crypto -> p2p/crypto

The crypto package moves into p2p. Nothing in it so far is ipfs specific; everything is p2p-general.

crypto -> p2p/crypto
The crypto package moves into p2p. Nothing in it so far is ipfs specific; everything is p2p-general.
bfcb95d6 · Juan Batiz-Benet · 0c1fe86b · bfcb95d6 · bfcb95d6 · bfcb95d6
Commit bfcb95d6 authored Dec 29, 2014 by Juan Batiz-Benet
--- a/crypto/internal/pb/Makefile
+++ b/crypto/internal/pb/Makefile
+PB = $(wildcard *.proto)
+GO = $(PB:.proto=.pb.go)
+
+all: $(GO)
+
+%.pb.go: %.proto
+		protoc --gogo_out=. --proto_path=../../../../../../:/usr/local/opt/protobuf/include:. $<
+
+clean:
+		rm *.pb.go
--- a/crypto/internal/pb/crypto.pb.go
+++ b/crypto/internal/pb/crypto.pb.go
+// Code generated by protoc-gen-gogo.
+// source: crypto.proto
+// DO NOT EDIT!
+
+/*
+Package crypto_pb is a generated protocol buffer package.
+
+It is generated from these files:
+	crypto.proto
+
+It has these top-level messages:
+	PublicKey
+	PrivateKey
+*/
+package crypto_pb
+
+import proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/gogoprotobuf/proto"
+import math "math"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = math.Inf
+
+type KeyType int32
+
+const (
+	KeyType_RSA KeyType = 0
+)
+
+var KeyType_name = map[int32]string{
+	0: "RSA",
+}
+var KeyType_value = map[string]int32{
+	"RSA": 0,
+}
+
+func (x KeyType) Enum() *KeyType {
+	p := new(KeyType)
+	*p = x
+	return p
+}
+func (x KeyType) String() string {
+	return proto.EnumName(KeyType_name, int32(x))
+}
+func (x *KeyType) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(KeyType_value, data, "KeyType")
+	if err != nil {
+		return err
+	}
+	*x = KeyType(value)
+	return nil
+}
+
+type PublicKey struct {
+	Type             *KeyType `protobuf:"varint,1,req,enum=crypto.pb.KeyType" json:"Type,omitempty"`
+	Data             []byte   `protobuf:"bytes,2,req" json:"Data,omitempty"`
+	XXX_unrecognized []byte   `json:"-"`
+}
+
+func (m *PublicKey) Reset()         { *m = PublicKey{} }
+func (m *PublicKey) String() string { return proto.CompactTextString(m) }
+func (*PublicKey) ProtoMessage()    {}
+
+func (m *PublicKey) GetType() KeyType {
+	if m != nil && m.Type != nil {
+		return *m.Type
+	}
+	return KeyType_RSA
+}
+
+func (m *PublicKey) GetData() []byte {
+	if m != nil {
+		return m.Data
+	}
+	return nil
+}
+
+type PrivateKey struct {
+	Type             *KeyType `protobuf:"varint,1,req,enum=crypto.pb.KeyType" json:"Type,omitempty"`
+	Data             []byte   `protobuf:"bytes,2,req" json:"Data,omitempty"`
+	XXX_unrecognized []byte   `json:"-"`
+}
+
+func (m *PrivateKey) Reset()         { *m = PrivateKey{} }
+func (m *PrivateKey) String() string { return proto.CompactTextString(m) }
+func (*PrivateKey) ProtoMessage()    {}
+
+func (m *PrivateKey) GetType() KeyType {
+	if m != nil && m.Type != nil {
+		return *m.Type
+	}
+	return KeyType_RSA
+}
+
+func (m *PrivateKey) GetData() []byte {
+	if m != nil {
+		return m.Data
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterEnum("crypto.pb.KeyType", KeyType_name, KeyType_value)
+}
--- a/crypto/internal/pb/crypto.proto
+++ b/crypto/internal/pb/crypto.proto
+package crypto.pb;
+
+enum KeyType {
+	RSA = 0;
+}
+
+message PublicKey {
+	required KeyType Type = 1;
+	required bytes Data = 2;
+}
+
+message PrivateKey {
+	required KeyType Type = 1;
+	required bytes Data = 2;
+}
--- a/crypto/key.go
+++ b/crypto/key.go
+// package crypto implements various cryptographic utilities used by ipfs.
+// This includes a Public and Private key interface and an RSA key implementation
+// that satisfies it.
+package crypto
+
+import (
+	"bytes"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"io"
+
+	"crypto/elliptic"
+	"crypto/hmac"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"hash"
+
+	proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/goprotobuf/proto"
+
+	pb "github.com/jbenet/go-ipfs/p2p/crypto/internal/pb"
+	u "github.com/jbenet/go-ipfs/util"
+)
+
+var log = u.Logger("crypto")
+
+var ErrBadKeyType = errors.New("invalid or unsupported key type")
+
+const (
+	RSA = iota
+)
+
+// Key represents a crypto key that can be compared to another key
+type Key interface {
+	// Bytes returns a serialized, storeable representation of this key
+	Bytes() ([]byte, error)
+
+	// Hash returns the hash of this key
+	Hash() ([]byte, error)
+
+	// Equals checks whether two PubKeys are the same
+	Equals(Key) bool
+}
+
+// PrivKey represents a private key that can be used to generate a public key,
+// sign data, and decrypt data that was encrypted with a public key
+type PrivKey interface {
+	Key
+
+	// Cryptographically sign the given bytes
+	Sign([]byte) ([]byte, error)
+
+	// Return a public key paired with this private key
+	GetPublic() PubKey
+
+	// Generate a secret string of bytes
+	GenSecret() []byte
+
+	Decrypt(b []byte) ([]byte, error)
+}
+
+type PubKey interface {
+	Key
+
+	// Verify that 'sig' is the signed hash of 'data'
+	Verify(data []byte, sig []byte) (bool, error)
+
+	// Encrypt data in a way that can be decrypted by a paired private key
+	Encrypt(data []byte) ([]byte, error)
+}
+
+// Given a public key, generates the shared key.
+type GenSharedKey func([]byte) ([]byte, error)
+
+func GenerateKeyPair(typ, bits int) (PrivKey, PubKey, error) {
+	return GenerateKeyPairWithReader(typ, bits, rand.Reader)
+}
+
+// Generates a keypair of the given type and bitsize
+func GenerateKeyPairWithReader(typ, bits int, src io.Reader) (PrivKey, PubKey, error) {
+	switch typ {
+	case RSA:
+		priv, err := rsa.GenerateKey(src, bits)
+		if err != nil {
+			return nil, nil, err
+		}
+		pk := &priv.PublicKey
+		return &RsaPrivateKey{sk: priv}, &RsaPublicKey{pk}, nil
+	default:
+		return nil, nil, ErrBadKeyType
+	}
+}
+
+// Generates an ephemeral public key and returns a function that will compute
+// the shared secret key.  Used in the identify module.
+//
+// Focuses only on ECDH now, but can be made more general in the future.
