README
¶
Se(cure) Conn(ection)
seconn is a simple golang library that provides an encrypted connection over a net.Conn.
It uses curve25519 to establish a shared key between the 2 parties and then uses AES encryption to pass the data back and forth.
How do a do any kind of authentication to prevent a MITM attack?
Check out the auth package. It uses the GetMessage/SendMessage API
to perform a signed token exchange and verifies that the server side
is using the agreed upon key.
Documentation
¶
Index ¶
- Variables
- func GenerateKey(rand io.Reader) (publicKey, privateKey *[32]byte, err error)
- type Conn
- func (c *Conn) AuthToken() []byte
- func (c *Conn) GetMessage() ([]byte, error)
- func (c *Conn) Negotiate(server bool) error
- func (c *Conn) PeerAuthToken() []byte
- func (c *Conn) Read(buf []byte) (int, error)
- func (c *Conn) RekeyNext()
- func (c *Conn) SendMessage(msg []byte) error
- func (c *Conn) Write(buf []byte) (int, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrBadHeader = errors.New("bad header")
View Source
var ErrBadRekey = errors.New("error in rekey processing")
View Source
var ErrProtocolError = errors.New("protocol error")
View Source
var KeyValidityPeriod = 1 * time.Hour
View Source
var RekeyAfterBytes = 100 * 1024 * 1024
How many bytes to write over the connection before we rekey This is bidirectional, so it will trip whenever either side has sent this ammount.
View Source
var WriteBufferSize = 128
The size of the internal encrypted write buffer
Functions ¶
Types ¶
type Conn ¶
func (*Conn) PeerAuthToken ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.