Affected by GO-2024-2817 and 2 other vulnerabilities

GO-2024-2817: karmada vulnerable to arbitrary code execution via a crafted command in github.com/karmada-io/karmada

GO-2025-3363: Karmada Tar Slips in CRDs archive extraction in github.com/karmada-io/karmada

GO-2025-3364: Karmada PULL Mode Cluster Privilege Escalation in github.com/karmada-io/karmada

pubkeypin

package

v1.10.0-preview4 Latest Latest Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/karmada-io/karmada

Documentation ¶

Index ¶

func Hash(certificate *x509.Certificate) string
type Set
- func NewSet() *Set

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Hash ¶

func Hash(certificate *x509.Certificate) string

Hash calculates the SHA-256 hash of the Subject Public Key Information (SPKI) object in an x509 certificate (in DER encoding). It returns the full hash as a hex encoded string (suitable for passing to Set.Allow).

Types ¶

type Set ¶

type Set struct {
	// contains filtered or unexported fields
}

Set is a set of pinned x509 public keys.

func NewSet ¶

func NewSet() *Set

NewSet returns a new, empty PubKeyPinSet

func (*Set) Allow ¶

func (s *Set) Allow(pubKeyHashes ...string) error

Allow adds an allowed public key hash to the Set

func (*Set) CheckAny ¶

func (s *Set) CheckAny(certificates []*x509.Certificate) error

CheckAny checks if at least one certificate matches one of the public keys in the set

func (*Set) Empty ¶

func (s *Set) Empty() bool

Empty returns true if the Set contains no pinned public keys.

Source Files ¶

View all Source files

pubkeypin.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL