Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AEAD ¶
type AEAD interface {
Open(packetNumber protocol.PacketNumber, associatedData []byte, ciphertext []byte) ([]byte, error)
Seal(packetNumber protocol.PacketNumber, associatedData []byte, plaintext []byte) []byte
}
An AEAD implements QUIC's authenticated encryption and associated data
func DeriveKeysChacha20 ¶
func DeriveKeysChacha20(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error)
DeriveKeysChacha20 derives the client and server keys and creates a matching chacha20poly1305 instance
type KeyExchange ¶
type KeyExchange interface {
PublicKey() []byte
}
KeyExchange manages the exchange of keys
func NewCurve25519KEX ¶
func NewCurve25519KEX() (KeyExchange, error)
NewCurve25519KEX creates a new KeyExchange using Curve25519, see https://cr.yp.to/ecdh.html
type NullAEAD ¶
type NullAEAD struct{}
NullAEAD handles not-yet encrypted packets
type Signer ¶
type Signer interface {
SignServerProof(sni string, chlo []byte, serverConfigData []byte) ([]byte, error)
GetCertsCompressed(sni string, commonSetHashes, cachedHashes []byte) ([]byte, error)
GetLeafCert(sni string) ([]byte, error)
}
A Signer holds a certificate and a private key
type StkSource ¶
type StkSource interface {
// NewToken creates a new token for a given IP address
NewToken(ip net.IP) ([]byte, error)
// VerifyToken verifies if a token matches a given IP address and is not outdated
VerifyToken(ip net.IP, data []byte) error
}
StkSource is used to create and verify source address tokens
func NewStkSource ¶
NewStkSource creates a source for source address tokens
Source Files
Click to show internal directories.
Click to hide internal directories.