)
// CurveID is the type of a TLS identifier for an elliptic curve. See
-// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
type CurveID uint16
const (
)
// TLS Elliptic Curve Point Formats
-// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
const (
pointFormatUncompressed uint8 = 0
)
SignedCertificateTimestamps [][]byte // SCTs from the server, if any
OCSPResponse []byte // stapled OCSP response from server, if any
+ // ExportKeyMaterial returns length bytes of exported key material as
+ // defined in https://tools.ietf.org/html/rfc5705. If context is nil, it is
+ // not used as part of the seed. If Config.Renegotiation was set to allow
+ // renegotiation, this function will always return nil, false.
+ ExportKeyingMaterial func(label string, context []byte, length int) ([]byte, bool)
+
// TLSUnique contains the "tls-unique" channel binding value (see RFC
// 5929, section 3). For resumed sessions this value will be nil
// because resumption does not include enough context (see
//
// If normal verification fails then the handshake will abort before
// considering this callback. If normal verification is disabled by
- // setting InsecureSkipVerify then this callback will be considered but
- // the verifiedChains argument will always be nil.
+ // setting InsecureSkipVerify, or (for a server) when ClientAuth is
+ // RequestClientCert or RequireAnyClientCert, then this callback will
+ // be considered but the verifiedChains argument will always be nil.
VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
// RootCAs defines the set of root certificate authorities