Go Home Page
The Go Programming Language

Package tls

import "crypto/tls"

This package partially implements the TLS 1.1 protocol, as specified in RFC 4346.

Package files

alert.go ca_set.go common.go handshake_client.go handshake_messages.go handshake_server.go prf.go record_process.go record_read.go record_write.go tls.go

Variables

TLS cipher suites.

var (
    TLS_RSA_WITH_RC4_128_SHA uint16 = 5
)

type CASet

A CASet is a set of certificates.

type CASet struct {
    // contains unexported fields
}

func NewCASet

func NewCASet() *CASet

func (*CASet) FindParent

func (s *CASet) FindParent(cert *x509.Certificate) (parent *x509.Certificate)

FindParent attempts to find the certificate in s which signs the given certificate. If no such certificate can be found, it returns nil.

func (*CASet) SetFromPEM

func (s *CASet) SetFromPEM(pemCerts []byte) (ok bool)

SetFromPEM attempts to parse a series of PEM encoded root certificates. It appends any certificates found to s and returns true if any certificates were successfully parsed. On many Linux systems, /etc/ssl/cert.pem will contains the system wide set of root CAs in a format suitable for this function.

type Certificate

type Certificate struct {
    Certificate [][]byte
    PrivateKey  *rsa.PrivateKey
}

type Config

A Config structure is used to configure a TLS client or server. After one has been passed to a TLS function it must not be modified.

type Config struct {
    // Rand provides the source of entropy for nonces and RSA blinding.
    Rand io.Reader
    // Time returns the current time as the number of seconds since the epoch.
    Time         func() int64
    Certificates []Certificate
    RootCAs      *CASet
    // NextProtos is a list of supported, application level protocols.
    // Currently only server-side handling is supported.
    NextProtos []string
}

type Conn

A Conn represents a secure connection.

type Conn struct {
    net.Conn
    // contains unexported fields
}

func Client

func Client(conn net.Conn, config *Config) *Conn

func Server

func Server(conn net.Conn, config *Config) *Conn

func (*Conn) Close

func (tls *Conn) Close() os.Error

func (*Conn) GetConnectionState

func (tls *Conn) GetConnectionState() ConnectionState

func (*Conn) Read

func (tls *Conn) Read(p []byte) (int, os.Error)

func (*Conn) SetReadTimeout

func (tls *Conn) SetReadTimeout(nsec int64) os.Error

func (*Conn) SetTimeout

func (tls *Conn) SetTimeout(nsec int64) os.Error

func (*Conn) SetWriteTimeout

func (tls *Conn) SetWriteTimeout(nsec int64) os.Error

func (*Conn) WaitConnectionState

func (tls *Conn) WaitConnectionState() ConnectionState

func (*Conn) Write

func (tls *Conn) Write(p []byte) (int, os.Error)

type ConnectionState

type ConnectionState struct {
    HandshakeComplete  bool
    CipherSuite        string
    Error              alertType
    NegotiatedProtocol string
}

type Listener

type Listener struct {
    // contains unexported fields
}

func NewListener

func NewListener(listener net.Listener, config *Config) (l *Listener)

NewListener creates a Listener which accepts connections from an inner Listener and wraps each connection with Server.

func (*Listener) Accept

func (l *Listener) Accept() (c net.Conn, err os.Error)

func (*Listener) Addr

func (l *Listener) Addr() net.Addr

func (*Listener) Close

func (l *Listener) Close() os.Error