Documentation
¶
Index ¶
- type ApplicationTrustsClients
- type ApplicationType
- type CSR
- type Certificate
- type CertificateStatus
- type CertificateWithStatus
- type DB
- func (db *DB) AutoMigrateWithReflection() error
- func (db *DB) Close() error
- func (db *DB) Create(record interface{}) error
- func (db *DB) Delete(record interface{}) error
- func (db *DB) DisablePreviousCerts(commonName string, serialNumber string) error
- func (db *DB) Find(record interface{}, id uint) error
- func (db *DB) GetCertificate(serialNumber string) (certificate Certificate, found bool)
- func (db *DB) GetCertificates() []Certificate
- func (db *DB) GetNodes() ([]Node, error)
- func (db *DB) GetRevocations() ([]Certificate, bool)
- func (db *DB) GetSubject(commonName string) (subject Subject, found bool)
- func (db *DB) GetSubjects() []Subject
- func (db *DB) SaveCSR(csr *x509.CertificateRequest) error
- func (db *DB) SaveCertificateFromSubject(subject string, cert x509.Certificate) error
- func (db *DB) SaveHTTPRequest(r *http.Request) error
- func (db *DB) SaveRevocation(certID uint, reason string) error
- func (db *DB) Update(record interface{}) error
- func (db *DB) UpdateCertificate(serialNumber string, updates map[string]interface{}) error
- func (db *DB) UpdateNodeStatus(nodeID int, status NodeState) error
- func (db *DB) UpdateSubject(commonName string, updates map[string]interface{}) error
- type DBApplication
- type DBAslEndpointConfig
- type DBIdentity
- type DBNode
- type DBNodeConfig
- type DBNodes
- type DBTrustedClients
- type DBWhitelist
- type DistributionResponse
- type HTTPRequest
- type HardwareConfig
- type ImportStructure
- type Kritis3mAddr
- type Node
- type NodeState
- type ProtoFamiliy
- type Revocation
- type SelectedConfiguration
- type Subject
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ApplicationType ¶
type ApplicationType uint8
const ( ForwardProxy ApplicationType = 0 ReverseProxy ApplicationType = 1 TLS_TLSProxy ApplicationType = 2 //server and client tls endpoint EchoServer ApplicationType = 3 L2Bridge ApplicationType = 4 NetworkTester ApplicationType = 5 //server and client tls endpoint TcpStdinBridge ApplicationType = 6 //server and client tls endpoint )
func (ApplicationType) String ¶
func (a ApplicationType) String() string
type Certificate ¶
type Certificate struct {
gorm.Model
SerialNumber string `gorm:"unique;not null"`
CommonName string `gorm:"not null"`
Organization string `gorm:"not null;type:text"`
IssuedAt time.Time `gorm:"not null"`
ExpiresAt time.Time `gorm:"not null"`
SignatureAlgo string `gorm:"not null"`
Status CertificateStatus `gorm:"not null"`
RevokedAt time.Time `gorm:"default:null"`
RevokedReason string `gorm:"default:null"`
}
type CertificateStatus ¶
type CertificateStatus string
enum for CertificateStatus
const ( CertificateStatusPending CertificateStatus = "pending" CertificateStatusActive CertificateStatus = "active" CertificateStatusRevoked CertificateStatus = "revoked" )
type CertificateWithStatus ¶
type CertificateWithStatus struct {
Certificate x509.Certificate
Status CertificateStatus
}
type DB ¶
type DB struct {
// contains filtered or unexported fields
}
func NewDB ¶
NewDB creates a new DB instance and initializes the database connection (SQLite or PostgreSQL).
func (*DB) AutoMigrateWithReflection ¶
AutoMigrateWithReflection finds and registers all GORM models using reflection
func (*DB) DisablePreviousCerts ¶
DisablePreviousCerts disables all previous certificates for a subject
func (*DB) GetCertificate ¶
func (db *DB) GetCertificate(serialNumber string) (certificate Certificate, found bool)
GetCertificate checks if a certificate is present in the database
func (*DB) GetCertificates ¶
func (db *DB) GetCertificates() []Certificate
GetCertificates returns all certificates from the database
func (*DB) GetRevocations ¶
func (db *DB) GetRevocations() ([]Certificate, bool)
GetRevocation checks if a certificate is revoked in the database returns the revocation record if found
func (*DB) GetSubject ¶
GetSubject checks if a subject is present in the database
func (*DB) GetSubjects ¶
GetSubjects returns all subjects from the database
func (*DB) SaveCSR ¶
func (db *DB) SaveCSR(csr *x509.CertificateRequest) error
SaveCSR saves a certificate signing request to the database
func (*DB) SaveCertificateFromSubject ¶
func (db *DB) SaveCertificateFromSubject(subject string, cert x509.Certificate) error
func (*DB) SaveRevocation ¶
SaveRevocation saves a certificate revocation to the database
func (*DB) UpdateCertificate ¶
UpdateCertificate updates any field of a certificate in the database
func (*DB) UpdateNodeStatus ¶
Update Status
type DBApplication ¶
type DBApplication struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey" json:"id"`
NodeConfigID uint `json:"config_id,omitempty"`
State bool `json:",omitempty"`
