ntske

package module
Version: v0.0.0-...-e09fea3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 6, 2020 License: ISC Imports: 10 Imported by: 2

README

Network Time Security Key Exchange Protocol

Network Time Security (NTS) is a development of the venerable Network Time Protocol (NTP). NTS defines a separate Network Time Security Key Establishment (NTS-KE) protocol to set up keys and initial cookies. This is an implementation of NTS-KE in Golang.

This project is a part of an NTS implementation. Other parts:

Documentation

Index

Constants

View Source
const (
	RecEom       uint16 = 0
	RecNextproto uint16 = 1
	RecError     uint16 = 2
	RecWarning   uint16 = 3
	RecAead      uint16 = 4
	RecCookie    uint16 = 5
	RecServer    uint16 = 6
	RecPort      uint16 = 7
)

NTS-KE record types

View Source
const (
	AES_SIV_CMAC_256   = 0x0f
	DEFAULT_NTSKE_PORT = 4460
	DEFAULT_NTP_PORT   = 123
)
View Source
const NTPv4 uint16 = 0

Variables

This section is empty.

Functions

This section is empty.

Types

type Algorithm

type Algorithm struct {
	RecordHdr
	Algo []uint16
}

Algorithm is the record type for a list of AEAD algorithm we can use.

type Cookie struct {
	RecordHdr
	Cookie []byte
}

Cookie is an NTS cookie to be used when querying time over NTS.

type Data

type Data struct {
	C2sKey []byte
	S2cKey []byte
	Server string
	Port   uint16
	Cookie [][]byte
	Algo   uint16
}

Data is negotiated data from the Key Exchange

type End

type End struct {
	RecordHdr
}

End is the End of Message record.

type Error

type Error struct {
	RecordHdr
	Code uint16
}

Error is the record type to send errors to the other end. Put error code in Code.

type ExchangeMsg

type ExchangeMsg struct {
	Record []Record
}

ExchangeMsg is a representation of a series of records to be sent to the peer.

func (*ExchangeMsg) AddRecord

func (m *ExchangeMsg) AddRecord(rec Record)

AddRecord adda new record type to a Key Exchange message.

func (ExchangeMsg) Pack

func (m ExchangeMsg) Pack() (buf *bytes.Buffer, err error)

Pack allocates a buffer and packs all records into wire format in that buffer.

func (ExchangeMsg) String

func (m ExchangeMsg) String()

String prints a description of all recortds in the Key Exchange message.

type KeyExchange

type KeyExchange struct {
	Conn *tls.Conn

	Meta  Data
	Debug bool
	// contains filtered or unexported fields
}

KeyExchange is Network Time Security Key Exchange connection

func Connect

func Connect(hostport string, config *tls.Config, debug bool) (*KeyExchange, error)

Connect connects to host:port and establishes an NTS-KE connection. If :port is left out, protocol default port is used. No further action is done.

func NewListener

func NewListener(listener net.Listener) (*KeyExchange, error)

func (*KeyExchange) Exchange

func (ke *KeyExchange) Exchange() error

Exchange initiates a client exchange using sane defaults on a connection already established with Connect(). After a succesful run negotiated data is in ke.Meta.

func (*KeyExchange) ExportKeys

func (ke *KeyExchange) ExportKeys() error

ExportKeys exports two extra sessions keys from the already established NTS-KE connection for use with NTS.

func (*KeyExchange) Read

func (ke *KeyExchange) Read() error

Read reads incoming NTS-KE messages until an End of Message record is received or an error occur. It fills out the ke.Meta structure with negotiated data.

type NextProto

type NextProto struct {
	RecordHdr
	NextProto uint16
}

NextProto record. Tells the other side we want to speak NTP, probably. Set to 0.

type Port

type Port struct {
	RecordHdr
	Port     uint16
	Critical bool
}

Port is the NTP Port record, telling the client to use this port for the next protocol query. Critical bit is optional. Set Critical to true if you want it set.

type Record

type Record interface {
	Header() RecordHdr
	// contains filtered or unexported methods
}

Record is the interface all record types must implement. Header() returns the record header. string() returns a printable representation of the record type. pack() packs the record into wire format.

type RecordHdr

type RecordHdr struct {
	Type    uint16 // First bit is Critical bit
	BodyLen uint16
}

RecordHdr is the header on all records send in NTS-KE. The first bit of the Type is the critical bit.

func (RecordHdr) Header

func (h RecordHdr) Header() RecordHdr

type Server

type Server struct {
	RecordHdr
	Addr     []byte
	Critical bool
}

Server is the NTP Server record, telling the client to use a certain server for the next protocol query. Critical bit is optional. Set Critical to true if you want it set.

type Warning

type Warning struct {
	RecordHdr
	Code uint16
}

Warning is the record type to send warnings to the other end. Put warning code in Code.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL