dh

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2020 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package dh implements RFC 2930 Diffie-Hellman key exchange functions.

Example client: 

import (
        "fmt"
        "net"
        "time"

        "github.com/bodgit/tsig/dh"
        "github.com/miekg/dns"
)

func main() {
        host := "ns.example.com"

        d, err := dh.New()
        if err != nil {
                panic(err)
        }
        defer d.Close()

        // Negotiate a key with the chosen server
        keyname, mac, _, err := d.NegotiateKey(host, "tsig.example.com.", dns.HmacMD5, "k9uK5qsPfbBxvVuldwzYww==")
        if err != nil {
                panic(err)
        }

        client := &dns.Client{
                Net:        "tcp",
                TsigSecret: map[string]string{*keyname: *mac},
        }

        // Use the DNS client as normal

        msg := new(dns.Msg)
        msg.SetUpdate(dns.Fqdn("example.com"))

        insert, err := dns.NewRR("test.example.com. 300 A 192.0.2.1")
        if err != nil {
                panic(err)
        }
        msg.Insert([]dns.RR{insert})

        msg.SetTsig(*keyname, dns.HmacMD5, 300, time.Now().Unix())

        rr, _, err := client.Exchange(msg, net.JoinHostPort(host, "53"))
        if err != nil {
                panic(err)
        }

        if rr.Rcode != dns.RcodeSuccess {
                fmt.Printf("DNS error: %s (%d)\n", dns.RcodeToString[rr.Rcode], rr.Rcode)
        }

        // Revoke the key
        err = d.DeleteKey(keyname)
        if err != nil {
                panic(err)
        }
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DH 

type DH struct {
	// contains filtered or unexported fields
}

DH maps the TKEY name to the target host that negotiated it as well as any other internal state.

func New 

func New() (*DH, error)

New performs any library initialization necessary. It returns a context handle for any further functions along with any error that occurred.

func (*DH) Close 

func (c *DH) Close() error

Close revokes any active keys and unloads any underlying libraries as necessary. It returns any error that occurred.

func (*DH) DeleteKey 

func (c *DH) DeleteKey(keyname *string) error

DeleteKey revokes the active key associated with the given TKEY name. It returns any error that occurred.

func (*DH) NegotiateKey 

func (c *DH) NegotiateKey(host, name, algorithm, mac string) (*string, *string, *time.Time, error)

NegotiateKey exchanges RFC 2930 TKEY records with the indicated DNS server to establish a TSIG key for further using an existing TSIG key name, algorithm and MAC. It returns the negotiated TKEY name, MAC, expiry time, and any error that occurred.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.