signer

package
v3.0.0-...-7b6adf0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 30, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CertType           = "PD NUCLEI USER CERTIFICATE"
	PrivateKeyType     = "PD NUCLEI USER PRIVATE KEY"
	CertFilename       = "nuclei-user.crt"
	PrivateKeyFilename = "nuclei-user-private-key.pem"
	CertEnvVarName     = "NUCLEI_USER_CERTIFICATE"
	PrivateKeyEnvName  = "NUCLEI_USER_PRIVATE_KEY"
)

Variables

View Source
var (
	ErrNoCertificate   = fmt.Errorf("nuclei user certificate not found")
	ErrNoPrivateKey    = fmt.Errorf("nuclei user private key not found")
	SkipGeneratingKeys = false
)
View Source
var (
	ErrUnknownAlgorithm = errors.New("unknown algorithm")
	SignaturePattern    = "# digest: "
	SignatureFmt        = SignaturePattern + "%x" + ":%v" // `#digest: <signature>:<fragment>`
)
View Source
var DefaultTemplateVerifiers []*TemplateSigner

DefaultTemplateVerifiers contains the default template verifiers

Functions

func AddSignerToDefault

func AddSignerToDefault(s *TemplateSigner) error

AddSignerToDefault adds a signer to the default list of signers

func ExtractSignatureAndContent

func ExtractSignatureAndContent(data []byte) (signature, content []byte)

ExtractSignatureAndContent extracts the signature (if present) and returns the content without the signature

Types

type KeyHandler

type KeyHandler struct {
	UserCert   []byte
	PrivateKey []byte
	// contains filtered or unexported fields
}

KeyHandler handles the key generation and management of signer public and private keys

func (*KeyHandler) GenerateKeyPair

func (k *KeyHandler) GenerateKeyPair()

GenerateKeyPair generates a new key-pair for signing code templates

func (*KeyHandler) ParsePrivateKey

func (k *KeyHandler) ParsePrivateKey() error

ParsePrivateKey parses the private key and returns the private key

func (*KeyHandler) ParseUserCert

func (k *KeyHandler) ParseUserCert() error

ParseUserCert parses the user certificate and returns the public key

func (*KeyHandler) ReadCert

func (k *KeyHandler) ReadCert(envName, dir string) error

ReadUserCert reads the user certificate from environment variable or given directory

func (*KeyHandler) ReadPrivateKey

func (k *KeyHandler) ReadPrivateKey(envName, dir string) error

ReadPrivateKey reads the private key from environment variable or given directory

func (*KeyHandler) SaveToDisk

func (k *KeyHandler) SaveToDisk(dir string) error

SaveToDisk saves the generated key-pair to the given directory

type SignableTemplate

type SignableTemplate interface {
	// GetFileImports returns a list of files that are imported by the template
	GetFileImports() []string
	// HasCodeProtocol returns true if the template has a code protocol section
	HasCodeProtocol() bool
}

SignableTemplate is a template that can be signed

type TemplateSigner

type TemplateSigner struct {
	sync.Once
	// contains filtered or unexported fields
}

func NewTemplateSigVerifier

func NewTemplateSigVerifier(cert []byte) (*TemplateSigner, error)

NewTemplateSigVerifier creates a new signer for verifying templates

func NewTemplateSigner

func NewTemplateSigner(cert, privateKey []byte) (*TemplateSigner, error)

NewTemplateSigner creates a new signer for signing templates

func NewTemplateSignerFromFiles

func NewTemplateSignerFromFiles(cert, privKey string) (*TemplateSigner, error)

NewTemplateSignerFromFiles creates a new signer for signing templates

func (*TemplateSigner) GetUserFragment

func (t *TemplateSigner) GetUserFragment() string

fragment is optional part of signature that is used to identify the user who signed the template via md5 hash of public key

func (*TemplateSigner) Identifier

func (t *TemplateSigner) Identifier() string

Identifier returns the identifier for the template signer

func (*TemplateSigner) Sign

func (t *TemplateSigner) Sign(data []byte, tmpl SignableTemplate) (string, error)

Sign signs the given template with the template signer and returns the signature

func (*TemplateSigner) Verify

func (t *TemplateSigner) Verify(data []byte, tmpl SignableTemplate) (bool, error)

Verify verifies the given template with the template signer

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL