Skip to content

A port of Rosenpass post-quantum key-exchange protocol to Go.

License

Notifications You must be signed in to change notification settings

cunicu/go-rosenpass

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

go-rosenpass

Codecov branch goreportcard License GitHub go.mod Go version Go Reference

🚧 go-rosenpass has not been audited. Please use with care!

go-rosenpass is a port of Rosenpass to Go.

The implementation aims to be compatible with the reference implementation in Rust for the:

  • on-wire protocol
  • handshake parameters
  • command-line interface

Installation

Binary releases

go-rosenpass distributes builds via GitHub Releases. You can download a pre-built binary from there.

From source

go install cunicu.li/go-rosenpass/cmd@latest

Example Setup

# Generate our own WireGuard key pair
WG_PRIVATE_KEY=$(wg genkey)
WG_PUBLIC_KEY=$(wg pubkey <<< ${WG_PRIVATE_KEY})

# Generate our own Rosenpass key pair
go-rosenpass gen-keys-intf wg0

# Show our details
echo "Your hostname: $(hostname)"
echo "Your WireGuard public key: ${WG_PUBLIC_KEY}"

# Query the peer details
read -p "Enter your peers hostname: " PEER
read -p "Enter your peers WireGuard public key: " WG_PUBLIC_KEY_PEER

# Exchange Rosenpass public key
scp /etc/wireguard/wg0/pqpk root@${PEER}:/etc/wireguard/wg0/${WG_PUBLIC_KEY//\//}.pqpk

# Generate wg-quick configuration
cat <<EOF >> /etc/wireguard/wg0.conf
[Interface]
PrivateKey = ${WG_PRIVATE_KEY}
ListenPort = 51820

PostUp = go-rosenpass exchange-intf %i & echo $! > /run/go-rosenpass.%i.pid
PreDown = pkill -F /run/go-rosenpass.%i.pid || true

[Peer]
PublicKey = ${WG_PUBLIC_KEY_PEER}
Endpoint = ${PEER}:51820
EOF

# Bring connection up
wg-quick up wg0

References

Contact

Please have a look at the contact page: cunicu.li/docs/contact.

License

go-rosenpass is licensed under the Apache 2.0 license.

  • SPDX-FileCopyrightText: 2023 Steffen Vogel [email protected]
  • SPDX-License-Identifier: Apache-2.0