Documentation ¶
Index ¶
- Constants
- Variables
- func Bytes2str(b []byte) string
- func Str2bytes(s string) []byte
- type Config
- type GenSharedKey
- type Key
- type PeerID
- type PrivKey
- type PubKey
- type SecureConn
- func (sec *SecureConn) Close() error
- func (sec *SecureConn) LocalAddr() net.Addr
- func (sec *SecureConn) NextMsgLen() (int, error)
- func (sec *SecureConn) Read(b []byte) (n int, err error)
- func (sec *SecureConn) ReadMsg() ([]byte, error)
- func (sec *SecureConn) ReleaseMsg(b []byte)
- func (sec *SecureConn) RemoteAddr() net.Addr
- func (sec *SecureConn) RemotePub() PubKey
- func (sec *SecureConn) SetDeadline(t time.Time) error
- func (sec *SecureConn) SetReadDeadline(t time.Time) error
- func (sec *SecureConn) SetWriteDeadline(t time.Time) error
- func (sec *SecureConn) Write(b []byte) (int, error)
- func (sec *SecureConn) WriteMsg(b []byte) error
- type StreamCipher
Constants ¶
const AES128GCM = "AES-128-GCM"
AES128GCM is aead encryption algorithm
const AES256GCM = "AES-256-GCM"
AES256GCM is aead encryption algorithm
const CHACHA20POLY1305 = "CHACHA20_POLY1305"
CHACHA20POLY1305 is aead encryption algorithm
const DefaultAgreementsProposition = "P-256,P-384,X25519"
DefaultAgreementsProposition is the default ECDH algorithm
const DefaultCiphersProposition = "AES-128-GCM,AES-256-GCM,CHACHA20_POLY1305"
DefaultCiphersProposition is the default aead encryption algorithm
const DefaultDigestsProposition = "SHA256,SHA512"
DefaultDigestsProposition is the default hash algorithm used in handshake
const ECDHP256 = "P-256"
ECDHP256 is ECDH algorithm
const ECDHP384 = "P-384"
ECDHP384 is ECDH algorithm
const PrivKeyBytesLen = 32
const SHA256 = "SHA256"
SHA256 is hash algorithm
const SHA256CODE = 0x12
SHA256CODE code
const SHA256SIZE = 32
SHA256SIZE 32
const SHA512 = "SHA512"
SHA512 is hash algorithm
const X25519 = "X25519"
X25519 is ECDH algorithm
Variables ¶
var ( ErrUnknownCode = errors.New("unknown multihash code") ErrTooShort = errors.New("peer id too short. must be >= 2 bytes") ErrInvalidPeerID = errors.New("input isn't valid peer id") ErrVarintBufferShort = errors.New("uvarint: buffer too small") ErrVarintTooLong = errors.New("uvarint: varint too big (max 64bit)") )
errors
var ErrConnectSelf = errors.New("ConnectSelf")
ErrConnectSelf means node handshake with self
var ErrDecipherFail = errors.New("Can not decipher remote data")
ErrDecipherFail means failure to decode remote data
var ErrEphemeralKeyGenerationFailed = errors.New("Failed to generate ephemeral key")
ErrEphemeralKeyGenerationFailed means failed to generate ephemeral key
var ErrFrameTooShort = errors.New("short packet")
ErrFrameTooShort means frame is wrong
var ErrInvalidData = errors.New("Invalid data")
ErrInvalidData means unable to parse remote's data
var ErrNoCommonAlgorithms = errors.New("No algorithms in common")
ErrNoCommonAlgorithms means can't find same propose algorithms
var ErrSecretGenerationFailed = errors.New("Failed to generate the secret shared key from the ephemeral key")
ErrSecretGenerationFailed means failed to generate the secret shared key
var ErrVerificationFail = errors.New("Failed Verification signature")
ErrVerificationFail means handshake verification failure
Functions ¶
func Str2bytes ¶
Str2bytes convert to bytes in place https://www.cnblogs.com/shuiyuejiangnan/p/9707066.html
Types ¶
type Config ¶
type Config struct {
// contains filtered or unexported fields
}
Config of handshake
func (*Config) Ciphers ¶
Ciphers try replace default ciphers function but if new one can't supported by this library, it will do nothing
func (*Config) Digests ¶
Digests try replace default digests function but if new one can't supported by this library, it will do nothing
func (*Config) Handshake ¶
func (c *Config) Handshake(conn net.Conn) (*SecureConn, error)
Handshake attempts to perform a handshake on the given socket.
