tlshelper

package
Version: v0.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 13, 2022 License: Apache-2.0 Imports: 8 Imported by: 12

Documentation

Overview

Package tlshelper provides reusable tls config definition with rendering suffix support

Index

Constants

This section is empty.

Variables

View Source
var CipherSuites = map[string]uint16{

	"TLS_RSA_WITH_RC4_128_SHA":                tls.TLS_RSA_WITH_RC4_128_SHA,
	"TLS_RSA_WITH_3DES_EDE_CBC_SHA":           tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
	"TLS_RSA_WITH_AES_128_CBC_SHA":            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
	"TLS_RSA_WITH_AES_256_CBC_SHA":            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
	"TLS_RSA_WITH_AES_128_CBC_SHA256":         tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
	"TLS_RSA_WITH_AES_128_GCM_SHA256":         tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
	"TLS_RSA_WITH_AES_256_GCM_SHA384":         tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":        tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_RC4_128_SHA":          tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":     tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":   tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,

	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":   tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,

	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256":   tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,

	"TLS_AES_128_GCM_SHA256":       tls.TLS_AES_128_GCM_SHA256,
	"TLS_AES_256_GCM_SHA384":       tls.TLS_AES_256_GCM_SHA384,
	"TLS_CHACHA20_POLY1305_SHA256": tls.TLS_CHACHA20_POLY1305_SHA256,

	"TLS_ECDHE_ECDSA_WITH_AES_128_CCM":   0xc0ac,
	"TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8": 0xc0ae,

	"TLS_PSK_WITH_AES_128_CCM":        0xc0a4,
	"TLS_PSK_WITH_AES_128_CCM_8":      0xc0a8,
	"TLS_PSK_WITH_AES_128_GCM_SHA256": 0x00a8,
	"TLS_PSK_WITH_AES_128_CBC_SHA256": 0x00ae,
}

CipherSuites for tls and dtls

Functions

This section is empty.

Types

type TLSConfig

type TLSConfig struct {
	rs.BaseField `json:"-" yaml:"-"`

	Enabled bool `json:"enabled" yaml:"enabled"`

	CaCert string `json:"ca_cert" yaml:"ca_cert"`
	Cert   string `json:"cert" yaml:"cert"`
	Key    string `json:"key" yaml:"key"`

	ServerName         string `json:"server_name" yaml:"server_name"`
	InsecureSkipVerify bool   `json:"insecure_skip_verify" yaml:"insecure_skip_verify"`
	// write tls session shared key to this file
	KeyLogFile   string   `json:"key_log_file" yaml:"key_log_file"`
	CipherSuites []string `json:"cipher_suites" yaml:"cipher_suites"`

	// options for dtls
	AllowInsecureHashes bool `json:"allow_insecure_hashes" yaml:"allow_insecure_hashes"`

	PreSharedKey TLSPreSharedKeyConfig `json:"pre_shared_key" yaml:"pre_shared_key"`
}

TLSConfig for common tls settings, support both client and server tls

func (*TLSConfig) GetTLSConfig

func (c *TLSConfig) GetTLSConfig(server bool) (_ *tls.Config, err error)

type TLSPreSharedKeyConfig

type TLSPreSharedKeyConfig struct {
	rs.BaseField `json:"-" yaml:"-"`

	// map server hint(s) to pre shared key(s)
	// colon separated base64 encoded key value pairs
	ServerHintMapping []string `json:"server_hint_mapping" yaml:"server_hint_mapping"`
	// the client hint provided to server, base64 encoded value
	IdentityHint string `json:"identity_hint" yaml:"identity_hint"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL