Mirrors
/
nebula
mirror of https://github.com/slackhq/nebula.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nebula/cert
History
John Maguire a56a97e5c3
Add ability to encrypt CA private key at rest (#386) 
Fixes #8.

`nebula-cert ca` now supports encrypting the CA's private key with a
passphrase. Pass `-encrypt` in order to be prompted for a passphrase.
Encryption is performed using AES-256-GCM and Argon2id for KDF. KDF
parameters default to RFC recommendations, but can be overridden via CLI
flags `-argon-memory`, `-argon-parallelism`, and `-argon-iterations`.
 		2023-04-03 13:59:38 -04:00
..
Makefile IPv6 support for outside (udp) (#369) 2021-03-18 20:37:24 -05:00
README.md Public Release 2019-11-19 17:00:20 +00:00
ca.go Allow setup of a CA pool from bytes that contain expired certs (#599) 2021-12-09 21:24:56 -06:00
cert.go Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
cert.pb.go Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
cert.proto Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
cert_test.go Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
crypto.go Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
crypto_test.go Add ability to encrypt CA private key at rest (#386) 2023-04-03 13:59:38 -04:00
errors.go Allow setup of a CA pool from bytes that contain expired certs (#599) 2021-12-09 21:24:56 -06:00

README.md

cert

This is a library for interacting with nebula style certificates and authorities.

A protobuf definition of the certificate format is also included

Compiling the protobuf definition

Make sure you have protoc installed.

To compile for go with the same version of protobuf specified in go.mod:

make