Documentation
¶
Overview ¶
Package crypto contains the structs and logic that form the basis of quantum's cryptographic functionality.
The following cryptographic functionality is fully supported:
- ecdh 'curve25519'
- aes 'aes256-gcm'
- dtls 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384'
Index ¶
Constants ¶
const (
// SaltLength is the length that the passed in salt slice should be for AES objects.
SaltLength = 32
)
Variables ¶
This section is empty.
Functions ¶
func GenerateECKeyPair ¶
GenerateECKeyPair - Generates a new eliptical curve key-pair using curve25519 as the underlying cryptographic function.
func GenerateSharedSecret ¶
GenerateSharedSecret - Generates a shared secret based on the supplied public/private curve25519 eliptical curve keys.
Types ¶
type AES ¶
type AES struct {
// contains filtered or unexported fields
}
AES represents an aes-256-gcm AEAD cipher object.
func NewAES ¶
NewAES returns a new AEAD based cipher object based on the passed in secret and salt.
func (*AES) Decrypt ¶
Decrypt takes the data buffer and decrypts it and verifies the additional data.
additional and data must be the same buffers passed to Encrypt.
func (*AES) DecryptedSize ¶
DecryptedSize returns the minimum size of the data buffer for encryption, which includes the gcm tag size + nonce size.
func (*AES) Encrypt ¶
Encrypt takes the data buffer and encrypts up to length bytes in place, while injecting the nonce and gcm tag at the end and signing the additional data.
additional may be nil.
type DTLSContext ¶
type DTLSContext struct {
// contains filtered or unexported fields
}
DTLSContext is a wrapper around a cgo struct implementing a DTLS context via openssl.
func NewClientDTLSContext ¶
func NewClientDTLSContext(addr string, useV6 bool, verifyPeer bool, ca string, cert string, key string) (*DTLSContext, error)
NewClientDTLSContext creates a new client based DTLS struct which is ready to connect to remote nodes.
func NewServerDTLSContext ¶
func NewServerDTLSContext(fd int, addr string, port int, useV6 bool, verifyPeer bool, ca string, cert string, key string) (*DTLSContext, error)
NewServerDTLSContext creates a new server based DTLS struct which is ready to accept connections from remote nodes.
func (*DTLSContext) Accept ¶
func (dtls *DTLSContext) Accept() (*DTLSSession, error)
Accept will handle opening new DTLS sessions from remote nodes.
func (*DTLSContext) Close ¶
func (dtls *DTLSContext) Close()
Close destroys all traces of the DTLS struct.
func (*DTLSContext) Connect ¶
func (dtls *DTLSContext) Connect(addr string, port int) (*DTLSSession, error)
Connect will handle opening a new DTLS session with a remote node.
type DTLSSession ¶
type DTLSSession struct {
Fd int
// contains filtered or unexported fields
}
DTLSSession is a wrapper around a cgo struct implementing a DTLS session via openssl.
func (*DTLSSession) Close ¶
func (session *DTLSSession) Close()
Close destroys all traces of the DTLSSession struct.
func (*DTLSSession) Read ¶
func (session *DTLSSession) Read(buf []byte) (int, bool)
Read will read bytes from the session up to the size of the provided buffer.
func (*DTLSSession) Write ¶
func (session *DTLSSession) Write(buf []byte) (int, bool)
Write will write the bytes from the provided buffer to the session.
Source Files
¶
- aes.go
- crypto.go
- doc.go
- dtls.go
- ecdh.go