README
¶
sunlight
Examine the Certificate Transparency Log for Baseline Requirements issues
Documentation
¶
Index ¶
Constants ¶
View Source
const ( VALID_PERIOD_TOO_LONG = "ValidPeriodTooLong" DEPRECATED_SIGNATURE_ALGORITHM = "DeprecatedSignatureAlgorithm" DEPRECATED_VERSION = "DeprecatedVersion" MISSING_CN_IN_SAN = "MissingCNInSan" KEY_TOO_SHORT = "KeyTooShort" EXP_TOO_SMALL = "ExpTooSmall" )
Variables ¶
This section is empty.
Functions ¶
func ReadRootCAMap ¶
Takes the name of a file containing newline-delimited Subject Names (as interpreted by DistinguishedNameToString) that each correspond to a certificate in Mozilla's root CA program. Returns these names as a map of string -> bool.
func TimeToJSONString ¶
func TruncateMonth ¶
Given a time since the epoch in milliseconds, returns a time since the epoch in milliseconds that is the GMT time of the month that most recently began before that time.
Types ¶
type CertSummary ¶
type CertSummary struct {
CN string
Issuer string
Sha256Fingerprint string
NotBefore string
NotAfter string
KeySize int
Exp int
SignatureAlgorithm int
Version int
IsCA bool
DnsNames []string
IpAddresses []string
Violations map[string]bool
MaxReputation float32
IssuerInMozillaDB bool
Timestamp uint64
}
Only fields that start with capital letters are exported
func CalculateCertSummary ¶
func CalculateCertSummary(cert *x509.Certificate, timestamp uint64, ranker *alexa.AlexaRank, certChain []*x509.Certificate, rootCAMap map[string]bool) (result *CertSummary, err error)
func (*CertSummary) ViolatesBR ¶
func (summary *CertSummary) ViolatesBR() bool
type IssuerReputation ¶
type IssuerReputation struct {
Issuer string
IssuerInMozillaDB bool
Scores map[string]*IssuerReputationScore
IsCA uint64
// Issuer reputation, between [0, 1]. This is only affected by certs that
// have MaxReputation != -1
NormalizedScore float32
// Issuer reputation, between [0, 1]. This is affected by all certs, whether
// or not they are associated with domains that appear in Alexa.
RawScore float32
// Total count of certs issued by this issuer for domains in Alexa.
NormalizedCount uint64
// Total count of certs issued by this issuer
RawCount uint64
BeginTime uint64
// contains filtered or unexported fields
}
func NewIssuerReputation ¶
func NewIssuerReputation(issuer pkix.Name, timestamp uint64) *IssuerReputation
func (*IssuerReputation) Finish ¶
func (issuer *IssuerReputation) Finish()
func (*IssuerReputation) Update ¶
func (issuer *IssuerReputation) Update(summary *CertSummary)
type IssuerReputationScore ¶
func (*IssuerReputationScore) Finish ¶
func (score *IssuerReputationScore) Finish(normalizedCount uint64, rawCount uint64)
func (*IssuerReputationScore) Update ¶
func (score *IssuerReputationScore) Update(reputation float32)
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.