sephelper

package

v0.0.0-...-69611cc Latest Latest Go to latest Published: Nov 2, 2020 License: GPL-3.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

git.sr.ht/~rumpelsepp/sep

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AddAuthorizedFingerprint(path string, fingerprint *sep.Fingerprint, alias string) error
func GatherAllAddresses(transport, port string) ([]string, error)
func GenCertificate(priv ed25519.PrivateKey) (tls.Certificate, error)
func GenKeyFile(keyPath string) error
func GenKeyPEM() ([]byte, error)
func GenTLSKeypair() (tls.Certificate, error)
func LoadAuthorizedFingerprints(path string) (map[string]*sep.Fingerprint, error)
func LoadKey(keyPath string) (ed25519.PrivateKey, error)
func LoadKeyCert(keyPath string) (tls.Certificate, error)
func NewDefaultDTLSConfig(cert tls.Certificate) *dtls.Config
func NewDefaultTLSConfig(cert tls.Certificate) *tls.Config
type Announcer
- func (a *Announcer) AnnounceAddresses() error

Constants ¶

This section is empty.

Variables ¶

View Source

var Logger = rlog.NewLogger(ioutil.Discard)

Functions ¶

func AddAuthorizedFingerprint ¶

func AddAuthorizedFingerprint(path string, fingerprint *sep.Fingerprint, alias string) error

AddAuthorizedFingerprint appends the given fingerprint and alias to the specified file such that LoadAuthorizedFingerprints() can understand.

func GatherAllAddresses ¶

func GatherAllAddresses(transport, port string) ([]string, error)

GatherAllAddresses gathers the IP addresses of all local interfaces and appends the specified port. If no port is provided (""), the default port is appended.

func GenCertificate ¶

func GenCertificate(priv ed25519.PrivateKey) (tls.Certificate, error)

func GenKeyFile ¶

func GenKeyFile(keyPath string) error

GenKeypair generates a fresh keypair and stores the key and the corresponding certificate in the supplied paths. PEM encoding is used.

func GenKeyPEM ¶

func GenKeyPEM() ([]byte, error)

GenKeypairPEM generates a fresh new keypair and returns a the certificate and the key is pem encoded bytes.

func GenTLSKeypair ¶

func GenTLSKeypair() (tls.Certificate, error)

GenKeypair generates a fresh keypair and returns a parsed tls.Certificate.

func LoadAuthorizedFingerprints ¶

func LoadAuthorizedFingerprints(path string) (map[string]*sep.Fingerprint, error)

LoadAuthorizedFingerprints loads a file and returns a map of alias to fingerprint. Lines starting with "#" are ignored. The file needs to have one fingerprint and alias per line like so:

ni://<authority>/<algorithm>;<value>		<alias>
ni://<authority>/<algorithm>;<value>		<alias>
ni://<authority>/<algorithm>;<value>		<alias>

func LoadKey ¶

func LoadKey(keyPath string) (ed25519.PrivateKey, error)

func LoadKeyCert ¶

func LoadKeyCert(keyPath string) (tls.Certificate, error)

func NewDefaultDTLSConfig ¶

func NewDefaultDTLSConfig(cert tls.Certificate) *dtls.Config

func NewDefaultTLSConfig ¶

func NewDefaultTLSConfig(cert tls.Certificate) *tls.Config

NewDefaultTLSConfig returns type tls.Config with default settings utilized in SEP. This means TLS1.3 is required at minimum, client certificates are mandatory, session tickets are disabled, certificate checks are enforced, dynamic record sizing is disabled and environmental variable `SSLKEYLOGFILE` is respected.

Types ¶

type Announcer ¶

type Announcer struct {
	DirClient     *sep.DirectoryClient
	TTL           uint
	Active        bool
	AddrsCallback func() ([]string, error)
}

func (*Announcer) AnnounceAddresses ¶

func (a *Announcer) AnnounceAddresses() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL