initial commit
This commit is contained in:
Eric Chiang
29
vendor/github.com/gtank/cryptopasta/tls.go
generated
vendored
Normal file
29
vendor/github.com/gtank/cryptopasta/tls.go
generated
vendored
Normal file
@@ -0,0 +1,29 @@
|
||||
// cryptopasta - basic cryptography examples
|
||||
//
|
||||
// Written in 2016 by George Tankersley <george.tankersley@gmail.com>
|
||||
//
|
||||
// To the extent possible under law, the author(s) have dedicated all copyright
|
||||
// and related and neighboring rights to this software to the public domain
|
||||
// worldwide. This software is distributed without any warranty.
|
||||
//
|
||||
// You should have received a copy of the CC0 Public Domain Dedication along
|
||||
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
|
||||
|
||||
// Provides a recommended TLS configuration.
|
||||
package cryptopasta
|
||||
|
||||
import "crypto/tls"
|
||||
|
||||
func DefaultTLSConfig() *tls.Config {
|
||||
return &tls.Config{
|
||||
// Avoids most of the memorably-named TLS attacks
|
||||
MinVersion: tls.VersionTLS12,
|
||||
// Causes servers to use Go's default ciphersuite preferences,
|
||||
// which are tuned to avoid attacks. Does nothing on clients.
|
||||
PreferServerCipherSuites: true,
|
||||
// Only use curves which have constant-time implementations
|
||||
CurvePreferences: []tls.CurveID{
|
||||
tls.CurveP256,
|
||||
},
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user