mitm

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2024 License: MPL-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package mitm provides tooling for MITMing TLS connections. It provides tooling to create CA certs and generate TLS configs that can be used to MITM a TLS connection with a provided CA certificate.

Index

Constants

This section is empty.

Variables

View Source 
var MaxSerialNumber = big.NewInt(0).SetBytes(bytes.Repeat([]byte{255}, 20))

MaxSerialNumber is the upper boundary that is used to create unique serial numbers for the certificate. This can be any unsigned integer up to 20 bytes (2^(8*20)-1).

Functions

func NewAuthority 

func NewAuthority(name, organization string, validity time.Duration) (*x509.Certificate, *rsa.PrivateKey, error)

NewAuthority creates a new CA certificate and associated private key.

Types

type Cache added in v1.4.0 

type Cache struct {
	*freelru.ShardedLRU[string, *tls.Certificate]
}

func NewCache added in v1.4.0 

func NewCache(cfg CacheConfig) (Cache, error)

type CacheConfig added in v1.4.0 

type CacheConfig struct {
	Capacity uint32
	TTL      time.Duration
}

func DefaultCacheConfig added in v1.4.0 

func DefaultCacheConfig() CacheConfig

type CacheMetrics added in v1.4.0 

type CacheMetrics freelru.Metrics

type Config 

type Config struct {
	// contains filtered or unexported fields
}

Config is a set of configuration values that are used to build TLS configs capable of MITM.

func NewConfig 

func NewConfig(ca *x509.Certificate, privateKey any) (*Config, error)

NewConfig creates a MITM config using the CA certificate and private key to generate on-the-fly certificates.

func NewConfigWithCache added in v1.4.0 

func NewConfigWithCache(ca *x509.Certificate, privateKey any, certs Cache) (*Config, error)

func (*Config) CACert added in v1.1.0 

func (c *Config) CACert() *x509.Certificate

CACert returns the CA certificate used to sign the on-the-fly certificates.

func (*Config) CacheMetrics added in v1.4.0 

func (c *Config) CacheMetrics() CacheMetrics

CacheMetrics return the metrics for the certificate cache.

func (*Config) H2Config 

func (c *Config) H2Config() *h2.Config

H2Config returns the current HTTP/2 configuration.

func (*Config) HandshakeErrorCallback 

func (c *Config) HandshakeErrorCallback(r *http.Request, err error)

HandshakeErrorCallback calls the handshakeErrorCallback function in this Config, if it is non-nil. Request is the connect request that this handshake is being executed through.

func (*Config) SetH2Config 

func (c *Config) SetH2Config(h2Config *h2.Config)

SetH2Config configures processing of HTTP/2 streams.

func (*Config) SetHandshakeErrorCallback 

func (c *Config) SetHandshakeErrorCallback(cb func(*http.Request, error))

SetHandshakeErrorCallback sets the handshakeErrorCallback function.

func (*Config) SetOrganization 

func (c *Config) SetOrganization(org string)

SetOrganization sets the organization of the certificate.

func (*Config) SetValidity 

func (c *Config) SetValidity(validity time.Duration)

SetValidity sets the validity window around the current time that the certificate is valid for.

func (*Config) TLS 

func (c *Config) TLS(ctx context.Context) *tls.Config

TLS returns a *tls.Config that will generate certificates on-the-fly using the SNI extension in the TLS ClientHello.

func (*Config) TLSForHost 

func (c *Config) TLSForHost(ctx context.Context, hostname string) *tls.Config

TLSForHost returns a *tls.Config that will generate certificates on-the-fly using SNI from the connection, or fall back to the provided hostname.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.