Secure Session service.
Secure Session is a lightweight mechanism for securing any kind of network communication (both private and public networks, including the Internet). It is protocol-agnostic and operates on the 5th layer of the network OSI model (the session layer).
Communication over Secure Session consists of two stages:
- negotiation stage (key agreement);
- actual data exchange.
During the negotiation stage, peers exchange their cryptographic material and authenticate each other. After a successful mutual authentication, each peer derives a session-shared secret and other auxiliary info from the session (session ID, initial vectors, etc.)
During the data exchange stage, peers securely exchange data provided by higher layer protocols.
To sum it up, you begin by implementing a
SecureSessionTransport. You have to implement
at least the
get_public_key_for_id method and may want to implement some others.
Then you acquire the asymmetric key pairs and distribute the public keys associated with
peer IDs — arbitrary byte strings used to identify communicating Secure Sessions.
With that you can create an instance of
SecureSession on both the client and the server.
Next you go through the negotiation stage using
methods until the connection
is_established. After that the Secure Sessions are ready
for data exchange which is performed using
There is also an alternative buffer-oriented API. See
SecureSession documentation to learn
Secure Session context.
Transport layer error.
State of Secure Session connection.
Transport delegate for Secure Session.