Documentation ¶
Overview ¶
Package cfcrypto is a package that uses Cloudflare's TLS fork to provide features missing in crypto/tls.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Handshake ¶
func Handshake( conn net.Conn, tlsConfig *tls.Config, resolver *resolve.Resolver, cfg *config.Config, out *output.Output, ) (tlsConn net.Conn, err error)
Handshake attempts to establish a TLS connection using Cloudflare's TLS fork.
Depending on the arguments, it may do the following:
- Encrypted ClientHello.
- Post-quantum cryptography.
Arguments ¶
- conn is the underlying network connection that should already be established.
- tlsConfig is the original tls.Config, its properties will be copied to the ctls.Config used by this method.
- resolver is specified enables ECH support.
- cfg is the *config.Config configuration object.
- out is the *output.Output object that is used to write logs.
Encrypted ClientHello ¶
It is used if enabled in the cfg argument. A few things about the tlsConfig that is passed to it:
- ServerName will be used in the inner ClientHello. For the outer ClientHello it will attempt to use the "public name" field of the ECH configuration.
- Regarding the multiple ECHConfig passed, it chooses the first with a suitable cipher suite which effectively means that it will almost always simply use the first ECHConfig from the slice.
Post-quantum cryptography ¶
This basically means that new curves will be added to CurvePreferences.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.