common

package
v0.0.0-...-a933db7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2018 License: GPL-3.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SSH_MAX_SERVER_LINE_LENGTH = 1024
	SSH_PACKET_PREFIX_LENGTH   = 5          // uint32 + byte
	SSH_MAX_PACKET_LENGTH      = 256 * 1024 // OpenSSH max packet length
	SSH_MSG_NEWKEYS            = 21
	SSH_MAX_PADDING_LENGTH     = 255 // RFC 4253 sec. 6
	SSH_PADDING_MULTIPLE       = 16  // Default cipher block size
)
View Source 
const (
	OBFUSCATION_CONN_MODE_CLIENT = iota
	OBFUSCATION_CONN_MODE_SERVER
)
View Source 
const (
	OBFUSCATION_READ_STATE_IDENTIFICATION_LINES = iota
	OBFUSCATION_READ_STATE_KEX_PACKETS
	OBFUSCATION_READ_STATE_FLUSH
	OBFUSCATION_READ_STATE_FINISHED
)
View Source 
const (
	OBFUSCATION_WRITE_STATE_CLIENT_SEND_SEED_MESSAGE = iota
	OBFUSCATION_WRITE_STATE_SERVER_SEND_IDENTIFICATION_LINE_PADDING
	OBFUSCATION_WRITE_STATE_IDENTIFICATION_LINE
	OBFUSCATION_WRITE_STATE_KEX_PACKETS
	OBFUSCATION_WRITE_STATE_FINISHED
)
View Source 
const (
	OBFUSCATE_SEED_LENGTH         = 16
	OBFUSCATE_KEY_LENGTH          = 16
	OBFUSCATE_HASH_ITERATIONS     = 6000
	OBFUSCATE_MAX_PADDING         = 8192
	OBFUSCATE_MAGIC_VALUE         = 0x0BF5CA7E
	OBFUSCATE_CLIENT_TO_SERVER_IV = "client_to_server"
	OBFUSCATE_SERVER_TO_CLIENT_IV = "server_to_client"
)
View Source 
const RFC3339Milli = "2006-01-02T15:04:05.000Z07:00"

Variables

This section is empty.

Functions

func Compress 

func Compress(data []byte) []byte

Compress returns zlib compressed data

func Contains 

func Contains(list []string, target string) bool

Contains is a helper function that returns true if the target string is in the list.

func ContainsAny 

func ContainsAny(list, targets []string) bool

ContainsAny returns true if any string in targets is present in the list.

func ContainsInt 

func ContainsInt(list []int, target int) bool

ContainsInt returns true if the target int is in the list.

func ContextError 

func ContextError(err error) error

ContextError prefixes an error message with the current function name and source file line number.

func Decompress 

func Decompress(data []byte) ([]byte, error)

Decompress returns zlib decompressed data

func FlipCoin 

func FlipCoin() bool

FlipCoin is a helper function that randomly returns true or false.

If the underlying random number generator fails, FlipCoin still returns a result.

func FlipWeightedCoin 

func FlipWeightedCoin(weight float64) bool

FlipWeightedCoin returns the result of a weighted random coin flip. If the weight is 0.5, the outcome is equally likely to be true or false. If the weight is 1.0, the outcome is always true, and if the weight is 0.0, the outcome is always false.

Input weights > 1.0 are treated as 1.0.

If the underlying random number generator fails, FlipWeightedCoin still returns a result.

func FormatByteCount 

func FormatByteCount(bytes uint64) string

FormatByteCount returns a string representation of the specified byte count in conventional, human-readable format.

func GenerateAuthenticatedDataPackageKeys 

func GenerateAuthenticatedDataPackageKeys() (string, string, error)

GenerateAuthenticatedDataPackageKeys generates a key pair be used to sign and verify AuthenticatedDataPackages.

func GenerateHostName 

func GenerateHostName() string

func GetCurrentTimestamp 

func GetCurrentTimestamp() string

GetCurrentTimestamp returns the current time in UTC as an RFC 3339 formatted string.

func GetInterfaceIPAddresses 

func GetInterfaceIPAddresses(interfaceName string) (net.IP, net.IP, error)

GetInterfaceIPAddresses takes an interface name, such as "eth0", and returns the first IPv4 and IPv6 addresses associated with it. Either of the IPv4 or IPv6 address may be nil. If neither type of address is found, an error is returned.

func GetParentContext 

func GetParentContext() string

GetParentContext returns the parent function name and source file line number.

func IPAddressFromAddr 

func IPAddressFromAddr(addr net.Addr) string

IPAddressFromAddr is a helper which extracts an IP address from a net.Addr or returns "" if there is no IP address.

func Jitter 

func Jitter(n int64, factor float64) int64

Jitter returns n +/- the given factor. For example, for n = 100 and factor = 0.1, the return value will be in the range [90, 110].

func JitterDuration 

func JitterDuration(
	d time.Duration, factor float64) time.Duration

JitterDuration is a helper function that wraps Jitter.

func MakeRandomPeriod 

func MakeRandomPeriod(min, max time.Duration) (time.Duration, error)

MakeRandomPeriod returns a random duration, within a given range. If max <= min, the duration is min.

func MakeRandomStringBase64 

func MakeRandomStringBase64(byteLength int) (string, error)

MakeRandomStringBase64 returns a base64 encoded random string. byteLength specifies the pre-encoded data length.

func MakeRandomStringHex 

func MakeRandomStringHex(byteLength int) (string, error)

MakeRandomStringHex returns a hex encoded random string. byteLength specifies the pre-encoded data length.

func MakeSecureRandomBytes 

func MakeSecureRandomBytes(length int) ([]byte, error)

MakeSecureRandomBytes is a helper function that wraps crypto/rand.Read.

func MakeSecureRandomInt 

func MakeSecureRandomInt(max int) (int, error)

MakeSecureRandomInt is a helper function that wraps MakeSecureRandomInt64.

func MakeSecureRandomInt64 

func MakeSecureRandomInt64(max int64) (int64, error)

MakeSecureRandomInt64 is a helper function that wraps crypto/rand.Int, which returns a uniform random value in [0, max).

func MakeSecureRandomPadding 

func MakeSecureRandomPadding(minLength, maxLength int) ([]byte, error)

MakeSecureRandomPadding selects a random padding length in the indicated range and returns a random byte array of the selected length. If maxLength <= minLength, the padding is minLength.

func NewAuthenticatedDataPackageReader 

func NewAuthenticatedDataPackageReader(
	dataPackage io.ReadSeeker, signingPublicKey string) (io.Reader, error)

NewAuthenticatedDataPackageReader extracts and verifies authenticated data from an AuthenticatedDataPackage stored in the specified file. The package must have been signed with the given key. NewAuthenticatedDataPackageReader does not load the entire package nor the entire data into memory. It streams the package while verifying, and returns an io.Reader that the caller may use to stream the authenticated data payload.

func ReadAuthenticatedDataPackage 

func ReadAuthenticatedDataPackage(
	dataPackage []byte, isCompressed bool, signingPublicKey string) (string, error)

ReadAuthenticatedDataPackage extracts and verifies authenticated data from an AuthenticatedDataPackage. The package must have been signed with the given key.

Set isCompressed to false to read packages that are not compressed.

func RegisterHostNameGenerator 

func RegisterHostNameGenerator(generator func() string)

func TruncateTimestampToHour 

func TruncateTimestampToHour(timestamp string) string

TruncateTimestampToHour truncates an RFC 3339 formatted string to hour granularity. If the input is not a valid format, the result is "".

func WriteAuthenticatedDataPackage 

func WriteAuthenticatedDataPackage(
	data string, signingPublicKey, signingPrivateKey string) ([]byte, error)

WriteAuthenticatedDataPackage creates an AuthenticatedDataPackage containing the specified data and signed by the given key. The output conforms with the legacy format here: https://bitbucket.org/psiphon/psiphon-circumvention-system/src/c25d080f6827b141fe637050ce0d5bd0ae2e9db5/Automation/psi_ops_crypto_tools.py

Types

type APIParameterLogFieldFormatter 

type APIParameterLogFieldFormatter func(GeoIPData, APIParameters) LogFields

APIParameterLogFieldFormatter is a function that returns formatted LogFields containing the given GeoIPData and APIParameters.

type APIParameterValidator 

type APIParameterValidator func(APIParameters) error

APIParameterValidator is a function that validates API parameters for a particular request or context.

type APIParameters 

type APIParameters map[string]interface{}

APIParameters is a set of API parameter values, typically received from a Psiphon client and used/logged by the Psiphon server. The values are of varying types: strings, ints, arrays, structs, etc.

type ActivityMonitoredConn 

type ActivityMonitoredConn struct {
	net.Conn
	// contains filtered or unexported fields
}

ActivityMonitoredConn wraps a net.Conn, adding logic to deal with events triggered by I/O activity.

When an inactivity timeout is specified, the network I/O will timeout after the specified period of read inactivity. Optionally, for the purpose of inactivity only, ActivityMonitoredConn will also consider the connection active when data is written to it.

When a LRUConnsEntry is specified, then the LRU entry is promoted on either a successful read or write.

When an ActivityUpdater is set, then its UpdateActivity method is called on each read and write with the number of bytes transferred. The durationNanoseconds, which is the time since the last read, is reported only on reads.

func NewActivityMonitoredConn 

func NewActivityMonitoredConn(
	conn net.Conn,
	inactivityTimeout time.Duration,
	activeOnWrite bool,
	activityUpdater ActivityUpdater,
	lruEntry *LRUConnsEntry) (*ActivityMonitoredConn, error)

NewActivityMonitoredConn creates a new ActivityMonitoredConn.

func (*ActivityMonitoredConn) GetActiveDuration 

func (conn *ActivityMonitoredConn) GetActiveDuration() time.Duration

GetActiveDuration returns the time elapsed between the initialization of the ActivityMonitoredConn and the last Read. Only reads are used for this calculation since writes may succeed locally due to buffering.

func (*ActivityMonitoredConn) GetLastActivityMonotime 

func (conn *ActivityMonitoredConn) GetLastActivityMonotime() monotime.Time

GetLastActivityMonotime returns the arbitrary monotonic time of the last Read.

func (*ActivityMonitoredConn) GetStartTime 

func (conn *ActivityMonitoredConn) GetStartTime() time.Time

GetStartTime gets the time when the ActivityMonitoredConn was initialized. Reported time is UTC.

func (*ActivityMonitoredConn) IsClosed 

func (conn *ActivityMonitoredConn) IsClosed() bool

IsClosed implements the Closer iterface. The return value indicates whether the underlying conn has been closed.

func (*ActivityMonitoredConn) Read 

func (conn *ActivityMonitoredConn) Read(buffer []byte) (int, error)

func (*ActivityMonitoredConn) Write 

func (conn *ActivityMonitoredConn) Write(buffer []byte) (int, error)

type ActivityUpdater 

type ActivityUpdater interface {
	UpdateProgress(bytesRead, bytesWritten int64, durationNanoseconds int64)
}

ActivityUpdater defines an interface for receiving updates for ActivityMonitoredConn activity. Values passed to UpdateProgress are bytes transferred and conn duration since the previous UpdateProgress.

type AuthenticatedDataPackage 

type AuthenticatedDataPackage struct {
	Data                   string `json:"data"`
	SigningPublicKeyDigest []byte `json:"signingPublicKeyDigest"`
	Signature              []byte `json:"signature"`
}

AuthenticatedDataPackage is a JSON record containing some Psiphon data payload, such as list of Psiphon server entries. As it may be downloaded from various sources, it is digitally signed so that the data may be authenticated.

type BuildInfo 

type BuildInfo struct {
	BuildDate       string          `json:"buildDate"`
	BuildRepo       string          `json:"buildRepo"`
	BuildRev        string          `json:"buildRev"`
	GoVersion       string          `json:"goVersion"`
	GomobileVersion string          `json:"gomobileVersion,omitempty"`
	Dependencies    json.RawMessage `json:"dependencies"`
}

BuildInfo captures relevant build information here for use in clients or servers

func GetBuildInfo 

func GetBuildInfo() *BuildInfo

GetBuildInfo returns an instance of the BuildInfo struct

func (*BuildInfo) ToMap 

func (bi *BuildInfo) ToMap() *map[string]interface{}

ToMap converts 'BuildInfo' struct to 'map[string]interface{}'

type Closer 

type Closer interface {
	IsClosed() bool
}

Closer defines the interface to a type, typically a net.Conn, that can be closed.

type Conns 

type Conns struct {
	// contains filtered or unexported fields
}

Conns is a synchronized list of Conns that is used to coordinate interrupting a set of goroutines establishing connections, or close a set of open connections, etc. Once the list is closed, no more items may be added to the list (unless it is reset).

func (*Conns) Add 

func (conns *Conns) Add(conn net.Conn) bool

func (*Conns) CloseAll 

func (conns *Conns) CloseAll()

func (*Conns) Remove 

func (conns *Conns) Remove(conn net.Conn)

func (*Conns) Reset 

func (conns *Conns) Reset()

type GeoIPData 

type GeoIPData struct {
	Country        string
	City           string
	ISP            string
	DiscoveryValue int
}

GeoIPData is type-compatible with psiphon/server.GeoIPData.

type LRUConns 

type LRUConns struct {
	// contains filtered or unexported fields
}

LRUConns is a concurrency-safe list of net.Conns ordered by recent activity. Its purpose is to facilitate closing the oldest connection in a set of connections.

New connections added are referenced by a LRUConnsEntry, which is used to Touch() active connections, which promotes them to the front of the order and to Remove() connections that are no longer LRU candidates.

CloseOldest() will remove the oldest connection from the list and call net.Conn.Close() on the connection.

After an entry has been removed, LRUConnsEntry Touch() and Remove() will have no effect.

func NewLRUConns 

func NewLRUConns() *LRUConns

NewLRUConns initializes a new LRUConns.

func (*LRUConns) Add 

func (conns *LRUConns) Add(conn net.Conn) *LRUConnsEntry

Add inserts a net.Conn as the freshest connection in a LRUConns and returns an LRUConnsEntry to be used to freshen the connection or remove the connection from the LRU list.

func (*LRUConns) CloseOldest 

func (conns *LRUConns) CloseOldest()

CloseOldest closes the oldest connection in a LRUConns. It calls net.Conn.Close() on the connection.

type LRUConnsEntry 

type LRUConnsEntry struct {
	// contains filtered or unexported fields
}

LRUConnsEntry is an entry in a LRUConns list.

func (*LRUConnsEntry) Remove 

func (entry *LRUConnsEntry) Remove()

Remove deletes the connection referenced by the LRUConnsEntry from the associated LRUConns. Has no effect if the entry was not initialized or previously removed.

func (*LRUConnsEntry) Touch 

func (entry *LRUConnsEntry) Touch()

Touch promotes the connection referenced by the LRUConnsEntry to the front of the associated LRUConns. Has no effect if the entry was not initialized or previously removed.

type LogContext 

type LogContext interface {
	Debug(args ...interface{})
	Info(args ...interface{})
	Warning(args ...interface{})
	Error(args ...interface{})
}

LogContext is interface-compatible with the return values from psiphon/server.ContextLogger.WithContext/WithContextFields.

type LogFields 

type LogFields map[string]interface{}

LogFields is type-compatible with psiphon/server.LogFields and logrus.LogFields.

type Logger 

type Logger interface {
	WithContext() LogContext
	WithContextFields(fields LogFields) LogContext
	LogMetric(metric string, fields LogFields)
}

Logger exposes a logging interface that's compatible with psiphon/server.ContextLogger. This interface allows packages to implement logging that will integrate with psiphon/server without importing that package. Other implementations of Logger may also be provided.

type ObfuscatedSshConn 

type ObfuscatedSshConn struct {
	net.Conn
	// contains filtered or unexported fields
}

ObfuscatedSshConn wraps a Conn and applies the obfuscated SSH protocol to the traffic on the connection: https://github.com/brl/obfuscated-openssh/blob/master/README.obfuscation

ObfuscatedSshConn is used to add obfuscation to golang's stock ssh client and server without modification to that standard library code. The underlying connection must be used for SSH traffic. This code injects the obfuscated seed message, applies obfuscated stream cipher transformations, and performs minimal parsing of the SSH protocol to determine when to stop obfuscation (after the first SSH_MSG_NEWKEYS is sent and received).

WARNING: doesn't fully conform to net.Conn concurrency semantics: there's no synchronization of access to the read/writeBuffers, so concurrent calls to one of Read or Write will result in undefined behavior.

func NewObfuscatedSshConn 

func NewObfuscatedSshConn(
	mode ObfuscatedSshConnMode,
	conn net.Conn,
	obfuscationKeyword string) (*ObfuscatedSshConn, error)

NewObfuscatedSshConn creates a new ObfuscatedSshConn. The underlying conn must be used for SSH traffic and must have transferred no traffic.

