The highest tagged major version is v2.

util

package

v1.5.1 Latest Latest Go to latest Published: Mar 8, 2023 License: GPL-3.0 Imports: 24 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Ne0nd0g/merlin

Links

Open Source Insights

Documentation ¶

Index ¶

func CheckInsecureFingerprint(certificate tls.Certificate) (bool, error)
func DecryptJWE(jweString string, key []byte) (messages.Base, error)
func GenerateTLSCert(serial *big.Int, subject *pkix.Name, dnsNames []string, ...) (*tls.Certificate, error)
func GetJWT(agentID uuid.UUID, key []byte) (string, error)
func GetTLSCertificates(certificate string, key string) (*tls.Certificate, error)
func ValidateJWT(agentJWT string, key []byte) (uuid.UUID, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckInsecureFingerprint ¶ added in v1.0.0

func CheckInsecureFingerprint(certificate tls.Certificate) (bool, error)

CheckInsecureFingerprint calculates the SHA256 hash of the passed in certificate and determines if it matches the publicly distributed key pair from the Merlin repository. Anyone could decrypt the TLS traffic

func DecryptJWE ¶ added in v1.0.0

func DecryptJWE(jweString string, key []byte) (messages.Base, error)

DecryptJWE takes provided JWE string and decrypts it using the per-agent key

func GenerateTLSCert ¶

func GenerateTLSCert(serial *big.Int, subject *pkix.Name, dnsNames []string, notBefore, notAfter *time.Time, privKey crypto.PrivateKey, makeRsa bool) (*tls.Certificate, error)

GenerateTLSCert will generate a new certificate. Nil values in the parameters are replaced with random or blank values.

If makeRsa is set to true, the key generated is an RSA key (EC by default).

If a nil date is passed in for notBefore and notAfter, a random date is picked in the last year.

If a nil date is passed in for notAfter, the date is set to be 2 years after the date provided (or generated) in the notBefore parameter.

Please ensure privkey is a proper private key. The go implementation of this value is challenging, so no type assertion can be made in the function definition.

func GetJWT ¶ added in v1.0.0

func GetJWT(agentID uuid.UUID, key []byte) (string, error)

GetJWT returns a JSON Web Token for the provided agent using the interface JWT Key

func GetTLSCertificates ¶ added in v1.0.0

func GetTLSCertificates(certificate string, key string) (*tls.Certificate, error)

GetTLSCertificates parses PEM encoded input x.509 certificate and key file paths as a string and returns a tls object

func ValidateJWT ¶ added in v1.0.0

func ValidateJWT(agentJWT string, key []byte) (uuid.UUID, error)

ValidateJWT validates the provided JSON Web Token

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL