certs

package

v0.0.2 Latest Latest Go to latest Published: Sep 17, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/chainreactors/malice-network

Links

Open Source Insights

README ¶

certs

server client listener pipeline generation and management code.

Documentation ¶

Index ¶

Constants
func GenerateClientCert(host, name string, port int) (*mtls.ClientConfig, error)
func GenerateListenerCert(host, name string, port int) (*mtls.ClientConfig, error)
func GeneratePipelineCert(config *configs.TlsConfig) ([]byte, []byte, error)
func GenerateRootCert() error
func GenerateServerCert(name string) ([]byte, []byte, error)
func GetCertificateAuthority() (*x509.Certificate, *rsa.PrivateKey, error)
func GetCertificateAuthorityPEM(caCertPath, caKeyPath string) ([]byte, []byte, error)
func GetOperatorServerMTLSConfig(host string) *tls.Config
func ParseCertificateAuthority(certPEM, keyPEM []byte) (*x509.Certificate, *rsa.PrivateKey, error)
func RemoveCertificate(caType int, keyType string, commonName string) error
func SaveCertificateAuthority(caType int, cert []byte, key []byte)

Constants ¶

View Source

const (
	OperatorCA = iota + 1
	ListenerCA
	ImplantCA
	RootCA
)

View Source

const (
	// RSAKey - Namespace for RSA keys
	RSAKey            = "rsa"
	RootName          = "Root"
	ListenerNamespace = "listener" // Listener servers

)

Variables ¶

This section is empty.

Functions ¶

func GenerateClientCert ¶ added in v0.0.2

func GenerateClientCert(host, name string, port int) (*mtls.ClientConfig, error)

func GenerateListenerCert ¶ added in v0.0.2

func GenerateListenerCert(host, name string, port int) (*mtls.ClientConfig, error)

func GeneratePipelineCert ¶ added in v0.0.2

func GeneratePipelineCert(config *configs.TlsConfig) ([]byte, []byte, error)

func GenerateRootCert ¶ added in v0.0.2

func GenerateRootCert() error

func GenerateServerCert ¶ added in v0.0.2

func GenerateServerCert(name string) ([]byte, []byte, error)

func GetCertificateAuthority ¶

func GetCertificateAuthority() (*x509.Certificate, *rsa.PrivateKey, error)

GetCertificateAuthority - Get the current CA certificate

func GetCertificateAuthorityPEM ¶

func GetCertificateAuthorityPEM(caCertPath, caKeyPath string) ([]byte, []byte, error)

GetCertificateAuthorityPEM - Get PEM encoded CA cert/key

func GetOperatorServerMTLSConfig ¶

func GetOperatorServerMTLSConfig(host string) *tls.Config

GetOperatorServerMTLSConfig - Get the TLS config for the operator server

func ParseCertificateAuthority ¶

func ParseCertificateAuthority(certPEM, keyPEM []byte) (*x509.Certificate, *rsa.PrivateKey, error)

func RemoveCertificate ¶

func RemoveCertificate(caType int, keyType string, commonName string) error

RemoveCertificate - Remove a certificate from the cert store

func SaveCertificateAuthority ¶

func SaveCertificateAuthority(caType int, cert []byte, key []byte)

SaveCertificateAuthority - Save the certificate and the key to the filesystem doesn't return an error because errors are fatal. If we can't generate CAs, then we can't secure communication and we should die a horrible death.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL