Documentation ¶
Index ¶
- Constants
- Variables
- type EncryptionSession
- func (s *EncryptionSession) Check(seqNum uint32, prio bool) error
- func (s *EncryptionSession) DeriveSessionFromKX(reverse bool, purpose string) (*EncryptionSession, error)
- func (s *EncryptionSession) In(seqNum uint32, prio bool) (c cipher.AEAD, err error)
- func (s *EncryptionSession) InitCleanup()
- func (s *EncryptionSession) InitKeyClientComplete(kxKey []byte, kxType string) error
- func (s *EncryptionSession) InitKeyClientStart() (kxKey []byte, kxType string, err error)
- func (s *EncryptionSession) InitKeyServer(kxKey []byte, kxType string) (returnKxKey []byte, returnKxType string, err error)
- func (s *EncryptionSession) IsSetUp() bool
- func (s *EncryptionSession) Out(prio bool) (seqNum uint32, ack uint32, recvRate uint8, c cipher.AEAD, err error)
- type EncryptionSessionTestHelper
- func (h *EncryptionSessionTestHelper) InKey() []byte
- func (h *EncryptionSessionTestHelper) OutKey() []byte
- func (h *EncryptionSessionTestHelper) PrioSeq() *SequenceHandler
- func (h *EncryptionSessionTestHelper) PrioSetOut(seq uint32)
- func (h *EncryptionSessionTestHelper) ReglSeq() *SequenceHandler
- func (h *EncryptionSessionTestHelper) ReglSetOut(seq uint32)
- type SequenceHandler
- type Session
- func (s *Session) Address() *m.PublicAddress
- func (s *Session) Encryption() *EncryptionSession
- func (s *Session) For() netip.Addr
- func (s *Session) SetEncryptionSession(encSession *EncryptionSession)
- func (s *Session) SetTunMTU(mtu int)
- func (s *Session) Signing() *SigningSession
- func (s *Session) TunMTU() int
- type SigningSession
- type State
- func (state *State) AddPublicRouterInfo(id netip.Addr, info *m.RouterInfo) error
- func (state *State) AddRouter(address *m.PublicAddress) error
- func (state *State) GetSession(ip netip.Addr) *Session
- func (state *State) MarkRouterOffline(id netip.Addr) error
- func (state *State) QueryNearestRouters(ip netip.Addr, max int) ([]*storage.StoredRouter, error)
- func (state *State) QueryRouters(q *storage.RouterQuery) error
- func (state *State) SetEncryptionSession(ip netip.Addr, encSession *EncryptionSession) error
- func (state *State) Start(mgr *mgr.Manager) error
- func (state *State) Stop(mgr *mgr.Manager) error
- type TimeSequenceHandler
Constants ¶
const DefaultPrecision = time.Millisecond
DefaultPrecision is the default precision for time sequences.
Variables ¶
var ( ErrImmediateDuplicateFrame = errors.New("immediate duplicate frame") ErrDelayedDuplicateFrame = errors.New("delayed duplicate frame") ErrUnknownDelayedFrame = errors.New("unknown delayed frame") ErrDelayedFrame = errors.New("delayed frame") ErrTooOldFrame = errors.New("too old frame") ErrTooNewFrame = errors.New("too new frame") )
Sequence Errors.
var (
ErrEncryptionNotSetUp = errors.New("encryption is not set up")
)
Encryption Errors.
Functions ¶
This section is empty.
Types ¶
type EncryptionSession ¶
type EncryptionSession struct {
// contains filtered or unexported fields
}
EncryptionSession holds all necessary information for encrypting a duplex packet stream.
func NewEncryptionSession ¶
func NewEncryptionSession() *EncryptionSession
NewEncryptionSession returns a new encryption session. It does not hold any keys.
func (*EncryptionSession) Check ¶
func (s *EncryptionSession) Check(seqNum uint32, prio bool) error
Check checks the given sequence number and returns an error if there is an issue.
func (*EncryptionSession) DeriveSessionFromKX ¶
func (s *EncryptionSession) DeriveSessionFromKX(reverse bool, purpose string) (*EncryptionSession, error)
DeriveSessionFromKX derives a new encryption session with the current key exchange keys and a different context.
func (*EncryptionSession) InitCleanup ¶
func (s *EncryptionSession) InitCleanup()
InitCleanup cleans up the exchange keys after the initial setup.
func (*EncryptionSession) InitKeyClientComplete ¶
func (s *EncryptionSession) InitKeyClientComplete(kxKey []byte, kxType string) error
InitKeyClientComplete takes the exchange key of the server to finalize the encryption keys. Call InitCleanup() when done with key setup.
func (*EncryptionSession) InitKeyClientStart ¶
func (s *EncryptionSession) InitKeyClientStart() (kxKey []byte, kxType string, err error)
InitKeyClientStart generates exchange keys on the client.
func (*EncryptionSession) InitKeyServer ¶
func (s *EncryptionSession) InitKeyServer(kxKey []byte, kxType string) (returnKxKey []byte, returnKxType string, err error)
InitKeyServer takes the exchange key of the client and generates exchange keys on the server. It already uses that information to finalize the encryption keys. Call InitCleanup() when done with key setup.
func (*EncryptionSession) IsSetUp ¶
func (s *EncryptionSession) IsSetUp() bool
IsSetUp returns whether the encryption is set up and ready to use.
type EncryptionSessionTestHelper ¶
type EncryptionSessionTestHelper struct {
*EncryptionSession
}
EncryptionSessionTestHelper is test helper.
func (*EncryptionSessionTestHelper) InKey ¶
func (h *EncryptionSessionTestHelper) InKey() []byte
InKey returns the in key.
func (*EncryptionSessionTestHelper) OutKey ¶
func (h *EncryptionSessionTestHelper) OutKey() []byte
OutKey returns the out key.
func (*EncryptionSessionTestHelper) PrioSeq ¶
func (h *EncryptionSessionTestHelper) PrioSeq() *SequenceHandler
PrioSeq returns the priority sequence handler.
func (*EncryptionSessionTestHelper) PrioSetOut ¶
func (h *EncryptionSessionTestHelper) PrioSetOut(seq uint32)
PrioSetOut sets the priority outgoing sequence number.
func (*EncryptionSessionTestHelper) ReglSeq ¶
func (h *EncryptionSessionTestHelper) ReglSeq() *SequenceHandler
ReglSeq returns the regular sequence handler.
func (*EncryptionSessionTestHelper) ReglSetOut ¶
func (h *EncryptionSessionTestHelper) ReglSetOut(seq uint32)
ReglSetOut sets the regular outgoing sequence number.
type SequenceHandler ¶
type SequenceHandler struct {
// contains filtered or unexported fields
}
SequenceHandler checks sequence numbers to detect duplicate messages.
func NewSequenceHandler ¶
func NewSequenceHandler() *SequenceHandler
NewSequenceHandler returns a new sequence handler.
func (*SequenceHandler) Ack ¶
func (sh *SequenceHandler) Ack() (seqNum uint32, recvRate uint8)
Ack returns the highest sequence number received so far, as well as the current frame recv rate.
func (*SequenceHandler) Check ¶
func (sh *SequenceHandler) Check(seqNum uint32) error
Check checks the given sequence number and returns an error if there is an issue.
func (*SequenceHandler) NextOut ¶
func (sh *SequenceHandler) NextOut() (seqNum uint32, rollover bool)
NextOut returns the next outgoing sequence number and if a key rollover is required. It makes sure rollover only returns true once per key rollover. Therefore, the rollover must be executed.
func (*SequenceHandler) Reset ¶
func (sh *SequenceHandler) Reset()
Reset resets the sequence counters to zero. This is only used for resetting the priority sequence, when the regular triggered a key rollover.
func (*SequenceHandler) RolloverRequired ¶
func (sh *SequenceHandler) RolloverRequired(seqNum uint32) bool
RolloverRequired returns whether the current sequence number allows for a key rollover. It makes sure to only return true once per key rollover. Therefore, the rollover must be executed.
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
Session is a logical session with another router.
func (*Session) Address ¶
func (s *Session) Address() *m.PublicAddress
Address returns the public address of the router this session is for.
func (*Session) Encryption ¶
func (s *Session) Encryption() *EncryptionSession
Encryption returns the encryption session.
func (*Session) SetEncryptionSession ¶ added in v0.4.0
func (s *Session) SetEncryptionSession(encSession *EncryptionSession)
SetEncryptionSession sets the encryption session.
func (*Session) SetTunMTU ¶ added in v0.4.0
SetTunMTU sets the reported tun device MTU of that router.
func (*Session) Signing ¶
func (s *Session) Signing() *SigningSession
Signing returns the signing session.
type SigningSession ¶
type SigningSession struct {
// contains filtered or unexported fields
}
SigningSession holds all necessary information for signing (unreliable) packets.
func NewSigningSession ¶
func NewSigningSession(routerPrivKey ed25519.PrivateKey, remotePubKey ed25519.PublicKey) *SigningSession
NewSigningSession returns a new signing session.
func (*SigningSession) RemotePubKey ¶
func (s *SigningSession) RemotePubKey() ed25519.PublicKey
RemotePubKey returns the public key of the remote peer.
func (*SigningSession) RouterPrivKey ¶
func (s *SigningSession) RouterPrivKey() ed25519.PrivateKey
RouterPrivKey returns the private key of the router.
func (*SigningSession) Seq ¶
func (s *SigningSession) Seq() *TimeSequenceHandler
Seq returns the sequence handler.
type State ¶
type State struct {
// contains filtered or unexported fields
}
State manages and stores states.
func (*State) AddPublicRouterInfo ¶
AddPublicRouterInfo adds the public router info.
func (*State) AddRouter ¶
func (state *State) AddRouter(address *m.PublicAddress) error
AddRouter adds a router to the state manager.
func (*State) GetSession ¶
GetSession returns a new session for the given router.
func (*State) MarkRouterOffline ¶ added in v0.4.0
MarkRouterOffline marks that the router has announced it is going offline.
func (*State) QueryNearestRouters ¶ added in v0.1.0
QueryNearestRouters queries the nearest routers to the given IP.
func (*State) QueryRouters ¶ added in v0.1.0
func (state *State) QueryRouters(q *storage.RouterQuery) error
QueryRouters query the router storage.
func (*State) SetEncryptionSession ¶
func (state *State) SetEncryptionSession(ip netip.Addr, encSession *EncryptionSession) error
SetEncryptionSession sets the encryption session.
type TimeSequenceHandler ¶
type TimeSequenceHandler struct {
// contains filtered or unexported fields
}
TimeSequenceHandler is a simple timestamp based sequence handler.
func NewTimeSequenceHandler ¶
func NewTimeSequenceHandler(precision time.Duration) *TimeSequenceHandler
NewTimeSequenceHandler returns a new TimeSequenceHandler.
func (*TimeSequenceHandler) Check ¶
func (sh *TimeSequenceHandler) Check(seqTime time.Time) error
Check checks if the given sequence time should be accepted.
func (*TimeSequenceHandler) Next ¶
func (sh *TimeSequenceHandler) Next() time.Time
Next returns the next sequence time.