dtls

package module
v0.0.0-...-4ef9c2a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 19, 2019 License: MIT Imports: 17 Imported by: 0

README

dtls

Build Status Coverage GoDoc License ReportCard

https://github.com/bocajim/dtls

This package implements a RFC-4347 compliant DTLS client and server. NOTE: This library is under active development and is not yet stable enough to be used in production.

Key Features

  • Pure go, no CGo
  • Supports both client and server via UDP
  • Supports TLS_PSK_WITH_AES_128_CCM_8 cipher RFC-6655
  • Supports pre-shared key authentication, does not support certificate based authentication
  • Supports DTLS session resumption
  • Designed for OMA LWM2M comliance LWM2M

TODO

  • Implement session renegotiation
  • Implement packet retransmission for handshake
  • Implement out of order handshake processing
  • Implement replay detection
  • Implement client hello stateless cookie handling
  • Improve parallel processing of incoming packets
  • Add interface for custom DTLS session cache storage

Samples

Keystore

	mks := keystore.NewMemoryKeyStore()
	keystore.SetKeyStores([]keystore.KeyStore{mks})
	psk, _ := hex.DecodeString("00112233445566")
	mks.AddKey("myIdentity", psk)

Sample Client

	listener, _ = NewUdpListener(":6000", time.Second*5)
	peer, err := listener.AddPeer("127.0.0.1:5684", "myIdentity")

	err = peer.Write("hello world")
	data, rsp := listener.Read()

Documentation

http://godoc.org/github.com/bocajim/dtls

License

MIT

Documentation

Index

Constants

View Source 
const (
	AlertType_Warning                uint8 = 1
	AlertType_Fatal                  uint8 = 2
	AlertDesc_CloseNotify            uint8 = 0
	AlertDesc_UnexpectedMessage      uint8 = 10
	AlertDesc_BadRecordMac           uint8 = 20
	AlertDesc_DecryptionFailed       uint8 = 21
	AlertDesc_RecordOverflow         uint8 = 22
	AlertDesc_DecompressionFailure   uint8 = 30
	AlertDesc_HandshakeFailure       uint8 = 40
	AlertDesc_NoCertificate          uint8 = 41
	AlertDesc_BadCertificate         uint8 = 42
	AlertDesc_UnsupportedCertificate uint8 = 43
	AlertDesc_CertificateRevoked     uint8 = 44
	AlertDesc_CertificateExpired     uint8 = 45
	AlertDesc_CertificateUnknown     uint8 = 46
	AlertDesc_IllegalParameter       uint8 = 47
	AlertDesc_UnknownCa              uint8 = 48
	AlertDesc_AccessDenied           uint8 = 49
	AlertDesc_DecodeError            uint8 = 50
	AlertDesc_DecryptError           uint8 = 51
	AlertDesc_ExportRestriction      uint8 = 60
	AlertDesc_ProtocolVersion        uint8 = 70
	AlertDesc_InsufficientSecurity   uint8 = 71
	AlertDesc_InternalError          uint8 = 80
	AlertDesc_UserCanceled           uint8 = 90
	AlertDesc_NoRenegotiation        uint8 = 100
	AlertDesc_UnsupportedExtension   uint8 = 110
	AlertDesc_Noop                   uint8 = 254
)
View Source 
const (
	LogLevelError string = "error"
	LogLevelWarn  string = "warn"
	LogLevelInfo  string = "info"
	LogLevelDebug string = "debug"
)
View Source 
const (
	ContentType_ChangeCipherSpec ContentType = 20
	ContentType_Alert                        = 21
	ContentType_Handshake                    = 22
	ContentType_Appdata                      = 23
)
View Source 
const (
	SessionType_Server string = "server"
	SessionType_Client string = "client"
)
View Source 
const (
	AadAuthLen int = 13
)
View Source 
const (
	DtlsVersion12 uint16 = 0xFEFD
)

Variables

View Source 
var DebugEncryption bool = false
View Source 
var DebugHandshake bool = false
View Source 
var DebugHandshakeHash bool = false
View Source 
var HandshakeCompleteCallback func(string, string, time.Duration, error)

This callback is invoked each time a handshake completes, if the handshake failed, the reason is stored in error

View Source 
var PeerInactivityTimeout = time.Hour * 24
View Source 
var SessionCacheSweepInterval = time.Minute * -5

set to the interval to look for expired sessions

View Source 
var SessionCacheTtl = time.Hour * 24

set to whatever you want the cache time to live to be

Functions

func DebugAll 

func DebugAll()

func GetPskFromKeystore 

func GetPskFromKeystore(identity string, remoteAddr string) []byte

func SessionCacheSize 

func SessionCacheSize() int

func SetKeyStores 

func SetKeyStores(ks []Keystore)

func SetLogFunc 

func SetLogFunc(lf LogFunc)

func SetLogLevel 

func SetLogLevel(level string)

Types

type CipherSuite 

type CipherSuite uint16
const (
	CipherSuite_TLS_PSK_WITH_AES_128_CCM_8 CipherSuite = 0xC0A8
)

type CompressionMethod 

type CompressionMethod uint8
const (
	CompressionMethod_Null CompressionMethod = 0
)

type ContentType 

type ContentType uint8

type Keystore 

type Keystore interface {
	GetPsk(identity string, remoteAddr string) ([]byte, error)
}

type KeystoreInMemory 

type KeystoreInMemory struct {
	// contains filtered or unexported fields
}

func NewKeystoreInMemory 

func NewKeystoreInMemory() *KeystoreInMemory

func (*KeystoreInMemory) AddKey 

func (ks *KeystoreInMemory) AddKey(identity string, psk []byte)

func (*KeystoreInMemory) GetPsk 

func (ks *KeystoreInMemory) GetPsk(identity string, remoteAddr string) ([]byte, error)

type Listener 

type Listener struct {
	// contains filtered or unexported fields
}

func NewUdpListener 

func NewUdpListener(listener string, readTimeout time.Duration) (*Listener, error)

func (*Listener) AddCipherSuite 

func (l *Listener) AddCipherSuite(cipherSuite CipherSuite)

func (*Listener) AddCompressionMethod 

func (l *Listener) AddCompressionMethod(compressionMethod CompressionMethod)

func (*Listener) AddPeer 

func (l *Listener) AddPeer(addr string, identity string) (*Peer, error)

func (*Listener) AddPeerWithParams 

func (l *Listener) AddPeerWithParams(params *PeerParams) (*Peer, error)

func (*Listener) CountPeers 

func (l *Listener) CountPeers() int

func (*Listener) FindPeer 

func (l *Listener) FindPeer(addr string) (*Peer, error)

func (*Listener) Read 

func (l *Listener) Read() ([]byte, *Peer)

func (*Listener) RemovePeer 

func (l *Listener) RemovePeer(peer *Peer, alertDesc uint8) error

func (*Listener) RemovePeerByAddr 

func (l *Listener) RemovePeerByAddr(addr string, alertDesc uint8) error

func (*Listener) Shutdown 

func (l *Listener) Shutdown() error

type LogFunc 

type LogFunc func(ts time.Time, level string, peer string, msg string)

type Peer 

type Peer struct {
	// contains filtered or unexported fields
}

func (*Peer) Close 

func (p *Peer) Close(alertDesc uint8)

func (*Peer) LastActivity 

func (p *Peer) LastActivity() time.Time

func (*Peer) Lock 

func (p *Peer) Lock()

func (*Peer) Read 

func (p *Peer) Read(timeout time.Duration) ([]byte, error)

func (*Peer) RemoteAddr 

func (p *Peer) RemoteAddr() string

func (*Peer) SessionIdentity 

func (p *Peer) SessionIdentity() string

func (*Peer) Unlock 

func (p *Peer) Unlock()

func (*Peer) UseQueue 

func (p *Peer) UseQueue(en bool)

func (*Peer) Write 

func (p *Peer) Write(data []byte) error

type PeerParams 

type PeerParams struct {
	Addr             string
	Identity         string
	HandshakeTimeout time.Duration
	SessionId        []byte
}

type Transport 

type Transport interface {
	Type() string
	Local() string
	Shutdown() error
	NewPeer(address string) TransportPeer
	ReadPacket() ([]byte, TransportPeer, error)
}

type TransportPeer 

type TransportPeer interface {
	String() string
	WritePacket(data []byte) error
}

func NewUdpPeerFromSocket 

func NewUdpPeerFromSocket(socket *net.UDPConn, addr *net.UDPAddr) TransportPeer

Source Files

View all Source files

Directories

Path Synopsis
Package ccm implements a CCM, Counter with CBC-MAC as per RFC 3610.
 Package ccm implements a CCM, Counter with CBC-MAC as per RFC 3610.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.