+func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error) {
+	var curve elliptic.Curve
+
+	switch curveName {
+	case "P-224":
+		curve = elliptic.P224()
+	case "P-256":
+		curve = elliptic.P256()
+	case "P-384":
+		curve = elliptic.P384()
+	case "P-521":
+		curve = elliptic.P521()
+	}
+
+	priv, x, y, err := elliptic.GenerateKey(curve, rand.Reader)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	pubKey := elliptic.Marshal(curve, x, y)
+	// log.Debug("GenerateEKeyPair %d", len(pubKey))
+
+	done := func(theirPub []byte) ([]byte, error) {
+		// Verify and unpack node's public key.
+		x, y := elliptic.Unmarshal(curve, theirPub)
+		if x == nil {
+			return nil, fmt.Errorf("Malformed public key: %d %v", len(theirPub), theirPub)
+		}
+
+		if !curve.IsOnCurve(x, y) {
+			return nil, errors.New("Invalid public key.")
+		}
+
+		// Generate shared secret.
+		secret, _ := curve.ScalarMult(x, y, priv)
+
+		return secret.Bytes(), nil
+	}
+
+	return pubKey, done, nil
+}
+
+type StretchedKeys struct {
+	IV        []byte
+	MacKey    []byte
+	CipherKey []byte
+}
+
+// Generates a set of keys for each party by stretching the shared key.
+// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey)
+func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) {
+	var cipherKeySize int
+	var ivSize int
+	switch cipherType {
+	case "AES-128":
+		ivSize = 16
+		cipherKeySize = 16
+	case "AES-256":
+		ivSize = 16
+		cipherKeySize = 32
+	case "Blowfish":
+		ivSize = 8
+		// Note: 24 arbitrarily selected, needs more thought
+		cipherKeySize = 32
+	}
+
+	hmacKeySize := 20
+
+	seed := []byte("key expansion")
+
+	result := make([]byte, 2*(ivSize+cipherKeySize+hmacKeySize))
+
+	var h func() hash.Hash
+
+	switch hashType {
+	case "SHA1":
+		h = sha1.New
+	case "SHA256":
+		h = sha256.New
+	case "SHA512":
+		h = sha512.New
+	default:
+		panic("Unrecognized hash function, programmer error?")
+	}
+
+	m := hmac.New(h, secret)
+	m.Write(seed)
+
+	a := m.Sum(nil)
+
+	j := 0
+	for j < len(result) {
+		m.Reset()
+		m.Write(a)
+		m.Write(seed)
+		b := m.Sum(nil)
+
+		todo := len(b)
+
+		if j+todo > len(result) {
+			todo = len(result) - j
+		}
+
+		copy(result[j:j+todo], b)
+
+		j += todo
+
+		m.Reset()
+		m.Write(a)
+		a = m.Sum(nil)
+	}
+
+	half := len(result) / 2
+	r1 := result[:half]
+	r2 := result[half:]
+
+	var k1 StretchedKeys
+	var k2 StretchedKeys
+
+	k1.IV = r1[0:ivSize]
+	k1.CipherKey = r1[ivSize : ivSize+cipherKeySize]
+	k1.MacKey = r1[ivSize+cipherKeySize:]
+
+	k2.IV = r2[0:ivSize]
+	k2.CipherKey = r2[ivSize : ivSize+cipherKeySize]
+	k2.MacKey = r2[ivSize+cipherKeySize:]
+
+	return k1, k2
+}
+
+// UnmarshalPublicKey converts a protobuf serialized public key into its
+// representative object
+func UnmarshalPublicKey(data []byte) (PubKey, error) {
+	pmes := new(pb.PublicKey)
+	err := proto.Unmarshal(data, pmes)
+	if err != nil {
+		return nil, err
+	}
+
+	switch pmes.GetType() {
+	case pb.KeyType_RSA:
+		return UnmarshalRsaPublicKey(pmes.GetData())
+	default:
+		return nil, ErrBadKeyType
+	}
+}
+
+// MarshalPublicKey converts a public key object into a protobuf serialized
+// public key
+func MarshalPublicKey(k PubKey) ([]byte, error) {
+	b, err := MarshalRsaPublicKey(k.(*RsaPublicKey))
+	if err != nil {
+		return nil, err
+	}
+	pmes := new(pb.PublicKey)
+	typ := pb.KeyType_RSA // for now only type.
+	pmes.Type = &typ
+	pmes.Data = b
+	return proto.Marshal(pmes)
+}
+
+// UnmarshalPrivateKey converts a protobuf serialized private key into its
+// representative object
+func UnmarshalPrivateKey(data []byte) (PrivKey, error) {
+	pmes := new(pb.PrivateKey)
+	err := proto.Unmarshal(data, pmes)
+	if err != nil {
+		return nil, err
+	}
+
+	switch pmes.GetType() {
+	case pb.KeyType_RSA:
+		return UnmarshalRsaPrivateKey(pmes.GetData())
+	default:
+		return nil, ErrBadKeyType
+	}
+}
+
+// MarshalPrivateKey converts a key object into its protobuf serialized form.
+func MarshalPrivateKey(k PrivKey) ([]byte, error) {
+	b := MarshalRsaPrivateKey(k.(*RsaPrivateKey))
+	pmes := new(pb.PrivateKey)
+	typ := pb.KeyType_RSA // for now only type.
+	pmes.Type = &typ
+	pmes.Data = b
+	return proto.Marshal(pmes)
+}
+
+// ConfigDecodeKey decodes from b64 (for config file), and unmarshals.
+func ConfigDecodeKey(b string) ([]byte, error) {
+	return base64.StdEncoding.DecodeString(b)
+}
+
+// ConfigEncodeKey encodes to b64 (for config file), and marshals.
+func ConfigEncodeKey(b []byte) string {
+	return base64.StdEncoding.EncodeToString(b)
+}
+
+// KeyEqual checks whether two
+func KeyEqual(k1, k2 Key) bool {
+	if k1 == k2 {
+		return true
+	}
+
+	b1, err1 := k1.Bytes()
+	b2, err2 := k2.Bytes()
+	return bytes.Equal(b1, b2) && err1 == err2
+}
+
+// KeyHash hashes a key.
+func KeyHash(k Key) ([]byte, error) {
+	kb, err := k.Bytes()
+	if err != nil {
+		return nil, err
+	}
+	return u.Hash(kb), nil
+}
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
+package crypto_test
+
+import (
+	. "github.com/jbenet/go-ipfs/p2p/crypto"
+
+	"bytes"
+	tu "github.com/jbenet/go-ipfs/util/testutil"
+	"testing"
+)
+
+func TestRsaKeys(t *testing.T) {
+	sk, pk, err := tu.RandKeyPair(512)
+	if err != nil {
+		t.Fatal(err)
+	}
+	testKeySignature(t, sk)
+	testKeyEncoding(t, sk)
+	testKeyEquals(t, sk)
+	testKeyEquals(t, pk)
+}
+
+func testKeySignature(t *testing.T, sk PrivKey) {
+	pk := sk.GetPublic()
+
+	text := sk.GenSecret()
+	sig, err := sk.Sign(text)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	valid, err := pk.Verify(text, sig)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !valid {
+		t.Fatal("Invalid signature.")
