Codebase Browser
go
Go to App

go/src/crypto/tls/cipher_suites.go 

type CipherSuite

var supportedUpToTLS12

var supportedOnlyTLS12

var supportedOnlyTLS13

// CipherSuites returns a list of cipher suites currently implemented by this
// package, excluding those with security issues, which are returned by
// [InsecureCipherSuites].
//
// The list is sorted by ID. Note that the default cipher suites selected by
// this package might depend on logic that can't be captured by a static list,
// and might not match those returned by this function.
func CipherSuites() []*CipherSuite {}

// InsecureCipherSuites returns a list of cipher suites currently implemented by
// this package and which have security issues.
//
// Most applications should not use the cipher suites in this list, and should
// only use those returned by [CipherSuites].
func InsecureCipherSuites() []*CipherSuite {}

// CipherSuiteName returns the standard name for the passed cipher suite ID
// (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representation
// of the ID value if the cipher suite is not implemented by this package.
func CipherSuiteName(id uint16) string {}

const suiteECDHE

const suiteECSign

const suiteTLS12

const suiteSHA384

type cipherSuite

var cipherSuites

// selectCipherSuite returns the first TLS 1.0–1.2 cipher suite from ids which
// is also in supportedIDs and passes the ok filter.
func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite {}

type cipherSuiteTLS13

var cipherSuitesTLS13

var cipherSuitesPreferenceOrder

var cipherSuitesPreferenceOrderNoAES

var disabledCipherSuites

var rsaKexCiphers

var tdesCiphers

var hasGCMAsmAMD64

var hasGCMAsmARM64

var hasGCMAsmS390X

var hasAESGCMHardwareSupport

var aesgcmCiphers

// aesgcmPreferred returns whether the first known cipher in the preference list
// is an AES-GCM cipher, implying the peer has hardware support for it.
func aesgcmPreferred(ciphers []uint16) bool {}

func cipherRC4(key, iv []byte, isRead bool) any {}

func cipher3DES(key, iv []byte, isRead bool) any {}

func cipherAES(key, iv []byte, isRead bool) any {}

// macSHA1 returns a SHA-1 based constant time MAC.
func macSHA1(key []byte) hash.Hash {}

// macSHA256 returns a SHA-256 based MAC. This is only supported in TLS 1.2 and
// is currently only used in disabled-by-default cipher suites.
func macSHA256(key []byte) hash.Hash {}

type aead

const aeadNonceLength

const noncePrefixLength

type prefixNonceAEAD

func (f *prefixNonceAEAD) NonceSize() int        {}

func (f *prefixNonceAEAD) Overhead() int         {}

func (f *prefixNonceAEAD) explicitNonceLen() int {}

func (f *prefixNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {}

func (f *prefixNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {}

type xorNonceAEAD

func (f *xorNonceAEAD) NonceSize() int        {}

func (f *xorNonceAEAD) Overhead() int         {}

func (f *xorNonceAEAD) explicitNonceLen() int {}

func (f *xorNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {}

func (f *xorNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {}

func aeadAESGCM(key, noncePrefix []byte) aead {}

// aeadAESGCMTLS13 should be an internal detail,
// but widely used packages access it using linkname.
// Notable members of the hall of shame include:
//   - github.com/xtls/xray-core
//   - github.com/v2fly/v2ray-core
//
// Do not remove or change the type signature.
// See go.dev/issue/67401.
//
//go:linkname aeadAESGCMTLS13
func aeadAESGCMTLS13(key, nonceMask []byte) aead {}

func aeadChaCha20Poly1305(key, nonceMask []byte) aead {}

type constantTimeHash

type cthWrapper

func (c *cthWrapper) Size() int                   {}

func (c *cthWrapper) BlockSize() int              {}

func (c *cthWrapper) Reset()                      {}

func (c *cthWrapper) Write(p []byte) (int, error) {}

func (c *cthWrapper) Sum(b []byte) []byte         {}

func newConstantTimeHash(h func() hash.Hash) func() hash.Hash {}

// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, Section 6.2.3.
func tls10MAC(h hash.Hash, out, seq, header, data, extra []byte) []byte {}

func rsaKA(version uint16) keyAgreement {}

func ecdheECDSAKA(version uint16) keyAgreement {}

func ecdheRSAKA(version uint16) keyAgreement {}

// mutualCipherSuite returns a cipherSuite given a list of supported
// ciphersuites and the id requested by the peer.
func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {}

func cipherSuiteByID(id uint16) *cipherSuite {}

func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 {}

func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {}

const TLS_RSA_WITH_RC4_128_SHA

const TLS_RSA_WITH_3DES_EDE_CBC_SHA

const TLS_RSA_WITH_AES_128_CBC_SHA

const TLS_RSA_WITH_AES_256_CBC_SHA

const TLS_RSA_WITH_AES_128_CBC_SHA256

const TLS_RSA_WITH_AES_128_GCM_SHA256

const TLS_RSA_WITH_AES_256_GCM_SHA384

const TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

const TLS_ECDHE_RSA_WITH_RC4_128_SHA

const TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

const TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

const TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

const TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

const TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

const TLS_AES_128_GCM_SHA256

const TLS_AES_256_GCM_SHA384

const TLS_CHACHA20_POLY1305_SHA256

const TLS_FALLBACK_SCSV

const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305

const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305