In client mode, NewObfuscatedSshConn does not block or initiate network I/O. The obfuscation seed message is sent when Write() is first called.

In server mode, NewObfuscatedSshConn cannot completely initialize itself without the seed message from the client to derive obfuscation keys. So NewObfuscatedSshConn blocks on reading the client seed message from the underlying conn.

func (*ObfuscatedSshConn) Read 

func (conn *ObfuscatedSshConn) Read(buffer []byte) (int, error)

Read wraps standard Read, transparently applying the obfuscation transformations.

func (*ObfuscatedSshConn) Write 

func (conn *ObfuscatedSshConn) Write(buffer []byte) (int, error)

Write wraps standard Write, transparently applying the obfuscation transformations.

type ObfuscatedSshConnMode 

type ObfuscatedSshConnMode int

type ObfuscatedSshReadState 

type ObfuscatedSshReadState int

type ObfuscatedSshWriteState 

type ObfuscatedSshWriteState int

type Obfuscator 

type Obfuscator struct {
	// contains filtered or unexported fields
}

Obfuscator implements the seed message, key derivation, and stream ciphers for: https://github.com/brl/obfuscated-openssh/blob/master/README.obfuscation

func NewClientObfuscator 

func NewClientObfuscator(
	config *ObfuscatorConfig) (obfuscator *Obfuscator, err error)

NewClientObfuscator creates a new Obfuscator, staging a seed message to be sent to the server (by the caller) and initializing stream ciphers to obfuscate data.

func NewServerObfuscator 

func NewServerObfuscator(
	clientReader io.Reader, config *ObfuscatorConfig) (obfuscator *Obfuscator, err error)

NewServerObfuscator creates a new Obfuscator, reading a seed message directly from the clientReader and initializing stream ciphers to obfuscate data.

func (*Obfuscator) ObfuscateClientToServer 

func (obfuscator *Obfuscator) ObfuscateClientToServer(buffer []byte)

ObfuscateClientToServer applies the client RC4 stream to the bytes in buffer.

func (*Obfuscator) ObfuscateServerToClient 

func (obfuscator *Obfuscator) ObfuscateServerToClient(buffer []byte)

ObfuscateServerToClient applies the server RC4 stream to the bytes in buffer.

func (*Obfuscator) SendSeedMessage 

func (obfuscator *Obfuscator) SendSeedMessage() []byte

SendSeedMessage returns the seed message created in NewObfuscatorClient, removing the reference so that it may be garbage collected.

type ObfuscatorConfig 

type ObfuscatorConfig struct {
	Keyword    string
	MaxPadding int
}

type RateLimits 

type RateLimits struct {

	// ReadUnthrottledBytes specifies the number of bytes to
	// read, approximately, before starting rate limiting.
	ReadUnthrottledBytes int64

	// ReadBytesPerSecond specifies a rate limit for read
	// data transfer. The default, 0, is no limit.
	ReadBytesPerSecond int64

	// WriteUnthrottledBytes specifies the number of bytes to
	// write, approximately, before starting rate limiting.
	WriteUnthrottledBytes int64

	// WriteBytesPerSecond specifies a rate limit for write
	// data transfer. The default, 0, is no limit.
	WriteBytesPerSecond int64

	// CloseAfterExhausted indicates that the underlying
	// net.Conn should be closed once either the read or
	// write unthrottled bytes have been exhausted. In this
	// case, throttling is never applied.
	CloseAfterExhausted bool
}

RateLimits specify the rate limits for a ThrottledConn.

type ReloadableFile 

type ReloadableFile struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

ReloadableFile is a file-backed Reloader. This type is intended to be embedded in other types that add the actual reloadable data structures.

