mirror of https://gogs.blitter.com/RLabs/xs
Made server.go and serverp.go (plaintext net example) use same bufsize
This commit is contained in:
Russ Magee
parent
9054bcb89f
commit
aaa99360be
41
README.md
41
README.md
|
|
@ -1,16 +1,33 @@
|
|||
This is an implementation of the 'HerraduraKEx' key exchange algorithm in golang.
|
||||
See github.com/Caume/HerraduraKEx
|
||||
This is a drop-in replacement for the golang/pkg/net facilities
|
||||
(net.Dial(), net.Listen(), net.Accept() and net.Conn type) using the
|
||||
experimental HerraduraKEx 'secure' key exchange algorithm, first released at
|
||||
github.com/Caume/HerraduraKEx
|
||||
|
||||
package herradurakex is a simple golang library to manage key exchanges using the algorithm
|
||||
and (TODO) wraps/extends golang.org/pkg/net/, Listener interface, Dial/Accept methods by
|
||||
providing a HKexConn built on top of the vanilla Conn.
|
||||
One can simply replace calls to net.Dial() with hkex.Dial(), and likewise
|
||||
net.Listen() with hkex.Listen(), to obtain connections (hkex.Conn) conforming
|
||||
to the basic net.Conn interface. Upon Dial(), the HerraduraKEx key exchange
|
||||
is initiated (whereby client and server independently derive the same
|
||||
keying material) and session algorithms to be used are exchanged allowing an
|
||||
encrypted channel between client and server.
|
||||
|
||||
Theory:
|
||||
1. Build a standard pkg/net/ Conn c
|
||||
2. Build a HKexConn passing in Conn hc (HKexConn implements io.Reader,io.Writer)s
|
||||
3. Dial/Listen on hc (it will do the KEx and store session key, negotiate crypto alg.)
|
||||
4. Call any pkg/net ops as usual using HKexConn
|
||||
NOTE: the terms 'secure' and 'securely' where used above are purposely
|
||||
enclosed in singled quotes due to the experimental nature of the HerraduraKEx
|
||||
algorithm used to derive crypto keying material on each end.
|
||||
As of this time no verdict by acknowledged 'crypto experts' as to the true
|
||||
security of the HerraduraKEx algorithm for purposes of session key exchange
|
||||
over an insecure channel has been rendered.
|
||||
It is hoped that such experts in the field will analyze the algorithm and
|
||||
determine if it is indeed a suitable one for use in situations where
|
||||
Diffie-Hellman key exchange is currently utilized.
|
||||
|
||||
To run
|
||||
--
|
||||
$ go get <tbd>/herradurakex.git
|
||||
$ cd $GOPATH/src/<tbd>/herradurakex
|
||||
$ go install .
|
||||
$ cd demo/
|
||||
$ go build client.go && go build server.go
|
||||
|
||||
? -rlm 2018-01-06
|
||||
|
||||
[ in separate shell windows ]
|
||||
[A]$ ./server
|
||||
[B]$ ./client
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ func main() {
|
|||
go func(ch chan []byte, eCh chan error) {
|
||||
for {
|
||||
// try to read the data
|
||||
data := make([]byte, 64)
|
||||
data := make([]byte, 512)
|
||||
chN, err = c.Read(data)
|
||||
if err != nil {
|
||||
// send an error if it's encountered
|
||||
|
|
|
|||
Loading…
Reference in New Issue