Documentation
¶
Index ¶
Constants ¶
const ( MICROSOFT = "microsoft" MOZILLA_NSS = "mozilla_nss" OPENJDK = "openjdk" )
const ( MicrosoftCACertificateReportCSV = "https://ccadb-public.secure.force.com/microsoft/IncludedCACertificateReportForMSFTCSV" MicrosoftAuthrootStl = "http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authroot.stl" )
const ( MozillaIncludedCACertificateReportCSV = "https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportCSVFormat" MozillaRemovedCACertificateReportCSV = "https://ccadb-public.secure.force.com/mozilla/RemovedCACertificateReportCSVFormat" )
const AppleKBURL = "https://support.apple.com/en-us/HT209143"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AppleCTL ¶ added in v0.2.0
type AppleCTL struct {
*CTL `yaml:",inline"`
PublishURL string `yaml:"publish_url,omitempty"`
PublishedDate string `yaml:"published_date,omitempty"`
}
func NewAppleCTL ¶ added in v0.2.0
func NewAppleCTL() *AppleCTL
type CTL ¶
type Cert ¶
type Cert struct {
*x509.Certificate `json:"_"`
Checksum string `json:"checksum,omitempty"`
}
Cert adds Checksum field to x509.Cerificate to store SHA256
type CertStore ¶
type CertStore struct {
Certs []*Cert
// contains filtered or unexported fields
}
CertStore is a set of certificates.
func LoadSystemRoots ¶
func (*CertStore) AddCert ¶
func (s *CertStore) AddCert(cert *x509.Certificate)
AddCert adds a certificate to CertStore.
func (*CertStore) AppendCertsFromPEM ¶
AppendCertsFromPEM attempts to parse a series of PEM encoded certificates. It appends any certificates found to s and reports whether any certificates were successfully parsed.
On many Linux systems, /etc/ssl/cert.pem will contain the system wide set of root CAs in a format suitable for this function.
type MicrosoftCTL ¶ added in v0.3.0
type MicrosoftCTL struct {
*CTL `yaml:",inline"`
CCADBUrl string `yaml:"ccadb_url"`
CCADBChecksum string `yaml:"ccadb_checksum,omitempty"`
}
func NewMicrosoftCTL ¶ added in v0.3.0
func NewMicrosoftCTL() *MicrosoftCTL
func (*MicrosoftCTL) Fetch ¶ added in v0.3.0
func (ctl *MicrosoftCTL) Fetch() error
Fetch Microsoft's CTL from two sources, ccadb and authroot.stl
func (*MicrosoftCTL) Verify ¶ added in v0.3.0
func (ctl *MicrosoftCTL) Verify(certs []*Cert, allowedCerts Entrys) *VerifyResult
Verify that the specified certificate is included in the CTL or has been removed
type MozillaCTL ¶
type MozillaCTL struct {
*CTL `yaml:",inline"`
URLIncluded string `yaml:"url_included,omitempty"`
ChecksumIncluded string `yaml:"checksum_included,omitempty"`
URLRemoved string `yaml:"url_removed,omitempty"`
ChecksumRemoved string `yaml:"checksum_removed,omitempty"`
}
func NewMozillaCTL ¶
func NewMozillaCTL() *MozillaCTL
func (*MozillaCTL) Fetch ¶ added in v0.2.0
func (ctl *MozillaCTL) Fetch() error
Fetch Mozilla's CA certificate report from https://www.ccadb.org
func (*MozillaCTL) Verify ¶ added in v0.2.0
func (ctl *MozillaCTL) Verify(certs []*Cert, allowedCerts Entrys) *VerifyResult
Verify that the specified certificate is included in the CTL or has been removed
type VerifyResult ¶
type VerifyResult struct {
Total int
TrustedCerts []*Cert `json:"_"`
AllowedCerts []*Cert `json:"allowed_certs,omitempty"`
RemovedCerts []*Cert `json:"removed_certs,omitempty"`
UnknownCerts []*Cert `json:"unknown_certs,omitempty"`
// contains filtered or unexported fields
}
func (*VerifyResult) ConsoleReport ¶ added in v0.2.0
func (result *VerifyResult) ConsoleReport() (output string)
Source Files