negotiation

package

v0.0.0-...-c2cfddd Latest Latest Go to latest Published: Nov 17, 2019 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bgokden/gossip-to-gossip

Links

Open Source Insights

README ¶

Negotiation

Decentralised communication channel requires a pre-negotiation where both of the nodes don't trust each other but the communication is possible.

For this, I added a negotiation package where users try to validate each other before exchanging certificates and uplifting communication to the actual gossip channel.

Structures

For this nodes share some pre-shared knowledge with each other:

A RSA Private Key
A RSA Public Key
A byte array prefix

This pre-shared data is called PredefinedKey in negotiation package.

Negotiation is handled with three phase handshake so a negotiation session is created.

NegotiationSession has two parameter in negotiation package:

A PredefinedKey
A byte array message

Assuming Node 1 and Node 2 has the same PredefinedKey.

Node 1 creates a NegotiationSession with random test as session message.
Node 1 encrypts and sends as message 1.
Node 2 decrypts message 1, add prefix to the session message and send it back as message 2.
Node 1 decrypts message 2 and compares the result to prefix prepended to the session message.

Security:

All messages are encrypted with random data, so it is not possible to crack the communication with brute force attack.
Each session has a different session message so communication is totally different.
Request and response has different data inside so it is not possible to create, even if the node 2 is a fake server, node 2 can not try replaying the first message to another node.

Documentation ¶

Index ¶

func RandomBytes(n int) []byte
type NegotiationSession
type PredefinedKey
- func NewPredefinedKey(private *rsa.PrivateKey, prefix []byte) *PredefinedKey
- func NewRandomPredefinedKey() *PredefinedKey

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func RandomBytes ¶

func RandomBytes(n int) []byte

RandomBytes generates cryptographically secure pseudorandom numbers byte array

Types ¶

type NegotiationSession ¶

type NegotiationSession struct {
	// contains filtered or unexported fields
}

func (*NegotiationSession) Get ¶

func (ns *NegotiationSession) Get() ([]byte, error)

func (*NegotiationSession) Validate ¶

func (ns *NegotiationSession) Validate(message []byte) (bool, error)

func (*NegotiationSession) ValidateWithPrefix ¶

func (ns *NegotiationSession) ValidateWithPrefix(prefix []byte, message []byte) (bool, error)

type PredefinedKey ¶

type PredefinedKey struct {
	// contains filtered or unexported fields
}

func NewPredefinedKey ¶

func NewPredefinedKey(private *rsa.PrivateKey, prefix []byte) *PredefinedKey

func NewRandomPredefinedKey ¶

func NewRandomPredefinedKey() *PredefinedKey

func (*PredefinedKey) CreateNegotiationSession ¶

func (pk *PredefinedKey) CreateNegotiationSession() *NegotiationSession

func (*PredefinedKey) Decrypt ¶

func (pk *PredefinedKey) Decrypt(encrypted []byte) ([]byte, error)

func (*PredefinedKey) Encrypt ¶

func (pk *PredefinedKey) Encrypt(message []byte) ([]byte, error)

func (*PredefinedKey) EncryptWithPrefix ¶

func (pk *PredefinedKey) EncryptWithPrefix(message []byte) ([]byte, error)

Source Files ¶

View all Source files

negotiation.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL