Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
gitee.com/tcp_safe_communication/tcp_server_golang
gitee.com/tcp_safe_communication/tcp_server_golang
- v0.0.0-20211201105257-1b500f2d4360
- Go
- Version published
- Created
tcp_server_golang
介绍
使用go实现的tcp安全认证通信服务端
软件架构
- 使用golang内置库的net库来完成tcp通信,采用一个客户一个协程的模型。
- 在认证之前,服务和客户采用特定指令来完成认证过程,认证完成才会进入正常的加密通信中。
- 服务器会将一定时间内未认证的连接对象断开。
- 非对称密钥使用的是RSA,会话密钥使用的是AES对称密钥。
TCP认证流程图
抱歉图中有一个错误:图中客户收到公钥后,是使用这个公钥来加密生成的会话密钥。
安装教程 && 使用说明
认证后的通信在communication方法中:
- 我们只要在dealReceiveData方法中处理收到的数据。
- 发送数据调用ClientConn对象的WriteDecrypt方法就行。
参与贡献
- Fork 本仓库
- 新建 Feat_xxx 分支
- 提交代码
- 新建 Pull Request
感谢第三方库
https://github.com/satori/go.uuid
致谢
最后如何对您有帮助的话,可以赏作者一杯咖啡,谢谢^_^
FAQs
Unknown package
Package last updated on 01 Dec 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024