Skip to content
/ dtls Public
forked from pion/dtls

DTLS 1.2 Server/Client implementation for Go

License

MIT license
0 stars 161 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hjames9/dtls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

151 Commits
.github
.github
 
 
e2e
e2e
 
 
examples
examples
 
 
internal/udp
internal/udp
 
 
.golangci.yml
.golangci.yml
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
alert.go
alert.go
 
 
alert_test.go
alert_test.go
 
 
application_data.go
application_data.go
 
 
change_cipher_spec.go
change_cipher_spec.go
 
 
change_cipher_spec_test.go
change_cipher_spec_test.go
 
 
cipher_suite.go
cipher_suite.go
 
 
cipher_suite_test.go
cipher_suite_test.go
 
 
cipher_suite_tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go
cipher_suite_tls_ecdhe_ecdsa_with_aes_128_gcm_sha256.go
 
 
cipher_suite_tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go
cipher_suite_tls_ecdhe_ecdsa_with_aes_256_cbc_sha.go
 
 
cipher_suite_tls_ecdhe_rsa_with_aes_128_gcm_sha256.go
cipher_suite_tls_ecdhe_rsa_with_aes_128_gcm_sha256.go
 
 
cipher_suite_tls_ecdhe_rsa_with_aes_256_cbc_sha.go
cipher_suite_tls_ecdhe_rsa_with_aes_256_cbc_sha.go
 
 
client_certificate_type.go
client_certificate_type.go
 
 
client_handlers.go
client_handlers.go
 
 
compression_method.go
compression_method.go
 
 
compression_method_test.go
compression_method_test.go
 
 
config.go
config.go
 
 
conn.go
conn.go
 
 
conn_test.go
conn_test.go
 
 
content.go
content.go
 
 
crypto.go
crypto.go
 
 
crypto_cbc.go
crypto_cbc.go
 
 
crypto_gcm.go
crypto_gcm.go
 
 
crypto_test.go
crypto_test.go
 
 
curve_type.go
curve_type.go
 
 
errors.go
errors.go
 
 
extension.go
extension.go
 
 
extension_supported_elliptic_curves.go
extension_supported_elliptic_curves.go
 
 
extension_supported_elliptic_curves_test.go
extension_supported_elliptic_curves_test.go
 
 
extension_supported_point_formats.go
extension_supported_point_formats.go
 
 
extension_supported_point_formats_test.go
extension_supported_point_formats_test.go
 
 
extension_supported_signature_algorithms.go
extension_supported_signature_algorithms.go
 
 
extension_supported_signature_algorithms_test.go
extension_supported_signature_algorithms_test.go
 
 
extension_use_srtp.go
extension_use_srtp.go
 
 
extension_use_srtp_test.go
extension_use_srtp_test.go
 
 
fingerprint.go
fingerprint.go
 
 
flight.go
flight.go
 
 
fragment_buffer.go
fragment_buffer.go
 
 
fragment_buffer_test.go
fragment_buffer_test.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
handshake.go
handshake.go
 
 
handshake_cache.go
handshake_cache.go
 
 
handshake_cache_test.go
handshake_cache_test.go
 
 
handshake_header.go
handshake_header.go
 
 
handshake_message_certificate.go
handshake_message_certificate.go
 
 
handshake_message_certificate_request.go
handshake_message_certificate_request.go
 
 
handshake_message_certificate_request_test.go
handshake_message_certificate_request_test.go
 
 
handshake_message_certificate_test.go
handshake_message_certificate_test.go
 
 
handshake_message_certificate_verify.go
handshake_message_certificate_verify.go
 
 
handshake_message_certificate_verify_test.go
handshake_message_certificate_verify_test.go
 
 
handshake_message_client_hello.go
handshake_message_client_hello.go
 
 
handshake_message_client_hello_test.go
handshake_message_client_hello_test.go
 
 
handshake_message_client_key_exchange.go
handshake_message_client_key_exchange.go
 
 
handshake_message_client_key_exchange_test.go
handshake_message_client_key_exchange_test.go
 
 
handshake_message_finished.go
handshake_message_finished.go
 
 
handshake_message_finished_test.go
handshake_message_finished_test.go
 
 
handshake_message_hello_verify_request.go
handshake_message_hello_verify_request.go
 
 
handshake_message_hello_verify_request_test.go
handshake_message_hello_verify_request_test.go
 
 
handshake_message_server_hello.go
handshake_message_server_hello.go
 
 
handshake_message_server_hello_done.go
handshake_message_server_hello_done.go
 
 
handshake_message_server_hello_done_test.go
handshake_message_server_hello_done_test.go
 
 
handshake_message_server_hello_test.go
handshake_message_server_hello_test.go
 
 
handshake_message_server_key_exchange.go
handshake_message_server_key_exchange.go
 
 
handshake_message_server_key_exchange_test.go
handshake_message_server_key_exchange_test.go
 
 
handshake_random.go
handshake_random.go
 
 
handshake_test.go
handshake_test.go
 
 
hash_algorithm.go
hash_algorithm.go
 
 
listener.go
listener.go
 
 
named_curve.go
named_curve.go
 
 
prf.go
prf.go
 
 
prf_test.go
prf_test.go
 
 
record_layer.go
record_layer.go
 
 
record_layer_header.go
record_layer_header.go
 
 
record_layer_test.go
record_layer_test.go
 
 
server_handlers.go
server_handlers.go
 
 
signature_algorithm.go
signature_algorithm.go
 
 
signature_hash_algorithm.go
signature_hash_algorithm.go
 
 
srtp_protection_profile.go
srtp_protection_profile.go
 
 
util.go
util.go
 
 

Repository files navigation


Pion DTLS

A Go implementation of DTLS

Pion DTLS Sourcegraph Widget Slack Widget Waffle board
Build Status GoDoc Coverage Status Go Report Card Codacy Badge License: MIT


Go DTLS 1.2 implementation. The original user is pion-WebRTC, but we would love to see it work for everyone.

A long term goal is a professional security review, and maye inclusion in stdlib.

Goals/Progress

This will only be targeting DTLS 1.2, and the most modern/common cipher suites. We would love contributes that fall under the 'Planned Features' and fixing any bugs!

Current features

  • DTLS 1.2 Client/Server
  • Forward secrecy using ECDHE; with curve25519 and nistp256 (non-PFS will not be supported)
  • AES_128_GCM, AES_256_CBC
  • Packet loss and re-ordering is handled during handshaking
  • Key export (RFC5705)

Planned Features

  • Extended master secret support (RFC7627)
  • Chacha20Poly1305

Excluded Features

  • DTLS 1.0
  • Renegotiation
  • Compression

Pion DTLS

For a DTLS 1.2 Server that listens on 127.0.0.1:4444

go run examples/listen/main.go

For a DTLS 1.2 Client that connects to 127.0.0.1:4444

go run examples/dial/main.go

OpenSSL

Pion DTLS can connect to itself and OpenSSL.

  // Generate a certificate
  openssl ecparam -out key.pem -name prime256v1 -genkey
  openssl req -new -sha256 -key key.pem -out server.csr
  openssl x509 -req -sha256 -days 365 -in server.csr -signkey key.pem -out cert.pem

  // Use with examples/dial/main.go
  openssl s_server -dtls1_2 -cert cert.pem -key key.pem -accept 4444

  // Use with examples/listen/main.go
  openssl s_client -dtls1_2 -connect 127.0.0.1:4444 -debug -cert cert.pem -key key.pem

Contributing

Check out the contributing wiki to join the group of amazing people making this project possible:

License

MIT License - see LICENSE for full text

About

DTLS 1.2 Server/Client implementation for Go

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

20 tags

Packages

No packages published

Languages

  • Go 98.7%
  • Shell 1.3%