libp2ptls

package
v0.20.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 11, 2022 License: MIT, MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source
const ID = "/tls/1.0.0"

ID is the protocol ID (used when negotiating with multistream)

Variables

This section is empty.

Functions

func PubKeyFromCertChain

func PubKeyFromCertChain(chain []*x509.Certificate) (ic.PubKey, error)

PubKeyFromCertChain verifies the certificate chain and extract the remote's public key.

Types

type Identity

type Identity struct {
	// contains filtered or unexported fields
}

Identity is used to secure connections

func NewIdentity

func NewIdentity(privKey ic.PrivKey) (*Identity, error)

NewIdentity creates a new identity

func (*Identity) ConfigForPeer

func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey)

ConfigForPeer creates a new single-use tls.Config that verifies the peer's certificate chain and returns the peer's public key via the channel. If the peer ID is empty, the returned config will accept any peer.

It should be used to create a new tls.Config before securing either an incoming or outgoing connection.

type Transport

type Transport struct {
	// contains filtered or unexported fields
}

Transport constructs secure communication sessions for a peer.

func New

func New(key ci.PrivKey) (*Transport, error)

New creates a TLS encrypted transport

func (*Transport) SecureInbound

func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureInbound runs the TLS handshake as a server. If p is empty, connections from any peer are accepted.

func (*Transport) SecureOutbound

func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureOutbound runs the TLS handshake as a client. Note that SecureOutbound will not return an error if the server doesn't accept the certificate. This is due to the fact that in TLS 1.3, the client sends its certificate and the ClientFinished in the same flight, and can send application data immediately afterwards. If the handshake fails, the server will close the connection. The client will notice this after 1 RTT when calling Read.

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL