Documentation
¶
Index ¶
- Variables
- func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (LongHeaderSealer, LongHeaderOpener)
- type CryptoSetup
- type LongHeaderOpener
- type LongHeaderSealer
- type PreferredAddress
- type ShortHeaderOpener
- type ShortHeaderSealer
- type Token
- type TokenGenerator
- type TransportParameters
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrKeysNotYetAvailable is returned when an opener or a sealer is requested for an encryption level, // but the corresponding opener has not yet been initialized // This can happen when packets arrive out of order. ErrKeysNotYetAvailable = errors.New("CryptoSetup: keys at this encryption level not yet available") // ErrKeysDropped is returned when an opener or a sealer is requested for an encryption level, // but the corresponding keys have already been dropped. ErrKeysDropped = errors.New("CryptoSetup: keys were already dropped") // ErrDecryptionFailed is returned when the AEAD fails to open the packet. ErrDecryptionFailed = errors.New("decryption failed") )
Functions ¶
func NewInitialAEAD ¶ added in v0.11.0
func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (LongHeaderSealer, LongHeaderOpener)
NewInitialAEAD creates a new AEAD for Initial encryption / decryption.
Types ¶
type CryptoSetup ¶
type CryptoSetup interface {
RunHandshake()
io.Closer
ChangeConnectionID(protocol.ConnectionID)
HandleMessage([]byte, protocol.EncryptionLevel) bool
SetLargest1RTTAcked(protocol.PacketNumber)
ConnectionState() tls.ConnectionState
GetInitialOpener() (LongHeaderOpener, error)
GetHandshakeOpener() (LongHeaderOpener, error)
Get1RTTOpener() (ShortHeaderOpener, error)
GetInitialSealer() (LongHeaderSealer, error)
GetHandshakeSealer() (LongHeaderSealer, error)
Get1RTTSealer() (ShortHeaderSealer, error)
}
CryptoSetup handles the handshake and protecting / unprotecting packets
func NewCryptoSetupClient ¶
func NewCryptoSetupClient( initialStream io.Writer, handshakeStream io.Writer, oneRTTStream io.Writer, connID protocol.ConnectionID, localAddr net.Addr, remoteAddr net.Addr, tp *TransportParameters, runner handshakeRunner, tlsConf *tls.Config, rttStats *congestion.RTTStats, logger utils.Logger, ) (CryptoSetup, <-chan struct{})
NewCryptoSetupClient creates a new crypto setup for the client
func NewCryptoSetupServer ¶ added in v0.11.0
func NewCryptoSetupServer( initialStream io.Writer, handshakeStream io.Writer, oneRTTStream io.Writer, connID protocol.ConnectionID, localAddr net.Addr, remoteAddr net.Addr, tp *TransportParameters, runner handshakeRunner, tlsConf *tls.Config, rttStats *congestion.RTTStats, logger utils.Logger, ) CryptoSetup
NewCryptoSetupServer creates a new crypto setup for the server
type LongHeaderOpener ¶ added in v0.12.0
type LongHeaderOpener interface {
Open(dst, src []byte, pn protocol.PacketNumber, associatedData []byte) ([]byte, error)
// contains filtered or unexported methods
}
LongHeaderOpener opens a long header packet
type LongHeaderSealer ¶ added in v0.12.0
type LongHeaderSealer interface {
Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
Overhead() int
}
LongHeaderSealer seals a long header packet
type PreferredAddress ¶ added in v0.14.0
type PreferredAddress struct {
IPv4 net.IP
IPv4Port uint16
IPv6 net.IP
IPv6Port uint16
ConnectionID protocol.ConnectionID
StatelessResetToken [16]byte
}
PreferredAddress is the value encoding in the preferred_address transport parameter
type ShortHeaderOpener ¶ added in v0.12.0
type ShortHeaderOpener interface {
Open(dst, src []byte, rcvTime time.Time, pn protocol.PacketNumber, kp protocol.KeyPhaseBit, associatedData []byte) ([]byte, error)
// contains filtered or unexported methods
}
ShortHeaderOpener opens a short header packet
type ShortHeaderSealer ¶ added in v0.12.0
type ShortHeaderSealer interface {
LongHeaderSealer
KeyPhase() protocol.KeyPhaseBit
}
ShortHeaderSealer seals a short header packet
type Token ¶ added in v0.12.0
type Token struct {
IsRetryToken bool
RemoteAddr string
SentTime time.Time
// only set for retry tokens
OriginalDestConnectionID protocol.ConnectionID
}
A Token is derived from the client address and can be used to verify the ownership of this address.
type TokenGenerator ¶ added in v0.12.0
type TokenGenerator struct {
// contains filtered or unexported fields
}
A TokenGenerator generates tokens
func NewTokenGenerator ¶ added in v0.12.0
func NewTokenGenerator() (*TokenGenerator, error)
NewTokenGenerator initializes a new TookenGenerator
func (*TokenGenerator) DecodeToken ¶ added in v0.12.0
func (g *TokenGenerator) DecodeToken(encrypted []byte) (*Token, error)
DecodeToken decodes a token
func (*TokenGenerator) NewRetryToken ¶ added in v0.12.0
func (g *TokenGenerator) NewRetryToken(raddr net.Addr, origConnID protocol.ConnectionID) ([]byte, error)
NewRetryToken generates a new token for a Retry for a given source address
type TransportParameters ¶
type TransportParameters struct {
InitialMaxStreamDataBidiLocal protocol.ByteCount
InitialMaxStreamDataBidiRemote protocol.ByteCount
InitialMaxStreamDataUni protocol.ByteCount
InitialMaxData protocol.ByteCount
MaxAckDelay time.Duration
AckDelayExponent uint8
DisableMigration bool
MaxPacketSize protocol.ByteCount
MaxUniStreamNum protocol.StreamNum
MaxBidiStreamNum protocol.StreamNum
IdleTimeout time.Duration
PreferredAddress *PreferredAddress
StatelessResetToken *[16]byte
OriginalConnectionID protocol.ConnectionID
ActiveConnectionIDLimit uint64
}
TransportParameters are parameters sent to the peer during the handshake
func (*TransportParameters) Marshal ¶ added in v0.11.0
func (p *TransportParameters) Marshal() []byte
Marshal the transport parameters
func (*TransportParameters) String ¶ added in v0.8.0
func (p *TransportParameters) String() string
String returns a string representation, intended for logging.
func (*TransportParameters) Unmarshal ¶ added in v0.11.0
func (p *TransportParameters) Unmarshal(data []byte, sentBy protocol.Perspective) error
Unmarshal the transport parameters
Source Files
Click to show internal directories.
Click to hide internal directories.