handshake

package
v4.14.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 6, 2019 License: MIT, MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrOpenerNotYetAvailable = errors.New("CryptoSetup: opener at this encryption level not yet available")

ErrOpenerNotYetAvailable is returned when an opener is requested for an encryption level, but the corresponding opener has not yet been initialized This can happen when packets arrive out of order.

Functions

func NewInitialAEAD

func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Sealer, Opener, error)

NewInitialAEAD creates a new AEAD for Initial encryption / decryption.

Types

type ConnectionState

type ConnectionState struct {
	HandshakeComplete bool                // handshake is complete
	ServerName        string              // server name requested by client, if any (server side only)
	PeerCertificates  []*x509.Certificate // certificate chain presented by remote peer
}

ConnectionState records basic details about the QUIC connection. Warning: This API should not be considered stable and might change soon.

type Cookie struct {
	RemoteAddr               string
	OriginalDestConnectionID protocol.ConnectionID
	// The time that the Cookie was issued (resolution 1 second)
	SentTime time.Time
}

A Cookie is derived from the client address and can be used to verify the ownership of this address.

type CookieGenerator

type CookieGenerator struct {
	// contains filtered or unexported fields
}

A CookieGenerator generates Cookies

func NewCookieGenerator

func NewCookieGenerator() (*CookieGenerator, error)

NewCookieGenerator initializes a new CookieGenerator

func (*CookieGenerator) DecodeToken

func (g *CookieGenerator) DecodeToken(encrypted []byte) (*Cookie, error)

DecodeToken decodes a Cookie

func (*CookieGenerator) NewToken

func (g *CookieGenerator) NewToken(raddr net.Addr, origConnID protocol.ConnectionID) ([]byte, error)

NewToken generates a new Cookie for a given source address

type CryptoSetup

type CryptoSetup interface {
	RunHandshake() error
	io.Closer

	HandleMessage([]byte, protocol.EncryptionLevel) bool
	ConnectionState() ConnectionState

	GetSealer() (protocol.EncryptionLevel, Sealer)
	GetSealerWithEncryptionLevel(protocol.EncryptionLevel) (Sealer, error)
	GetOpener(protocol.EncryptionLevel) (Opener, error)
}

CryptoSetup handles the handshake and protecting / unprotecting packets

func NewCryptoSetupClient

func NewCryptoSetupClient(
	initialStream io.Writer,
	handshakeStream io.Writer,
	origConnID protocol.ConnectionID,
	connID protocol.ConnectionID,
	params *TransportParameters,
	handleParams func(*TransportParameters),
	tlsConf *tls.Config,
	initialVersion protocol.VersionNumber,
	supportedVersions []protocol.VersionNumber,
	currentVersion protocol.VersionNumber,
	logger utils.Logger,
	perspective protocol.Perspective,
) (CryptoSetup, <-chan struct{}, error)

NewCryptoSetupClient creates a new crypto setup for the client

func NewCryptoSetupServer

func NewCryptoSetupServer(
	initialStream io.Writer,
	handshakeStream io.Writer,
	connID protocol.ConnectionID,
	params *TransportParameters,
	handleParams func(*TransportParameters),
	tlsConf *tls.Config,
	supportedVersions []protocol.VersionNumber,
	currentVersion protocol.VersionNumber,
	logger utils.Logger,
	perspective protocol.Perspective,
) (CryptoSetup, error)

NewCryptoSetupServer creates a new crypto setup for the server

type Opener

type Opener interface {
	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
	DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
}

Opener opens a packet

type Sealer

type Sealer interface {
	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
	EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
	Overhead() int
}

Sealer seals a packet

type TransportParameters

type TransportParameters struct {
	InitialMaxStreamDataBidiLocal  protocol.ByteCount
	InitialMaxStreamDataBidiRemote protocol.ByteCount
	InitialMaxStreamDataUni        protocol.ByteCount
	InitialMaxData                 protocol.ByteCount

	MaxPacketSize protocol.ByteCount

	MaxUniStreams  uint64
	MaxBidiStreams uint64

	IdleTimeout      time.Duration
	DisableMigration bool

	StatelessResetToken  []byte
	OriginalConnectionID protocol.ConnectionID
}

TransportParameters are parameters sent to the peer during the handshake

func (*TransportParameters) String

func (p *TransportParameters) String() string

String returns a string representation, intended for logging.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL