certutils

package

v0.0.4 Latest Latest Go to latest Published: Nov 20, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/chainreactors/malice-network

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenerateClientCert(host, name string, port int) (*mtls.ClientConfig, error)
func GenerateListenerCert(host, name string, port int) (*mtls.ClientConfig, error)
func GenerateRootCert() error
func GenerateServerCert(name string) ([]byte, []byte, error)
func GenerateTlsCert(name, listenerID string) (string, string, error)
func GetCertificateAuthority() (*x509.Certificate, *rsa.PrivateKey, error)
func GetCertificateAuthorityPEM(caCertPath, caKeyPath string) ([]byte, []byte, error)
func GetOperatorServerMTLSConfig(host string) *tls.Config
func ParseCertificateAuthority(certPEM, keyPEM []byte) (*x509.Certificate, *rsa.PrivateKey, error)
func RemoveCertificate(caType int, keyType string, commonName string) error
func SaveCertificateAuthority(caType int, cert []byte, key []byte)
func WrapToTlsConfig(config *configs.CertConfig) (*tls.Config, error)
func WrapWithTls(lsn net.Listener, config *configs.CertConfig) (net.Listener, error)

Constants ¶

View Source

const (
	OperatorCA = iota + 1
	ListenerCA
	ImplantCA
	RootCA
)

View Source

const (
	// RSAKey - Namespace for RSA keys
	RSAKey            = "rsa"
	RootName          = "Root"
	ListenerNamespace = "listener" // Listener servers

)

Variables ¶

This section is empty.

Functions ¶

func GenerateClientCert ¶

func GenerateClientCert(host, name string, port int) (*mtls.ClientConfig, error)

func GenerateListenerCert ¶

func GenerateListenerCert(host, name string, port int) (*mtls.ClientConfig, error)

func GenerateRootCert ¶

func GenerateRootCert() error

func GenerateServerCert ¶

func GenerateServerCert(name string) ([]byte, []byte, error)

func GenerateTlsCert ¶

func GenerateTlsCert(name, listenerID string) (string, string, error)

func GetCertificateAuthority ¶

func GetCertificateAuthority() (*x509.Certificate, *rsa.PrivateKey, error)

GetCertificateAuthority - Get the current CA certificate

func GetCertificateAuthorityPEM ¶

func GetCertificateAuthorityPEM(caCertPath, caKeyPath string) ([]byte, []byte, error)

GetCertificateAuthorityPEM - Get PEM encoded CA cert/key

func GetOperatorServerMTLSConfig ¶

func GetOperatorServerMTLSConfig(host string) *tls.Config

GetOperatorServerMTLSConfig - Get the TLS config for the operator server

func ParseCertificateAuthority ¶

func ParseCertificateAuthority(certPEM, keyPEM []byte) (*x509.Certificate, *rsa.PrivateKey, error)

func RemoveCertificate ¶

func RemoveCertificate(caType int, keyType string, commonName string) error

RemoveCertificate - Remove a certificate from the cert store

func SaveCertificateAuthority ¶

func SaveCertificateAuthority(caType int, cert []byte, key []byte)

SaveCertificateAuthority - Save the certificate and the key to the filesystem doesn't return an error because errors are fatal. If we can't generate CAs, then we can't secure communication and we should die a horrible death.

func WrapToTlsConfig ¶

func WrapToTlsConfig(config *configs.CertConfig) (*tls.Config, error)

func WrapWithTls ¶

func WrapWithTls(lsn net.Listener, config *configs.CertConfig) (net.Listener, error)

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL