Documentation ¶
Index ¶
Constants ¶
View Source
const ( VALID_PERIOD_TOO_LONG = "ValidPeriodTooLong" DEPRECATED_SIGNATURE_ALGORITHM = "DeprecatedSignatureAlgorithm" DEPRECATED_VERSION = "DeprecatedVersion" MISSING_CN_IN_SAN = "MissingCNInSan" KEY_TOO_SHORT = "KeyTooShort" EXP_TOO_SMALL = "ExpTooSmall" )
Variables ¶
This section is empty.
Functions ¶
func ReadRootCAMap ¶
Takes the name of a file containing newline-delimited Subject Names (as interpreted by DistinguishedNameToString) that each correspond to a certificate in Mozilla's root CA program. Returns these names as a map of string -> bool.
func TimeToJSONString ¶
func TruncateMonth ¶
Given a time since the epoch in milliseconds, returns a time since the epoch in milliseconds that is the GMT time of the month that most recently began before that time.
Types ¶
type CertSummary ¶
type CertSummary struct { CN string Issuer string Sha256Fingerprint string NotBefore string NotAfter string KeySize int Exp int SignatureAlgorithm int Version int IsCA bool DnsNames []string IpAddresses []string Violations map[string]bool MaxReputation float32 IssuerInMozillaDB bool Timestamp uint64 }
Only fields that start with capital letters are exported
func CalculateCertSummary ¶
func CalculateCertSummary(cert *x509.Certificate, timestamp uint64, ranker *alexa.AlexaRank, certChain []*x509.Certificate, rootCAMap map[string]bool) (result *CertSummary, err error)
func (*CertSummary) ViolatesBR ¶
func (summary *CertSummary) ViolatesBR() bool
type IssuerReputation ¶
type IssuerReputation struct { Issuer string IssuerInMozillaDB bool Scores map[string]*IssuerReputationScore IsCA uint64 // Issuer reputation, between [0, 1]. This is only affected by certs that // have MaxReputation != -1 NormalizedScore float32 // Issuer reputation, between [0, 1]. This is affected by all certs, whether // or not they are associated with domains that appear in Alexa. RawScore float32 // Total count of certs issued by this issuer for domains in Alexa. NormalizedCount uint64 // Total count of certs issued by this issuer RawCount uint64 BeginTime uint64 // contains filtered or unexported fields }
func NewIssuerReputation ¶
func NewIssuerReputation(issuer pkix.Name, timestamp uint64) *IssuerReputation
func (*IssuerReputation) Finish ¶
func (issuer *IssuerReputation) Finish()
func (*IssuerReputation) Update ¶
func (issuer *IssuerReputation) Update(summary *CertSummary)
type IssuerReputationScore ¶
func (*IssuerReputationScore) Finish ¶
func (score *IssuerReputationScore) Finish(normalizedCount uint64, rawCount uint64)
func (*IssuerReputationScore) Update ¶
func (score *IssuerReputationScore) Update(reputation float32)
Click to show internal directories.
Click to hide internal directories.