func (*Config) KeyAgreements ¶
KeyAgreements try replace default agreements function but if new one can't supported by this library, it will do nothing
func (*Config) MaxFrameLength ¶
MaxFrameLength replace default frame size, default is 8M
type GenSharedKey ¶
GenSharedKey generates the shared key from a given private key
func GenerateEphemeralKeyPair ¶
func GenerateEphemeralKeyPair(curveName string) ([]byte, GenSharedKey, error)
GenerateEphemeralKeyPair returns an ephemeral public key and returns a function that will compute the shared secret key.
type Key ¶
type Key interface { // Bytes returns raw bytes Bytes() []byte // Equals checks whether two PubKeys are the same Equals(Key) bool // TypeID return molecule union ID TypeID() mol.Number // PeerID generate a peer id from key PeerID() PeerID }
Key represents a crypto key that can be compared to another key
type PeerID ¶
type PeerID []byte
PeerID is a byte slice
func PeerIDFromBese58 ¶
PeerIDFromBese58 parses a Bese58-encoded string.
func PeerIDFromBytes ¶
PeerIDFromBytes parses a slice
func (PeerID) Bese58String ¶
Bese58String return bs58 format string
type PrivKey ¶
type PrivKey interface { Key // Cryptographically sign the given bytes Sign([]byte) ([]byte, error) // Return a public key paired with this private key GenPublic() PubKey }
PrivKey represents a private key that can be used to generate a public key and sign data
func GenerateSecp256k1 ¶
func GenerateSecp256k1() PrivKey
GenerateSecp256k1 return a random Secp256k1 private key
func Secp256k1FromBytes ¶
Secp256k1FromBytes return private key from bytes
type PubKey ¶
type PubKey interface { Key // Verify that 'sig' is the signed hash Verify(message []byte, sig []byte) error // Encode return molecule-encodes bytes Encode() []byte }
PubKey is a public key that can be used to verifiy data signed with the corresponding private key
func DecodeToSecpPub ¶
DecodeToSecpPub try parse bytes from molecule-encodes byte
type SecureConn ¶
type SecureConn struct {
// contains filtered or unexported fields
}
SecureConn is a stream for secio Note: Please do not use streaming read and msg read interchangeably, as this may cause data confusion
func (*SecureConn) LocalAddr ¶
func (sec *SecureConn) LocalAddr() net.Addr
LocalAddr returns the local network address.
func (*SecureConn) NextMsgLen ¶
func (sec *SecureConn) NextMsgLen() (int, error)
NextMsgLen repub msgio.ReadWriteClose
func (*SecureConn) ReadMsg ¶
func (sec *SecureConn) ReadMsg() ([]byte, error)
ReadMsg repub msgio.ReadWriteCloser
func (*SecureConn) ReleaseMsg ¶
func (sec *SecureConn) ReleaseMsg(b []byte)
ReleaseMsg repub msgio.ReadWriteCloser
func (*SecureConn) RemoteAddr ¶
func (sec *SecureConn) RemoteAddr() net.Addr
RemoteAddr returns the remote network address.
func (*SecureConn) RemotePub ¶
func (sec *SecureConn) RemotePub() PubKey
RemotePub return remote pubkey
func (*SecureConn) SetDeadline ¶
func (sec *SecureConn) SetDeadline(t time.Time) error
SetDeadline call inner conn set deadline
func (*SecureConn) SetReadDeadline ¶
func (sec *SecureConn) SetReadDeadline(t time.Time) error
SetReadDeadline call inner conn set read deadline
func (*SecureConn) SetWriteDeadline ¶
func (sec *SecureConn) SetWriteDeadline(t time.Time) error
SetWriteDeadline call inner conn set write deadline
func (*SecureConn) WriteMsg ¶
func (sec *SecureConn) WriteMsg(b []byte) error
WriteMsg repub msgio.ReadWriteClose
type StreamCipher ¶
StreamCipher a cipher of aead stream
func AESGCM ¶
func AESGCM(psk []byte) (StreamCipher, error)
AESGCM creates a new Cipher with a pre-shared key. len(psk) must be one of 16 or 32 to select AES-128/256-GCM.
func Chacha20Poly1305 ¶
func Chacha20Poly1305(psk []byte) (StreamCipher, error)
Chacha20Poly1305 creates a new Cipher with a pre-shared key. len(psk) must be 32.