I'm starting to implement support for SecretHandshake <https://github.com/auditdrivencrypto/secret-handshake>, a "secure-channel based on a a mutually authenticating key agreement handshake, with forward secure identity metadata". shs1-c <https://github.com/AljoschaMeyer/shs1-c> implements the crypto part, resulting in a pair of symmetric stream-cipher keys; beyond that I'm going to copy and paste and hack the C++ Cap'n Proto TLS code <https://github.com/capnproto/capnproto/blob/master/c%2B%2B/src/kj/compat/tls.c%2B%2B>, despite being a total newbie at kj.
Basically all I need to do is create a Cap'n Proto RPC connection that splices into the TCP I/O and initially does a couple of data exchanges via shs1-c, then filters the data streams through the ciphers. I'm writing in case anyone has knowledge about the kj side of this that they'd like to share. I'll reply here once I've got this working, and I plan to release the code as open source. --Jens -- You received this message because you are subscribed to the Google Groups "Cap'n Proto" group. To unsubscribe from this group and stop receiving emails from it, send an email to capnproto+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/capnproto/fe6b6564-3f08-478e-af5c-2bf461ea0e81n%40googlegroups.com.
