crypto

package
Version: v0.0.0-...-986d81d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 20, 2018 License: MPL-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package crypto contains the structs and logic that form the basis of quantum's cryptographic functionality.

The following cryptographic functionality is fully supported:

- ecdh 'curve25519'
- aes  'aes256-gcm'
- dtls 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384'

Index

Constants

View Source
const (
	// SaltLength is the length that the passed in salt slice should be for AES objects.
	SaltLength = 32
)

Variables

This section is empty.

Functions

func DestroyDTLS

func DestroyDTLS()

DestroyDTLS will safely terminate and free all openssl data.

func GenerateECKeyPair

func GenerateECKeyPair() ([]byte, []byte)

GenerateECKeyPair - Generates a new eliptical curve key-pair using curve25519 as the underlying cryptographic function.

func GenerateSharedSecret

func GenerateSharedSecret(pubkey, privkey []byte) []byte

GenerateSharedSecret - Generates a shared secret based on the supplied public/private curve25519 eliptical curve keys.

func InitDTLS

func InitDTLS()

InitDTLS setups and configures the openssl libraries.

Types

type AES

type AES struct {
	// contains filtered or unexported fields
}

AES represents an aes-256-gcm AEAD cipher object.

func NewAES

func NewAES(secret, salt []byte) (*AES, error)

NewAES returns a new AEAD based cipher object based on the passed in secret and salt.

func (*AES) Decrypt

func (crypt *AES) Decrypt(data []byte, additional []byte) (int, error)

Decrypt takes the data buffer and decrypts it and verifies the additional data.

additional and data must be the same buffers passed to Encrypt.

func (*AES) DecryptedSize

func (crypt *AES) DecryptedSize(data []byte) int

DecryptedSize returns the minimum size of the data buffer for encryption, which includes the gcm tag size + nonce size.

func (*AES) Encrypt

func (crypt *AES) Encrypt(data []byte, length int, additional []byte) (int, error)

Encrypt takes the data buffer and encrypts up to length bytes in place, while injecting the nonce and gcm tag at the end and signing the additional data.

additional may be nil.

func (*AES) EncryptedSize

func (crypt *AES) EncryptedSize(data []byte) int

EncryptedSize returns the minimum size of the data buffer for encryption, which includes the gcm tag size + nonce size.

type DTLSContext

type DTLSContext struct {
	// contains filtered or unexported fields
}

DTLSContext is a wrapper around a cgo struct implementing a DTLS context via openssl.

func NewClientDTLSContext

func NewClientDTLSContext(addr string, useV6 bool, verifyPeer bool, ca string, cert string, key string) (*DTLSContext, error)

NewClientDTLSContext creates a new client based DTLS struct which is ready to connect to remote nodes.

func NewServerDTLSContext

func NewServerDTLSContext(fd int, addr string, port int, useV6 bool, verifyPeer bool, ca string, cert string, key string) (*DTLSContext, error)

NewServerDTLSContext creates a new server based DTLS struct which is ready to accept connections from remote nodes.

func (*DTLSContext) Accept

func (dtls *DTLSContext) Accept() (*DTLSSession, error)

Accept will handle opening new DTLS sessions from remote nodes.

func (*DTLSContext) Close

func (dtls *DTLSContext) Close()

Close destroys all traces of the DTLS struct.

func (*DTLSContext) Connect

func (dtls *DTLSContext) Connect(addr string, port int) (*DTLSSession, error)

Connect will handle opening a new DTLS session with a remote node.

type DTLSSession

type DTLSSession struct {
	Fd int
	// contains filtered or unexported fields
}

DTLSSession is a wrapper around a cgo struct implementing a DTLS session via openssl.

func (*DTLSSession) Close

func (session *DTLSSession) Close()

Close destroys all traces of the DTLSSession struct.

func (*DTLSSession) Read

func (session *DTLSSession) Read(buf []byte) (int, bool)

Read will read bytes from the session up to the size of the provided buffer.

func (*DTLSSession) Write

func (session *DTLSSession) Write(buf []byte) (int, bool)

Write will write the bytes from the provided buffer to the session.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL