README
¶
This package includes some code from tendermint's p2p.conn package for accepting ECDSA public key to establish a secret connection. The original implementation accepts only EdDSA public keys.
Documentation
¶
Index ¶
- Variables
- type SecretConnection
- func (sc *SecretConnection) Close() error
- func (sc *SecretConnection) LocalAddr() net.Addr
- func (sc *SecretConnection) Read(data []byte) (n int, err error)
- func (sc *SecretConnection) RemoteAddr() net.Addr
- func (sc *SecretConnection) RemotePubKey() crypto.PubKey
- func (sc *SecretConnection) SetDeadline(t time.Time) error
- func (sc *SecretConnection) SetReadDeadline(t time.Time) error
- func (sc *SecretConnection) SetWriteDeadline(t time.Time) error
- func (sc *SecretConnection) Write(data []byte) (n int, err error)
Constants ¶
This section is empty.
Variables ¶
var ( ErrSmallOrderRemotePubKey = errors.New("detected low order point from remote peer") )
Functions ¶
This section is empty.
Types ¶
type SecretConnection ¶
type SecretConnection struct {
// contains filtered or unexported fields
}
SecretConnection implements net.Conn. It is an implementation of the STS protocol. See https://github.com/tendermint/tendermint/blob/0.1/docs/sts-final.pdf for details on the protocol.
Consumers of the SecretConnection are responsible for authenticating the remote peer's pubkey against known information, like a nodeID. Otherwise they are vulnerable to MITM. (TODO(ismail): see also https://github.com/tendermint/tendermint/issues/3010)
func MakeSecretConnection ¶
func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKey) (*SecretConnection, error)
MakeSecretConnection performs handshake and returns a new authenticated SecretConnection. Returns nil if there is an error in handshake. Caller should call conn.Close() See docs/sts-final.pdf for more information.
func (*SecretConnection) Close ¶
func (sc *SecretConnection) Close() error
Implements net.Conn nolint
func (*SecretConnection) LocalAddr ¶
func (sc *SecretConnection) LocalAddr() net.Addr
func (*SecretConnection) Read ¶
func (sc *SecretConnection) Read(data []byte) (n int, err error)
CONTRACT: data smaller than dataMaxSize is read atomically.
func (*SecretConnection) RemoteAddr ¶
func (sc *SecretConnection) RemoteAddr() net.Addr
func (*SecretConnection) RemotePubKey ¶
func (sc *SecretConnection) RemotePubKey() crypto.PubKey
RemotePubKey returns authenticated remote pubkey
func (*SecretConnection) SetDeadline ¶
func (sc *SecretConnection) SetDeadline(t time.Time) error
func (*SecretConnection) SetReadDeadline ¶
func (sc *SecretConnection) SetReadDeadline(t time.Time) error
func (*SecretConnection) SetWriteDeadline ¶
func (sc *SecretConnection) SetWriteDeadline(t time.Time) error
Source Files