mitchell/selfpass
1
0
Fork 0
mirror of https://github.com/mitchell/selfpass.git synced 2025-12-13 21:07:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Swapped AES-CBC for GCM for all symmetric encryption; bolstered TLS configs

Browse source
This commit is contained in:
mitchell 2019-06-07 02:03:15 -07:00
parent cde1d118fc
commit f90c19d0f4
11 changed files with 192 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

11
cmd/server/server.go
View file

@ -47,9 +47,14 @@ func main() {
caPool.AppendCertsFromPEM([]byte(ca))
creds := credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{keypair},
ClientCAs: caPool,
ClientAuth: tls.RequireAndVerifyClientCert,
Certificates: []tls.Certificate{keypair},
ClientCAs: caPool,
ClientAuth: tls.RequireAndVerifyClientCert,
MinVersion: tls.VersionTLS12,
PreferServerCipherSuites: true,
CurvePreferences: []tls.CurveID{
tls.CurveP256,
},
})
db, err := repositories.NewRedisConn("tcp", "redis:6379", 2)