personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-22 16:34:25 +01:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add ability to encrypt CA private key at rest (#386)

Browse Source 
Fixes #8.

`nebula-cert ca` now supports encrypting the CA's private key with a
passphrase. Pass `-encrypt` in order to be prompted for a passphrase.
Encryption is performed using AES-256-GCM and Argon2id for KDF. KDF
parameters default to RFC recommendations, but can be overridden via CLI
flags `-argon-memory`, `-argon-parallelism`, and `-argon-iterations`.
This commit is contained in:
John Maguire
2023-04-03 13:59:38 -04:00
committed by GitHub
parent ee8e1348e9
commit a56a97e5c3
16 changed files with 1037 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -24,6 +24,7 @@ require (
golang.org/x/exp v0.0.0-20230310171629-522b1b587ee0
golang.org/x/net v0.8.0
golang.org/x/sys v0.6.0
golang.org/x/term v0.6.0
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2
golang.zx2c4.com/wireguard/windows v0.5.3
google.golang.org/protobuf v1.29.0
@@ -42,7 +43,6 @@ require (
github.com/prometheus/procfs v0.9.0 // indirect
github.com/vishvananda/netns v0.0.4 // indirect
golang.org/x/mod v0.9.0 // indirect
golang.org/x/term v0.6.0 // indirect
golang.org/x/tools v0.7.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)