Light

namecoin / x509-signature-splice Goto Github PK

View Code? Open in Web Editor NEW

0.0 3.0 3.0 377 KB

Create X.509 certificates while splicing in a user-supplied signature. Repo deprecated in favor of splicesign.

License: Other

Shell 33.85% Go 66.15%

x509 certificates

x509-signature-splice's Introduction

X.509 Signature Splicing Library

x509-signature-splice is a Go library for creating an X.509 certificate with a user-supplied signature, instead of creating a signature from a user-supplied private key. It is designed to be used in situations where a certificate template and a signature are available separately, but the private key is not available. One example of such a situation is the dehydrated certificate system used by Namecoin for TLS.

Building

Prerequisites:

Ensure you have the Go tools installed.

Option A: Using Go build commands (works on any platform with Bash):

Ensure you have the GOPATH environment variable set. (For those not familar with Go, setting it to the path to an empty directory will suffice. The directory will be filled with build files.)
Run go get -d -t -u github.com/namecoin/x509-signature-splice/.... The x509-signature-splice source code will be retrieved automatically.
Run go generate github.com/namecoin/x509-signature-splice/.... Some source code will be generated.
You can now import "github.com/x509-signature-splice/x509" from your Go projects.

Licence

Original Go standard library code Copyright (c) 2009 The Go Authors. All rights reserved.

Signature splice modifications Copyright (c) 2015-2019 The Namecoin Developers. All rights reserved.

Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.

x509-signature-splice's People

Contributors

Watchers

Forkers

jeremyrand darren isabella232

x509-signature-splice's Issues

x509 needs rebase for Go 1.15

Go 1.15 has some nontrivial changes to x509, which will require a rebase from us. Travis failure at https://travis-ci.org/github/namecoin/x509-signature-splice/jobs/722382352 .

Try splicing with upstream x509 and custom crypto.Signer

I ran into @FiloSottile at 36C3; he said we might be able to kill off Namecoin's fork of x509 by instead implementing a custom crypto.Signer (passed as the priv argument to CreateCertificate) that returns a hardcoded signature instead of using a private key to sign the cert. He also suggested that such an implementation could do a sanity check by verifying that the signature is valid for the passed data, and returning an error if it isn't.

I'll try doing this ASAP. Looks like a good, workable approach AFAICT, and killing our fork would be an excellent outcome. Thanks Filippo for the tip!

x509 needs rebase for Go 1.13beta1

Go 1.13beta1 has some nontrivial changes to x509, which will require a rebase from us. Any PR that does this shouldn't be merged until we switch to Go 1.13 or higher for rbm builds.

build failure near x509 types. go 1.14.4

        [RELOCATE]        
        [GO-GET]          github.com/namecoin/ncdns
# github.com/namecoin/x509-signature-splice/x509
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:98:62: undefined: Certificate
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:114:32: undefined: signingParamsForPublicKey
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:122:45: undefined: marshalPublicKey
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:127:21: undefined: subjectBytes
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:132:22: undefined: subjectBytes
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:142:21: undefined: buildExtensions
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:142:72: undefined: emptyASN1Subject
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:148:7: undefined: tbsCertificate
src/github.com/namecoin/x509-signature-splice/x509/x509_splice.go:189:22: undefined: certificate

Any ideas on what is going on? What namespace is 'Certificate' type defined in?

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.