+	}
+}
+
+func testKeyEncoding(t *testing.T, sk PrivKey) {
+	skbm, err := MarshalPrivateKey(sk)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sk2, err := UnmarshalPrivateKey(skbm)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	skbm2, err := MarshalPrivateKey(sk2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !bytes.Equal(skbm, skbm2) {
+		t.Error("skb -> marshal -> unmarshal -> skb failed.\n", skbm, "\n", skbm2)
+	}
+
+	pk := sk.GetPublic()
+	pkbm, err := MarshalPublicKey(pk)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = UnmarshalPublicKey(pkbm)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	pkbm2, err := MarshalPublicKey(pk)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !bytes.Equal(pkbm, pkbm2) {
+		t.Error("skb -> marshal -> unmarshal -> skb failed.\n", pkbm, "\n", pkbm2)
+	}
+}
+
+func testKeyEquals(t *testing.T, k Key) {
+	kb, err := k.Bytes()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !KeyEqual(k, k) {
+		t.Fatal("Key not equal to itself.")
+	}
+
+	if !KeyEqual(k, testkey(kb)) {
+		t.Fatal("Key not equal to key with same bytes.")
+	}
+
+	sk, pk, err := tu.RandKeyPair(512)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if KeyEqual(k, sk) {
+		t.Fatal("Keys should not equal.")
+	}
+
+	if KeyEqual(k, pk) {
+		t.Fatal("Keys should not equal.")
+	}
+}
+
+type testkey []byte
+
+func (pk testkey) Bytes() ([]byte, error) {
+	return pk, nil
+}
+
+func (pk testkey) Equals(k Key) bool {
+	return KeyEqual(pk, k)
+}
+
+func (pk testkey) Hash() ([]byte, error) {
+	return KeyHash(pk)
+}
--- a/crypto/rsa.go
+++ b/crypto/rsa.go
+package crypto
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"errors"
+
+	proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/goprotobuf/proto"
+
+	pb "github.com/jbenet/go-ipfs/p2p/crypto/internal/pb"
+)
+
+type RsaPrivateKey struct {
+	sk *rsa.PrivateKey
+	pk *rsa.PublicKey
+}
+
+type RsaPublicKey struct {
+	k *rsa.PublicKey
+}
+
+func (pk *RsaPublicKey) Verify(data, sig []byte) (bool, error) {
+	hashed := sha256.Sum256(data)
+	err := rsa.VerifyPKCS1v15(pk.k, crypto.SHA256, hashed[:], sig)
+	if err != nil {
+		return false, err
+	}
+	return true, nil
+}
+
+func (pk *RsaPublicKey) Bytes() ([]byte, error) {
+	b, err := x509.MarshalPKIXPublicKey(pk.k)
+	if err != nil {
+		return nil, err
+	}
+
+	pbmes := new(pb.PublicKey)
+	typ := pb.KeyType_RSA
+	pbmes.Type = &typ
+	pbmes.Data = b
+	return proto.Marshal(pbmes)
+}
+
+func (pk *RsaPublicKey) Encrypt(b []byte) ([]byte, error) {
+	return rsa.EncryptPKCS1v15(rand.Reader, pk.k, b)
+}
+
+// Equals checks whether this key is equal to another
+func (pk *RsaPublicKey) Equals(k Key) bool {
+	return KeyEqual(pk, k)
+}
+
+func (pk *RsaPublicKey) Hash() ([]byte, error) {
+	return KeyHash(pk)
+}
+
+func (sk *RsaPrivateKey) GenSecret() []byte {
+	buf := make([]byte, 16)
+	rand.Read(buf)
+	return buf
+}
+
+func (sk *RsaPrivateKey) Sign(message []byte) ([]byte, error) {
+	hashed := sha256.Sum256(message)
+	return rsa.SignPKCS1v15(rand.Reader, sk.sk, crypto.SHA256, hashed[:])
+}
+
+func (sk *RsaPrivateKey) GetPublic() PubKey {
+	if sk.pk == nil {
+		sk.pk = &sk.sk.PublicKey
+	}
+	return &RsaPublicKey{sk.pk}
+}
+
+func (sk *RsaPrivateKey) Decrypt(b []byte) ([]byte, error) {
+	return rsa.DecryptPKCS1v15(rand.Reader, sk.sk, b)
+}
+
+func (sk *RsaPrivateKey) Bytes() ([]byte, error) {
+	b := x509.MarshalPKCS1PrivateKey(sk.sk)
+	pbmes := new(pb.PrivateKey)
+	typ := pb.KeyType_RSA
+	pbmes.Type = &typ
+	pbmes.Data = b
+	return proto.Marshal(pbmes)
+}
+
+// Equals checks whether this key is equal to another
+func (sk *RsaPrivateKey) Equals(k Key) bool {
+	return KeyEqual(sk, k)
+}
+
+func (sk *RsaPrivateKey) Hash() ([]byte, error) {
+	return KeyHash(sk)
+}
+
+func UnmarshalRsaPrivateKey(b []byte) (*RsaPrivateKey, error) {
+	sk, err := x509.ParsePKCS1PrivateKey(b)
+	if err != nil {
+		return nil, err
+	}
+	return &RsaPrivateKey{sk: sk}, nil
+}
+
+func MarshalRsaPrivateKey(k *RsaPrivateKey) []byte {
+	return x509.MarshalPKCS1PrivateKey(k.sk)
+}
+
+func UnmarshalRsaPublicKey(b []byte) (*RsaPublicKey, error) {
+	pub, err := x509.ParsePKIXPublicKey(b)
+	if err != nil {
+		return nil, err
+	}
+	pk, ok := pub.(*rsa.PublicKey)
+	if !ok {
+		return nil, errors.New("Not actually an rsa public key.")
+	}
+	return &RsaPublicKey{pk}, nil
+}
+
+func MarshalRsaPublicKey(k *RsaPublicKey) ([]byte, error) {
+	return x509.MarshalPKIXPublicKey(k.k)
+}
--- a/crypto/secio/al.go
+++ b/crypto/secio/al.go
+package secio
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/hmac"
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"hash"
+
+	bfish "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/go.crypto/blowfish"
+
+	ci "github.com/jbenet/go-ipfs/p2p/crypto"
+)
+
+// List of supported ECDH curves
+var SupportedExchanges = "P-256,P-224,P-384,P-521"
+
+// List of supported Ciphers
+var SupportedCiphers = "AES-256,AES-128,Blowfish"
+
+// List of supported Hashes
+var SupportedHashes = "SHA256,SHA512"
+
+type HMAC struct {
+	hash.Hash
+	size int
+}
+
+// encParams represent encryption parameters
+type encParams struct {
+	// keys
+	permanentPubKey ci.PubKey
+	ephemeralPubKey []byte
+	keys            ci.StretchedKeys
+
+	// selections
+	curveT  string
+	cipherT string
+	hashT   string
+
+	// cipher + mac
+	cipher cipher.Stream
+	mac    HMAC
+}
+
+func (e *encParams) makeMacAndCipher() error {
+	m, err := newMac(e.hashT, e.keys.MacKey)
+	if err != nil {
+		return err
+	}
+
+	bc, err := newBlockCipher(e.cipherT, e.keys.CipherKey)
+	if err != nil {
+		return err
+	}
+
+	e.cipher = cipher.NewCTR(bc, e.keys.IV)
+	e.mac = m
+	return nil
+}
+
+func newMac(hashType string, key []byte) (HMAC, error) {
+	switch hashType {
+	case "SHA1":
+		return HMAC{hmac.New(sha1.New, key), sha1.Size}, nil
+	case "SHA512":
+		return HMAC{hmac.New(sha512.New, key), sha512.Size}, nil
+	case "SHA256":
+		return HMAC{hmac.New(sha256.New, key), sha256.Size}, nil
+	default:
+		return HMAC{}, fmt.Errorf("Unrecognized hash type: %s", hashType)
+	}
+}
+
+func newBlockCipher(cipherT string, key []byte) (cipher.Block, error) {
+	switch cipherT {
+	case "AES-128", "AES-256":
+		return aes.NewCipher(key)
+	case "Blowfish":
+		return bfish.NewCipher(key)
+	default:
+		return nil, fmt.Errorf("Unrecognized cipher type: %s", cipherT)
+	}
+}
+
+// Determines which algorithm to use.  Note:  f(a, b) = f(b, a)
+func selectBest(order int, p1, p2 string) (string, error) {
+	var f, s []string
+	switch order {
+	case -1:
+		f = strings.Split(p2, ",")
+		s = strings.Split(p1, ",")
+	case 1:
+		f = strings.Split(p1, ",")
+		s = strings.Split(p2, ",")
+	default: // Exact same preferences.
+		p := strings.Split(p1, ",")
+		return p[0], nil
+	}
+
+	for _, fc := range f {
+		for _, sc := range s {
+			if fc == sc {
+				return fc, nil
+			}
+		}
+	}
+
+	return "", errors.New("No algorithms in common!")
+}
--- a/crypto/secio/interface.go
+++ b/crypto/secio/interface.go
+// package secio handles establishing secure communication between two peers.
+package secio
+
+import (
+	"io"
+
+	ci "github.com/jbenet/go-ipfs/p2p/crypto"
+
+	context "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/go.net/context"
+	msgio "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-msgio"
+
+	peer "github.com/jbenet/go-ipfs/p2p/peer"
+)
+
+// SessionGenerator constructs secure communication sessions for a peer.
+type SessionGenerator struct {
+	LocalID    peer.ID
+	PrivateKey ci.PrivKey
+}
+
+// NewSession takes an insecure io.ReadWriter, performs a TLS-like
+// handshake with the other side, and returns a secure session.
+// See the source for the protocol details and security implementation.
+// The provided Context is only needed for the duration of this function.
+func (sg *SessionGenerator) NewSession(ctx context.Context,
+	insecure io.ReadWriter) (Session, error) {
+
+	ss, err := newSecureSession(sg.LocalID, sg.PrivateKey)
+	if err != nil {
+		return nil, err
+	}
+
+	if ctx == nil {
+		ctx = context.Background()
+	}
+	ctx, cancel := context.WithCancel(ctx)
+	if err := ss.handshake(ctx, insecure); err != nil {
+		cancel()
+		return nil, err
+	}
+
+	return ss, nil
+}
+
+type Session interface {
+	// ReadWriter returns the encrypted communication channel
+	ReadWriter() msgio.ReadWriteCloser
+
+	// LocalPeer retrieves the local peer.
+	LocalPeer() peer.ID
+
+	// LocalPrivateKey retrieves the local private key
+	LocalPrivateKey() ci.PrivKey
+
+	// RemotePeer retrieves the remote peer.
+	RemotePeer() peer.ID
+
+	// RemotePublicKey retrieves the remote's public key
+	// which was received during the handshake.
+	RemotePublicKey() ci.PubKey
+
+	// Close closes the secure session
+	Close() error
+}
+
+// SecureReadWriter returns the encrypted communication channel
+func (s *secureSession) ReadWriter() msgio.ReadWriteCloser {
+	return s.secure
+}
+
+// LocalPeer retrieves the local peer.
+func (s *secureSession) LocalPeer() peer.ID {
+	return s.localPeer
+}
+
+// LocalPrivateKey retrieves the local peer's PrivateKey
+func (s *secureSession) LocalPrivateKey() ci.PrivKey {
+	return s.localKey
+}
+
+// RemotePeer retrieves the remote peer.
+func (s *secureSession) RemotePeer() peer.ID {
+	return s.remotePeer
+}
+
+// RemotePeer retrieves the remote peer.
+func (s *secureSession) RemotePublicKey() ci.PubKey {
+	return s.remote.permanentPubKey
+}
+
+// Close closes the secure session
+func (s *secureSession) Close() error {
+	return s.secure.Close()
+}
--- a/crypto/secio/internal/pb/Makefile
+++ b/crypto/secio/internal/pb/Makefile
+PB = $(wildcard *.proto)
+GO = $(PB:.proto=.pb.go)
+
+all: $(GO)
+
+%.pb.go: %.proto
+		protoc --gogo_out=. --proto_path=../../../../../../:/usr/local/opt/protobuf/include:. $<
+
+clean:
+		rm *.pb.go
--- a/crypto/secio/internal/pb/spipe.pb.go
+++ b/crypto/secio/internal/pb/spipe.pb.go
+// Code generated by protoc-gen-gogo.
+// source: spipe.proto
+// DO NOT EDIT!
+
+/*
+Package spipe_pb is a generated protocol buffer package.
+
+It is generated from these files:
+	spipe.proto
+
+It has these top-level messages:
+	Propose
+	Exchange
+*/
+package spipe_pb
+
+import proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/gogoprotobuf/proto"
+import json "encoding/json"
+import math "math"
+
+// Reference proto, json, and math imports to suppress error if they are not otherwise used.
