README
¶
dnscrypt-transport
An incomplete golang library to provide DNSCrypt support to DNSFilter
** NOTE: This project was scrapped after only being partially completed and is not currently functional. We are currently focusing all our efforts on DNS over TLS. We are releasing this project in case anyone else finds it useful, or expresses enough interest to help us complete it. **
Generate provider secret & public key
This generates the long-term provider key pair.
dnscrypt-mgmt generate-provider-key >provider.key
The output contains both the private and the public key. The public key should be distributed to users and can be extracted with
dnscrypt-mgmt print-public-key provider.key
The private key will be required when generating certificates.
Generate certificate
This generates a short-lived (24h) certificate with its own, short-lived key pair. The certificate is signed with the provider secret key.
dnscrypt-mgmt generate-certificate provider.key >cert.cert
The output file containts the certificate, the private key and the public key. Make the entire file available to the resolver.
Documentation
¶
Index ¶
Constants ¶
const ( MagicLength = 8 MinimumQueryLength = 52 NonceLength = 24 KeyLength = 32 )
Variables ¶
var ResolverMagic = []byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38}
Functions ¶
Types ¶
type Certificate ¶
type Certificate struct {
PublicKey [32]byte
PrivateKey [32]byte
ClientMagic []byte
Serial uint32
Start time.Time
End time.Time
Extensions []byte
Signature []byte
}
func ParseCertificate ¶
func ParseCertificate(b []byte) (*Certificate, error)
func (*Certificate) Bytes ¶
func (c *Certificate) Bytes() []byte
Bytes returns the serialized form of a Certificate. It is in the correct form for use in TXT records.
func (*Certificate) Sign ¶
func (c *Certificate) Sign(pkey ed25519.PrivateKey)
Sign signs certificate c, setting its Signature field.
type Config ¶
type Config struct {
GetCertificates func() ([]*Certificate, error)
}
Source Files
Directories