├── bundler └── testdata │ ├── empty.pem │ ├── client-auth │ ├── root-config.json │ ├── int-csr.json │ ├── leaf-client-csr.json │ ├── leaf-server-csr.json │ ├── root-csr.json │ ├── int-config.json │ ├── build_certs.sh │ ├── leaf-client.pem │ ├── leaf-server.pem │ ├── int.pem │ └── root.pem │ ├── cfssl-leaf-ecdsa256.key │ ├── inter-L2.key │ ├── cfssl-leaf-ecdsa384.key │ ├── cfssl-leaf-ecdsa521.key │ ├── cfssl-leaf-ecdsa256.csr │ ├── inter-L2.csr │ └── cfssl-leaf-ecdsa384.csr ├── helpers ├── testdata │ ├── empty.pem │ ├── emptycert.pem │ ├── cert.der │ ├── empty_pkcs7.der │ ├── multiplecerts.p12 │ ├── passwordpkcs12.p12 │ ├── emptypasswordpkcs12.p12 │ ├── empty_pkcs7.pem │ ├── private_ed25519_key.pem │ ├── private_ecdsa_key.pem │ ├── secp256k1-key.pem │ ├── openssl_secp384.pem │ ├── noheadercert.pem │ ├── ecdsa256.csr │ ├── messedupcert.pem │ └── cert.pem └── testsuite │ └── testdata │ ├── cert_csr.json │ └── initCA │ └── ca_csr.json ├── cli ├── testdata │ ├── test.txt │ ├── bad_csr.json │ ├── db-config.json │ ├── bad_oid_csr.json │ └── csr.json ├── bundle │ └── bundle_test.go ├── gencrl │ ├── testdata │ │ └── serialList │ └── gencrl_test.go ├── serve │ ├── README.md │ └── static │ │ └── index.html ├── version │ └── version_test.go ├── gencsr │ └── testdata │ │ └── csr.json ├── genkey │ └── testdata │ │ └── csr.json └── scan │ └── scan_test.go ├── cmd ├── cfssl │ └── cfssl_test.go ├── mkbundle │ └── mkbundle_test.go └── cfssljson │ ├── testdata │ └── test.txt │ └── cfssljson_test.go ├── crl └── testdata │ ├── serialList │ ├── ca-key.pem │ └── ca.pem ├── multiroot └── config │ └── testdata │ ├── badconfig.json │ ├── bad.conf │ ├── bad-db-config.json │ ├── db-config.json │ ├── test2.conf │ ├── server.der │ ├── roots_no_kdl_private_key.conf │ ├── roots_ksm.conf │ ├── roots_missing_private.conf │ ├── roots_missing_private_key_entry.conf │ ├── roots_badspec2.conf │ ├── roots.conf │ ├── roots_badspec.conf │ ├── roots_badspec3.conf │ ├── roots_der.conf │ ├── roots_bad_certificate.conf │ ├── roots_bad_private_key.conf │ ├── roots_badconfig.conf │ ├── roots_missing_certificate.conf │ ├── roots_missing_certificate_entry.conf │ ├── roots_db.conf │ ├── roots_bad_db.conf │ ├── roots_bad_whitelist.conf │ ├── roots_bad_whitelist2.conf │ ├── roots_whitelist.conf │ ├── roots_whitelist_ipv6.conf │ └── test.conf ├── vendor ├── golang.org │ └── x │ │ ├── sys │ │ ├── unix │ │ │ ├── .gitignore │ │ │ ├── ptrace_ios.go │ │ │ ├── syscall_linux_amd64_gc.go │ │ │ ├── endian_big.go │ │ │ ├── ptrace_darwin.go │ │ │ ├── constants.go │ │ │ ├── mmap_nomremap.go │ │ │ ├── endian_little.go │ │ │ ├── aliases.go │ │ │ ├── pagesize_unix.go │ │ │ ├── readdirent_getdents.go │ │ │ ├── sysvshm_unix_other.go │ │ │ ├── asm_aix_ppc64.s │ │ │ ├── syscall_linux_gc_arm.go │ │ │ ├── asm_solaris_amd64.s │ │ │ ├── fcntl_linux_32bit.go │ │ │ ├── syscall_linux_alarm.go │ │ │ ├── gccgo_linux_amd64.go │ │ │ ├── syscall_linux_gc.go │ │ │ ├── syscall_hurd_386.go │ │ │ ├── sysvshm_linux.go │ │ │ ├── sockcmsg_dragonfly.go │ │ │ ├── race0.go │ │ │ ├── syscall_linux_gc_386.go │ │ │ ├── syscall_linux_gccgo_arm.go │ │ │ ├── syscall_unix_gc.go │ │ │ ├── syscall_solaris_amd64.go │ │ │ └── race.go │ │ ├── cpu │ │ │ ├── cpu_other_arm.go │ │ │ ├── cpu_zos.go │ │ │ ├── cpu_other_arm64.go │ │ │ ├── cpu_riscv64.go │ │ │ ├── cpu_loong64.go │ │ │ ├── cpu_mipsx.go │ │ │ ├── cpu_other_riscv64.go │ │ │ ├── cpu_gc_arm64.go │ │ │ ├── cpu_other_mips64x.go │ │ │ ├── cpu_linux_noinit.go │ │ │ ├── cpu_other_ppc64x.go │ │ │ ├── cpu_gccgo_arm64.go │ │ │ ├── cpu_linux.go │ │ │ ├── cpu_mips64x.go │ │ │ ├── cpu_openbsd_arm64.s │ │ │ ├── cpu_ppc64x.go │ │ │ ├── endian_big.go │ │ │ ├── runtime_auxv_go121.go │ │ │ ├── runtime_auxv.go │ │ │ ├── endian_little.go │ │ │ ├── asm_aix_ppc64.s │ │ │ ├── cpu_wasm.go │ │ │ ├── cpu_gc_x86.go │ │ │ ├── cpu_linux_mips64x.go │ │ │ ├── cpu_x86.s │ │ │ ├── cpu_aix.go │ │ │ └── cpu_zos_s390x.go │ │ └── windows │ │ │ ├── empty.s │ │ │ ├── aliases.go │ │ │ ├── mksyscall.go │ │ │ ├── race0.go │ │ │ ├── str.go │ │ │ └── race.go │ │ ├── crypto │ │ ├── curve25519 │ │ │ └── internal │ │ │ │ └── field │ │ │ │ ├── sync.checkpoint │ │ │ │ ├── fe_arm64_noasm.go │ │ │ │ ├── fe_amd64_noasm.go │ │ │ │ ├── README │ │ │ │ ├── fe_arm64.go │ │ │ │ ├── fe_amd64.go │ │ │ │ └── sync.sh │ │ ├── internal │ │ │ └── poly1305 │ │ │ │ └── mac_noasm.go │ │ └── chacha20 │ │ │ ├── chacha_noasm.go │ │ │ ├── chacha_arm64.go │ │ │ └── chacha_ppc64le.go │ │ ├── net │ │ └── idna │ │ │ ├── pre_go118.go │ │ │ └── go118.go │ │ └── text │ │ └── secure │ │ └── bidirule │ │ ├── bidirule10.0.0.go │ │ └── bidirule9.0.0.go ├── github.com │ ├── lib │ │ └── pq │ │ │ ├── .gitignore │ │ │ ├── conn_go115.go │ │ │ ├── oid │ │ │ └── doc.go │ │ │ ├── user_other.go │ │ │ ├── ssl_windows.go │ │ │ ├── uuid.go │ │ │ └── user_posix.go │ ├── prometheus │ │ ├── procfs │ │ │ ├── .gitignore │ │ │ ├── MAINTAINERS.md │ │ │ ├── CODE_OF_CONDUCT.md │ │ │ ├── SECURITY.md │ │ │ ├── .golangci.yml │ │ │ └── NOTICE │ │ ├── client_golang │ │ │ └── prometheus │ │ │ │ ├── .gitignore │ │ │ │ └── README.md │ │ ├── client_model │ │ │ └── NOTICE │ │ └── common │ │ │ └── NOTICE │ ├── pelletier │ │ └── go-toml │ │ │ ├── .dockerignore │ │ │ ├── .gitignore │ │ │ ├── PULL_REQUEST_TEMPLATE.md │ │ │ ├── fuzz.sh │ │ │ ├── Dockerfile │ │ │ ├── tomltree_writepub.go │ │ │ ├── fuzz.go │ │ │ └── Makefile │ ├── google │ │ └── certificate-transparency-go │ │ │ ├── CODEOWNERS │ │ │ ├── x509 │ │ │ ├── README.md │ │ │ ├── root_aix.go │ │ │ ├── root_nocgo_darwin.go │ │ │ ├── root_zos.go │ │ │ ├── root_solaris.go │ │ │ ├── ptr_uint_windows.go │ │ │ ├── root_js.go │ │ │ ├── root_wasip1.go │ │ │ ├── root.go │ │ │ ├── ptr_sysptr_windows.go │ │ │ └── root_bsd.go │ │ │ ├── asn1 │ │ │ └── README.md │ │ │ ├── .gitignore │ │ │ ├── .golangci.yaml │ │ │ ├── codecov.yml │ │ │ └── PULL_REQUEST_TEMPLATE.md │ ├── mattn │ │ └── go-sqlite3 │ │ │ ├── .codecov.yml │ │ │ ├── .gitignore │ │ │ ├── sqlite3_solaris.go │ │ │ ├── sqlite3_opt_fts5.go │ │ │ ├── sqlite3_opt_os_trace.go │ │ │ ├── sqlite3_opt_math_functions.go │ │ │ ├── sqlite3_opt_stat4.go │ │ │ ├── sqlite3_opt_introspect.go │ │ │ ├── sqlite3_opt_secure_delete.go │ │ │ ├── sqlite3_opt_vacuum_full.go │ │ │ ├── sqlite3_opt_vacuum_incr.go │ │ │ ├── sqlite3_opt_foreign_keys.go │ │ │ ├── sqlite3_other.go │ │ │ ├── sqlite3_opt_app_armor.go │ │ │ ├── sqlite3_opt_secure_delete_fast.go │ │ │ ├── sqlite3_windows.go │ │ │ ├── sqlite3_opt_allow_uri_authority.go │ │ │ ├── sqlite3_opt_preupdate.go │ │ │ ├── sqlite3_opt_column_metadata.go │ │ │ ├── sqlite3_opt_serialize_omit.go │ │ │ ├── sqlite3_opt_icu.go │ │ │ └── sqlite3_load_extension_omit.go │ ├── jmhodges │ │ └── clock │ │ │ └── .travis.yml │ ├── zmap │ │ ├── zcrypto │ │ │ ├── encoding │ │ │ │ └── asn1 │ │ │ │ │ └── README.md │ │ │ ├── cryptobyte │ │ │ │ └── NOTICE.md │ │ │ └── x509 │ │ │ │ ├── README.md │ │ │ │ ├── extended_key_usage_schema.sh │ │ │ │ └── generated_certvalidationlevel_string.go │ │ └── zlint │ │ │ └── v3 │ │ │ ├── util │ │ │ └── eku.go │ │ │ ├── lints │ │ │ └── apple │ │ │ │ └── time.go │ │ │ ├── .goreleaser.yml │ │ │ └── newProfile.sh │ ├── getsentry │ │ └── sentry-go │ │ │ ├── .gitignore │ │ │ ├── internal │ │ │ ├── ratelimit │ │ │ │ ├── doc.go │ │ │ │ └── deadline.go │ │ │ └── crypto │ │ │ │ └── randutil │ │ │ │ └── randutil.go │ │ │ ├── .gitattributes │ │ │ └── .craft.yml │ ├── go-sql-driver │ │ └── mysql │ │ │ ├── .gitignore │ │ │ └── conncheck_dummy.go │ ├── go-logr │ │ └── logr │ │ │ ├── CHANGELOG.md │ │ │ ├── .golangci.yaml │ │ │ └── CONTRIBUTING.md │ ├── jmoiron │ │ └── sqlx │ │ │ ├── types │ │ │ └── README.md │ │ │ ├── .gitignore │ │ │ ├── doc.go │ │ │ ├── .travis.yml │ │ │ └── reflectx │ │ │ └── README.md │ ├── kisielk │ │ └── sqlstruct │ │ │ ├── .travis.yml │ │ │ ├── README.md │ │ │ └── .gitignore │ ├── ziutek │ │ └── mymysql │ │ │ ├── mysql │ │ │ └── field.go │ │ │ ├── godrv │ │ │ └── appengine.go │ │ │ └── native │ │ │ ├── addons.go │ │ │ └── common.go │ ├── cespare │ │ └── xxhash │ │ │ └── v2 │ │ │ ├── testall.sh │ │ │ ├── xxhash_asm.go │ │ │ └── xxhash_safe.go │ └── cloudflare │ │ └── backoff │ │ └── .travis.yml ├── k8s.io │ └── klog │ │ └── v2 │ │ ├── .golangci.yaml │ │ ├── code-of-conduct.md │ │ ├── internal │ │ └── clock │ │ │ └── README.md │ │ ├── .gitignore │ │ ├── OWNERS │ │ ├── klog_file_others.go │ │ ├── RELEASE.md │ │ └── SECURITY_CONTACTS ├── google.golang.org │ └── protobuf │ │ ├── internal │ │ ├── editiondefaults │ │ │ ├── editions_defaults.binpb │ │ │ └── defaults.go │ │ ├── flags │ │ │ ├── proto_legacy_enable.go │ │ │ └── proto_legacy_disable.go │ │ ├── impl │ │ │ ├── codec_map_go112.go │ │ │ ├── codec_unsafe.go │ │ │ └── enum.go │ │ ├── errors │ │ │ └── is_go113.go │ │ └── genid │ │ │ ├── doc.go │ │ │ ├── wrappers.go │ │ │ ├── map_entry.go │ │ │ └── empty_gen.go │ │ ├── encoding │ │ └── prototext │ │ │ └── doc.go │ │ ├── runtime │ │ └── protoiface │ │ │ └── legacy.go │ │ └── proto │ │ ├── proto_reflect.go │ │ └── proto_methods.go ├── filippo.io │ └── edwards25519 │ │ └── field │ │ ├── fe_arm64_noasm.go │ │ ├── fe_amd64_noasm.go │ │ ├── fe_arm64.go │ │ └── fe_amd64.go └── bitbucket.org │ └── liamstask │ └── goose │ ├── cmd │ └── goose │ │ ├── cmd.go │ │ ├── cmd_dbversion.go │ │ └── cmd_up.go │ └── lib │ └── goose │ └── util.go ├── .dockerignore ├── certdb ├── dbconf │ └── testdata │ │ ├── db-config.json │ │ ├── memory_db.json │ │ └── bad-db-config.json ├── testdb │ └── certstore_development.db ├── sqlite │ ├── dbconf.yml │ └── migrations │ │ └── 002_AddMetadataToCertificates.sql ├── sql │ ├── sql_mysql_test.go │ └── sql_pq_test.go ├── pg │ ├── dbconf.yml │ └── migrations │ │ └── 002_AddMetadataToCertificates.sql └── mysql │ ├── dbconf.yml │ └── migrations │ └── 002_AddMetadataToCertificates.sql ├── ocsp ├── testdata │ ├── db-config.json │ ├── response.der │ ├── sqlite_test.db │ ├── response_mix.pem │ ├── server_broken.key │ ├── response_broken.pem │ └── server_broken.crt ├── config │ └── config.go └── universal │ └── universal.go ├── crypto └── doc.go ├── .gitignore ├── transport ├── example │ ├── genca.sh │ ├── ca.json │ ├── config.json │ ├── maclient │ │ ├── client.json │ │ └── client_auth.json │ └── maserver │ │ ├── server.json │ │ └── server_auth.json ├── roots │ ├── system │ │ ├── root_nacl.go │ │ ├── root_nocgo_darwin.go │ │ ├── root_solaris.go │ │ ├── root_linux.go │ │ ├── root_bsd.go │ │ └── nilref_zero_darwin.go │ └── doc.go ├── core │ └── rand.go └── ca │ └── cert_provider.go ├── scan └── crypto │ ├── rsa │ └── testdata │ │ └── pss-vect.txt.bz2 │ ├── sha512 │ └── sha512block_decl.go │ ├── md5 │ ├── md5block_generic.go │ ├── md5block_decl.go │ └── example_test.go │ ├── sha1 │ ├── sha1block_generic.go │ ├── sha1block_decl.go │ └── example_test.go │ └── sha256 │ └── sha256block_decl.go ├── tools.go ├── .golangci.yaml ├── api ├── client │ └── api.go ├── testdata │ ├── ca2-key.pem │ ├── csr.pem │ └── cert.pem └── health │ └── health.go ├── initca └── testdata │ ├── 5min-ed25519-key.pem │ ├── 5min-ecdsa-key.pem │ ├── ca_csr_ed25519.json │ ├── ca_csr_ecdsa.json │ ├── ca_csr_rsa.json │ ├── ed25519.csr │ ├── README.md │ ├── ecdsa256.csr │ └── ecdsa384.csr ├── doc ├── ca-bundle.crt.metadata.sample ├── api │ ├── endpoint_health.txt │ └── endpoint_crl.txt └── README.txt ├── .github ├── dependabot.yml └── workflows │ ├── snapshot.yml │ └── semgrep.yml ├── signer ├── local │ └── testdata │ │ ├── ecdsa256-inter.key │ │ ├── ecdsa256_ca_key.pem │ │ ├── build_inter_pathlen_csrs.sh │ │ ├── inter_pathlen_0.csr │ │ ├── inter_pathlen_1.csr │ │ ├── inter_pathlen_unspecified.csr │ │ ├── ed25519.csr │ │ ├── ecdsa256-inter.csr │ │ ├── ecdsa256.csr │ │ ├── ip.csr │ │ ├── ex.csr │ │ └── ecdsa384.csr └── remote │ └── testdata │ ├── client.json │ ├── README.md │ ├── config.json │ └── server.json ├── config └── testdata │ ├── valid_config_no_default.json │ ├── invalid_config.json │ ├── invalid_usage.json │ ├── invalid_default.json │ ├── invalid_profile.json │ ├── valid_config_auth_no_default.json │ ├── invalid_no_auth_keys.json │ ├── valid_config.json │ ├── invalid_no_remotes.json │ ├── invalid_auth_bad_key.json │ ├── invalid_auth.json │ ├── invalid_remotes.json │ └── valid_config_auth.json ├── ubiquity └── testdata │ └── ca.pem.metadata ├── testdata ├── test.py ├── csr.json ├── good_config.json └── server.csr ├── info └── info.go ├── Dockerfile.alpine └── Dockerfile /bundler/testdata/empty.pem: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /helpers/testdata/empty.pem: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /cli/testdata/test.txt: -------------------------------------------------------------------------------- 1 | This is a test file -------------------------------------------------------------------------------- /cmd/cfssl/cfssl_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | -------------------------------------------------------------------------------- /crl/testdata/serialList: -------------------------------------------------------------------------------- 1 | 1 2 | 2 3 | 3 4 | 4 -------------------------------------------------------------------------------- /cli/bundle/bundle_test.go: -------------------------------------------------------------------------------- 1 | package bundle 2 | -------------------------------------------------------------------------------- /cmd/mkbundle/mkbundle_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | -------------------------------------------------------------------------------- /cli/gencrl/testdata/serialList: -------------------------------------------------------------------------------- 1 | 1 2 | 2 3 | 3 4 | 4 -------------------------------------------------------------------------------- /cli/testdata/bad_csr.json: -------------------------------------------------------------------------------- 1 | this is a bad csr