TrustedClients []*DBTrustedClients `gorm:"many2many:application_trusts_clients" json:"-"`
Type ApplicationType `json:"type"`
ServerEndpointAddr string `json:"server_endpoint_addr"`
ClientEndpointAddr string `json:"client_endpoint_addr"`
Ep1ID uint `json:"ep1_id,omitempty"`
Ep1 *DBAslEndpointConfig `json:"-" gorm:"foreignKey:Ep1ID"`
Ep2ID uint `json:"ep2_id,omitempty"`
Ep2 *DBAslEndpointConfig `json:"-" gorm:"foreignKey:Ep2ID"`
LogLevel uint `json:"log_level,omitempty" gorm:"default:3"`
}
type DBAslEndpointConfig ¶
type DBAslEndpointConfig struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey" json:"id"`
Name string `json:"name"`
MutualAuthentication bool `json:"mutual_auth"`
NoEncryption bool `json:"no_encrypt"`
ASLKeyExchangeMethod asl.ASLKeyExchangeMethod `json:"kex"`
UseSecureElement bool `json:"use_secure_elem"`
Keylog bool `json:"keylog"`
IdentityID uint `json:"identity_id"`
Identity *DBIdentity `json:"-" gorm:"foreignKey:IdentityID"`
}
StandardApplication defines settings for a standard application
type DBIdentity ¶
type DBIdentity struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey" json:"id"`
Identity uint `json:"identity"`
ServerEndpointAddr string ` json:"server_endpoint_addr"`
ServerUrl string `json:"server_url"`
RevocationListUrl string `json:"revocation_list_url"`
}
type DBNode ¶
type DBNode struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `gorm:"index" json:"-"`
ID uint `gorm:"primarykey" json:"id,omitempty"`
SerialNumber string `gorm:"uniqueindex" json:"serial_number"`
NodeNetworkIndex uint `json:"network_index"`
Locality string `json:"locality,omitempty"`
LastSeen time.Time `json:"-"`
Config []*DBNodeConfig `gorm:"foreignKey:NodeID" json:"configs"`
}
type DBNodeConfig ¶
type DBNodeConfig struct {
CreatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey" json:"id"`
NodeID uint `json:"-"`
LogLevel uint `gorm:"default:3" json:"log_level,omitempty"`
UpdatedAt time.Time `json:"updated_at,omitempty"`
ConfigName string `json:"config_name"`
Version uint `gorm:"default:0" json:"version,omitempty"`
HeartbeatInterval time.Duration `json:"hb_interval"`
HardwareConfig []*HardwareConfig `gorm:"foreignKey:ConfigID" json:"hw_config"`
Whitelist DBWhitelist `gorm:"foreignKey:NodeConfigID" json:"whitelist"`
Application []*DBApplication `gorm:"foreignKey:NodeConfigID" json:"applications"`
}
Node represents a node within a network
type DBTrustedClients ¶
type DBTrustedClients struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey:id" json:"id"`
WhitelistID uint `json:"-"`
ClientEndpointAddr string `json:"client_endpoint_addr"`
ApplicationIDs []uint `gorm:"-" json:"application_ids" `
ApplicationTrustsClient []*DBApplication `gorm:"many2many:application_trusts_clients;" json:"-"`
}
type DBWhitelist ¶
type DBWhitelist struct {
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
DeletedAt gorm.DeletedAt `json:"-" gorm:"index"`
ID uint `gorm:"primarykey" json:"id"`
NodeConfigID uint `json:"config_id,omitempty"`
TrustedClients []*DBTrustedClients `gorm:"foreignKey:WhitelistID" json:"trusted_clients"`
}
type DistributionResponse ¶
type DistributionResponse struct {
Node DBNode `json:"node"`
CryptoConfig []*DBAslEndpointConfig `json:"crypto_config"`
Identities []*DBIdentity `json:"identities"`
}
type HTTPRequest ¶
type HardwareConfig ¶
type HardwareConfig struct {
ID uint `gorm:"primarykey" json:"-"`
ConfigID uint `json:"-"`
Config DBNodeConfig `gorm:"foreignKey:ConfigID" json:"-"`
Device string `json:"device"`
IpCidr string `json:"cidr"`
} // Node represents a node within a network
type ImportStructure ¶
type ImportStructure struct {
Node []*DBNode `json:"nodes"`
CryptoConfig []*DBAslEndpointConfig `json:"crypto"`
Identites []*DBIdentity `json:"pki_identities"`
}
type Kritis3mAddr ¶
type Kritis3mAddr struct {
IP net.IP `json:"-" gorm:"type:varbinary(16)"` // To store up to 16 bytes (IPv6) // 0.0.0.0 for all ports
IPStr string `json:"ip" gorm:"-" `
Family ProtoFamiliy `json:"family"`
Port uint16 `json:"port"` // 0 for all ports
}
@deprecated
func (*Kritis3mAddr) UnmarshalJSON ¶
func (addr *Kritis3mAddr) UnmarshalJSON(data []byte) error
Custom JSON Unmarshaling @deperecated
type ProtoFamiliy ¶
type ProtoFamiliy uint8
see linux/sys/socket.h PF_INET=2 &PF_INET6=10
const ( AF_INET ProtoFamiliy = 2 AF_INET6 ProtoFamiliy = 10 )
type Revocation ¶
type SelectedConfiguration ¶
type Subject ¶
type Subject struct {
gorm.Model
CommonName string `gorm:"unique;not null"`
Reenrolled bool `gorm:"not null;default:false"`
ReenrolledAt time.Time `gorm:"default:null"`
ReenrollCount int `gorm:"not null;default:0"`
Revoked bool `gorm:"not null;default:false"`
RevokedAt time.Time `gorm:"default:null"`
RevokedReason string `gorm:"default:null"`
Certificates []Certificate `gorm:"foreignKey:CommonName;references:CommonName"`
CSRs []CSR `gorm:"foreignKey:CommonName;references:CommonName"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.