Documentation ¶
Overview ¶
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2023 WeFuzz Research and Development B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- func DecryptPEMBlock(pblock *pem.Block, passphrase []byte) ([]byte, error)
- func EncryptPEMBlock(data []byte, passphrase []byte) (*pem.Block, error)
- func GenerateKeyPair() (ed25519.PublicKey, ed25519.PrivateKey, error)
- func GetPasswordFromStdIn() (string, error)
- func Hash(data string) []byte
- func IsEncryptedPEMBlock(block *pem.Block) bool
- func LoadFile(fileRef string) ([]byte, error)
- func ReadPEMFromFile(path string, passphrase string) (ed25519.PublicKey, ed25519.PrivateKey, error)
- func ReadPassword() ([]byte, error)
- func SavePrivateKey(privateKey ed25519.PrivateKey, keys_folder string, name string, ...)
- func SavePublicKey(publicKey ed25519.PublicKey, keys_folder string, name string, yes bool)
- func VerifyFile(fileRef string) error
- func VerifyReportWithBase64(report Report, publicKey string, signature string) bool
- func VerifyReportWithPublicKey(report Report, publicKey ed25519.PublicKey, signature []byte) bool
- func WritePEMToFile(name string, path string, pemBlock *pem.Block, yes bool) error
- type Report
- type SignerBlob
- func GenerateMessage(targetFile string, publicKey ed25519.PublicKey, privateKey ed25519.PrivateKey, ...) SignerBlob
- func SignBlob(report Report, publicKey ed25519.PublicKey, privateKey ed25519.PrivateKey) SignerBlob
- func SignReport(report report.VulnerabilityReport, publicKey ed25519.PublicKey, ...) SignerBlob
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptPEMBlock ¶
Decrypts a PEM block using AES-256 encryption with the provided passphrase.
func EncryptPEMBlock ¶
Encrypts a PEM block using AES-256 encryption with the provided passphrase.
func GenerateKeyPair ¶
func GenerateKeyPair() (ed25519.PublicKey, ed25519.PrivateKey, error)
Generate a new Ed25519 key pair
func GetPasswordFromStdIn ¶
GetPasswordFromStdIn gathers the password from stdin
func IsEncryptedPEMBlock ¶
IsEncryptedPEMBlock checks if the PEM block is encrypted
func LoadFile ¶
This function is used to load a file from the local file system. It takes a file reference as input and returns the file contents as a byte array
func ReadPEMFromFile ¶
Read private key from PEM file and return ed25519 key pair
func SavePrivateKey ¶
func SavePrivateKey(privateKey ed25519.PrivateKey, keys_folder string, name string, passphrase string, yes bool)
Save Private Key as PEM File
func SavePublicKey ¶
Save Public Key as PEM File
func VerifyFile ¶
This function verifies a given Report Blob file.
func VerifyReportWithBase64 ¶
This function verifies given Report Entry.
func VerifyReportWithPublicKey ¶
This function verifies given Report Entry with public key as ed25519.PublicKey.
Types ¶
type Report ¶
type Report struct { // The version of the report file. Version string `json:"Version"` // Title of the report Title string `json:"Title"` // Description of the report Description string `json:"Description"` // Attributes of the report: list of key value pairs: e.g. "CVE": "CVE-2021-1234" Attributes string `json:"Attributes"` // Author of the report Author string `json:"Author"` // Author of the report AuthorDetailsHash string `json:"AuthorDetailsHash"` // Platform of the report Platform string `json:"Platform"` // Severity of the report Severity string `json:"Severity"` // Attachments of the report Attachments string `json:"Attachments"` }
This is the vulnerability report structure YAML file passed as input to generate the Signature.
type SignerBlob ¶
type SignerBlob struct { Report Report `json:"Report"` PublicKey ed25519.PublicKey `json:"PublicKey"` Signature []byte `json:"Signature"` }
Signer creates digital signatures over a message using a specified key pair
func GenerateMessage ¶
func GenerateMessage(targetFile string, publicKey ed25519.PublicKey, privateKey ed25519.PrivateKey, showAuthor bool) SignerBlob
This function is used to generate a signed, crymessage to be posted on the Trillian data store. It takes a target file as input
func SignBlob ¶
func SignBlob(report Report, publicKey ed25519.PublicKey, privateKey ed25519.PrivateKey) SignerBlob
Signer signs a Vulnerability Blob
func SignReport ¶
func SignReport(report report.VulnerabilityReport, publicKey ed25519.PublicKey, privateKey ed25519.PrivateKey, showAuthor bool) SignerBlob
Signer creates digital signatures over a message using a specified key pair
func (*SignerBlob) GetBytes ¶
func (s *SignerBlob) GetBytes() []byte
func (*SignerBlob) PrettyPrintJSON ¶
func (s *SignerBlob) PrettyPrintJSON() string
func (*SignerBlob) ReadBlobFromJSONFile ¶
func (s *SignerBlob) ReadBlobFromJSONFile(input string) bool
func (*SignerBlob) SaveBlobToFile ¶
func (s *SignerBlob) SaveBlobToFile(output string) bool
func (*SignerBlob) SaveSignatureToFile ¶
func (s *SignerBlob) SaveSignatureToFile(output string) bool