conn
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package conn contains an implementation of a secure channel created by gRPChandshakers.
Index¶
- Constants
- Variables
- func CounterSide(c []byte) core.Side
- func NewConn(c net.Conn, side core.Side, recordProtocol string, key []byte, ...) (net.Conn, error)
- func ParseFramedMsg(b []byte, maxLen uint32) ([]byte, []byte, error)
- func RegisterProtocol(protocol string, f ALTSRecordFunc) error
- func SliceForAppend(in []byte, n int) (head, tail []byte)
- type ALTSRecordCrypto
- type ALTSRecordFunc
- type Counter
- type KeySizeError
Constants¶
const (// GcmTagSize is the GCM tag size is the difference in length between// plaintext and ciphertext. From crypto/cipher/gcm.go in Go crypto// library.GcmTagSize = 16)
const (// MsgLenFieldSize is the byte size of the frame length field of a// framed message.MsgLenFieldSize = 4)
Variables¶
var ErrAuth =errors.New("message authentication failed")ErrAuth occurs on authentication failure.
Functions¶
funcCounterSide¶
CounterSide returns the connection side (client/server) a sequence counter isassociated with.
funcNewConn¶
func NewConn(cnet.Conn, sidecore.Side, recordProtocolstring, key []byte, protected []byte) (net.Conn,error)
NewConn creates a new secure channel instance given the other party role andhandshaking result.
funcParseFramedMsg¶
ParseFramedMsg parse the provided buffer and returns a frame of the formatmsgLength+msg and any remaining bytes in that buffer.
funcRegisterProtocol¶
func RegisterProtocol(protocolstring, fALTSRecordFunc)error
RegisterProtocol register a ALTS record encryption protocol.
funcSliceForAppend¶
SliceForAppend takes a slice and a requested number of bytes. It returns aslice with the contents of the given slice followed by that many bytes and asecond slice that aliases into it and contains only the extra bytes. If theoriginal slice has sufficient capacity then no allocation is performed.
Types¶
typeALTSRecordCrypto¶
type ALTSRecordCrypto interface {// Encrypt encrypts the plaintext, computes the tag (if any) of dst and// plaintext, and appends the result to dst, returning the updated slice.// dst and plaintext may fully overlap or not at all.Encrypt(dst, plaintext []byte) ([]byte,error)// EncryptionOverhead returns the tag size (if any) in bytes.EncryptionOverhead()int// Decrypt decrypts ciphertext and verifies the tag (if any). If successful,// this function appends the resulting plaintext to dst, returning the// updated slice. dst and ciphertext may alias exactly or not at all. To// reuse ciphertext's storage for the decrypted output, use ciphertext[:0]// as dst. Even if the function fails, the contents of dst, up to its// capacity, may be overwritten.Decrypt(dst, ciphertext []byte) ([]byte,error)}ALTSRecordCrypto is the interface for gRPC ALTS record protocol.
funcNewAES128GCM¶
func NewAES128GCM(sidecore.Side, key []byte) (ALTSRecordCrypto,error)
NewAES128GCM creates an instance that uses aes128gcm for ALTS record.
funcNewAES128GCMRekey¶
func NewAES128GCMRekey(sidecore.Side, key []byte) (ALTSRecordCrypto,error)
NewAES128GCMRekey creates an instance that uses aes128gcm with rekeyingfor ALTS record. The key argument should be 44 bytes, the first 32 bytesare used as a key for HKDF-expand and the remaining 12 bytes are usedas a random mask for the counter.
typeALTSRecordFunc¶
type ALTSRecordFunc func(score.Side, keyData []byte) (ALTSRecordCrypto,error)
ALTSRecordFunc is a function type for factory functions that createALTSRecordCrypto instances.
typeCounter¶
type Counter struct {// contains filtered or unexported fields}Counter is a 96-bit, little-endian counter.
funcCounterFromValue¶
CounterFromValue creates a new counter given an initial value.
funcNewInCounter¶
NewInCounter returns an incoming counter initialized to the starting sequencenumber for the client/server side of a connection. This is used in ALTS recordto check that incoming counters are as expected, since ALTS record guaranteesthat messages are unwrapped in the same order that the peer wrapped them.
funcNewOutCounter¶
NewOutCounter returns an outgoing counter initialized to the starting sequencenumber for the client/server side of a connection.
typeKeySizeError¶
type KeySizeErrorint
KeySizeError signals that the given key does not have the correct size.
func (KeySizeError)Error¶
func (kKeySizeError) Error()string
Source Files