+var _ = proto.Marshal
+var _ = &json.SyntaxError{}
+var _ = math.Inf
+
+type Propose struct {
+	Rand             []byte  `protobuf:"bytes,1,opt,name=rand" json:"rand,omitempty"`
+	Pubkey           []byte  `protobuf:"bytes,2,opt,name=pubkey" json:"pubkey,omitempty"`
+	Exchanges        *string `protobuf:"bytes,3,opt,name=exchanges" json:"exchanges,omitempty"`
+	Ciphers          *string `protobuf:"bytes,4,opt,name=ciphers" json:"ciphers,omitempty"`
+	Hashes           *string `protobuf:"bytes,5,opt,name=hashes" json:"hashes,omitempty"`
+	XXX_unrecognized []byte  `json:"-"`
+}
+
+func (m *Propose) Reset()         { *m = Propose{} }
+func (m *Propose) String() string { return proto.CompactTextString(m) }
+func (*Propose) ProtoMessage()    {}
+
+func (m *Propose) GetRand() []byte {
+	if m != nil {
+		return m.Rand
+	}
+	return nil
+}
+
+func (m *Propose) GetPubkey() []byte {
+	if m != nil {
+		return m.Pubkey
+	}
+	return nil
+}
+
+func (m *Propose) GetExchanges() string {
+	if m != nil && m.Exchanges != nil {
+		return *m.Exchanges
+	}
+	return ""
+}
+
+func (m *Propose) GetCiphers() string {
+	if m != nil && m.Ciphers != nil {
+		return *m.Ciphers
+	}
+	return ""
+}
+
+func (m *Propose) GetHashes() string {
+	if m != nil && m.Hashes != nil {
+		return *m.Hashes
+	}
+	return ""
+}
+
+type Exchange struct {
+	Epubkey          []byte `protobuf:"bytes,1,opt,name=epubkey" json:"epubkey,omitempty"`
+	Signature        []byte `protobuf:"bytes,2,opt,name=signature" json:"signature,omitempty"`
+	XXX_unrecognized []byte `json:"-"`
+}
+
+func (m *Exchange) Reset()         { *m = Exchange{} }
+func (m *Exchange) String() string { return proto.CompactTextString(m) }
+func (*Exchange) ProtoMessage()    {}
+
+func (m *Exchange) GetEpubkey() []byte {
+	if m != nil {
+		return m.Epubkey
+	}
+	return nil
+}
+
+func (m *Exchange) GetSignature() []byte {
+	if m != nil {
+		return m.Signature
+	}
+	return nil
+}
+
+func init() {
+}
--- a/crypto/secio/internal/pb/spipe.proto
+++ b/crypto/secio/internal/pb/spipe.proto
+package spipe.pb;
+
+message Propose {
+	optional bytes rand = 1;
+	optional bytes pubkey = 2;
+	optional string exchanges = 3;
+	optional string ciphers = 4;
+	optional string hashes = 5;
+}
+
+message Exchange {
+	optional bytes epubkey = 1;
+	optional bytes signature = 2;
+}
--- a/crypto/secio/io_test.go
+++ b/crypto/secio/io_test.go
+package secio
--- a/crypto/secio/pb/Makefile
+++ b/crypto/secio/pb/Makefile
+PB = $(wildcard *.proto)
+GO = $(PB:.proto=.pb.go)
+
+all: $(GO)
+
+%.pb.go: %.proto
+		protoc --gogo_out=. --proto_path=../../../../../../:/usr/local/opt/protobuf/include:. $<
+
+clean:
+		rm *.pb.go
--- a/crypto/secio/pb/spipe.pb.go
+++ b/crypto/secio/pb/spipe.pb.go
+// Code generated by protoc-gen-gogo.
+// source: spipe.proto
+// DO NOT EDIT!
+
+/*
+Package spipe_pb is a generated protocol buffer package.
+
+It is generated from these files:
+	spipe.proto
+
+It has these top-level messages:
+	Propose
+	Exchange
+	DataSig
+*/
+package spipe_pb
+
+import proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/gogoprotobuf/proto"
+import math "math"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = math.Inf
+
+type Propose struct {
+	Rand             []byte  `protobuf:"bytes,1,opt,name=rand" json:"rand,omitempty"`
+	Pubkey           []byte  `protobuf:"bytes,2,opt,name=pubkey" json:"pubkey,omitempty"`
+	Exchanges        *string `protobuf:"bytes,3,opt,name=exchanges" json:"exchanges,omitempty"`
+	Ciphers          *string `protobuf:"bytes,4,opt,name=ciphers" json:"ciphers,omitempty"`
+	Hashes           *string `protobuf:"bytes,5,opt,name=hashes" json:"hashes,omitempty"`
+	XXX_unrecognized []byte  `json:"-"`
+}
+
+func (m *Propose) Reset()         { *m = Propose{} }
+func (m *Propose) String() string { return proto.CompactTextString(m) }
+func (*Propose) ProtoMessage()    {}
+
+func (m *Propose) GetRand() []byte {
+	if m != nil {
+		return m.Rand
+	}
+	return nil
+}
+
+func (m *Propose) GetPubkey() []byte {
+	if m != nil {
+		return m.Pubkey
+	}
+	return nil
+}
+
+func (m *Propose) GetExchanges() string {
+	if m != nil && m.Exchanges != nil {
+		return *m.Exchanges
+	}
+	return ""
+}
+
+func (m *Propose) GetCiphers() string {
+	if m != nil && m.Ciphers != nil {
+		return *m.Ciphers
+	}
+	return ""
+}
+
+func (m *Propose) GetHashes() string {
+	if m != nil && m.Hashes != nil {
+		return *m.Hashes
+	}
+	return ""
+}
+
+type Exchange struct {
+	Epubkey          []byte `protobuf:"bytes,1,opt,name=epubkey" json:"epubkey,omitempty"`
+	Signature        []byte `protobuf:"bytes,2,opt,name=signature" json:"signature,omitempty"`
+	XXX_unrecognized []byte `json:"-"`
+}
+
+func (m *Exchange) Reset()         { *m = Exchange{} }
+func (m *Exchange) String() string { return proto.CompactTextString(m) }
+func (*Exchange) ProtoMessage()    {}
+
+func (m *Exchange) GetEpubkey() []byte {
+	if m != nil {
+		return m.Epubkey
+	}
+	return nil
+}
+
+func (m *Exchange) GetSignature() []byte {
+	if m != nil {
+		return m.Signature
+	}
+	return nil
+}
+
+type DataSig struct {
+	Data             []byte  `protobuf:"bytes,1,opt,name=data" json:"data,omitempty"`
+	Signature        []byte  `protobuf:"bytes,2,opt,name=signature" json:"signature,omitempty"`
+	Id               *uint64 `protobuf:"varint,3,opt,name=id" json:"id,omitempty"`
+	XXX_unrecognized []byte  `json:"-"`
+}
+
+func (m *DataSig) Reset()         { *m = DataSig{} }
+func (m *DataSig) String() string { return proto.CompactTextString(m) }
+func (*DataSig) ProtoMessage()    {}
+
+func (m *DataSig) GetData() []byte {
+	if m != nil {
+		return m.Data
+	}
+	return nil
+}
+
+func (m *DataSig) GetSignature() []byte {
+	if m != nil {
+		return m.Signature
+	}
+	return nil
+}
+
+func (m *DataSig) GetId() uint64 {
+	if m != nil && m.Id != nil {
+		return *m.Id
+	}
+	return 0
+}
+
+func init() {
+}
--- a/crypto/secio/pb/spipe.proto
+++ b/crypto/secio/pb/spipe.proto
+package spipe.pb;
+
+message Propose {
+	optional bytes rand = 1;
+	optional bytes pubkey = 2;
+	optional string exchanges = 3;
+	optional string ciphers = 4;
+	optional string hashes = 5;
+}
+
+message Exchange {
+	optional bytes epubkey = 1;
+	optional bytes signature = 2;
+}
--- a/crypto/secio/protocol.go
+++ b/crypto/secio/protocol.go
+package secio
+
+import (
+	"bytes"
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+
+	context "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/go.net/context"
+	msgio "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-msgio"
+
+	ci "github.com/jbenet/go-ipfs/p2p/crypto"
+	pb "github.com/jbenet/go-ipfs/p2p/crypto/secio/internal/pb"
+	peer "github.com/jbenet/go-ipfs/p2p/peer"
+	u "github.com/jbenet/go-ipfs/util"
+	eventlog "github.com/jbenet/go-ipfs/util/eventlog"
+)
+
+var log = eventlog.Logger("secio")
+
+// ErrUnsupportedKeyType is returned when a private key cast/type switch fails.
