Code
Hub
Workspaces
Following
Trending
Connect
MCP
copy
Index your code
hub
/
github.com/refraction-networking/utls
/ functions
Functions
1,354 in github.com/refraction-networking/utls
⨍
Functions
1,354
◇
Types & classes
248
↓ 7 callers
Method
newCert
newCert returns a x509.Certificate parsed from der. If there is already a copy of the certificate in the cache, a reference to the existing certificat
cache.go:80
↓ 7 callers
Function
readUint24LengthPrefixed
readUint24LengthPrefixed acts like s.ReadUint24LengthPrefixed, but targets a []byte instead of a cryptobyte.String.
handshake_messages.go:67
↓ 7 callers
Function
testingKey
(s string)
tls_test.go:1267
↓ 6 callers
Function
BEAppendUint16
(b []byte, v uint16)
internal/byteorder/byteorder.go:91
↓ 6 callers
Function
Extract
(h func() H, secret, salt []byte)
internal/hkdf/hkdf.go:8
↓ 6 callers
Method
Start
Start starts the client or server handshake protocol. It may produce connection events, which may be read with [QUICConn.NextEvent]. Start must be ca
quic.go:203
↓ 6 callers
Method
String
()
handshake_client_test.go:124
↓ 6 callers
Method
Value
()
u_quic_transport_parameters.go:61
↓ 6 callers
Method
cipherSuites
()
common.go:1168
↓ 6 callers
Function
cloneHash
cloneHash uses the encoding.BinaryMarshaler and encoding.BinaryUnmarshaler interfaces implemented by standard library hashes to clone the state of in
handshake_server_tls13.go:473
↓ 6 callers
Function
createMinTLSVersion
Conn.vers is sometimes left to zero which is unacceptable to uTLS' SetTLSVers https://github.com/refraction-networking/utls/blob/f7e7360167ed2903ef128
u_fingerprinter_test.go:165
↓ 6 callers
Function
curveForCurveID
(id CurveID)
key_schedule.go:73
↓ 6 callers
Method
finishedHash
finishedHash generates the Finished verify_data or PskBinderEntry according to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey
key_schedule.go:37
↓ 6 callers
Function
hostnameInSNI
hostnameInSNI converts name into an appropriate hostname for SNI. Literal IP addresses and absolute FQDNs are not permitted as SNI values. See RFC 606
handshake_client.go:1345
↓ 6 callers
Function
isSupportedSignatureAlgorithm
(sigAlg SignatureScheme, supportedSignatureAlgorithms []SignatureScheme)
common.go:1744
↓ 6 callers
Method
quicSetWriteSecret
(level QUICEncryptionLevel, suite uint16, secret []byte)
quic.go:393
↓ 6 callers
Function
roundUp
(a, b int)
conn.go:331
↓ 6 callers
Function
runUTLSClientTestTLS13
(t *testing.T, template *clientTest, hello helloStrategy)
u_conn_test.go:458
↓ 6 callers
Method
sendAlertLocked
sendAlertLocked sends a TLS alert message.
conn.go:837
↓ 6 callers
Method
ticketKeyFromBytes
ticketKeyFromBytes converts from the external representation of a session ticket key to a ticketKey. Externally, session ticket keys are 32 random byt
common.go:958
↓ 5 callers
Function
CipherSuiteName
CipherSuiteName returns the standard name for the passed cipher suite ID (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representatio
cipher_suites.go:101
↓ 5 callers
Method
Context
Context returns the context of the handshake that is in progress. This context is a child of the context passed to HandshakeContext, if any, and is ca
common.go:486
↓ 5 callers
Method
HandleData
HandleData handles handshake bytes received from the peer. It may produce connection events, which may be read with [QUICConn.NextEvent].
quic.go:257
↓ 5 callers
Method
MarshalClientHelloNoECH
MarshalClientHelloNoECH marshals ClientHello as if there was no ECH extension present.
u_conn.go:598
↓ 5 callers
Function
NewEarlySecret
(hash func() H, psk []byte)
internal/tls13/tls13.go:74
↓ 5 callers
Method
Open
(out, nonce, ciphertext, additionalData []byte)
cipher_suites.go:500
↓ 5 callers
Function
ParseSessionState
ParseSessionState parses a [SessionState] encoded by [SessionState.Bytes].
ticket.go:182
↓ 5 callers
Method
Seal
(aad, plaintext []byte)
internal/hpke/hpke.go:275
↓ 5 callers
Method
SetReadDeadline
SetReadDeadline sets the read deadline on the underlying connection. A zero value for t means [Conn.Read] will not time out.
conn.go:152
↓ 5 callers
Method
Timeout
()
tls.go:104
↓ 5 callers
Method
VerifyHostname
VerifyHostname checks that the peer certificate chain is valid for connecting to host. If so, it returns nil; if not, it returns an error describing t
conn.go:1688
↓ 5 callers
Method
assertControllerState
(caller string, desired sessionControllerState, moreDesiredStates ...sessionControllerState)
u_session_controller.go:112
↓ 5 callers
Method
dataPath
()
handshake_client_test.go:274
↓ 5 callers
Method
discardHandshakeBuffer
discardHandshakeBuffer is called when there is no more need to buffer the entirety of the handshake messages.
prf.go:251
↓ 5 callers
Method
helloName
()
u_conn_test.go:30
↓ 5 callers
Function
mustMarshal
(t *testing.T, msg handshakeMessage)
handshake_messages_test.go:42
↓ 5 callers
Method
quicSetReadSecret
(level QUICEncryptionLevel, suite uint16, secret []byte)
quic.go:384
↓ 5 callers
Method
readRecord
()
conn.go:591
↓ 5 callers
Function
runServerTestTLS10
(t *testing.T, template *serverTest)
handshake_server_test.go:782
↓ 5 callers
Function
runUTLSClientTestForVersion
(t *testing.T, template *clientTest, prefix, option string, hello helloStrategy, omitSNI bool)
u_conn_test.go:443
↓ 5 callers
Function
testFatal
testFatal is a hack to prevent the compiler from complaining that there is a call to t.Fatal from a non-test goroutine
handshake_server_test.go:40
↓ 5 callers
Function
testUTLSHandshakeClientECDHE_RSA_AES128_CBC_SHA
(t *testing.T, hello helloStrategy)
u_conn_test.go:258
↓ 5 callers
Function
testUTLSHandshakeClientECDHE_RSA_AES128_GCM_SHA256
(t *testing.T, hello helloStrategy)
u_conn_test.go:337
↓ 5 callers
Function
testUTLSHandshakeClientECDHE_RSA_AES256_CBC_SHA
(t *testing.T, hello helloStrategy)
u_conn_test.go:270
↓ 5 callers
Function
testUTLSHandshakeClientECDHE_RSA_WITH_CHACHA20_POLY1305
(t *testing.T, hello helloStrategy)
u_conn_test.go:415
↓ 5 callers
Method
unmarshal
([]byte)
common.go:1635
↓ 5 callers
Method
unmarshal
(data []byte)
handshake_messages.go:906
↓ 4 callers
Method
BlockSize
()
cipher_suites.go:602
↓ 4 callers
Function
BoringGREASEECH
BoringGREASEECH returns a GREASE scheme BoringSSL uses by default.
u_ech.go:296
↓ 4 callers
Method
ClientEarlyTrafficSecret
ClientEarlyTrafficSecret derives the client_early_traffic_secret from the early secret and the transcript up to the ClientHello.
internal/tls13/tls13.go:87
↓ 4 callers
Method
Int63
Int63 is equivalent to math/read.Int63.
u_prng.go:121
↓ 4 callers
Method
LabeledExpand
(suiteID []byte, randomKey []byte, label string, info []byte, length uint16)
internal/hpke/hpke.go:38
↓ 4 callers
Method
LabeledExtract
(sid []byte, salt []byte, label string, inputKey []byte)
internal/hpke/hpke.go:29
↓ 4 callers
Method
Len
Len implements TLSExtension.
u_ech.go:171
↓ 4 callers
Method
Marshal
Marshal allows external code to convert a ClientHello object back into raw bytes.
u_public.go:493
↓ 4 callers
Method
Overhead
64-bit sequence number
cipher_suites.go:485
↓ 4 callers
Method
SetDeadline
SetDeadline sets the read and write deadlines associated with the connection. A zero value for t means [Conn.Read] and [Conn.Write] will not time out.
conn.go:146
↓ 4 callers
Method
SetSessionTicketKeys
SetSessionTicketKeys updates the session ticket keys for a server. The first key will be used when creating new tickets, while all keys can be used f
common.go:1137
↓ 4 callers
Method
SetWriteDeadline
SetWriteDeadline sets the write deadline on the underlying connection. A zero value for t means [Conn.Write] will not time out. After a [Conn.Write] h
conn.go:159
↓ 4 callers
Method
Sign
(rand io.Reader, digest []byte, opts crypto.SignerOpts)
tls_test.go:1688
↓ 4 callers
Method
Str
()
u_common.go:156
↓ 4 callers
Method
assertNotLocked
(caller string)
u_session_controller.go:120
↓ 4 callers
Method
changeCipherSpec
changeCipherSpec changes the encryption and MAC states to the ones previously passed to prepareCipherSpec.
conn.go:218
↓ 4 callers
Method
curvePreferences
(version uint16)
common.go:1257
↓ 4 callers
Function
defaultCipherSuites
[uTLS section begins] var tlsrsakex = godebug.New("tlsrsakex") var tls3des = godebug.New("tls3des") [uTLS section ends]
defaults.go:53
↓ 4 callers
Function
generateOuterECHExt
(id uint8, kdfID, aeadID uint16, encodedKey []byte, payload []byte)
ech.go:405
↓ 4 callers
Method
handshake
Does the handshake, either a full one or resumes old session. Requires hs.c, hs.hello, hs.serverHello, and, optionally, hs.session to be set.
handshake_client.go:581
↓ 4 callers
Method
incSeq
incSeq increments the sequence number.
conn.go:243
↓ 4 callers
Function
keysFromMasterSecret
keysFromMasterSecret generates the connection keys from the master secret, given the lengths of the MAC key, cipher key and IV, as defined in RFC 2246
prf.go:135
↓ 4 callers
Method
makeClientHello
()
handshake_client.go:48
↓ 4 callers
Function
mutualCipherSuite
mutualCipherSuite returns a cipherSuite given a list of supported ciphersuites and the id requested by the peer.
cipher_suites.go:647
↓ 4 callers
Method
newRecordHeaderError
(conn net.Conn, msg string)
conn.go:584
↓ 4 callers
Function
parseECHConfigList
parseECHConfigList parses a draft-ietf-tls-esni-18 ECHConfigList, returning a slice of parsed ECHConfigs, in the same order they were parsed, or an er
ech.go:128
↓ 4 callers
Method
pickCipherSuite
()
handshake_server.go:377
↓ 4 callers
Method
processClientHello
()
handshake_server.go:208
↓ 4 callers
Method
quicWaitForSignal
quicWaitForSignal notifies the QUICConn that handshake progress is blocked, and waits for a signal that the handshake should proceed. The handshake m
quic.go:476
↓ 4 callers
Function
randomString
(n int, rand *rand.Rand)
handshake_messages_test.go:148
↓ 4 callers
Function
runClientTestForVersion
(t *testing.T, template *clientTest, version, option string)
handshake_client_test.go:471
↓ 4 callers
Function
runDynamicRecordSizingTest
Run with multiple crypto configs to test the logic for computing TLS record overheads.
conn_test.go:128
↓ 4 callers
Function
runServerTestForVersion
(t *testing.T, template *serverTest, version, option string)
handshake_server_test.go:766
↓ 4 callers
Function
selectCipherSuite
selectCipherSuite returns the first TLS 1.0–1.2 cipher suite from ids which is also in supportedIDs and passes the ok filter.
cipher_suites.go:177
↓ 4 callers
Method
sessionState
sessionState returns a partially filled-out [SessionState] with information from the current connection.
ticket.go:293
↓ 4 callers
Function
signedMessage
signedMessage returns the pre-hashed (if necessary) message to be signed by certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3.
auth.go:81
↓ 4 callers
Function
sliceForAppend
sliceForAppend extends the input slice by n bytes. head is the full extended slice, while tail is the appended part. If the original slice has suffici
conn.go:470
↓ 4 callers
Method
supportedVersions
var tls10server = godebug.New("tls10server") // [UTLS] unsupported
common.go:1202
↓ 4 callers
Function
testClientHelloSpecJSONUnmarshaler
( t *testing.T, jsonFilepath string, truthClientHelloID ClientHelloID, )
u_clienthello_json_test.go:17
↓ 4 callers
Function
testClientHelloSpecUnmarshalJSON
( t *testing.T, jsonFilepath string, truthClientHelloID ClientHelloID, )
u_clienthello_json_test.go:73
↓ 4 callers
Function
testUTLSHandshakeClientECDHE_RSA_AES256_GCM_SHA256
(t *testing.T, hello helloStrategy)
u_conn_test.go:364
↓ 4 callers
Function
unGREASEUint16
(v uint16)
u_common.go:723
↓ 4 callers
Method
unmarshal
(data []byte)
handshake_messages.go:449
↓ 4 callers
Function
unsupportedCertificateError
unsupportedCertificateError returns a helpful error for certificates with an unsupported private key.
auth.go:259
↓ 4 callers
Function
verifyHandshakeSignature
verifyHandshakeSignature verifies a signature against pre-hashed (if required) handshake contents.
auth.go:22
↓ 4 callers
Method
writeChangeCipherRecord
writeChangeCipherRecord writes a ChangeCipherSpec message to the connection and updates the record layer state.
conn.go:1066
↓ 3 callers
Function
BEUint16
(b []byte)
internal/byteorder/byteorder.go:80
↓ 3 callers
Function
CipherSuites
CipherSuites returns a list of cipher suites currently implemented by this package, excluding those with security issues, which are returned by [Insec
cipher_suites.go:55
↓ 3 callers
Method
ClientApplicationTrafficSecret
ClientApplicationTrafficSecret derives the client_application_traffic_secret_0 from the master secret and the transcript up to the server Finished.
internal/tls13/tls13.go:131
↓ 3 callers
Method
ClientHandshakeTrafficSecret
ClientHandshakeTrafficSecret derives the client_handshake_traffic_secret from the handshake secret and the transcript up to the ServerHello.
internal/tls13/tls13.go:106
↓ 3 callers
Method
CloseWrite
CloseWrite shuts down the writing side of the connection. It should only be called once the handshake has completed and does not call CloseWrite on th
conn.go:1465
↓ 3 callers
Method
DialContext
DialContext connects to the given network address and initiates a TLS handshake, returning the resulting TLS connection. The provided Context must be
tls.go:217
↓ 3 callers
Function
ExtensionFromID
ExtensionFromID returns a TLSExtension for the given extension ID.
u_tls_extensions.go:19
← previous
next →
101–200 of 1,354, ranked by callers