noise

package
v0.32.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 13, 2023 License: MIT, Apache-2.0, MIT Imports: 27 Imported by: 170

Documentation

Index

Constants

View Source
const ID = "/noise"

ID is the protocol ID for noise

View Source
const LengthPrefixLength = 2

LengthPrefixLength is the length of the length prefix itself, which precedes all transport messages in order to delimit them. In bytes.

MaxPlaintextLength is the maximum payload size. It is MaxTransportMsgLength minus the MAC size. Payloads over this size will be automatically chunked.

View Source
const MaxTransportMsgLength = 0xffff

MaxTransportMsgLength is the Noise-imposed maximum transport message length, inclusive of the MAC size (16 bytes, Poly1305 for noise-libp2p).

Variables

This section is empty.

Functions

func SessionWithConnState added in v0.24.0

func SessionWithConnState(s *secureSession, muxer protocol.ID) *secureSession

Types

type EarlyDataHandler added in v0.23.0

type EarlyDataHandler interface {
	// Send for the initiator is called for the client before sending the third
	// handshake message. Defines the application payload for the third message.
	// Send for the responder is called before sending the second handshake message.
	Send(context.Context, net.Conn, peer.ID) *pb.NoiseExtensions
	// Received for the initiator is called when the second handshake message
	// from the responder is received.
	// Received for the responder is called when the third handshake message
	// from the initiator is received.
	Received(context.Context, net.Conn, *pb.NoiseExtensions) error
}

EarlyDataHandler defines what the application payload is for either the second (if responder) or third (if initiator) handshake message, and defines the logic for handling the other side's early data. Note the early data in the second handshake message is encrypted, but the peer is not authenticated at that point.

type SessionOption added in v0.22.0

type SessionOption = func(*SessionTransport) error

func DisablePeerIDCheck added in v0.24.0

func DisablePeerIDCheck() SessionOption

DisablePeerIDCheck disables checking the remote peer ID for a noise connection. For outbound connections, this is the equivalent of calling `SecureInbound` with an empty peer ID. This is susceptible to MITM attacks since we do not verify the identity of the remote peer.

func EarlyData added in v0.23.0

func EarlyData(initiator, responder EarlyDataHandler) SessionOption

EarlyData sets the `EarlyDataHandler` for the initiator and responder roles. See `EarlyDataHandler` for more details.

func Prologue added in v0.22.0

func Prologue(prologue []byte) SessionOption

Prologue sets a prologue for the Noise session. The handshake will only complete successfully if both parties set the same prologue. See https://noiseprotocol.org/noise.html#prologue for details.

type SessionTransport added in v0.22.0

type SessionTransport struct {
	// contains filtered or unexported fields
}

SessionTransport can be used to provide per-connection options

func (*SessionTransport) ID added in v0.24.0

func (i *SessionTransport) ID() protocol.ID

func (*SessionTransport) SecureInbound added in v0.22.0

func (i *SessionTransport) SecureInbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureInbound runs the Noise handshake as the responder. If p is empty, connections from any peer are accepted.

func (*SessionTransport) SecureOutbound added in v0.22.0

func (i *SessionTransport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureOutbound runs the Noise handshake as the initiator.

type Transport

type Transport struct {
	// contains filtered or unexported fields
}

func New

func New(id protocol.ID, privkey crypto.PrivKey, muxers []tptu.StreamMuxer) (*Transport, error)

New creates a new Noise transport using the given private key as its libp2p identity key.

func (*Transport) ID added in v0.24.0

func (t *Transport) ID() protocol.ID

func (*Transport) SecureInbound

func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureInbound runs the Noise handshake as the responder. If p is empty, connections from any peer are accepted.

func (*Transport) SecureOutbound

func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error)

SecureOutbound runs the Noise handshake as the initiator.

func (*Transport) WithSessionOptions added in v0.22.0

func (t *Transport) WithSessionOptions(opts ...SessionOption) (*SessionTransport, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL