dgryski/go-keyless
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
go-keyless: a client for https://github.com/cloudflare/keyless My goal at the moment is just to implement the functionality required for 'testclient' to run. Injecting into crypto/tls is a larger, different project. To play with: Download and build keyless. Currently, Go can't talk to a keyless server because crypto/tls doesn't support ECDHE-ECDSA-AES256-GCM-SHA384 and ECDHE-RSA-AES256-GCM-SHA384, the only two ciphers keyless accepts. If you want to play, you need to patch your local keyless to include support for more ciphers. The easiest two to change to are ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-RSA-AES128-GCM-SHA256. (256 -> 128, 384 -> 256). Start the keyless demo server keyless$ make run PORT=2047 Run the test client. You'll need to point it at the test certificates that come with keyless. It runs some Pings(), a Decrypt(), and a Sign(). testclient$ go run main.go -server=localhost -port=2047 \ -client-cert=$KEYLESS/testing/client-cert/ecdsa/ecdsa-client.pem \ -client-key=$KEYLESS/testing/client-cert/ecdsa/ecdsa-client-key.pem \ -ca-file=$KEYLESS/testing/CAs/testca-keyserver.pem \ -private-key=$KEYLESS/testing/keys/private.key There's also a sample server included in cmd/server.
About
Client and server reimplementation of CloudFlare's Keyless
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published