stl

package
v0.0.0-...-c94e5b3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 16, 2023 License: MIT Imports: 30 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrorInvalidFrameType = errors.New("unknown frame type")
)

Functions

func Listen 

func Listen(network, laddr string, config *Config) (net.Listener, error)

Listen creates a STL listener accepting connections on the given network address using net.Listen.

func NewListener 

func NewListener(inner net.Listener, config *Config) net.Listener

NewListener creates a Listener which accepts connections from an inner Listener and wraps each connection with Server. The configuration config must be non-nil and must include at least one certificate or else set GetCertificate.

Types

type ApplicationSuite 

type ApplicationSuite uint8
const (
	AppSuiteNotSet ApplicationSuite = iota
	AES128gcm
	AES256gcm
	Chacha20_poly1305
)

type Certificate 

type Certificate struct {
	CertificateType CertificateType
	Length          uint16
	Certificate     []byte
	Verify          []byte
}

func (*Certificate) Marshal 

func (c *Certificate) Marshal() ([]byte, error)

func (*Certificate) Unmarshal 

func (c *Certificate) Unmarshal(d []byte) error

type CertificatePair 

type CertificatePair struct {
	CertType    CertificateType
	Certificate [][]byte
	PrivateKey  crypto.PrivateKey
}

func CKIKeyPair 

func CKIKeyPair(certPEMBlock, keyPEMBlock []byte) (CertificatePair, error)

func LoadCKIKeyPair 

func LoadCKIKeyPair(certFile, keyFile string) (CertificatePair, error)

func LoadX509KeyPair 

func LoadX509KeyPair(certFile, keyFile string) (CertificatePair, error)

func X509KeyPair 

func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (CertificatePair, error)

type CertificateType 

type CertificateType uint8
const (
	CertificateType_CKI CertificateType = iota
	CertificateType_X509
)

type Config 

type Config struct {
	Hostname       string
	HostnameMode   HostnameType
	PreferredCurve HandshakeSuite
	NextProto      string

	Certificates   []CertificatePair
	ClientAuth     bool
	ClientCAPool   cki.CertPool
	GetCertificate func(*InitHello) (*CertificatePair, error)

	AllowedTimeDiff time.Duration

	Rand io.Reader
	Time func() time.Time

	SkipCertificateVerification bool
	RootCertificates            []*Certificate
}

type Conn 

type Conn struct {
	// contains filtered or unexported fields
}

func Dial 

func Dial(network, addr string, config *Config) (*Conn, error)

Dial connects to the given network address using net.Dial and then initiates a STL handshake, returning the resulting STL connection. Dial interprets a nil configuration as equivalent to the zero configuration; see the documentation of Config for the defaults.

func DialWithDialer 

func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error)

DialWithDialer connects to the given network address using dialer.Dial and then initiates a STL handshake, returning the resulting STL connection. Any timeout or deadline given in the dialer apply to connection and STL handshake as a whole.

DialWithDialer interprets a nil configuration as equivalent to the zero configuration; see the documentation of Config for the defaults.

DialWithDialer uses context.Background internally; to specify the context, use Dialer.DialContext with NetDialer set to the desired dialer.

func Initer 

func Initer(conn net.Conn, config *Config) *Conn

Initer returns a new STL init side connection using conn as the underlying transport.

func Responder 

func Responder(conn net.Conn, config *Config) *Conn

Server returns a new STL responder side connection using conn as the underlying transport.

func (*Conn) Close 

func (c *Conn) Close() error

func (*Conn) Handshake 

func (c *Conn) Handshake() error

func (*Conn) HandshakeContext 

func (c *Conn) HandshakeContext(ctx context.Context) error

func (*Conn) LocalAddr 

func (c *Conn) LocalAddr() net.Addr

LocalAddr returns the local network address.

func (*Conn) Read 

func (c *Conn) Read(b []byte) (int, error)

func (*Conn) RemoteAddr 

func (c *Conn) RemoteAddr() net.Addr

RemoteAddr returns the remote network address.

