30 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			30 lines
		
	
	
		
			1.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // cryptopasta - basic cryptography examples
 | |
| //
 | |
| // Written in 2016 by George Tankersley <george.tankersley@gmail.com>
 | |
| //
 | |
| // To the extent possible under law, the author(s) have dedicated all copyright
 | |
| // and related and neighboring rights to this software to the public domain
 | |
| // worldwide. This software is distributed without any warranty.
 | |
| //
 | |
| // You should have received a copy of the CC0 Public Domain Dedication along
 | |
| // with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
 | |
| 
 | |
| // Provides a recommended TLS configuration.
 | |
| package cryptopasta
 | |
| 
 | |
| import "crypto/tls"
 | |
| 
 | |
| func DefaultTLSConfig() *tls.Config {
 | |
| 	return &tls.Config{
 | |
| 		// Avoids most of the memorably-named TLS attacks
 | |
| 		MinVersion: tls.VersionTLS12,
 | |
| 		// Causes servers to use Go's default ciphersuite preferences,
 | |
| 		// which are tuned to avoid attacks. Does nothing on clients.
 | |
| 		PreferServerCipherSuites: true,
 | |
| 		// Only use curves which have constant-time implementations
 | |
| 		CurvePreferences: []tls.CurveID{
 | |
| 			tls.CurveP256,
 | |
| 		},
 | |
| 	}
 | |
| }
 |