HTTPS客户端 pool: 根证书链 clientAuthCert: 客户端认证密钥对和证书.

NewBasicAutoSwitchConfig 返回一个实现了GMSSL/TLS自动切换的配置 sm2SigCert: SM2 签名密钥对、证书 sm2EncCert: SM2 加密密钥对、证书 stdCert: RSA/ECC 标准的密钥对、证书 return: 最基础的Config对象.

NewCustomHTTPSClient 创建自定义国密HTTPS客户端 通过自定义TLS参数定制TLS实现细节，如进行双向身份认证等。.

NewHTTPSClient 创建国密HTTPS客户端，只对服务端进行身份认证（验证服务端证书）。 pool: 根证书链.

NewListener creates a Listener which accepts connections from an inner Listener and wraps each connection with Server.

NewLRUClientSessionCache returns a ClientSessionCache with the given capacity that uses an LRU strategy.

Server returns a new TLS server side connection using conn as the underlying transport.

X509KeyPair parses a public/private key pair from a pair of PEM encoded data.

Legacy signature and hash algorithms for TLS 1.2.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

GM crypto suites ID Taken from GM/T 0024-2014.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

GMSSL/TLS 自动切换模式.

仅支持 国密SSL模式.

RenegotiateFreelyAsClient allows a remote server to repeatedly request renegotiation.

RenegotiateNever disables renegotiation.

RenegotiateOnceAsClient allows a remote server to request renegotiation once per connection.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator that the client is doing version fallback.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

A list of cipher suite IDs that are, or have been, implemented by this package.

GM/T 0024-2014.

A Certificate is a chain of one or more certificates, leaf first.

CertificateRequestInfo contains information from a server's CertificateRequest message, which is used to demand a certificate and proof of control from a client.

ClientHelloInfo contains information from a ClientHello message in order to guide certificate selection in the GetCertificate callback.

ClientSessionState contains the state needed by clients to resume TLS sessions.

A Config structure is used to configure a TLS client or server.

A Conn represents a secured connection.

ConnectionState records basic TLS details about the connection.

RecordHeaderError results when a TLS record header is invalid.

SimpleRoundTripper 简单的单次HTTP/HTTPS（国密） 连接往返器 每次建立新的连接.

ClientSessionCache is a cache of ClientSessionState objects that can be used by a client to resume a TLS session with a given server.

ClientAuthType declares the policy the server will follow for TLS Client Authentication.

CurveID is the type of a TLS identifier for an elliptic curve.

RenegotiationSupport enumerates the different levels of support for TLS renegotiation.

SignatureScheme identifies a signature algorithm supported by TLS.