A noise protocol stream for vibe.d
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
docs
src
.gitignore
.travis.yml
LICENSE.txt
README.md
dub.json
dub.selections.json
noise-c.patch
travis-ci.sh

README.md

vibe-noisestream

Coverage Status Build Status

This implements an ecryption socket based on the Noise Protocol Framtwork for vibe.D. The noise-c library is used to implement the Noise_XX_25519_ChaChaPoly_BLAKE2b protocol. libsodium is used for secure key memory management.

The API documentation is available here.

Note

  • This project will switch to the noise socket protocol once that has been formalized.
  • Currently targets vibe.D 0.7.x.
  • This implements a simple noise protocol without rekeying. This means after 2^64-1 messages a socket can no longer be used to send messages (an Exception will be thrown instead). This also means that long-running connections keep using the same key. If this temporary key gets compromised an attacker could decrypt the complete session.

A simple server/client example

import vibe.d, vibe.noise;

void main()
{
    createKeys("server.key", "server.pub");
    createKeys("client.key", "client.pub");

    server();
    runTask(&client);
    runEventLoop();
}

void client()
{
    auto stream = connectTCP("127.0.0.1", 4000);
    auto settings = NoiseSettings(NoiseKind.client);
    settings.privateKeyPath = Path("client.key");
    settings.remoteKeyPath = Path("server.pub");

    auto cryptStream = stream.createNoiseStream(settings);

    // Now use cryptStream as usual
}

void server()
{
    void onConnection(TCPConnection conn)
    {
        auto settings = NoiseSettings(NoiseKind.server);
        settings.privateKeyPath = Path("server.key");
        settings.verifyRemoteKey = (scope const(ubyte[]) remKey) {
            ubyte[KeyLength] pubKey;
            readPublicKey("client.pub", pubKey); 
            return remKey[] == pubKey[];
        };

        auto stream = conn.createNoiseStream(settings);

        // Now read/write data
    }

    listenTCP(4000, &onConnection);
}