This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/vendor/github.com/gtank/cryptopasta/tls.go

30 lines
1 KiB
Go
Raw Normal View History

2016-07-26 01:30:28 +05:30
// cryptopasta - basic cryptography examples
//
// Written in 2016 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
// Provides a recommended TLS configuration.
package cryptopasta
import "crypto/tls"
func DefaultTLSConfig() *tls.Config {
return &tls.Config{
// Avoids most of the memorably-named TLS attacks
MinVersion: tls.VersionTLS12,
// Causes servers to use Go's default ciphersuite preferences,
// which are tuned to avoid attacks. Does nothing on clients.
PreferServerCipherSuites: true,
// Only use curves which have constant-time implementations
CurvePreferences: []tls.CurveID{
tls.CurveP256,
},
}
}