nebula

mirror of https://github.com/slackhq/nebula.git synced 2026-02-14 08:44:24 +01:00

Files

brad-defined 2f71d6b22d Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

* Ensure pubkey coherency when rehydrating a handshake cert
* Include a check during handshakes after cert verification that the noise pubkey matches the cert pubkey.

2026-01-09 09:52:03 -05:00

asn1.go

V2 certificate format (#1216 )

2025-03-06 11:28:26 -06:00

ca_pool_test.go

Enable running testifylint in CI (#1350 )

2025-03-10 17:38:14 -05:00

ca_pool.go

V2 certificate format (#1216 )

2025-03-06 11:28:26 -06:00

cert_v1_test.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

cert_v1.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

cert_v1.pb.go

Cert interface (#1212 )

2024-10-10 18:00:22 -05:00

cert_v1.proto

Cert interface (#1212 )

2024-10-10 18:00:22 -05:00

cert_v2_test.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

cert_v2.asn1

V2 certificate format (#1216 )

2025-03-06 11:28:26 -06:00

cert_v2.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

cert.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

crypto_test.go

Support 32-bit machines in crypto test (#1394 )

2025-04-21 13:28:43 -04:00

crypto.go

Cert interface (#1212 )

2024-10-10 18:00:22 -05:00

errors.go

Ensure pubkey coherency when rehydrating a handshake cert (#1566 )

2026-01-09 09:52:03 -05:00

helper_test.go

V2 certificate format (#1216 )

2025-03-06 11:28:26 -06:00

Makefile

Cert interface (#1212 )

2024-10-10 18:00:22 -05:00

pem_test.go

helper functions to more correctly marshal curve 25519 public keys (#1481 )

2025-10-02 13:56:41 -05:00

pem.go

cert.MarshalSigningPublicKeyToPEM should emit the 'ECDSA' variant of the banner (#1552 )

2025-12-10 10:39:36 -06:00

README.md

V2 certificate format (#1216 )

2025-03-06 11:28:26 -06:00

sign_test.go

Enable running testifylint in CI (#1350 )

2025-03-10 17:38:14 -05:00

sign.go

update to go 1.25, use the cool new ECDSA key marshalling functions (#1483 )

2025-09-29 13:02:25 -05:00

README.md

`cert`

This is a library for interacting with nebula style certificates and authorities.

There are now 2 versions of nebula certificates:

v1

This version is deprecated.

A protobuf definition of the certificate format is included at cert_v1.proto

To compile the definition you will need protoc installed.

To compile for go with the same version of protobuf specified in go.mod:

make proto

v2

This is the latest version which uses asn.1 DER encoding. It can support ipv4 and ipv6 and tolerate future certificate changes better than v1.

cert_v2.asn1 defines the wire format and can be used to compile marshalers.