secio

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 24, 2020 License: AGPL-3.0, MIT Imports: 26 Imported by: 0

Documentation

Overview

Package secio is used to encrypt `go-libp2p-conn` connections. Connections wrapped by secio use secure sessions provided by this package to encrypt all traffic. A TLS-like handshake is used to setup the communication channel.

Index

Constants

View Source 
const DefaultSupportedCiphers = "AES-256,AES-128"

DefaultSupportedCiphers are th edefault ciphers we support

View Source 
const DefaultSupportedExchanges = "P-256,P-384,P-521"

DefaultSupportedExchanges are the default support key exchange algorithms

View Source 
const DefaultSupportedHashes = "SHA256,SHA512"

DefaultSupportedHashes are the default supported hashes

View Source 
const ID = "/secio/1.0.0"

ID is secio's protocol ID (used when negotiating with multistream)

Variables

View Source 
var ErrBadSig = errors.New("bad signature")

ErrBadSig signals that the peer sent us a handshake packet with a bad signature.

View Source 
var ErrClosed = errors.New("connection closed")

ErrClosed signals the closing of a connection.

View Source 
var ErrEcho = errors.New("same keys and nonces. one side talking to self")

ErrEcho is returned when we're attempting to handshake with the same keys and nonces.

View Source 
var ErrMACInvalid = errors.New("MAC verification failed")

ErrMACInvalid signals that a MAC verification failed

View Source 
var ErrUnsupportedKeyType = errors.New("unsupported key type")

ErrUnsupportedKeyType is returned when a private key cast/type switch fails.

View Source 
var ErrWrongPeer = errors.New("connected to wrong peer")

ErrWrongPeer is returned when we attempt to handshake with the wrong peer.

View Source 
var HandshakeTimeout = time.Second * 30

HandshakeTimeout governs how long the handshake will be allowed to take place for. Making this number large means there could be many bogus connections waiting to timeout in flight. Typical handshakes take ~3RTTs, so it should be completed within seconds across a typical planet in the solar system.

View Source 
var SupportedCiphers = DefaultSupportedCiphers

SupportedCiphers is the list of supported Ciphers

View Source 
var SupportedExchanges = DefaultSupportedExchanges

SupportedExchanges is the list of supported ECDH curves

View Source 
var SupportedHashes = DefaultSupportedHashes

SupportedHashes is the list of supported Hashes

Functions

func NewETMReader 

func NewETMReader(r io.Reader, s cipher.Stream, mac HMAC) msgio.ReadCloser

NewETMReader Encrypt-Then-MAC

func NewETMWriter 

func NewETMWriter(w io.Writer, s cipher.Stream, mac HMAC) msgio.WriteCloser

NewETMWriter Encrypt-Then-MAC

Types

type HMAC 

type HMAC struct {
	hash.Hash
	// contains filtered or unexported fields
}

HMAC carries a hash and its size

type Transport 

type Transport struct {
	LocalID    peer.ID
	PrivateKey ci.PrivKey
}

Transport constructs secure communication sessions for a peer.

func New 

func New(sk ci.PrivKey) (*Transport, error)

New returns a new SecIO transport

func (*Transport) SecureInbound 

func (sg *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.SecureConn, error)

SecureInbound secures the inbound connection

func (*Transport) SecureOutbound 

func (sg *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureOutbound secures the outbound connection

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.