ReloadableFile has a multi-reader mutex for synchronization. Its Reload() function will obtain a write lock before reloading the data structures. The actual reloading action is to be provided via the reloadAction callback, which receives the content of reloaded files and must process the new data (for example, unmarshall the contents into data structures). All read access to the data structures should be guarded by RLocks on the ReloadableFile mutex.

reloadAction must ensure that data structures revert to their previous state when a reload fails.

func NewReloadableFile 

func NewReloadableFile(
	fileName string,
	reloadAction func([]byte) error) ReloadableFile

NewReloadableFile initializes a new ReloadableFile

func (*ReloadableFile) LogDescription 

func (reloadable *ReloadableFile) LogDescription() string

func (*ReloadableFile) Reload 

func (reloadable *ReloadableFile) Reload() (bool, error)

Reload checks if the underlying file has changed and, when changed, invokes the reloadAction callback which should reload the in-memory data structures.

In some case (e.g., traffic rules and OSL), there are penalties associated with proceeding with reload, so care is taken to not invoke the reload action unless the contents have changed.

The file content is loaded and a checksum is taken to determine whether it has changed. Neither file size (may not change when content changes) nor modified date (may change when identical file is repaved) is a sufficient indicator.

All data structure readers should be blocked by the ReloadableFile mutex.

Reload must not be called from multiple concurrent goroutines.

func (*ReloadableFile) WillReload 

func (reloadable *ReloadableFile) WillReload() bool

WillReload indicates whether the ReloadableFile is capable of reloading.

type Reloader 

type Reloader interface {

	// Reload reloads the data object. Reload returns a flag indicating if the
	// reloadable target has changed and reloaded or remains unchanged. By
	// convention, when reloading fails the Reloader should revert to its previous
	// in-memory state.
	Reload() (bool, error)

	// WillReload indicates if the data object is capable of reloading.
	WillReload() bool

	// LogDescription returns a description to be used for logging
	// events related to the Reloader.
	LogDescription() string
}

Reloader represents a read-only, in-memory reloadable data object. For example, a JSON data file that is loaded into memory and accessed for read-only lookups; and from time to time may be reloaded from the same file, updating the memory copy.

type SubnetLookup 

type SubnetLookup []net.IPNet

SubnetLookup provides an efficient lookup for individual IPv4 addresses within a list of subnets.

func NewSubnetLookup 

func NewSubnetLookup(CIDRs []string) (SubnetLookup, error)

NewSubnetLookup creates a SubnetLookup from a list of subnet CIDRs.

func NewSubnetLookupFromRoutes 

func NewSubnetLookupFromRoutes(routesData []byte) (SubnetLookup, error)

NewSubnetLookupFromRoutes creates a SubnetLookup from text routes data. The input format is expected to be text lines where each line is, e.g., "1.2.3.0\t255.255.255.0\n"

func (SubnetLookup) ContainsIPAddress 

func (lookup SubnetLookup) ContainsIPAddress(addr net.IP) bool

ContainsIPAddress performs a binary search on the sorted subnet list to find a network containing the candidate IP address.

func (SubnetLookup) Len 

func (lookup SubnetLookup) Len() int

Len implements Sort.Interface

func (SubnetLookup) Less 

func (lookup SubnetLookup) Less(i, j int) bool

Less implements Sort.Interface

func (SubnetLookup) Swap 

func (lookup SubnetLookup) Swap(i, j int)

Swap implements Sort.Interface

type ThrottledConn 

type ThrottledConn struct {
	net.Conn
	// contains filtered or unexported fields
}

ThrottledConn wraps a net.Conn with read and write rate limiters. Rates are specified as bytes per second. Optional unlimited byte counts allow for a number of bytes to read or write before applying rate limiting. Specify limit values of 0 to set no rate limit (unlimited counts are ignored in this case). The underlying rate limiter uses the token bucket algorithm to calculate delay times for read and write operations.

func NewThrottledConn 

func NewThrottledConn(conn net.Conn, limits RateLimits) *ThrottledConn

NewThrottledConn initializes a new ThrottledConn.

func (*ThrottledConn) Read 

func (conn *ThrottledConn) Read(buffer []byte) (int, error)

func (*ThrottledConn) SetLimits 

func (conn *ThrottledConn) SetLimits(limits RateLimits)

SetLimits modifies the rate limits of an existing ThrottledConn. It is safe to call SetLimits while other goroutines are calling Read/Write. This function will not block, and the new rate limits will be applied within Read/Write, but not necessarily until some further I/O at previous rates.

func (*ThrottledConn) Write 

func (conn *ThrottledConn) Write(buffer []byte) (int, error)

