qzmq

package module
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2025 License: Apache-2.0 Imports: 23 Imported by: 3

README

QZMQ - Quantum-Safe ZeroMQ

Go Reference License

QZMQ (QuantumZMQ) is a post-quantum secure transport layer for ZeroMQ that provides quantum-resistant encryption, authentication, and key exchange using NIST-standardized algorithms.

Features

  • Post-Quantum Security: ML-KEM (Kyber) and ML-DSA (Dilithium) algorithms
  • High Performance: Hardware-accelerated AES-GCM, zero-copy operations
  • 🔑 Hybrid Modes: Combine classical (X25519) and post-quantum algorithms
  • 0-RTT Resumption: Fast reconnection with session tickets
  • 🛡️ DoS Protection: Stateless cookies and rate limiting
  • 🔄 Automatic Key Rotation: Time and volume-based key updates

Installation

go get github.com/luxfi/qzmq

Quick Start

Basic Usage
package main

import (
    "log"
    "github.com/luxfi/qzmq"
)

func main() {
    // Create QZMQ transport with default options
    transport, err := qzmq.New(qzmq.DefaultOptions())
    if err != nil {
        log.Fatal(err)
    }
    defer transport.Close()

    // Server
    server, err := transport.NewSocket(qzmq.REP)
    if err != nil {
        log.Fatal(err)
    }
    server.Bind("tcp://*:5555")

    // Client
    client, err := transport.NewSocket(qzmq.REQ)
    if err != nil {
        log.Fatal(err)
    }
    client.Connect("tcp://localhost:5555")

    // Send quantum-safe encrypted message
    client.Send([]byte("Hello Quantum World"))
    
    // Receive and decrypt
    msg, _ := server.Recv()
    log.Printf("Received: %s", msg)
}
Advanced Configuration
// Configure for maximum quantum security
opts := qzmq.Options{
    Suite: qzmq.Suite{
        KEM:  qzmq.MLKEM1024,    // Strongest post-quantum KEM
        Sign: qzmq.MLDSA3,       // Strongest signatures
        AEAD: qzmq.AES256GCM,    // Hardware-accelerated
    },
    Mode: qzmq.ModePQOnly,       // Reject non-PQ algorithms
    KeyRotation: qzmq.KeyRotationPolicy{
        MaxMessages: 1<<30,      // Rotate after 1B messages
        MaxBytes:    1<<40,      // Rotate after 1TB
        MaxAge:      5*time.Minute,
    },
}

transport, err := qzmq.New(opts)

Cryptographic Suites

Suite KEM Signature AEAD Security Level
Conservative ML-KEM-1024 ML-DSA-3 AES-256-GCM 192-bit
Balanced ML-KEM-768 ML-DSA-2 AES-256-GCM 128-bit
Hybrid X25519+ML-KEM-768 ML-DSA-2 AES-256-GCM 128-bit
Performance X25519 Ed25519 ChaCha20-Poly1305 128-bit

Performance

Benchmark results on Apple M2:

BenchmarkHandshake/Classical-8         5000    235124 ns/op
BenchmarkHandshake/Hybrid-8            2000    892341 ns/op
BenchmarkHandshake/PQOnly-8            1000   1243567 ns/op
BenchmarkEncrypt/AES256GCM-8        1000000      1053 ns/op
BenchmarkEncrypt/ChaCha20-8          500000      2341 ns/op

Throughput:

  • Classical: 10 Gbps
  • Hybrid: 8 Gbps
  • PQ-Only: 6 Gbps

Security Properties

Quantum Resistance: Secure against attacks by quantum computers
Perfect Forward Secrecy: Past sessions remain secure if keys are compromised
Authenticated Encryption: All messages are encrypted and authenticated
Replay Protection: Sequence numbers prevent message replay
Downgrade Protection: Cryptographic binding prevents algorithm downgrade

Architecture

QZMQ Transport Layer
├── Backend Abstraction
│   └── Go Backend (pebbe/zmq4)
├── Cryptographic Core
│   ├── KEM (ML-KEM, X25519, Hybrid)
│   ├── Signatures (ML-DSA, Ed25519)
│   ├── AEAD (AES-GCM, ChaCha20)
│   └── KDF (HKDF-SHA256/384)
├── Protocol Engine
│   ├── Handshake (1-RTT)
│   ├── Session Management
│   ├── Key Rotation
│   └── 0-RTT Resumption
└── Security Features
    ├── Anti-DoS Cookies
    ├── Rate Limiting
    └── Certificate Validation

Examples

See the examples/ directory for:

Testing

# Run all tests
go test ./...

# Run with race detector
go test -race ./...

# Run benchmarks
go test -bench=. ./...

Contributing

We welcome contributions! Please see CONTRIBUTING.md for guidelines.

Migration from CurveZMQ

QZMQ is designed as a drop-in replacement for CurveZMQ with quantum security.

Roadmap

  • Core implementation
  • Pure Go backend
  • C bindings support
  • Hardware acceleration (AES-NI, AVX2)
  • FIPS 140-3 certification
  • WebSocket transport
  • QUIC transport

License

Apache License 2.0 - see LICENSE for details.

References

Support

Built with ❤️ by Lux Network for a quantum-safe future.

Documentation

Overview

Package qzmq provides backend selection for different build configurations

Package qzmq provides quantum-safe encryption for ZeroMQ

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidOptions       = errors.New("invalid options")
	ErrBackendUnavailable   = errors.New("backend unavailable")
	ErrHandshakeFailed      = errors.New("handshake failed")
	ErrNotConnected         = errors.New("not connected")
	ErrAuthenticationFailed = errors.New("authentication failed")
	ErrKeyRotationFailed    = errors.New("key rotation failed")
	ErrTimeout              = errors.New("operation timed out")
)

Errors

Functions

func GetBackendInfo 

func GetBackendInfo() string

GetBackendInfo returns information about the current backend

func IsQuantumEnabled 

func IsQuantumEnabled() bool

IsQuantumEnabled checks if quantum security features are available

func TestPattern added in v0.1.3 

func TestPattern(t *testing.T, serverType, clientType SocketType, port int)

TestPattern runs a standard test for a socket pattern

func UpdateKEMFactory added in v0.1.2 

func UpdateKEMFactory()

UpdateKEMFactory updates the getKEM function to use real implementations

func ValidateBackend 

func ValidateBackend() error

ValidateBackend checks if the selected backend is properly configured

func ValidateBackendType 

func ValidateBackendType(backend BackendType) error

ValidateBackendType checks if a specific backend can be used

Types

type AEAD 

type AEAD interface {
	cipher.AEAD
}

AEAD interface for authenticated encryption

type AeadAlgorithm 

type AeadAlgorithm int

AeadAlgorithm represents AEAD algorithms 

const (
	AES256GCM AeadAlgorithm = iota
	ChaCha20Poly1305
)

func (AeadAlgorithm) String 

func (a AeadAlgorithm) String() string

String returns the string representation of AeadAlgorithm

type Backend 

type Backend int

Backend represents the underlying ZeroMQ implementation 

const (
	// BackendAuto automatically selects the best available backend
	BackendAuto Backend = iota
	// BackendGo uses pure Go implementation (pebbe/zmq4)
	BackendGo
)

type BackendCapabilities 

type BackendCapabilities struct {
	SupportsQuantum    bool
	SupportsMulticast  bool
	SupportsEncryption bool
	RequiresCGO        bool
	RequiresLibrary    string
	MaxThroughput      string
	TypicalLatency     string
}

BackendCapabilities describes what a backend supports

func GetBackendCapabilities 

func GetBackendCapabilities() BackendCapabilities

GetBackendCapabilities returns the capabilities of the current backend

type BackendType 

type BackendType string

BackendType represents the available backend implementations 

const (
	// BackendStub uses in-memory stub (no external dependencies)
	BackendStub BackendType = "stub"

	// BackendPebbe uses pebbe/zmq4 (requires libzmq and CGO)
	BackendPebbe BackendType = "pebbe"

	// BackendLuxZMQ uses luxfi/zmq (custom Lux implementation)
	BackendLuxZMQ BackendType = "luxzmq"

	// BackendCZMQ uses CZMQ (advanced ZeroMQ binding)
	BackendCZMQ BackendType = "czmq"
)

func DetectBackend 

func DetectBackend() BackendType

DetectBackend detects which backend to use based on build tags and environment

func SelectBackendForEnvironment 

func SelectBackendForEnvironment() BackendType

SelectBackendForEnvironment chooses the best backend for the runtime environment

type CertificateConfig 

type CertificateConfig struct {
	CACert     []byte
	ClientCert []byte
	ClientKey  []byte
	ServerCert []byte
	ServerKey  []byte
	VerifyMode VerifyMode
}

CertificateConfig holds certificate settings

type Ed25519Signer added in v0.1.3 

type Ed25519Signer struct{}

Ed25519Signer implements Ed25519 signatures

func (*Ed25519Signer) GenerateKey added in v0.1.3 

func (s *Ed25519Signer) GenerateKey() (SigningKey, error)

func (*Ed25519Signer) PublicKeySize added in v0.1.3 

func (s *Ed25519Signer) PublicKeySize() int

func (*Ed25519Signer) Sign added in v0.1.3 

func (s *Ed25519Signer) Sign(sk SigningKey, message []byte) ([]byte, error)

func (*Ed25519Signer) SignatureSize added in v0.1.3 

func (s *Ed25519Signer) SignatureSize() int

func (*Ed25519Signer) Verify added in v0.1.3 

func (s *Ed25519Signer) Verify(pk VerifyingKey, message, signature []byte) bool

type HashAlgorithm 

type HashAlgorithm int

HashAlgorithm represents hash algorithms 

const (
	SHA256 HashAlgorithm = iota
	SHA384
	SHA512
	BLAKE3
)

type HybridKEM 

type HybridKEM struct {
	// contains filtered or unexported fields
}

HybridKEM combines classical and post-quantum KEMs

func NewHybridKEM 

func NewHybridKEM(classical, pq KEM) *HybridKEM

func (*HybridKEM) CiphertextSize 

func (h *HybridKEM) CiphertextSize() int

func (*HybridKEM) Decapsulate 

func (h *HybridKEM) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*HybridKEM) Encapsulate 

func (h *HybridKEM) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*HybridKEM) GenerateKeyPair 

func (h *HybridKEM) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*HybridKEM) PrivateKeySize 

func (h *HybridKEM) PrivateKeySize() int

func (*HybridKEM) PublicKeySize 

func (h *HybridKEM) PublicKeySize() int

func (*HybridKEM) SharedSecretSize 

func (h *HybridKEM) SharedSecretSize() int

type HybridMLKEM added in v0.1.2 

type HybridMLKEM struct {
	// contains filtered or unexported fields
}

HybridMLKEM implements hybrid X25519 + ML-KEM-768

func NewHybridMLKEM added in v0.1.2 

func NewHybridMLKEM() *HybridMLKEM

func (*HybridMLKEM) CiphertextSize added in v0.1.2 

func (h *HybridMLKEM) CiphertextSize() int

func (*HybridMLKEM) Decapsulate added in v0.1.2 

func (h *HybridMLKEM) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*HybridMLKEM) Encapsulate added in v0.1.2 

func (h *HybridMLKEM) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*HybridMLKEM) GenerateKeyPair added in v0.1.2 

func (h *HybridMLKEM) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*HybridMLKEM) PrivateKeySize added in v0.1.2 

func (h *HybridMLKEM) PrivateKeySize() int

func (*HybridMLKEM) PublicKeySize added in v0.1.2 

func (h *HybridMLKEM) PublicKeySize() int

func (*HybridMLKEM) SharedSecretSize added in v0.1.2 

func (h *HybridMLKEM) SharedSecretSize() int

type KEM 

type KEM interface {
	GenerateKeyPair() (PublicKey, PrivateKey, error)
	Encapsulate(pk PublicKey) (ciphertext []byte, sharedSecret []byte, err error)
	Decapsulate(sk PrivateKey, ciphertext []byte) (sharedSecret []byte, err error)
	PublicKeySize() int
	PrivateKeySize() int
	CiphertextSize() int
	SharedSecretSize() int
}

KEM interface for key encapsulation

type KemAlgorithm 

type KemAlgorithm int

KemAlgorithm represents key encapsulation mechanisms 

const (
	X25519 KemAlgorithm = iota
	MLKEM768
	MLKEM1024
	HybridX25519MLKEM768
	HybridX25519MLKEM1024
)

func (KemAlgorithm) String 

func (k KemAlgorithm) String() string

String returns the string representation of KemAlgorithm

type KeyRotationPolicy 

type KeyRotationPolicy struct {
	MaxMessages uint64
	MaxBytes    uint64
	MaxAge      time.Duration
}

KeyRotationPolicy defines when to rotate keys

type MLDSASigner added in v0.1.3 

type MLDSASigner struct {
	// contains filtered or unexported fields
}

MLDSASigner implements ML-DSA (Dilithium) signatures

func (*MLDSASigner) GenerateKey added in v0.1.3 

func (s *MLDSASigner) GenerateKey() (SigningKey, error)

func (*MLDSASigner) PublicKeySize added in v0.1.3 

func (s *MLDSASigner) PublicKeySize() int

func (*MLDSASigner) Sign added in v0.1.3 

func (s *MLDSASigner) Sign(sk SigningKey, message []byte) ([]byte, error)

func (*MLDSASigner) SignatureSize added in v0.1.3 

func (s *MLDSASigner) SignatureSize() int

func (*MLDSASigner) Verify added in v0.1.3 

func (s *MLDSASigner) Verify(pk VerifyingKey, message, signature []byte) bool

type MLKEM768Type 

type MLKEM768Type struct{}

MLKEM768Type implements ML-KEM-768 (stub)

func (*MLKEM768Type) CiphertextSize 

func (k *MLKEM768Type) CiphertextSize() int

func (*MLKEM768Type) Decapsulate 

func (k *MLKEM768Type) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*MLKEM768Type) Encapsulate 

func (k *MLKEM768Type) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*MLKEM768Type) GenerateKeyPair 

func (k *MLKEM768Type) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*MLKEM768Type) PrivateKeySize 

func (k *MLKEM768Type) PrivateKeySize() int

func (*MLKEM768Type) PublicKeySize 

func (k *MLKEM768Type) PublicKeySize() int

func (*MLKEM768Type) SharedSecretSize 

func (k *MLKEM768Type) SharedSecretSize() int

type MLKEM1024Type 

type MLKEM1024Type struct{}

MLKEM1024Type implements ML-KEM-1024 (stub)

func (*MLKEM1024Type) CiphertextSize 

func (k *MLKEM1024Type) CiphertextSize() int

func (*MLKEM1024Type) Decapsulate 

func (k *MLKEM1024Type) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*MLKEM1024Type) Encapsulate 

func (k *MLKEM1024Type) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*MLKEM1024Type) GenerateKeyPair 

func (k *MLKEM1024Type) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*MLKEM1024Type) PrivateKeySize 

func (k *MLKEM1024Type) PrivateKeySize() int

func (*MLKEM1024Type) PublicKeySize 

func (k *MLKEM1024Type) PublicKeySize() int

func (*MLKEM1024Type) SharedSecretSize 

func (k *MLKEM1024Type) SharedSecretSize() int

type Mode 

type Mode int

Mode represents the security mode 

const (
	// ModeHybrid allows both classical and post-quantum algorithms
	ModeHybrid Mode = iota
	// ModePQOnly enforces post-quantum only algorithms
	ModePQOnly
	// ModeClassical uses only classical algorithms (not recommended)
	ModeClassical
)

type Options 

type Options struct {
	// Backend selects the ZeroMQ implementation
	Backend Backend

	// Suite defines the cryptographic algorithms
	Suite Suite

	// Mode sets the security mode
	Mode Mode

	// KeyRotation configures automatic key rotation
	KeyRotation KeyRotationPolicy

	// AntiDoS enables DoS protection
	AntiDoS bool

	// ZeroRTT enables 0-RTT resumption
	ZeroRTT bool

	// MaxEarlyData limits 0-RTT data size
	MaxEarlyData uint32

	// Certificates for authentication
	Certificates *CertificateConfig

	// Timeouts for operations
	Timeouts TimeoutConfig
}

Options configures the QZMQ transport

func ConservativeOptions 

func ConservativeOptions() Options

ConservativeOptions returns maximum security options

func DefaultOptions 

func DefaultOptions() Options

DefaultOptions returns recommended default options

func PerformanceOptions 

func PerformanceOptions() Options

PerformanceOptions returns high-performance options

type PrivateKey 

type PrivateKey interface {
	Bytes() []byte
	Public() PublicKey
}

PrivateKey represents a private key

type PublicKey 

type PublicKey interface {
	Bytes() []byte
}

PublicKey represents a public key

type RealMLKEM768 added in v0.1.2 

type RealMLKEM768 struct{}

RealMLKEM768 implements ML-KEM-768 using the actual FIPS 203 implementation

func (*RealMLKEM768) CiphertextSize added in v0.1.2 

func (k *RealMLKEM768) CiphertextSize() int

func (*RealMLKEM768) Decapsulate added in v0.1.2 

func (k *RealMLKEM768) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*RealMLKEM768) Encapsulate added in v0.1.2 

func (k *RealMLKEM768) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*RealMLKEM768) GenerateKeyPair added in v0.1.2 

func (k *RealMLKEM768) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*RealMLKEM768) PrivateKeySize added in v0.1.2 

func (k *RealMLKEM768) PrivateKeySize() int

func (*RealMLKEM768) PublicKeySize added in v0.1.2 

func (k *RealMLKEM768) PublicKeySize() int

func (*RealMLKEM768) SharedSecretSize added in v0.1.2 

func (k *RealMLKEM768) SharedSecretSize() int

type RealMLKEM1024 added in v0.1.2 

type RealMLKEM1024 struct{}

RealMLKEM1024 implements ML-KEM-1024 using the actual FIPS 203 implementation

func (*RealMLKEM1024) CiphertextSize added in v0.1.2 

func (k *RealMLKEM1024) CiphertextSize() int

func (*RealMLKEM1024) Decapsulate added in v0.1.2 

func (k *RealMLKEM1024) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*RealMLKEM1024) Encapsulate added in v0.1.2 

func (k *RealMLKEM1024) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*RealMLKEM1024) GenerateKeyPair added in v0.1.2 

func (k *RealMLKEM1024) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*RealMLKEM1024) PrivateKeySize added in v0.1.2 

func (k *RealMLKEM1024) PrivateKeySize() int

func (*RealMLKEM1024) PublicKeySize added in v0.1.2 

func (k *RealMLKEM1024) PublicKeySize() int

func (*RealMLKEM1024) SharedSecretSize added in v0.1.2 

func (k *RealMLKEM1024) SharedSecretSize() int

type SignatureAlgorithm 

type SignatureAlgorithm int

SignatureAlgorithm represents signature algorithms 

const (
	Ed25519 SignatureAlgorithm = iota
	MLDSA2
	MLDSA3
)

func (SignatureAlgorithm) String 

func (s SignatureAlgorithm) String() string

String returns the string representation of SignatureAlgorithm

type Signer added in v0.1.3 

type Signer interface {
	GenerateKey() (SigningKey, error)
	Sign(sk SigningKey, message []byte) ([]byte, error)
	Verify(pk VerifyingKey, message, signature []byte) bool
	PublicKeySize() int
	SignatureSize() int
}

Signer interface for digital signatures

type SigningKey added in v0.1.3 

type SigningKey interface {
	Bytes() []byte
	Public() VerifyingKey
}

SigningKey represents a signing private key

type Socket 

type Socket interface {
	// Bind binds the socket to an endpoint
	Bind(endpoint string) error

	// Connect connects the socket to an endpoint
	Connect(endpoint string) error

	// Send sends an encrypted message
	Send(data []byte) error

	// SendMultipart sends a multipart encrypted message
	SendMultipart(parts [][]byte) error

	// Recv receives and decrypts a message
	Recv() ([]byte, error)

	// RecvMultipart receives and decrypts a multipart message
	RecvMultipart() ([][]byte, error)

	// Subscribe sets a subscription filter (SUB sockets only)
	Subscribe(filter string) error

	// Unsubscribe removes a subscription filter
	Unsubscribe(filter string) error

	// SetOption sets a socket option
	SetOption(name string, value interface{}) error

	// GetOption gets a socket option
	GetOption(name string) (interface{}, error)

	// Close closes the socket
	Close() error

	// GetMetrics returns socket metrics
	GetMetrics() *SocketMetrics
}

Socket represents a QZMQ-secured ZeroMQ socket

type SocketMetrics 

type SocketMetrics struct {
	MessagesSent     uint64
	MessagesReceived uint64
	BytesSent        uint64
	BytesReceived    uint64
	Errors           uint64
	KeyUpdates       uint64
	AverageLatency   time.Duration
}

SocketMetrics contains per-socket metrics

func NewSocketMetrics 

func NewSocketMetrics() *SocketMetrics

NewSocketMetrics creates a new SocketMetrics instance

type SocketType 

type SocketType int

SocketType represents ZeroMQ socket types 

const (
	REQ    SocketType = iota // Request
	REP                      // Reply
	DEALER                   // Dealer
	ROUTER                   // Router
	PUB                      // Publisher
	SUB                      // Subscriber
	XPUB                     // Extended publisher
	XSUB                     // Extended subscriber
	PUSH                     // Push
	PULL                     // Pull
	PAIR                     // Pair
	STREAM                   // Stream
)

func (SocketType) String 

func (s SocketType) String() string

String returns the string representation of SocketType

type Stats 

type Stats struct {
	HandshakesCompleted uint64
	HandshakesFailed    uint64
	MessagesEncrypted   uint64
	MessagesDecrypted   uint64
	BytesSent           uint64
	BytesReceived       uint64
	KeyRotations        uint64
	AuthFailures        uint64
	ReplayAttempts      uint64
}

Stats contains transport statistics

type Suite 

type Suite struct {
	KEM  KemAlgorithm
	Sign SignatureAlgorithm
	AEAD AeadAlgorithm
	Hash HashAlgorithm
}

Suite defines a cryptographic suite

type TestContext added in v0.1.3 

type TestContext struct {
	// contains filtered or unexported fields
}

TestContext provides common test utilities

func NewTestContext added in v0.1.3 

func NewTestContext(t *testing.T, opts Options) *TestContext

NewTestContext creates a new test context

func (*TestContext) AssertMetrics added in v0.1.3 

func (tc *TestContext) AssertMetrics(socket Socket, minMessages, minBytes int)

AssertMetrics checks socket metrics

func (*TestContext) BindSocket added in v0.1.3 

func (tc *TestContext) BindSocket(socketType SocketType, port int) Socket

BindSocket creates, binds, and tracks a socket

func (*TestContext) Cleanup added in v0.1.3 

func (tc *TestContext) Cleanup()

Cleanup closes all tracked sockets and the transport

func (*TestContext) ConnectSocket added in v0.1.3 

func (tc *TestContext) ConnectSocket(socketType SocketType, port int) Socket

ConnectSocket creates, connects, and tracks a socket

func (*TestContext) CreatePair added in v0.1.3 

func (tc *TestContext) CreatePair(serverType, clientType SocketType, port int) (Socket, Socket)

CreatePair creates a connected socket pair

func (*TestContext) CreateSocket added in v0.1.3 

func (tc *TestContext) CreateSocket(socketType SocketType) Socket

CreateSocket creates a socket and tracks it for cleanup

func (*TestContext) EchoServer added in v0.1.3 

func (tc *TestContext) EchoServer(socket Socket, done <-chan struct{})

EchoServer runs a simple echo server in the background

func (*TestContext) RouterEchoServer added in v0.1.3 

func (tc *TestContext) RouterEchoServer(router Socket, done <-chan struct{})

RouterEchoServer runs a router echo server

func (*TestContext) SendRecv added in v0.1.3 

func (tc *TestContext) SendRecv(sender, receiver Socket, msg []byte)

SendRecv performs a send-receive cycle

type TimeoutConfig 

type TimeoutConfig struct {
	Handshake time.Duration
	Heartbeat time.Duration
	Linger    time.Duration
}

TimeoutConfig holds timeout settings

type Transport 

type Transport interface {
	// NewSocket creates a new QZMQ-secured socket
	NewSocket(socketType SocketType) (Socket, error)

	// SetOption sets a transport-level option
	SetOption(name string, value interface{}) error

	// GetOption gets a transport-level option
	GetOption(name string) (interface{}, error)

	// Close closes the transport and all sockets
	Close() error

	// Stats returns transport statistics
	Stats() *Stats
}

Transport is the main QZMQ transport interface

func New 

func New(opts Options) (Transport, error)

New creates a new QZMQ transport with the specified options

type VerifyMode 

type VerifyMode int

VerifyMode defines certificate verification 

const (
	VerifyNone VerifyMode = iota
	VerifyPeer
	VerifyFailIfNoPeerCert
)

type VerifyingKey added in v0.1.3 

type VerifyingKey interface {
	Bytes() []byte
}

VerifyingKey represents a verification public key

type X25519KEM 

type X25519KEM struct{}

X25519KEM implements X25519 key encapsulation

func (*X25519KEM) CiphertextSize 

func (k *X25519KEM) CiphertextSize() int

func (*X25519KEM) Decapsulate 

func (k *X25519KEM) Decapsulate(sk PrivateKey, ciphertext []byte) ([]byte, error)

func (*X25519KEM) Encapsulate 

func (k *X25519KEM) Encapsulate(pk PublicKey) ([]byte, []byte, error)

func (*X25519KEM) GenerateKeyPair 

func (k *X25519KEM) GenerateKeyPair() (PublicKey, PrivateKey, error)

func (*X25519KEM) PrivateKeySize 

func (k *X25519KEM) PrivateKeySize() int

func (*X25519KEM) PublicKeySize 

func (k *X25519KEM) PublicKeySize() int

func (*X25519KEM) SharedSecretSize 

func (k *X25519KEM) SharedSecretSize() int

Source Files

View all Source files

Directories

Path Synopsis
examples
basic command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.