Documentation ¶
Index ¶
- type ApplicationTrustsClients
- type ApplicationType
- type CSR
- type Certificate
- type CertificateStatus
- type CertificateWithStatus
- type DB
- func (db *DB) AutoMigrateWithReflection() error
- func (db *DB) Close() error
- func (db *DB) Create(record interface{}) error
- func (db *DB) Delete(record interface{}) error
- func (db *DB) DisablePreviousCerts(commonName string, serialNumber string) error
- func (db *DB) Find(record interface{}, id uint) error
- func (db *DB) GetCertificate(serialNumber string) (certificate Certificate, found bool)
- func (db *DB) GetCertificates() []Certificate
- func (db *DB) GetNodes() ([]Node, error)
- func (db *DB) GetRevocations() ([]Certificate, bool)
- func (db *DB) GetSubject(commonName string) (subject Subject, found bool)
- func (db *DB) GetSubjects() []Subject
- func (db *DB) SaveCSR(csr *x509.CertificateRequest) error
- func (db *DB) SaveCertificateFromSubject(subject string, cert x509.Certificate) error
- func (db *DB) SaveHTTPRequest(r *http.Request) error
- func (db *DB) SaveRevocation(certID uint, reason string) error
- func (db *DB) Update(record interface{}) error
- func (db *DB) UpdateCertificate(serialNumber string, updates map[string]interface{}) error
- func (db *DB) UpdateNodeStatus(nodeID int, status NodeState) error
- func (db *DB) UpdateSubject(commonName string, updates map[string]interface{}) error
- type DBApplication
- type DBAslEndpointConfig
- type DBIdentity
- type DBNode
- type DBNodeConfig
- type DBNodes
- type DBTrustedClients
- type DBWhitelist
- type DistributionResponse
- type HTTPRequest
- type HardwareConfig
- type ImportStructure
- type Kritis3mAddr
- type Node
- type NodeState
- type ProtoFamiliy
- type Revocation
- type SelectedConfiguration
- type Subject
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ApplicationTrustsClients ¶ added in v1.0.1
type ApplicationType ¶ added in v1.0.1
type ApplicationType uint8
const ( ForwardProxy ApplicationType = 0 ReverseProxy ApplicationType = 1 TLS_TLSProxy ApplicationType = 2 //server and client tls endpoint EchoServer ApplicationType = 3 L2Bridge ApplicationType = 4 NetworkTester ApplicationType = 5 //server and client tls endpoint TcpStdinBridge ApplicationType = 6 //server and client tls endpoint )
func (ApplicationType) String ¶ added in v1.0.1
func (a ApplicationType) String() string
type Certificate ¶
type Certificate struct { gorm.Model SerialNumber string `gorm:"unique;not null"` CommonName string `gorm:"not null"` Organization string `gorm:"not null;type:text"` IssuedAt time.Time `gorm:"not null"` ExpiresAt time.Time `gorm:"not null"` SignatureAlgo string `gorm:"not null"` Status CertificateStatus `gorm:"not null"` RevokedAt time.Time `gorm:"default:null"` RevokedReason string `gorm:"default:null"` }
type CertificateStatus ¶
type CertificateStatus string
enum for CertificateStatus
const ( CertificateStatusPending CertificateStatus = "pending" CertificateStatusActive CertificateStatus = "active" CertificateStatusRevoked CertificateStatus = "revoked" )
type CertificateWithStatus ¶
type CertificateWithStatus struct { Certificate x509.Certificate Status CertificateStatus }
type DB ¶
type DB struct {
// contains filtered or unexported fields
}
func NewDB ¶
NewDB creates a new DB instance and initializes the database connection (SQLite or PostgreSQL).
func (*DB) AutoMigrateWithReflection ¶
AutoMigrateWithReflection finds and registers all GORM models using reflection
func (*DB) DisablePreviousCerts ¶
DisablePreviousCerts disables all previous certificates for a subject
func (*DB) GetCertificate ¶
func (db *DB) GetCertificate(serialNumber string) (certificate Certificate, found bool)
GetCertificate checks if a certificate is present in the database
func (*DB) GetCertificates ¶
func (db *DB) GetCertificates() []Certificate
GetCertificates returns all certificates from the database
func (*DB) GetRevocations ¶
func (db *DB) GetRevocations() ([]Certificate, bool)
GetRevocation checks if a certificate is revoked in the database returns the revocation record if found
func (*DB) GetSubject ¶
GetSubject checks if a subject is present in the database
func (*DB) GetSubjects ¶
GetSubjects returns all subjects from the database
func (*DB) SaveCSR ¶
func (db *DB) SaveCSR(csr *x509.CertificateRequest) error
SaveCSR saves a certificate signing request to the database
func (*DB) SaveCertificateFromSubject ¶
func (db *DB) SaveCertificateFromSubject(subject string, cert x509.Certificate) error
func (*DB) SaveRevocation ¶
SaveRevocation saves a certificate revocation to the database
func (*DB) UpdateCertificate ¶
UpdateCertificate updates any field of a certificate in the database
func (*DB) UpdateNodeStatus ¶ added in v1.0.2
Update Status
type DBApplication ¶ added in v1.0.1
type DBApplication struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey" json:"id"` NodeConfigID uint `json:"config_id,omitempty"` State bool `json:",omitempty"` TrustedClients []*DBTrustedClients `gorm:"many2many:application_trusts_clients" json:"-"` Type ApplicationType `json:"type"` ServerEndpointAddr string `json:"server_endpoint_addr"` ClientEndpointAddr string `json:"client_endpoint_addr"` Ep1ID uint `json:"ep1_id,omitempty"` Ep1 *DBAslEndpointConfig `json:"-" gorm:"foreignKey:Ep1ID"` Ep2ID uint `json:"ep2_id,omitempty"` Ep2 *DBAslEndpointConfig `json:"-" gorm:"foreignKey:Ep2ID"` LogLevel uint `json:"log_level,omitempty" gorm:"default:3"` }
type DBAslEndpointConfig ¶ added in v1.0.1
type DBAslEndpointConfig struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey" json:"id"` Name string `json:"name"` MutualAuthentication bool `json:"mutual_auth"` NoEncryption bool `json:"no_encrypt"` ASLKeyExchangeMethod asl.ASLKeyExchangeMethod `json:"kex"` UseSecureElement bool `json:"use_secure_elem"` HybridSignatureMode asl.HybridSignatureMode `json:"signature_mode"` Keylog bool `json:"keylog"` IdentityID uint `json:"identity_id"` Identity *DBIdentity `json:"-" gorm:"foreignKey:IdentityID"` }
StandardApplication defines settings for a standard application
type DBIdentity ¶ added in v1.0.1
type DBIdentity struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey" json:"id"` Identity uint `json:"identity"` ServerEndpointAddr string ` json:"server_endpoint_addr"` ServerUrl string `json:"server_url"` RevocationListUrl string `json:"revocation_list_url"` }
type DBNode ¶ added in v1.0.1
type DBNode struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `gorm:"index" json:"-"` ID uint `gorm:"primarykey" json:"id,omitempty"` SerialNumber string `gorm:"uniqueindex" json:"serial_number"` NodeNetworkIndex uint `json:"network_index"` Locality string `json:"locality,omitempty"` LastSeen time.Time `json:"-"` Config []*DBNodeConfig `gorm:"foreignKey:NodeID" json:"configs"` }
type DBNodeConfig ¶ added in v1.0.1
type DBNodeConfig struct { CreatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey" json:"id"` NodeID uint `json:"-"` LogLevel uint `gorm:"default:3" json:"log_level,omitempty"` UpdatedAt time.Time `json:"updated_at,omitempty"` ConfigName string `json:"config_name"` Version uint `gorm:"default:0" json:"version,omitempty"` HeartbeatInterval time.Duration `json:"hb_interval"` HardwareConfig []*HardwareConfig `gorm:"foreignKey:ConfigID" json:"hw_config"` Whitelist DBWhitelist `gorm:"foreignKey:NodeConfigID" json:"whitelist"` Application []*DBApplication `gorm:"foreignKey:NodeConfigID" json:"applications"` }
Node represents a node within a network
type DBTrustedClients ¶ added in v1.0.1
type DBTrustedClients struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey:id" json:"id"` WhitelistID uint `json:"-"` ClientEndpointAddr string `json:"client_endpoint_addr"` ApplicationIDs []uint `gorm:"-" json:"application_ids" ` ApplicationTrustsClient []*DBApplication `gorm:"many2many:application_trusts_clients;" json:"-"` }
type DBWhitelist ¶ added in v1.0.1
type DBWhitelist struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt gorm.DeletedAt `json:"-" gorm:"index"` ID uint `gorm:"primarykey" json:"id"` NodeConfigID uint `json:"config_id,omitempty"` TrustedClients []*DBTrustedClients `gorm:"foreignKey:WhitelistID" json:"trusted_clients"` }
type DistributionResponse ¶ added in v1.0.1
type DistributionResponse struct { Node DBNode `json:"node"` CryptoConfig []*DBAslEndpointConfig `json:"crypto_config"` Identities []*DBIdentity `json:"identities"` }
type HTTPRequest ¶
type HardwareConfig ¶ added in v1.0.1
type HardwareConfig struct { ID uint `gorm:"primarykey" json:"-"` ConfigID uint `json:"-"` Config DBNodeConfig `gorm:"foreignKey:ConfigID" json:"-"` Device string `json:"device"` IpCidr string `json:"cidr"` } // Node represents a node within a network
type ImportStructure ¶ added in v1.0.1
type ImportStructure struct { Node []*DBNode `json:"nodes"` CryptoConfig []*DBAslEndpointConfig `json:"crypto"` Identites []*DBIdentity `json:"pki_identities"` }
type Kritis3mAddr ¶ added in v1.0.1
type Kritis3mAddr struct { IP net.IP `json:"-" gorm:"type:varbinary(16)"` // To store up to 16 bytes (IPv6) // 0.0.0.0 for all ports IPStr string `json:"ip" gorm:"-" ` Family ProtoFamiliy `json:"family"` Port uint16 `json:"port"` // 0 for all ports }
@deprecated
func (Kritis3mAddr) MarshalJSON ¶ added in v1.0.1
func (e Kritis3mAddr) MarshalJSON() ([]byte, error)
@deprecated
func (*Kritis3mAddr) UnmarshalJSON ¶ added in v1.0.1
func (addr *Kritis3mAddr) UnmarshalJSON(data []byte) error
Custom JSON Unmarshaling @deperecated
type ProtoFamiliy ¶ added in v1.0.1
type ProtoFamiliy uint8
see linux/sys/socket.h PF_INET=2 &PF_INET6=10
const ( AF_INET ProtoFamiliy = 2 AF_INET6 ProtoFamiliy = 10 )
type Revocation ¶
type SelectedConfiguration ¶ added in v1.0.1
type Subject ¶
type Subject struct { gorm.Model CommonName string `gorm:"unique;not null"` Reenrolled bool `gorm:"not null;default:false"` ReenrolledAt time.Time `gorm:"default:null"` ReenrollCount int `gorm:"not null;default:0"` Revoked bool `gorm:"not null;default:false"` RevokedAt time.Time `gorm:"default:null"` RevokedReason string `gorm:"default:null"` Certificates []Certificate `gorm:"foreignKey:CommonName;references:CommonName"` CSRs []CSR `gorm:"foreignKey:CommonName;references:CommonName"` }