json 2 | -------------------------------------------------------------------------------- /cmd/cfssljson/testdata/test.txt: -------------------------------------------------------------------------------- 1 | This is a test file -------------------------------------------------------------------------------- /multiroot/config/testdata/badconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "data": 3 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/.gitignore: -------------------------------------------------------------------------------- 1 | _obj/ 2 | unix.test 3 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | cfssl_* 2 | *-amd64 3 | *-386 4 | dist/* 5 | .git 6 | -------------------------------------------------------------------------------- /certdb/dbconf/testdata/db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"sqlite3","data_source":"certs.db"} 2 | -------------------------------------------------------------------------------- /certdb/dbconf/testdata/memory_db.json: -------------------------------------------------------------------------------- 1 | {"driver":"sqlite3","data_source":":memory:"} 2 | -------------------------------------------------------------------------------- /multiroot/config/testdata/bad.conf: -------------------------------------------------------------------------------- 1 | [] 2 | 3 | key 4 | another key 5 | key = val 6 | -------------------------------------------------------------------------------- /ocsp/testdata/db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"sqlite3","data_source":"sqlite_test.db"} 2 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/.gitignore: -------------------------------------------------------------------------------- 1 | .db 2 | *.test 3 | *~ 4 | *.swp 5 | .idea 6 | .vscode -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/.gitignore: -------------------------------------------------------------------------------- 1 | /testdata/fixtures/ 2 | /fixtures 3 | -------------------------------------------------------------------------------- /certdb/dbconf/testdata/bad-db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"invalid","data_source":"invalid"} 2 | -------------------------------------------------------------------------------- /multiroot/config/testdata/bad-db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"invalid","data_source":"invalid"} 2 | -------------------------------------------------------------------------------- /multiroot/config/testdata/db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"sqlite3","data_source":"certs.db"} 2 | -------------------------------------------------------------------------------- /crypto/doc.go: -------------------------------------------------------------------------------- 1 | // Package crypto contains implementations of crypto.Signer. 2 | package crypto 3 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/.dockerignore: -------------------------------------------------------------------------------- 1 | cmd/tomll/tomll 2 | cmd/tomljson/tomljson 3 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/client_golang/prometheus/.gitignore: -------------------------------------------------------------------------------- 1 | command-line-arguments.test 2 | -------------------------------------------------------------------------------- /helpers/testdata/emptycert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | -----END CERTIFICATE-----LSKFSKLF 3 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @google/certificate-transparency 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | dist/* 2 | coverage.txt 3 | profile.out 4 | bin 5 | *.deb 6 | *.rpm 7 | test 8 | .DS_Store 9 | -------------------------------------------------------------------------------- /helpers/testdata/cert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/helpers/testdata/cert.der -------------------------------------------------------------------------------- /ocsp/testdata/response.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/ocsp/testdata/response.der -------------------------------------------------------------------------------- /transport/example/genca.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cfssl gencert -initca ca.json | cfssljson -bare ca 4 | 5 | -------------------------------------------------------------------------------- /cli/testdata/db-config.json: -------------------------------------------------------------------------------- 1 | {"driver":"sqlite3","data_source":"../../certdb/testdb/certstore_development.db"} 2 | -------------------------------------------------------------------------------- /ocsp/testdata/sqlite_test.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/ocsp/testdata/sqlite_test.db -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint: -------------------------------------------------------------------------------- 1 | b0c49ae9f59d233526f8934262c5bbbe14d4358d 2 | -------------------------------------------------------------------------------- /helpers/testdata/empty_pkcs7.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/helpers/testdata/empty_pkcs7.der -------------------------------------------------------------------------------- /multiroot/config/testdata/test2.conf: -------------------------------------------------------------------------------- 1 | key1 = some value 2 | key2 = some other value 3 | key3 = unintuitive value 4 | -------------------------------------------------------------------------------- /ocsp/testdata/response_mix.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/ocsp/testdata/response_mix.pem -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/.codecov.yml: -------------------------------------------------------------------------------- 1 | coverage: 2 | status: 3 | project: off 4 | patch: off 5 | -------------------------------------------------------------------------------- /helpers/testdata/multiplecerts.p12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/helpers/testdata/multiplecerts.p12 -------------------------------------------------------------------------------- /helpers/testdata/passwordpkcs12.p12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/helpers/testdata/passwordpkcs12.p12 -------------------------------------------------------------------------------- /multiroot/config/testdata/server.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/multiroot/config/testdata/server.der -------------------------------------------------------------------------------- /vendor/github.com/jmhodges/clock/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | go: 4 | - 1.3 5 | - 1.4 6 | - 1.5 7 | 8 | sudo: false -------------------------------------------------------------------------------- /vendor/github.com/zmap/zcrypto/encoding/asn1/README.md: -------------------------------------------------------------------------------- 1 | Forked from standard "encoding/asn1" to allow more permissive decoding -------------------------------------------------------------------------------- /certdb/testdb/certstore_development.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/certdb/testdb/certstore_development.db -------------------------------------------------------------------------------- /helpers/testdata/emptypasswordpkcs12.p12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/helpers/testdata/emptypasswordpkcs12.p12 -------------------------------------------------------------------------------- /scan/crypto/rsa/testdata/pss-vect.txt.bz2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/scan/crypto/rsa/testdata/pss-vect.txt.bz2 -------------------------------------------------------------------------------- /helpers/testdata/empty_pkcs7.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PKCS7----- 2 | MCcGCSqGSIb3DQEHAqAaMBgCAQExADALBgkqhkiG9w0BBwGgAKEAMQA= 3 | -----END PKCS7----- 4 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zcrypto/cryptobyte/NOTICE.md: -------------------------------------------------------------------------------- 1 | Forked from golang.org/x/crypto/cryptobyte in order to support 2 | permissive asn1 parsing. -------------------------------------------------------------------------------- /tools.go: -------------------------------------------------------------------------------- 1 | //go:build tools 2 | // +build tools 3 | 4 | package tools 5 | 6 | import ( 7 | _ "bitbucket.org/liamstask/goose/cmd/goose" 8 | ) 9 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_no_kdl_private_key.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | -------------------------------------------------------------------------------- /.golangci.yaml: -------------------------------------------------------------------------------- 1 | linters: 2 | disable: 3 | - staticcheck 4 | - govet 5 | - gosimple 6 | - ineffassign 7 | - unused 8 | - errcheck 9 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/.gitignore: -------------------------------------------------------------------------------- 1 | coverage.txt 2 | 3 | # Just my personal way of tracking stuff — Kamil 4 | FIXME.md 5 | TODO.md 6 | !NOTES.md -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/MAINTAINERS.md: -------------------------------------------------------------------------------- 1 | * Johannes 'fish' Ziemke @discordianfish 2 | * Paul Gier @pgier 3 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/.golangci.yaml: -------------------------------------------------------------------------------- 1 | linters: 2 | disable-all: true 3 | enable: # sorted alphabetical 4 | - gofmt 5 | - misspell 6 | - revive 7 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/.gitignore: -------------------------------------------------------------------------------- 1 | test_program/test_program_bin 2 | fuzz/ 3 | cmd/tomll/tomll 4 | cmd/tomljson/tomljson 5 | cmd/tomltestgen/tomltestgen 6 | -------------------------------------------------------------------------------- /api/client/api.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | // SignResult is the result of signing a CSR. 4 | type SignResult struct { 5 | Certificate []byte `json:"certificate"` 6 | } 7 | -------------------------------------------------------------------------------- /helpers/testdata/private_ed25519_key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MC4CAQAwBQYDK2VwBCIEIEHfDC6M85b3uVU5GO82Y5D6Qkx5YehoCe2T1auTbTFN 3 | -----END PRIVATE KEY----- 4 | -------------------------------------------------------------------------------- /vendor/github.com/go-sql-driver/mysql/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | .DS_Store? 3 | ._* 4 | .Spotlight-V100 5 | .Trashes 6 | Icon? 7 | ehthumbs.db 8 | Thumbs.db 9 | .idea 10 | -------------------------------------------------------------------------------- /initca/testdata/5min-ed25519-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN Ed25519 PRIVATE KEY----- 2 | MC4CAQAwBQYDK2VwBCIEIO23h+PSszCu1BdPNn2HnmPexKh9p3HA3QxTOZ3cXQqx 3 | -----END Ed25519 PRIVATE KEY----- 4 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/conn_go115.go: -------------------------------------------------------------------------------- 1 | //go:build go1.15 2 | // +build go1.15 3 | 4 | package pq 5 | 6 | import "database/sql/driver" 7 | 8 | var _ driver.Validator = &conn{} 9 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/oid/doc.go: -------------------------------------------------------------------------------- 1 | // Package oid contains OID constants 2 | // as defined by the Postgres server. 3 | package oid 4 | 5 | // Oid is a Postgres Object ID. 6 | type Oid uint32 7 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/internal/ratelimit/doc.go: -------------------------------------------------------------------------------- 1 | // Package ratelimit provides tools to work with rate limits imposed by Sentry's 2 | // data ingestion pipeline. 3 | package ratelimit 4 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/code-of-conduct.md: -------------------------------------------------------------------------------- 1 | # Kubernetes Community Code of Conduct 2 | 3 | Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md) 4 | -------------------------------------------------------------------------------- /vendor/github.com/go-logr/logr/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # CHANGELOG 2 | 3 | ## v1.0.0-rc1 4 | 5 | This is the first logged release. Major changes (including breaking changes) 6 | have occurred since earlier tags. 7 | -------------------------------------------------------------------------------- /doc/ca-bundle.crt.metadata.sample: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name":"Mozilla", 4 | "weight": 100, 5 | "hash_algo": "SHA2", 6 | "key_algo": "ECDSA256", 7 | "keystore": "misc/trusted_roots/nss.pem" 8 | } 9 | ] 10 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Prometheus Community Code of Conduct 2 | 3 | Prometheus follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). 4 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/cfssl/master/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_ksm.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | 5 | [ backup ] 6 | private = ksm://test-signer 7 | certificate = testdata/server.crt 8 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/client_golang/prometheus/README.md: -------------------------------------------------------------------------------- 1 | See [![Go Reference](https://pkg.go.dev/badge/github.com/prometheus/client_golang/prometheus.svg)](https://pkg.go.dev/github.com/prometheus/client_golang/prometheus). 2 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/client_model/NOTICE: -------------------------------------------------------------------------------- 1 | Data model artifacts for Prometheus. 2 | Copyright 2012-2015 The Prometheus Authors 3 | 4 | This product includes software developed at 5 | SoundCloud Ltd. (http://soundcloud.com/). 6 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/root-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "default": { 4 | "ca_constraint": { 5 | "is_ca": true 6 | }, 7 | "usages": ["cert sign"], 8 | "expiry": "43830h" 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_missing_private.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | 5 | [ backup ] 6 | private = file://testdata/server.key 7 | certificate = testdata/enoent 8 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/common/NOTICE: -------------------------------------------------------------------------------- 1 | Common libraries shared by Prometheus Go components. 2 | Copyright 2015 The Prometheus Authors 3 | 4 | This product includes software developed at 5 | SoundCloud Ltd. (http://soundcloud.com/). 6 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/SECURITY.md: -------------------------------------------------------------------------------- 1 | # Reporting a security issue 2 | 3 | The Prometheus security policy, including how to report vulnerabilities, can be 4 | found here: 5 | 6 | 7 | -------------------------------------------------------------------------------- /vendor/github.com/jmoiron/sqlx/types/README.md: -------------------------------------------------------------------------------- 1 | # types 2 | 3 | The types package provides some useful types which implement the `sql.Scanner` 4 | and `driver.Valuer` interfaces, suitable for use as scan and value targets with 5 | database/sql. 6 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/.gitignore: -------------------------------------------------------------------------------- 1 | *.db 2 | *.exe 3 | *.dll 4 | *.o 5 | 6 | # VSCode 7 | .vscode 8 | 9 | # Exclude from upgrade 10 | upgrade/*.c 11 | upgrade/*.h 12 | 13 | # Exclude upgrade binary 14 | upgrade/upgrade 15 | -------------------------------------------------------------------------------- /vendor/github.com/kisielk/sqlstruct/.travis.yml: -------------------------------------------------------------------------------- 1 | arch: 2 | - amd64 3 | - ppc64le 4 | language: go 5 | 6 | go: 7 | - 1.2 8 | - tip 9 | jobs: 10 | exclude: 11 | - go: 1.2 12 | arch: ppc64le 13 | - go: 1.2 14 | arch: amd64 15 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/int-csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "request":{ 3 | "names":[ 4 | { 5 | "C":"US", 6 | "ST":"California", 7 | "L":"San Francisco", 8 | "O":"example.com" 9 | } 10 | ], 11 | "CN":"Intermediate CA" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /vendor/github.com/kisielk/sqlstruct/README.md: -------------------------------------------------------------------------------- 1 | sqlstruct 2 | ========= 3 | 4 | sqlstruct provides some convenience functions for using structs with go's database/sql package 5 | 6 | Documentation can be found at http://godoc.org/github.com/kisielk/sqlstruct 7 | -------------------------------------------------------------------------------- /helpers/testdata/private_ecdsa_key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MGgCAQEEHCGXsrNo2xfy8+zd4Pzj8rcQ5KqQO43au1t/7nugBwYFK4EEACGhPAM6 3 | AASJodCTtj5aYXnWxMiYhwjEgNQJJbNzJFEbsGJX9pCWZC673ammTWFHMjnMPkS/ 4 | 9eU5YeW40BHqfw== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /api/testdata/ca2-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEILOI+Ox7VUA+HaiOuAbBtf1IOXffEsOoI/443rTOPzD5oAoGCCqGSM49 3 | AwEHoUQDQgAEoY1dLpXLl1bN5p8GFqOKrYu8C7QF0OLCMlfoiJInE6XI+PKlxXx+ 4 | KlwasHd9zxV1HA4YtHifkrAL9u0CvrbdOg== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /helpers/testdata/secp256k1-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHQCAQEEIJLKycmoCAk4HqlJGdsuFyHsxfIheKsLH91tS/TNP5OOoAcGBSuBBAAK 3 | oUQDQgAEBkmL7cvC2cgchzfSuUZPGnzH0FqBtf3kGhSllQiIzGDn4envPXNqp+93 4 | V2NZ8VT+Aba4ln2Vbp9gYrKquut5Zg== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: github-actions 4 | directory: / 5 | schedule: 6 | interval: weekly 7 | 8 | - package-ecosystem: gomod 9 | directory: / 10 | schedule: 11 | interval: weekly 12 | 13 | -------------------------------------------------------------------------------- /initca/testdata/5min-ecdsa-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIA8OzPeVZT0cXTAPdcXYefLRIqyUXa0f0SgYMJ2J1AVcoAoGCCqGSM49 3 | AwEHoUQDQgAEoCV+bVOLTJMy38j50sc3vE5k41GMRgriFJt0g0OVX8yaOZ93CZTI 4 | 7LzfGbMU+KqWTgOwGhrPvpusep3fjw+dAQ== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_missing_private_key_entry.