This repo is for a Go module implementing a minimal subset of the PERC architecture for secure conferencing.
The overall design has a few pieces:
- An updated version of Firefox that supports EKT and double GCM
- An NSS-based DTLS server (KD) that can negotiate double and EKT
- A simple MD that:
- Routes DTLS packets between the client and the KD
- Re-encrypts packets from one client to the others
# Fetch percy through go
> go get github.com/bifurcation/percy
> cd $GOROOT/src/github.com/bifurcation/percy/cmd
> go run main.go
# Pull the appropriate branch of NSS
# Note: This assumes a working build of NSS, see:
# https://wiki.mozilla.org/NSS/Build_System
> cd $NSS_ROOT
> git remote add ekr https://github.com/ekr/nss.git
> git fetch ekr
> git checkout -b perc_dtls_server ekr/perc_dtls_server
> make nss_build_all
> tests/ssl_gtests/ssl_gtests.sh
# For Mac:
> DYLD_LIBRARY_PATH=../dist/$PLATFORM/lib/ ../dist/$PLATFORM/bin/perc_server
# For Linux:
> LD_LIBRARY_PATH=../dist/$PLATFORM/lib/ ../dist/$PLATFORM/bin/perc_server
# Pull the appropriate branch of Firefox
# Note: This assumes a working build of Firefox, see:
# https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Build_Instructions
> cd $FIREFOX_ROOT
> git remote add bifurcation https://github.com/bifurcation/gecko-dev
> git checkout -b libsrtp-ekt bifurcation/libsrtp-ekt
> ./mach build
> ./mach run
# Run the example WebRTC app
> cd cmd && go run main.go
# Open in Firefox: https://localhost:4430/
# Click through certificate warning
# Click "Run"