+var ErrUnsupportedKeyType = errors.New("unsupported key type")
+
+// ErrClosed signals the closing of a connection.
+var ErrClosed = errors.New("connection closed")
+
+// nonceSize is the size of our nonces (in bytes)
+const nonceSize = 16
+
+// secureSession encapsulates all the parameters needed for encrypting
+// and decrypting traffic from an insecure channel.
+type secureSession struct {
+	secure msgio.ReadWriteCloser
+
+	insecure  io.ReadWriter
+	insecureM msgio.ReadWriter
+
+	localKey   ci.PrivKey
+	localPeer  peer.ID
+	remotePeer peer.ID
+
+	local  encParams
+	remote encParams
+
+	sharedSecret []byte
+}
+
+func newSecureSession(local peer.ID, key ci.PrivKey) (*secureSession, error) {
+	s := &secureSession{localPeer: local, localKey: key}
+
+	switch {
+	case s.localPeer == "":
+		return nil, errors.New("no local id provided")
+	case s.localKey == nil:
+		return nil, errors.New("no local private key provided")
+	case !s.localPeer.MatchesPrivateKey(s.localKey):
+		return nil, fmt.Errorf("peer.ID does not match PrivateKey")
+	}
+
+	return s, nil
+}
+
+// handsahke performs initial communication over insecure channel to share
+// keys, IDs, and initiate communication, assigning all necessary params.
+// requires the duplex channel to be a msgio.ReadWriter (for framed messaging)
+func (s *secureSession) handshake(ctx context.Context, insecure io.ReadWriter) error {
+
+	s.insecure = insecure
+	s.insecureM = msgio.NewReadWriter(insecure)
+
+	// =============================================================================
+	// step 1. Propose -- propose cipher suite + send pubkeys + nonce
+
+	// Generate and send Hello packet.
+	// Hello = (rand, PublicKey, Supported)
+	nonceOut := make([]byte, nonceSize)
+	_, err := rand.Read(nonceOut)
+	if err != nil {
+		return err
+	}
+
+	log.Debugf("handshake: %s <--start--> %s", s.localPeer, s.remotePeer)
+	log.Event(ctx, "secureHandshakeStart", s.localPeer)
+	s.local.permanentPubKey = s.localKey.GetPublic()
+	myPubKeyBytes, err := s.local.permanentPubKey.Bytes()
+	if err != nil {
+		return err
+	}
+
+	proposeOut := new(pb.Propose)
+	proposeOut.Rand = nonceOut
+	proposeOut.Pubkey = myPubKeyBytes
+	proposeOut.Exchanges = &SupportedExchanges
+	proposeOut.Ciphers = &SupportedCiphers
+	proposeOut.Hashes = &SupportedHashes
+
+	// log.Debugf("1.0 Propose: nonce:%s exchanges:%s ciphers:%s hashes:%s",
+	// 	nonceOut, SupportedExchanges, SupportedCiphers, SupportedHashes)
+
+	// Send Propose packet (respects ctx)
+	proposeOutBytes, err := writeMsgCtx(ctx, s.insecureM, proposeOut)
+	if err != nil {
+		return err
+	}
+
+	// Receive + Parse their Propose packet and generate an Exchange packet.
+	proposeIn := new(pb.Propose)
+	proposeInBytes, err := readMsgCtx(ctx, s.insecureM, proposeIn)
+	if err != nil {
+		return err
+	}
+
+	// log.Debugf("1.0.1 Propose recv: nonce:%s exchanges:%s ciphers:%s hashes:%s",
+	// 	proposeIn.GetRand(), proposeIn.GetExchanges(), proposeIn.GetCiphers(), proposeIn.GetHashes())
+
+	// =============================================================================
+	// step 1.1 Identify -- get identity from their key
+
+	// get remote identity
+	s.remote.permanentPubKey, err = ci.UnmarshalPublicKey(proposeIn.GetPubkey())
+	if err != nil {
+		return err
+	}
+
+	// get peer id
+	s.remotePeer, err = peer.IDFromPublicKey(s.remote.permanentPubKey)
+	if err != nil {
+		return err
+	}
+
+	log.Debugf("1.1 Identify: %s Remote Peer Identified as %s", s.localPeer, s.remotePeer)
+
+	// =============================================================================
+	// step 1.2 Selection -- select/agree on best encryption parameters
+
+	// to determine order, use cmp(H(lr||rpk), H(rr||lpk)).
+	oh1 := u.Hash(append(proposeIn.GetPubkey(), nonceOut...))
+	oh2 := u.Hash(append(myPubKeyBytes, proposeIn.GetRand()...))
+	order := bytes.Compare(oh1, oh2)
+	s.local.curveT, err = selectBest(order, SupportedExchanges, proposeIn.GetExchanges())
+	if err != nil {
+		return err
+	}
+
+	s.local.cipherT, err = selectBest(order, SupportedCiphers, proposeIn.GetCiphers())
+	if err != nil {
+		return err
+	}
+
+	s.local.hashT, err = selectBest(order, SupportedHashes, proposeIn.GetHashes())
+	if err != nil {
+		return err
+	}
+
+	// we use the same params for both directions (must choose same curve)
+	// WARNING: if they dont SelectBest the same way, this won't work...
+	s.remote.curveT = s.local.curveT
+	s.remote.cipherT = s.local.cipherT
+	s.remote.hashT = s.local.hashT
+
+	// log.Debugf("1.2 selection: exchange:%s cipher:%s hash:%s",
+	// 	s.local.curveT, s.local.cipherT, s.local.hashT)
+
+	// =============================================================================
+	// step 2. Exchange -- exchange (signed) ephemeral keys. verify signatures.
+
+	// Generate EphemeralPubKey
+	var genSharedKey ci.GenSharedKey
+	s.local.ephemeralPubKey, genSharedKey, err = ci.GenerateEKeyPair(s.local.curveT)
+
+	// Gather corpus to sign.
+	var selectionOut bytes.Buffer
+	selectionOut.Write(proposeOutBytes)
+	selectionOut.Write(proposeInBytes)
+	selectionOut.Write(s.local.ephemeralPubKey)
+	selectionOutBytes := selectionOut.Bytes()
+
+	// log.Debugf("2.0 exchange: %v", selectionOutBytes)
+	exchangeOut := new(pb.Exchange)
+	exchangeOut.Epubkey = s.local.ephemeralPubKey
+	exchangeOut.Signature, err = s.localKey.Sign(selectionOutBytes)
+	if err != nil {
+		return err
+	}
+
+	// Send Propose packet (respects ctx)
+	if _, err := writeMsgCtx(ctx, s.insecureM, exchangeOut); err != nil {
+		return err
+	}
+
+	// Receive + Parse their Propose packet and generate an Exchange packet.
+	exchangeIn := new(pb.Exchange)
+	if _, err := readMsgCtx(ctx, s.insecureM, exchangeIn); err != nil {
+		return err
+	}
+
+	// =============================================================================
+	// step 2.1. Verify -- verify their exchange packet is good.
+
+	// get their ephemeral pub key
+	s.remote.ephemeralPubKey = exchangeIn.GetEpubkey()
+
+	var selectionIn bytes.Buffer
+	selectionIn.Write(proposeInBytes)
+	selectionIn.Write(proposeOutBytes)
+	selectionIn.Write(s.remote.ephemeralPubKey)
+	selectionInBytes := selectionIn.Bytes()
+	// log.Debugf("2.0.1 exchange recv: %v", selectionInBytes)
+
+	// u.POut("Remote Peer Identified as %s\n", s.remote)
+	sigOK, err := s.remote.permanentPubKey.Verify(selectionInBytes, exchangeIn.GetSignature())
+	if err != nil {
+		// log.Error("2.1 Verify: failed: %s", err)
+		return err
+	}
+
+	if !sigOK {
+		err := errors.New("Bad signature!")
+		// log.Error("2.1 Verify: failed: %s", err)
+		return err
+	}
+	// log.Debugf("2.1 Verify: signature verified.")
+
+	// =============================================================================
+	// step 2.2. Keys -- generate keys for mac + encryption
+
+	// OK! seems like we're good to go.
+	s.sharedSecret, err = genSharedKey(exchangeIn.GetEpubkey())
+	if err != nil {
+		return err
+	}
+
+	// generate two sets of keys (stretching)
+	k1, k2 := ci.KeyStretcher(s.local.cipherT, s.local.hashT, s.sharedSecret)
+
+	// use random nonces to decide order.
+	switch order {
+	case 1:
+	case -1:
+		k1, k2 = k2, k1 // swap
+	default:
+		log.Error("WOAH: same keys (AND same nonce: 1/(2^128) chance!).")
+		// this shouldn't happen. must determine order another way.
+		// use the same keys but, make sure to copy underlying data!
+		copy(k2.IV, k1.IV)
+		copy(k2.MacKey, k1.MacKey)
+		copy(k2.CipherKey, k1.CipherKey)
+	}
+	s.local.keys = k1
+	s.remote.keys = k2
+
+	// log.Debug("2.2 keys:\n\tshared: %v\n\tk1: %v\n\tk2: %v",
+	// 	s.sharedSecret, s.local.keys, s.remote.keys)
+
+	// =============================================================================
+	// step 2.3. MAC + Cipher -- prepare MAC + cipher
+
+	if err := s.local.makeMacAndCipher(); err != nil {
+		return err
+	}
+
+	if err := s.remote.makeMacAndCipher(); err != nil {
+		return err
+	}
+
+	// log.Debug("2.3 mac + cipher.")
+
+	// =============================================================================
+	// step 3. Finish -- send expected message (the nonces), verify encryption works
+
+	// setup ETM ReadWriter
+	w := NewETMWriter(s.insecure, s.local.cipher, s.local.mac)
+	r := NewETMReader(s.insecure, s.remote.cipher, s.remote.mac)
+	s.secure = msgio.Combine(w, r).(msgio.ReadWriteCloser)
+
+	// log.Debug("3.0 finish. sending: %v", proposeIn.GetRand())
+	// send their Nonce.
+	if _, err := s.secure.Write(proposeIn.GetRand()); err != nil {
+		return fmt.Errorf("Failed to write Finish nonce: %s", err)
+	}
+
+	// read our Nonce
+	nonceOut2 := make([]byte, len(nonceOut))
+	if _, err := io.ReadFull(s.secure, nonceOut2); err != nil {
+		return fmt.Errorf("Failed to read Finish nonce: %s", err)
+	}
+
+	// log.Debug("3.0 finish.\n\texpect: %v\n\tactual: %v", nonceOut, nonceOut2)
+	if !bytes.Equal(nonceOut, nonceOut2) {
+		return fmt.Errorf("Failed to read our encrypted nonce: %s != %s", nonceOut2, nonceOut)
+	}
+
+	// Whew! ok, that's all folks.
+	log.Debugf("handshake: %s <--finish--> %s", s.localPeer, s.remotePeer)
+	log.Event(ctx, "secureHandshakeFinish", s.localPeer, s.remotePeer)
+	return nil
+}
--- a/crypto/secio/rw.go
+++ b/crypto/secio/rw.go
+package secio
+
+import (
+	"crypto/cipher"
+	"errors"
+	"fmt"
+	"io"
+	"sync"
+
+	"crypto/hmac"
+
+	context "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/go.net/context"
+	proto "github.com/jbenet/go-ipfs/Godeps/_workspace/src/code.google.com/p/goprotobuf/proto"
+	msgio "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-msgio"
+	mpool "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-msgio/mpool"
+)
+
+// ErrMACInvalid signals that a MAC verification failed
+var ErrMACInvalid = errors.New("MAC verification failed")
+
+// bufPool is a ByteSlicePool for messages. we need buffers because (sadly)
+// we cannot encrypt in place-- the user needs their buffer back.
+var bufPool = mpool.ByteSlicePool
+
+type etmWriter struct {
+	// params
+	pool mpool.Pool        // for the buffers with encrypted data
+	msg  msgio.WriteCloser // msgio for knowing where boundaries lie
+	str  cipher.Stream     // the stream cipher to encrypt with
+	mac  HMAC              // the mac to authenticate data with
+
+	sync.Mutex
+}
+
+// NewETMWriter Encrypt-Then-MAC
+func NewETMWriter(w io.Writer, s cipher.Stream, mac HMAC) msgio.WriteCloser {
+	return &etmWriter{msg: msgio.NewWriter(w), str: s, mac: mac, pool: bufPool}
+}
+
+// Write writes passed in buffer as a single message.
+func (w *etmWriter) Write(b []byte) (int, error) {
+	if err := w.WriteMsg(b); err != nil {
+		return 0, err
+	}
+	return len(b), nil
+}
+
+// WriteMsg writes the msg in the passed in buffer.
+func (w *etmWriter) WriteMsg(b []byte) error {
+	w.Lock()
+	defer w.Unlock()
+
+	// encrypt.
+	data := w.pool.Get(uint32(len(b))).([]byte)
+	data = data[:len(b)] // the pool's buffer may be larger
+	w.str.XORKeyStream(data, b)
+
+	// log.Debugf("ENC plaintext (%d): %s %v", len(b), b, b)
+	// log.Debugf("ENC ciphertext (%d): %s %v", len(data), data, data)
+
+	// then, mac.