Source Files

View all Source files

Directories

Path Synopsis
Package accesscontrol implements an access control authorization scheme based on digital signatures.
 Package accesscontrol implements an access control authorization scheme based on digital signatures.
crypto
acme
Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.
 Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.
acme/autocert
Package autocert provides automatic access to certificates from Let's Encrypt and any other ACME-based CA.
 Package autocert provides automatic access to certificates from Let's Encrypt and any other ACME-based CA.
bcrypt
Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
 Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
blake2b
Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
 Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
blake2s
Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
 Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
blowfish
Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
 Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
bn256
Package bn256 implements a particular bilinear group at the 128-bit security level.
 Package bn256 implements a particular bilinear group at the 128-bit security level.
cast5
Package cast5 implements CAST5, as defined in RFC 2144.
 Package cast5 implements CAST5, as defined in RFC 2144.
chacha20poly1305
Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539.
 Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539.
chacha20poly1305/internal/chacha20
Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
 Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
cryptobyte
Package cryptobyte implements building and parsing of byte strings for DER-encoded ASN.1 and TLS messages.
 Package cryptobyte implements building and parsing of byte strings for DER-encoded ASN.1 and TLS messages.
curve25519
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
 Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
ed25519
Package ed25519 implements the Ed25519 signature algorithm.
 Package ed25519 implements the Ed25519 signature algorithm.
ed25519/internal/edwards25519
hkdf
Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
 Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
md4
Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
 Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
nacl/box
Package box authenticates and encrypts messages using public-key cryptography.
 Package box authenticates and encrypts messages using public-key cryptography.
nacl/secretbox
Package secretbox encrypts and authenticates small messages.
 Package secretbox encrypts and authenticates small messages.
ocsp
Package ocsp parses OCSP responses as specified in RFC 2560.
 Package ocsp parses OCSP responses as specified in RFC 2560.
openpgp
Package openpgp implements high level operations on OpenPGP messages.
 Package openpgp implements high level operations on OpenPGP messages.
openpgp/armor
Package armor implements OpenPGP ASCII Armor, see RFC 4880.
 Package armor implements OpenPGP ASCII Armor, see RFC 4880.
openpgp/clearsign
Package clearsign generates and processes OpenPGP, clear-signed data.
 Package clearsign generates and processes OpenPGP, clear-signed data.
openpgp/elgamal
Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.
 Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.
openpgp/errors
Package errors contains common error types for the OpenPGP packages.
 Package errors contains common error types for the OpenPGP packages.
openpgp/packet
Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
 Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
openpgp/s2k
Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.
 Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.
otr
Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
 Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
pbkdf2
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
 Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
pkcs12
Package pkcs12 implements some of PKCS#12.
 Package pkcs12 implements some of PKCS#12.
pkcs12/internal/rc2
Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.
 Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.
poly1305
Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
 Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
ripemd160
Package ripemd160 implements the RIPEMD-160 hash algorithm.
 Package ripemd160 implements the RIPEMD-160 hash algorithm.
salsa20
Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.
 Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.
salsa20/salsa
Package salsa provides low-level access to functions in the Salsa family.
 Package salsa provides low-level access to functions in the Salsa family.
scrypt
Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
 Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
sha3
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
 Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
ssh
Package ssh implements an SSH client and server.
 Package ssh implements an SSH client and server.
ssh/agent
Package agent implements the ssh-agent protocol, and provides both a client and a server.
 Package agent implements the ssh-agent protocol, and provides both a client and a server.
ssh/knownhosts
Package knownhosts implements a parser for the OpenSSH known_hosts host key database.
 Package knownhosts implements a parser for the OpenSSH known_hosts host key database.
ssh/terminal
Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
 Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
ssh/test
This package contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.
 This package contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.
tea
twofish
Package twofish implements Bruce Schneier's Twofish encryption algorithm.
 Package twofish implements Bruce Schneier's Twofish encryption algorithm.
xtea
Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."
 Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."
xts
Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
 Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
osl
Package osl implements the Obfuscated Server List (OSL) mechanism.
 Package osl implements the Obfuscated Server List (OSL) mechanism.
paver
Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.
 Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.
Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).
 Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).
Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.
 Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.
tls
Package tls partially implements TLS 1.2, as specified in RFC 5246.
 Package tls partially implements TLS 1.2, as specified in RFC 5246.
cipherhw
Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present.
 Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present.
Package tun is an IP packet tunnel server and client.
 Package tun is an IP packet tunnel server and client.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.