Documentation ¶
Overview ¶
Package mitm provides tooling for MITMing TLS connections. It provides tooling to create CA certs and generate TLS configs that can be used to MITM a TLS connection with a provided CA certificate.
Index ¶
- Variables
- func NewAuthority(name, organization string, validity time.Duration) (*x509.Certificate, *rsa.PrivateKey, error)
- type Config
- func (c *Config) HandshakeErrorCallback(r *http.Request, err error)
- func (c *Config) SetHandshakeErrorCallback(cb func(*http.Request, error))
- func (c *Config) SetOrganization(org string)
- func (c *Config) SetValidity(validity time.Duration)
- func (c *Config) SkipTLSVerify(skip bool)
- func (c *Config) TLS() *tls.Config
- func (c *Config) TLSForHost(hostname string) *tls.Config
Constants ¶
This section is empty.
Variables ¶
MaxSerialNumber is the upper boundary that is used to create unique serial numbers for the certificate. This can be any unsigned integer up to 20 bytes (2^(8*20)-1).
Functions ¶
func NewAuthority ¶
func NewAuthority(name, organization string, validity time.Duration) (*x509.Certificate, *rsa.PrivateKey, error)
NewAuthority creates a new CA certificate and associated private key.
Types ¶
type Config ¶
type Config struct {
// contains filtered or unexported fields
}
Config is a set of configuration values that are used to build TLS configs capable of MITM.
func NewConfig ¶
func NewConfig(ca *x509.Certificate, privateKey interface{}) (*Config, error)
NewConfig creates a MITM config using the CA certificate and private key to generate on-the-fly certificates.
func (*Config) HandshakeErrorCallback ¶
HandshakeErrorCallback calls the handshakeErrorCallback function in this Config, if it is non-nil. Request is the connect request that this handshake is being executed through.
func (*Config) SetHandshakeErrorCallback ¶
SetHandshakeErrorCallback sets the handshakeErrorCallback function.
func (*Config) SetOrganization ¶
SetOrganization sets the organization of the certificate.
func (*Config) SetValidity ¶
SetValidity sets the validity window around the current time that the certificate is valid for.
func (*Config) SkipTLSVerify ¶
SkipTLSVerify skips the TLS certification verification check.