secure

package
v1.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2026 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const HandshakeTimeout = 10 * time.Second

HandshakeTimeout is the maximum time allowed for the ECDH handshake.

View Source 
const MaxEncryptedMessageLen = 16 * 1024 * 1024 // 16 MB

MaxEncryptedMessageLen limits the maximum decrypted message size to prevent memory exhaustion from a malicious peer advertising a huge msgLen.

Variables

This section is empty.

Functions

This section is empty.

Types

type Handler 

type Handler func(conn net.Conn)

Handler is called for each new secure connection.

type SecureConn 

type SecureConn struct {
	// contains filtered or unexported fields
}

SecureConn wraps a net.Conn with AES-256-GCM encryption. After a successful ECDH handshake, all reads and writes are encrypted.

func Dial 

func Dial(d *driver.Driver, addr protocol.Addr) (*SecureConn, error)

Dial connects to a remote agent's secure port and performs the handshake. Returns an encrypted connection that implements net.Conn.

func Handshake 

func Handshake(conn net.Conn, isServer bool) (*SecureConn, error)

Handshake performs an ECDH key exchange over the connection. isServer determines which side reads first. A deadline is set to prevent indefinite blocking (M14 fix).

func (*SecureConn) Close 

func (sc *SecureConn) Close() error

func (*SecureConn) LocalAddr 

func (sc *SecureConn) LocalAddr() net.Addr

func (*SecureConn) Read 

func (sc *SecureConn) Read(b []byte) (int, error)

Read decrypts and reads data from the connection. Leftover plaintext from a previous decryption is returned first (H14 fix).

func (*SecureConn) RemoteAddr 

func (sc *SecureConn) RemoteAddr() net.Addr

func (*SecureConn) SetDeadline 

func (sc *SecureConn) SetDeadline(t time.Time) error

func (*SecureConn) SetReadDeadline 

func (sc *SecureConn) SetReadDeadline(t time.Time) error

func (*SecureConn) SetWriteDeadline 

func (sc *SecureConn) SetWriteDeadline(t time.Time) error

func (*SecureConn) Write 

func (sc *SecureConn) Write(b []byte) (int, error)

Write encrypts and writes data to the connection.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server listens on port 443 and upgrades connections to encrypted channels.

func NewServer 

func NewServer(d *driver.Driver, handler Handler) *Server

NewServer creates a secure channel server.

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe() error

ListenAndServe binds port 443 and starts accepting secure connections.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.