Documentation ¶
Index ¶
- Variables
- func AddCertificate(t TLSConfig, c *tls.Config) error
- func GetOCSPResult(certificates []*x509.Certificate) ([]byte, *ocsp.Response, error)
- func LoadCertificate(t TLSConfig) (c *tls.Config, err error)
- func OCSPHandler(c *tls.Config, quit chan bool)
- func RenewOCSP(c *tls.Config) (time.Time, error)
- type TLSConfig
Constants ¶
This section is empty.
Variables ¶
var TLSCipherLookup = map[string]uint16{ `tls_rsa_with_rc4_128_sha`: tls.TLS_RSA_WITH_RC4_128_SHA, `tls_rsa_with_3des_ede_cbc_sha`: tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, `tls_rsa_with_aes_128_cbc_sha`: tls.TLS_RSA_WITH_AES_128_CBC_SHA, `tls_rsa_with_aes_256_cbc_sha`: tls.TLS_RSA_WITH_AES_256_CBC_SHA, `tls_rsa_with_aes_128_cbc_sha256`: tls.TLS_RSA_WITH_AES_128_CBC_SHA256, `tls_rsa_with_aes_128_gcm_sha256`: tls.TLS_RSA_WITH_AES_128_GCM_SHA256, `tls_rsa_with_aes_256_gcm_sha384`: tls.TLS_RSA_WITH_AES_256_GCM_SHA384, `tls_ecdhe_ecdsa_with_rc4_128_sha`: tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, `tls_ecdhe_ecdsa_with_aes_128_cbc_sha`: tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, `tls_ecdhe_ecdsa_with_aes_256_cbc_sha`: tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, `tls_ecdhe_rsa_with_rc4_128_sha`: tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, `tls_ecdhe_rsa_with_3des_ede_cbc_sha`: tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, `tls_ecdhe_rsa_with_aes_128_cbc_sha`: tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, `tls_ecdhe_rsa_with_aes_256_cbc_sha`: tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, `tls_ecdhe_ecdsa_with_aes_128_cbc_sha256`: tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, `tls_ecdhe_rsa_with_aes_128_cbc_sha256`: tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, `tls_ecdhe_rsa_with_aes_128_gcm_sha256`: tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, `tls_ecdhe_ecdsa_with_aes_128_gcm_sha256`: tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, `tls_ecdhe_rsa_with_aes_256_gcm_sha384`: tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, `tls_ecdhe_ecdsa_with_aes_256_gcm_sha384`: tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, `tls_ecdhe_rsa_with_chacha20_poly1305`: tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, `tls_ecdhe_ecdsa_with_chacha20_poly1305`: tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, `tls_aes_128_gcm_sha256`: tls.TLS_AES_128_GCM_SHA256, `tls_aes_256_gcm_sha384`: tls.TLS_AES_256_GCM_SHA384, `tls_chacha20_poly1305_sha256`: tls.TLS_CHACHA20_POLY1305_SHA256, `tls_fallback_scsv`: tls.TLS_FALLBACK_SCSV, }
TLSCipherLookup is a lookup table for TLS Cipher ID
var TLSClientAuthLookup = map[string]tls.ClientAuthType{ `noclientcert`: tls.NoClientCert, `requestclientcert`: tls.RequestClientCert, `requireanyclientcert`: tls.RequireAnyClientCert, `verifyclientcertifgiven`: tls.VerifyClientCertIfGiven, `requireandverifyclientcert`: tls.RequireAndVerifyClientCert, }
TLSClientAuthLookup is a lookup table for TLS Client Auth
var TLSCurveLookup = map[string]tls.CurveID{ `curvep256`: tls.CurveP256, `curvep384`: tls.CurveP384, `curvep521`: tls.CurveP521, `x25519`: tls.X25519, }
TLSCurveLookup is a lookup table for TLS Curve ID
var TLSRenegotiateLookup = map[string]tls.RenegotiationSupport{ `renegotiatenever`: tls.RenegotiateNever, `renegotiateonceasclient`: tls.RenegotiateOnceAsClient, `renegotiatefreelyasclient`: tls.RenegotiateFreelyAsClient, }
TLSRenegotiateLookup is a lookup table for TLS renegotiate ID
var TLSVersionLookup = map[string]uint16{ `versionssl30`: tls.VersionSSL30, `versiontls10`: tls.VersionTLS10, `versiontls11`: tls.VersionTLS11, `versiontls12`: tls.VersionTLS12, `versiontls13`: tls.VersionTLS13, }
TLSVersionLookup is a lookup table for TLS Version ID
Functions ¶
func AddCertificate ¶
AddCertificate adds a certificate to an existing config, based on TLSConfig
func GetOCSPResult ¶
GetOCSPResult collects the required certificates and handles the OCSP call
func LoadCertificate ¶
LoadCertificate loads the user definable config and returns the tls.Config
func OCSPHandler ¶
OCSPHandler refreshes OCSP staple if expired or not present
Types ¶
type TLSConfig ¶
type TLSConfig struct { CertificateKey string `json:"certificatekey" toml:"certificatekey"` CertificateFile string `json:"certificatefile" toml:"certificatefile"` MinVersion string `json:"minversion" toml:"minversion"` MaxVersion string `json:"maxversion" toml:"maxversion"` Renegotiation string `json:"renegotiation" toml:"renegotiation"` CipherSuites []string `json:"ciphersuites" toml:"ciphersuites"` CurvePreferences []string `json:"curvepreferences" toml:"curvepreferences"` InsecureSkipVerify bool `json:"insecureskipverify" toml:"insecureskipverify"` ClientAuth string `json:"clientauth" toml:"clientauth"` }
TLSConfig is user definable config for TLS
func (TLSConfig) CertificateProvided ¶
CertificateProvided returns true or there is a certificate configured in the tls config