pion / Dtls
Licence: mit
DTLS 1.2 Server/Client implementation for Go
Stars: ✭ 313
Labels
Projects that are alternatives of or similar to Dtls
Rnl
RNL - Realtime Network Library - The opensource reliable UDP network library
Stars: ✭ 59 (-81.15%)
Mutual labels: udp, encryption
Redux Persist Transform Encrypt
Encrypt your Redux store
Stars: ✭ 306 (-2.24%)
Mutual labels: encryption
Kcp Go
A Crypto-Secure, Production-Grade Reliable-UDP Library for golang with FEC
Stars: ✭ 3,177 (+915.02%)
Mutual labels: udp
Awesome Cryptography
A curated list of cryptography resources and links.
Stars: ✭ 3,475 (+1010.22%)
Mutual labels: encryption
Veracrypt
Disk encryption with strong security based on TrueCrypt
Stars: ✭ 3,674 (+1073.8%)
Mutual labels: encryption
Msoffcrypto Tool
Python tool and library for decrypting MS Office files with passwords or other keys
Stars: ✭ 274 (-12.46%)
Mutual labels: encryption
Quack
Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
Stars: ✭ 305 (-2.56%)
Mutual labels: udp
Drop watch
Monitor reasons why and where linux drops UDP packets
Stars: ✭ 289 (-7.67%)
Mutual labels: udp
Nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Stars: ✭ 19,537 (+6141.85%)
Mutual labels: udp
Mirage Tcpip
TCP/IP networking stack in pure OCaml, using the Mirage platform libraries. Includes IPv4/6, ICMP, and UDP/TCP support.
Stars: ✭ 277 (-11.5%)
Mutual labels: udp
Ciphersweet
Fast, searchable field-level encryption for PHP projects
Stars: ✭ 299 (-4.47%)
Mutual labels: encryption
Lossy
Go package to simulate bandwidth, latency and packet loss for net.PacketConn and net.Conn interfaces
Stars: ✭ 277 (-11.5%)
Mutual labels: udp
Zebra Crossing
Zebra Crossing: an easy-to-use digital safety checklist
Stars: ✭ 307 (-1.92%)
Mutual labels: encryption
Portwarden
Create Encrypted Backups of Your Bitwarden Vault with Attachments
Stars: ✭ 274 (-12.46%)
Mutual labels: encryption
Chatsecure Ios
ChatSecure is a free and open source encrypted chat client for iOS that supports OTR and OMEMO encryption over XMPP.
Stars: ✭ 3,044 (+872.52%)
Mutual labels: encryption
Encryptpad
Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
Stars: ✭ 305 (-2.56%)
Mutual labels: encryption
Pion DTLS
A Go implementation of DTLS
Native DTLS 1.2 implementation in the Go programming language.
A long term goal is a professional security review, and maye inclusion in stdlib.
Goals/Progress
This will only be targeting DTLS 1.2, and the most modern/common cipher suites. We would love contributes that fall under the 'Planned Features' and fixing any bugs!
Current features
- DTLS 1.2 Client/Server
- Key Exchange via ECDHE(curve25519, nistp256, nistp384) and PSK
- Packet loss and re-ordering is handled during handshaking
- Key export (RFC 5705)
- Serialization and Resumption of sessions
- Extended Master Secret extension (RFC 7627)
Supported ciphers
ECDHE
- TLS_ECDHE_ECDSA_WITH_AES_128_CCM (RFC 6655)
- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (RFC 6655)
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (RFC 5289)
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (RFC 5289)
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (RFC 8422)
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (RFC 8422)
PSK
- TLS_PSK_WITH_AES_128_CCM (RFC 6655)
- TLS_PSK_WITH_AES_128_CCM_8 (RFC 6655)
- TLS_PSK_WITH_AES_128_GCM_SHA256 (RFC 5487)
- TLS_PSK_WITH_AES_128_CBC_SHA256 (RFC 5487)
Planned Features
- Chacha20Poly1305
Excluded Features
- DTLS 1.0
- Renegotiation
- Compression
Using
This library needs at least Go 1.13, and you should have Go modules enabled.
Pion DTLS
For a DTLS 1.2 Server that listens on 127.0.0.1:4444
go run examples/listen/selfsign/main.go
For a DTLS 1.2 Client that connects to 127.0.0.1:4444
go run examples/dial/selfsign/main.go
OpenSSL
Pion DTLS can connect to itself and OpenSSL.
// Generate a certificate
openssl ecparam -out key.pem -name prime256v1 -genkey
openssl req -new -sha256 -key key.pem -out server.csr
openssl x509 -req -sha256 -days 365 -in server.csr -signkey key.pem -out cert.pem
// Use with examples/dial/selfsign/main.go
openssl s_server -dtls1_2 -cert cert.pem -key key.pem -accept 4444
// Use with examples/listen/selfsign/main.go
openssl s_client -dtls1_2 -connect 127.0.0.1:4444 -debug -cert cert.pem -key key.pem
Using with PSK
Pion DTLS also comes with examples that do key exchange via PSK
Pion DTLS
go run examples/listen/psk/main.go
go run examples/dial/psk/main.go
OpenSSL
// Use with examples/dial/psk/main.go
openssl s_server -dtls1_2 -accept 4444 -nocert -psk abc123 -cipher PSK-AES128-CCM8
// Use with examples/listen/psk/main.go
openssl s_client -dtls1_2 -connect 127.0.0.1:4444 -psk abc123 -cipher PSK-AES128-CCM8
Contributing
Check out the contributing wiki to join the group of amazing people making this project possible:
- Sean DuBois - Original Author
- Michiel De Backker - Public API
- Chris Hiszpanski - Support Signature Algorithms Extension
- Iñigo Garcia Olaizola - Serialization & resumption, cert verification, E2E
- Daniele Sluijters - AES-CCM support
- Jin Lei - Logging
- Hugo Arregui
- Lander Noterman
- Aleksandr Razumov - Fuzzing
- Ryan Gordon
- Stefan Tatschner
- Hayden James
- Jozef Kralik
- Robert Eperjesi
- Atsushi Watanabe
- Julien Salleyron - Server Name Indication
- Jeroen de Bruijn
- bjdgyc
- Jeffrey Stoke (Jeff Ctor) - Fragmentbuffer Fix
- Frank Olbricht
- ZHENK
- Carson Hoffman
- Vadim Filimonov
- Jim Wert
- Alvaro Viebrantz
- Kegan Dougal
License
MIT License - see LICENSE for full text
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].