README
¶
handshake
Decentrallized & Privacy Communication, Protocol For Handshake.
handshake protocol provide a secure-channel based on a a mutually authenticating key agreement handshake, with forward secure identity metadata. based on http://dominictarr.github.io/secret-handshake-paper/shs.pdf
the step follows: Starting keys, upon starting the handshake, the client and server know these keys: 1 Client hello
2 Server hello
Shared secret derivation
3 Client authenticate
Shared secret derivation
4 Server accept
handshake complete
Documentation
¶
Index ¶
- Constants
- func ClientHandShake(peerstate *PeerState, conn io.ReadWriter) error
- func PrivateKeyToCurve25519(curve25519PrivateKey *[32]byte, ed25519PrivateKey ed25519.PrivateKey)
- func PublicKeyToCurve25519(curveBytes *[32]byte, edBytes ed25519.PublicKey) bool
- func ServerHandShake(peerstate *PeerState, conn io.ReadWriter) (err error)
- type Curve25519KeyPair
- type Ed25519KeyPair
- type ErrProcessing
- type PeerAddr
- type PeerState
Constants ¶
const ChallengeLength = 64
ChallengeLength is the length of a challenge message in bytes
const ClientAuthLength = 16 + 32 + 64
ClientAuthLength is the length of a clientAuth message in bytes
const MACLength = 16
MACLength is the length of a MAC in bytes
const NetworkString = "shs-dpc"
NetworkString define the network id of this protocol, can be used with newwrap to wap the underlying connection.
const ServerAuthLength = 16 + 64
ServerAuthLength is the length of a serverAuth message in bytes
Variables ¶
This section is empty.
Functions ¶
func ClientHandShake ¶
func ClientHandShake(peerstate *PeerState, conn io.ReadWriter) error
ClientHandShake client role use the cryptographic identity when hand shake
func PrivateKeyToCurve25519 ¶
func PrivateKeyToCurve25519(curve25519PrivateKey *[32]byte, ed25519PrivateKey ed25519.PrivateKey)
PrivateKeyToCurve25519 converts an ed25519 private key into a corresponding curve25519 private key calculates a private key from a seed. This function is provided for interoperabilitywith RFC 8032. RFC 8032's private keys correspond to seeds in this package.
func PublicKeyToCurve25519 ¶
PublicKeyToCurve25519 converts an Ed25519 public key into the curve25519 public key that would be generated from the same private key.
func ServerHandShake ¶
func ServerHandShake(peerstate *PeerState, conn io.ReadWriter) (err error)
Server shakes hands using the cryptographic identity specified in s using conn in the server role
Types ¶
type Curve25519KeyPair ¶
Curve25519KeyPair
type Ed25519KeyPair ¶
type Ed25519KeyPair struct {
Secret ed25519.PrivateKey
Public ed25519.PublicKey
}
Ed25519KeyPair is a keypair implements the Ed25519 signature algorithm. See https://ed25519.cr.yp.to
func GenerateEd25519KeyPair ¶
func GenerateEd25519KeyPair(r io.Reader) (*Ed25519KeyPair, error)
GenerateEd25519KeyPair generates a ed25519 keyPair using the passed reader
func NewEd25519KeyPair ¶
func NewEd25519KeyPair(secret, public []byte) (*Ed25519KeyPair, error)
type ErrProcessing ¶
type ErrProcessing struct {
// contains filtered or unexported fields
}
ErrProcessing is returned if I/O fails during the handshake
type PeerAddr ¶
type PeerAddr struct {
PublicKey []byte
}
PeerAddr wrapps peer's publick key and NetworkID
type PeerState ¶
type PeerState struct {
// contains filtered or unexported fields
}
PeerState define the state each peer holds during the handshark
func NewClientPeerState ¶
func NewClientPeerState(networkIdentifier []byte, local Ed25519KeyPair, remotePublic ed25519.PublicKey) (*PeerState, error)
NewClientState initializes the state for the client side the client must know the server’s public key before connecting.
func NewServerPeerState ¶
func NewServerPeerState(networkIdentifier []byte, local Ed25519KeyPair) (*PeerState, error)
NewClientState initializes the state for the client side the server learns the client’s public key during the handshake.
Source Files