func (*Conn) SetDeadline 

func (c *Conn) SetDeadline(t time.Time) error

SetDeadline sets the read and write deadlines associated with the connection. A zero value for t means Read and Write will not time out. After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.

func (*Conn) SetReadDeadline 

func (c *Conn) SetReadDeadline(t time.Time) error

SetReadDeadline sets the read deadline on the underlying connection. A zero value for t means Read will not time out.

func (*Conn) SetWriteDeadline 

func (c *Conn) SetWriteDeadline(t time.Time) error

SetWriteDeadline sets the write deadline on the underlying connection. A zero value for t means Write will not time out. After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.

func (*Conn) State 

func (c *Conn) State() (state State)

func (*Conn) Write 

func (c *Conn) Write(d []byte) (int, error)

type Dialer 

type Dialer struct {
	// NetDialer is the optional dialer to use for the STL connections'
	// underlying TCP connections.
	// A nil NetDialer is equivalent to the net.Dialer zero value.
	NetDialer *net.Dialer

	// Config is the STL configuration to use for new connections.
	// A nil configuration is equivalent to the zero
	// configuration; see the documentation of Config for the
	// defaults.
	Config *Config
}

Dialer dials STL connections given a configuration and a Dialer for the underlying connection.

func (*Dialer) Dial 

func (d *Dialer) Dial(network, addr string) (net.Conn, error)

Dial connects to the given network address and initiates a STL handshake, returning the resulting STL connection.

The returned Conn, if any, will always be of type *Conn.

Dial uses context.Background internally; to specify the context, use DialContext.

func (*Dialer) DialContext 

func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

DialContext connects to the given network address and initiates a STL handshake, returning the resulting STL connection.

The provided Context must be non-nil. If the context expires before the connection is complete, an error is returned. Once successfully connected, any expiration of the context will not affect the connection.

The returned Conn, if any, will always be of type *Conn.

type ErrorCode 

type ErrorCode uint8
const (
	ErrorCode_Unknown ErrorCode = iota
	ErrorCode_Internal
	ErrorCode_Unauthorised
	ErrorCode_UnexpectedFrame
	ErrorCode_BadCertificate
	ErrorCode_BadParameters
	ErrorCode_Closed
)

type ErrorFrame 

type ErrorFrame struct {
	Code ErrorCode
}

func (*ErrorFrame) Error 

func (ef *ErrorFrame) Error() string

func (*ErrorFrame) Marshal 

func (ef *ErrorFrame) Marshal() ([]byte, error)

func (*ErrorFrame) Unmarshal 

func (ef *ErrorFrame) Unmarshal(d []byte) error

func (*ErrorFrame) WriteTo 

func (ef *ErrorFrame) WriteTo(w io.Writer)

type Extension 

type Extension struct {
	ExtType ExtensionType
	Data    []byte
}

func (*Extension) Marshal 

func (ext *Extension) Marshal() ([]byte, error)

func (*Extension) Unmarshal 

func (ext *Extension) Unmarshal(d []byte) error

type ExtensionType 

type ExtensionType byte
const (
	ExtensionType_Certificate ExtensionType = iota + 1
	ExtensionType_CertificateRequest
	ExtensionType_Name
	ExtensionType_NameRequest
	ExtensionType_EarlyData
	ExtensionType_HostnameId
	ExtensionType_NextProto
)

type FinishFrame 

type FinishFrame struct{}

func (*FinishFrame) Marshal 

func (ff *FinishFrame) Marshal() ([]byte, error)

func (*FinishFrame) Unmarshal 

func (ff *FinishFrame) Unmarshal(d []byte) error

type Frame 

type Frame struct {
	FrameType FrameType
	Length    uint16
	// contains filtered or unexported fields
}

func (*Frame) Data 

func (f *Frame) Data() (interface{}, error)

func (*Frame) Marshal 

func (f *Frame) Marshal(i Marshaller) ([]byte, error)

