...

Package record

import "github.com/google/s2a-go/internal/record"
Overview
Index
Subdirectories

Overview ▾

Package record implements the TLS 1.3 record protocol used by the S2A transport credentials.

func NewConn

func NewConn(o *ConnParameters) (net.Conn, error)

NewConn creates a TLS record protocol that wraps the TCP connection.

type ConnParameters

ConnParameters holds the parameters used for creating a new conn object.

type ConnParameters struct {
    // NetConn is the TCP connection to the peer. This parameter is required.
    NetConn net.Conn
    // Ciphersuite is the TLS ciphersuite negotiated by the S2A handshaker
    // service. This parameter is required.
    Ciphersuite commonpb.Ciphersuite
    // TLSVersion is the TLS version number negotiated by the S2A handshaker
    // service. This parameter is required.
    TLSVersion commonpb.TLSVersion
    // InTrafficSecret is the traffic secret used to derive the session key for
    // the inbound direction. This parameter is required.
    InTrafficSecret []byte
    // OutTrafficSecret is the traffic secret used to derive the session key
    // for the outbound direction. This parameter is required.
    OutTrafficSecret []byte
    // UnusedBuf is the data read from the network that has not yet been
    // decrypted. This parameter is optional. If not provided, then no
    // application data was sent in the same flight of messages as the final
    // handshake message.
    UnusedBuf []byte
    // InSequence is the sequence number of the next, incoming, TLS record.
    // This parameter is required.
    InSequence uint64
    // OutSequence is the sequence number of the next, outgoing, TLS record.
    // This parameter is required.
    OutSequence uint64
    // HSAddr stores the address of the S2A handshaker service. This parameter
    // is optional. If not provided, then TLS resumption is disabled.
    HSAddr string
    // ConnectionId is the connection identifier that was created and sent by
    // S2A at the end of a handshake.
    ConnectionID uint64
    // LocalIdentity is the local identity that was used by S2A during session
    // setup and included in the session result.
    LocalIdentity *commonpb.Identity
    // EnsureProcessSessionTickets allows users to wait and ensure that all
    // available session tickets are sent to S2A before a process completes.
    EnsureProcessSessionTickets *sync.WaitGroup
}

Subdirectories

Name Synopsis
..