"fmt"
"internal/cpu"
"io"
- "math/big"
"net"
"strings"
"sync"
extensionCertificateAuthorities uint16 = 47
extensionSignatureAlgorithmsCert uint16 = 50
extensionKeyShare uint16 = 51
- extensionNextProtoNeg uint16 = 13172 // not IANA assigned
extensionRenegotiationInfo uint16 = 0xff01
)
Put(sessionKey string, cs *ClientSessionState)
}
+//go:generate stringer -type=SignatureScheme,CurveID,ClientAuthType -output=common_string.go
+
// SignatureScheme identifies a signature algorithm supported by TLS. See
// RFC 8446, Section 4.2.3.
type SignatureScheme uint16
// server's certificate chain and host name.
// If InsecureSkipVerify is true, TLS accepts any certificate
// presented by the server and any host name in that certificate.
- // In this mode, TLS is susceptible to man-in-the-middle attacks.
+ // In this mode, TLS is susceptible to machine-in-the-middle attacks.
// This should be used only for testing.
InsecureSkipVerify bool
return nil, false
}
-// TODO(jsing): Make these available to both crypto/x509 and crypto/tls.
-type dsaSignature struct {
- R, S *big.Int
-}
-
-type ecdsaSignature dsaSignature
-
var emptyConfig Config
func defaultConfig() *Config {