Zetta Toolkit: JSON RPC over TLS
This library offers clear-text JSON RPC over TLS with optional second layer encryption.
Security Features:
- Uses TLS (SSL) for data transport
- HMAC based authentication against user-supplied secret
- Optional message signing against MITM attacks
- Optional second layer message encryption (aes-256-cbc by default, if enabled)
Authentication is based on user supplied secret keys, so this is as secure as your host.
This library is currently under development & testing. Until this message is removed, use at your own risk!
Usage
npm install zetta-rpc
Messaging
Zetta RPC library allows sending of JSON objects between client and server. If these JSON objects contain an opcode (op
field), they will be emitted to the registered event listeners as well as on the RPC objects themselves (Client, Server and Multiplexer). If op
field is missing, rpc.digest(function(msg) { ... })
must be used to capture transmission of incoming JSON objects.
Client
var zrpc = ; var rpc = // or zrpc.Client() for connection to a single server address: "host:port" // or multiple servers specified as ["host:port",...] (Multiplexer only) auth: "user-supplied-secret-key" certificates: ... // standard node certificates containing 'key', 'cert', 'ca' data node: "..." // id of this node instance (typically host mac address) designation: 'user-application-id' // name of the application (used to differentiate connections coming from the same host) ping: true // optional: enable automatic server ping (see Client::setPingDataObject()) pingFreq : 3 * 1000 // optional: ping frequency (default 3 seconds) pingDataObject : ... // this object will be transmitted during ping cipher: true // optional: 'true' or name of cipher algorithm for 2nd layer encryption // (default 'aes-256-cbc' if true) signatures: true // optional: enable message signing; // receive messagesrpc // receive messages with external event emitterrpc; // register event emitter that will receive messageseventEmitter // send messages or JSON objectsrpc // receive JSONrpc
zrpc.Multiplexer() and zrpc.Client() provide same initialization interface. Multiplexer, however, supports an array of addresses allowing client to connect to multiple servers simultaneously.
Server
var zrpc = ; var rpc = port : 12345 // listening port auth : "user-supplied-secret-key" certificates: ... // standard node certificates containing 'key', 'cert', 'ca' data { console;}; // client connection event: cid is a unique remote end-point identifier (built from designation+node)rpc // client disconnection eventrpc // receive messagesrpc // send messagesrpc // receive JSON objects (without 'op' field)rpc
Router
If the number of sockets on the system running as a Server is limited, Router can be used to create multiple fron-ends that will accept incoming connections and exchange message between these connection and the server. For example: if a server is limited to 10 connections, having 10 routers would allow to scale socket limit to 100 (this refers to ulimit settings that can) impact systems when there are a lot of external connections.
Router allows creation of multiple front-ends for the Server is the number of socket
var router = zrpc
License
This library is a part of Zetta Toolkit, released under MIT license.
Copyright (c) 2014 ASPECTRON Inc.
All Rights Reserved.