func (*Frame) MarshalBinary 

func (f *Frame) MarshalBinary() ([]byte, error)

func (*Frame) ReadFrom 

func (f *Frame) ReadFrom(r io.Reader) (int64, error)

type FrameType 

type FrameType uint8
const (
	FrameType_Invalid FrameType = iota
	FrameType_InitHello
	FrameType_ResponseHello
	FrameType_Info
	FrameType_Finish
	FrameType_Error
	FrameType_Data
)

type HandshakeSuite 

type HandshakeSuite uint8
const (
	HsSuiteNotSet HandshakeSuite = iota
	ECDHE_x25519
	ECDHE_p386
	ECDHE_p256
	DBVF6_pn14qp438
)

type HostnameId 

type HostnameId struct {
	HostnameIdType HostnameIdType
	KeyIdLength    uint8
	KeyId          []byte
	Data           []byte
}

func (*HostnameId) Marshal 

func (h *HostnameId) Marshal() ([]byte, error)

type HostnameIdType 

type HostnameIdType uint8
const (
	HostnameIdType_UnknownType HostnameIdType = iota
	HostnameIdType_HMAC
	HostnameIdType_PSK
)

type HostnamePSK 

type HostnamePSK struct {
	Suite     ApplicationSuite
	CertID    []byte
	PublicKey []byte
	Data      []byte
}

type HostnameType 

type HostnameType byte
const (
	HostnameType_unknown HostnameType = iota
	HostnameType_IP
	HostnameType_DNS
	HostnameType_PSK
	HostnameType_OnRequest
)

type InfoFrame 

type InfoFrame struct {
	ExtLength  uint16
	Extensions []Extension
}

func (*InfoFrame) Marshal 

func (ifr *InfoFrame) Marshal() ([]byte, error)

func (*InfoFrame) Unmarshal 

func (ifr *InfoFrame) Unmarshal(d []byte) error

type InitHello 

type InitHello struct {
	Version      byte
	Epoch        uint32
	Random       [32]byte
	Suites       []Suite
	Key          []byte
	HostnameType HostnameType
	Hostname     []byte
	Extensions   []Extension
}

func (*InitHello) Marshal 

func (ch *InitHello) Marshal() ([]byte, error)

func (*InitHello) Unmarshal 

func (ch *InitHello) Unmarshal(d []byte) (err error)

type InitHelloState 

type InitHelloState struct {
	// contains filtered or unexported fields
}

type Marshaller 

type Marshaller interface {
	Marshal() ([]byte, error)
}

type ResponseHello 

type ResponseHello struct {
	Version    byte
	Suite      Suite
	Key        []byte
	Epoch      uint32
	Random     [32]byte
	Extensions []Extension
}

func (*ResponseHello) Marshal 

func (ch *ResponseHello) Marshal() ([]byte, error)

func (*ResponseHello) MarshalEncrypted 

func (ch *ResponseHello) MarshalEncrypted(c cipher.AEAD, rand io.Reader) ([]byte, error)

func (*ResponseHello) Unmarshal 

func (ch *ResponseHello) Unmarshal(d []byte) (err error)

func (*ResponseHello) UnmarshalEncrypted 

func (ch *ResponseHello) UnmarshalEncrypted(d []byte, c cipher.AEAD) (err error)

func (*ResponseHello) UnmarshalPartial 

func (ch *ResponseHello) UnmarshalPartial(d []byte) (err error)

type ResponseHelloState 

type ResponseHelloState struct {
	// contains filtered or unexported fields
}

type State 

type State struct {
	Version           uint8
	HandshakeComplete bool
	Suite             Suite
	PeerName          string
	PeerCertificates  []*Certificate
	NextProto         string
}

type Suite 

type Suite struct {
	Handshake   HandshakeSuite
	Application ApplicationSuite
}

type Unmarshaller 

type Unmarshaller interface {
	Unmarshal(d []byte) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.