+	if _, err := w.mac.Write(data); err != nil {
+		return err
+	}
+
+	// Sum appends.
+	data = w.mac.Sum(data)
+	w.mac.Reset()
+	// it's sad to append here. our buffers are -- hopefully -- coming from
+	// a shared buffer pool, so the append may not actually cause allocation
+	// one can only hope. i guess we'll see.
+
+	return w.msg.WriteMsg(data)
+}
+
+func (w *etmWriter) Close() error {
+	return w.msg.Close()
+}
+
+type etmReader struct {
+	msgio.Reader
+	io.Closer
+
+	// buffer
+	buf []byte
+
+	// params
+	msg msgio.ReadCloser // msgio for knowing where boundaries lie
+	str cipher.Stream    // the stream cipher to encrypt with
+	mac HMAC             // the mac to authenticate data with
+
+	sync.Mutex
+}
+
+// NewETMReader Encrypt-Then-MAC
+func NewETMReader(r io.Reader, s cipher.Stream, mac HMAC) msgio.ReadCloser {
+	return &etmReader{msg: msgio.NewReader(r), str: s, mac: mac}
+}
+
+func (r *etmReader) NextMsgLen() (int, error) {
+	return r.msg.NextMsgLen()
+}
+
+func (r *etmReader) drainBuf(buf []byte) int {
+	if r.buf == nil {
+		return 0
+	}
+
+	n := copy(buf, r.buf)
+	r.buf = r.buf[n:]
+	return n
+}
+
+func (r *etmReader) Read(buf []byte) (int, error) {
+	r.Lock()
+	defer r.Unlock()
+
+	// first, check if we have anything in the buffer
+	copied := r.drainBuf(buf)
+	buf = buf[copied:]
+	if copied > 0 {
+		return copied, nil
+		// return here to avoid complicating the rest...
+		// user can call io.ReadFull.
+	}
+
+	// check the buffer has enough space for the next msg
+	fullLen, err := r.msg.NextMsgLen()
+	if err != nil {
+		return 0, err
+	}
+
+	buf2 := buf
+	changed := false
+	// if not enough space, allocate a new buffer.
+	if cap(buf) < fullLen {
+		buf2 = make([]byte, fullLen)
+		changed = true
+	}
+	buf2 = buf2[:fullLen]
+
+	n, err := io.ReadFull(r.msg, buf2)
+	if err != nil {
+		return n, err
+	}
+
+	m, err := r.macCheckThenDecrypt(buf2)
+	if err != nil {
+		return 0, err
+	}
+	buf2 = buf2[:m]
+	if !changed {
+		return m, nil
+	}
+
+	n = copy(buf, buf2)
+	if len(buf2) > len(buf) {
+		r.buf = buf2[len(buf):] // had some left over? save it.
+	}
+	return n, nil
+}
+
+func (r *etmReader) ReadMsg() ([]byte, error) {
+	r.Lock()
+	defer r.Unlock()
+
+	msg, err := r.msg.ReadMsg()
+	if err != nil {
+		return nil, err
+	}
+
+	n, err := r.macCheckThenDecrypt(msg)
+	if err != nil {
+		return nil, err
+	}
+	return msg[:n], nil
+}
+
+func (r *etmReader) macCheckThenDecrypt(m []byte) (int, error) {
+	l := len(m)
+	if l < r.mac.size {
+		return 0, fmt.Errorf("buffer (%d) shorter than MAC size (%d)", l, r.mac.size)
+	}
+
+	mark := l - r.mac.size
+	data := m[:mark]
+	macd := m[mark:]
+
+	r.mac.Write(data)
+	expected := r.mac.Sum(nil)
+	r.mac.Reset()
+
+	// check mac. if failed, return error.
+	if !hmac.Equal(macd, expected) {
+		log.Error("MAC Invalid:", expected, "!=", macd)
+		return 0, ErrMACInvalid
+	}
+
+	// ok seems good. decrypt. (can decrypt in place, yay!)
+	// log.Debugf("DEC ciphertext (%d): %s %v", len(data), data, data)
+	r.str.XORKeyStream(data, data)
+	// log.Debugf("DEC plaintext (%d): %s %v", len(data), data, data)
+
+	return mark, nil
+}
+
+func (w *etmReader) Close() error {
+	return w.msg.Close()
+}
+
+// ReleaseMsg signals a buffer can be reused.
+func (r *etmReader) ReleaseMsg(b []byte) {
+	r.msg.ReleaseMsg(b)
+}
+
+// writeMsgCtx is used by the
+func writeMsgCtx(ctx context.Context, w msgio.Writer, msg proto.Message) ([]byte, error) {
+	enc, err := proto.Marshal(msg)
+	if err != nil {
+		return nil, err
+	}
+
+	// write in a goroutine so we can exit when our context is cancelled.
+	done := make(chan error)
+	go func(m []byte) {
+		err := w.WriteMsg(m)
+		done <- err
+	}(enc)
+
+	select {
+	case <-ctx.Done():
+		return nil, ctx.Err()
+	case e := <-done:
+		return enc, e
+	}
+}
+
+func readMsgCtx(ctx context.Context, r msgio.Reader, p proto.Message) ([]byte, error) {
+	var msg []byte
+
+	// read in a goroutine so we can exit when our context is cancelled.
+	done := make(chan error)
+	go func() {
+		var err error
+		msg, err = r.ReadMsg()
+		done <- err
+	}()
+
+	select {
+	case <-ctx.Done():
+		return nil, ctx.Err()
+	case e := <-done:
+		if e != nil {
+			return nil, e
+		}
+	}
+
+	return msg, proto.Unmarshal(msg, p)
+}
--- a/peer/peer.go
+++ b/peer/peer.go
@@ -9,7 +9,7 @@ import (
 	ma "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-multiaddr"
 	mh "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-multihash"

-	ic "github.com/jbenet/go-ipfs/crypto"
+	ic "github.com/jbenet/go-ipfs/p2p/crypto"
 	u "github.com/jbenet/go-ipfs/util"
 )


--- a/peer/peer_test.go
+++ b/peer/peer_test.go
@@ -6,8 +6,8 @@ import (
 	"strings"
 	"testing"

-	ic "github.com/jbenet/go-ipfs/crypto"
-	. "github.com/jbenet/go-ipfs/peer"
+	ic "github.com/jbenet/go-ipfs/p2p/crypto"
+	. "github.com/jbenet/go-ipfs/p2p/peer"
 	u "github.com/jbenet/go-ipfs/util"
 	tu "github.com/jbenet/go-ipfs/util/testutil"


--- a/peer/peerstore.go
+++ b/peer/peerstore.go
@@ -4,7 +4,7 @@ import (
 	"errors"
 	"sync"

-	ic "github.com/jbenet/go-ipfs/crypto"
+	ic "github.com/jbenet/go-ipfs/p2p/crypto"

 	ds "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-datastore"
 	dssync "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-datastore/sync"