warpstone

package module
v0.1.2-0...-6012e40 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

README

Warpstone

Simple encrypted connection over websocket

Assumes an already secure TLS channel, do not trust the included crypto without a layer of conventional TLS over it !

Inside the already classically secure websocket over TLS channel, creates a new message channel secured by XSalsa20+Poly1305 with the shared key being the output of a combination of post-quantum SIKE and a pre shared key.

Security

No formal proof whatsoever, use at your own risk, at worst it adds nothing to the existing TLS channel, but should not diminish its security, at best it's quantum proof even if the shared secret is leaked, at worst it will still protect against most non-state actors even in a post-quantum world.

Documentation

Index

Constants

View Source 
const ErrCloseChannel = errorString("panicked when closing channel")
View Source 
const ErrCryptoNegociation = errorString("error in negociating crypto stream")
View Source 
const ErrInvalidConfig = errorString("invalid crypto config")

Variables

This section is empty.

Functions

func ConnToStream 

func ConnToStream(c Conn) (net.Conn, error)

func Listen 

func Listen(crypto *ServerCrypto, handler func(conn Conn)) func(w http.ResponseWriter, r *http.Request)

Types

type ClientCrypto 

type ClientCrypto struct {
	PSK [32]byte
	Pub sidh.PublicKey
	Kem *sidh.KEM
}

func LoadClientCrypto 

func LoadClientCrypto(data []byte) (*ClientCrypto, error)

func (*ClientCrypto) DialNats 

func (c *ClientCrypto) DialNats(url string, options ...nats.Option) (*nats.Conn, error)

func (*ClientCrypto) Save 

func (c *ClientCrypto) Save() ([]byte, error)

func (*ClientCrypto) Wrap 

func (c *ClientCrypto) Wrap(conn Conn) (Conn, error)

type Conn 

type Conn interface {
	Send(msg []byte) error
	Recv() ([]byte, error)
	io.Closer
}

func Dial 

func Dial(crypto *ClientCrypto, url string) (Conn, error)

type NetConn 

type NetConn struct {
	// contains filtered or unexported fields
}

func (*NetConn) Close 

func (m *NetConn) Close() error

func (*NetConn) LocalAddr 

func (m *NetConn) LocalAddr() net.Addr

func (*NetConn) Read 

func (m *NetConn) Read(p []byte) (n int, err error)

func (*NetConn) RemoteAddr 

func (m *NetConn) RemoteAddr() net.Addr

func (*NetConn) SetDeadline 

func (m *NetConn) SetDeadline(_ time.Time) error

func (*NetConn) SetReadDeadline 

func (m *NetConn) SetReadDeadline(_ time.Time) error

func (*NetConn) SetWriteDeadline 

func (m *NetConn) SetWriteDeadline(_ time.Time) error

func (*NetConn) Write 

func (m *NetConn) Write(p []byte) (n int, err error)

type ServerCrypto 

type ServerCrypto struct {
	PSK [32]byte
	Key sidh.PrivateKey
	Pub sidh.PublicKey
	Kem *sidh.KEM
}

func LoadServerCrypto 

func LoadServerCrypto(data []byte) (*ServerCrypto, error)

func NewServerCrypto 

func NewServerCrypto() (*ServerCrypto, error)

func (*ServerCrypto) Save 

func (c *ServerCrypto) Save() ([]byte, error)

func (*ServerCrypto) Wrap 

func (s *ServerCrypto) Wrap(conn Conn) (Conn, error)

type WSConn 

type WSConn struct {
	// contains filtered or unexported fields
}

func (*WSConn) Close 

func (W *WSConn) Close() error

func (*WSConn) Recv 

func (W *WSConn) Recv() ([]byte, error)

func (*WSConn) Send 

func (W *WSConn) Send(msg []byte) error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.