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | certificate = testdata/server.crt 8 | config = testdata/config.json 9 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | **Issue:** add link to pelletier/go-toml issue here 2 | 3 | Explanation of what this pull request does. 4 | 5 | More detailed description of the decisions being made and the reasons why (if the patch is non-trivial). 6 | -------------------------------------------------------------------------------- /bundler/testdata/cfssl-leaf-ecdsa256.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIC2qaVydr67HuwWMrPQ3ljCVSsnbV7HbN78KqEX6a0GuoAoGCCqGSM49 3 | AwEHoUQDQgAEjEb98b3L+COUBe8Hvtt4REtsGig33wUYUDFVQDkiCXKW+CZ83FSY 4 | jyYzZTD23M4ub285ECtpJIzj/qJKkImt4A== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /signer/local/testdata/ecdsa256-inter.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEILbwI4u4bw+HtafMqFnrL7LOrqNEZH5rW5ygSrigfrVLoAoGCCqGSM49 3 | AwEHoUQDQgAEuA4qVbAgAh5RF17K8MyGB+frE+nWCfyhR4uayeIGbsj6PzgixXNS 4 | yjz8ymMxn2cHyVBRqeG/cqapzKMc2P6IVw== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /signer/local/testdata/ecdsa256_ca_key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIC2qaVydr67HuwWMrPQ3ljCVSsnbV7HbN78KqEX6a0GuoAoGCCqGSM49 3 | AwEHoUQDQgAEjEb98b3L+COUBe8Hvtt4REtsGig33wUYUDFVQDkiCXKW+CZ83FSY 4 | jyYzZTD23M4ub285ECtpJIzj/qJKkImt4A== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/leaf-client-csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "label":"client", 3 | "request":{ 4 | "names":[ 5 | { 6 | "C":"US", 7 | "ST":"California", 8 | "L":"San Francisco", 9 | "O":"Client Cert" 10 | } 11 | ], 12 | "CN":"Client Cert" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/leaf-server-csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "label":"server", 3 | "request":{ 4 | "names":[ 5 | { 6 | "C":"US", 7 | "ST":"California", 8 | "L":"San Francisco", 9 | "O":"Server Cert" 10 | } 11 | ], 12 | "CN":"Server Cert" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /config/testdata/valid_config_no_default.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_badspec2.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = ://nothing 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/.golangci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | linters: 3 | enable: 4 | - godot 5 | - misspell 6 | - revive 7 | 8 | linter-settings: 9 | godot: 10 | capital: true 11 | exclude: 12 | # Ignore "See: URL" 13 | - 'See:' 14 | misspell: 15 | locale: US 16 | -------------------------------------------------------------------------------- /vendor/github.com/prometheus/procfs/NOTICE: -------------------------------------------------------------------------------- 1 | procfs provides functions to retrieve system, kernel and process 2 | metrics from the pseudo-filesystem proc. 3 | 4 | Copyright 2014-2015 The Prometheus Authors 5 | 6 | This product includes software developed at 7 | SoundCloud Ltd. (http://soundcloud.com/). 8 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_other_arm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !linux && arm 6 | 7 | package cpu 8 | 9 | func archInit() {} 10 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_zos.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package cpu 6 | 7 | func archInit() { 8 | doinit() 9 | Initialized = true 10 | } 11 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | 11 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_badspec.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/nosuch.key 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_badspec3.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = http://testdata/nosuch.key 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_der.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.der 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | 11 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/internal/clock/README.md: -------------------------------------------------------------------------------- 1 | # Clock 2 | 3 | This package provides an interface for time-based operations. It allows 4 | mocking time for testing. 5 | 6 | This is a copy of k8s.io/utils/clock. We have to copy it to avoid a circular 7 | dependency (k8s.io/klog -> k8s.io/utils -> k8s.io/klog). 8 | -------------------------------------------------------------------------------- /ubiquity/testdata/ca.pem.metadata: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name":"Browser Everywhere", 4 | "weight": 0, 5 | "hash_algo": "SHA2", 6 | "key_algo": "ECDSA256" 7 | }, 8 | { 9 | "name":"Pineapple", 10 | "weight": 1, 11 | "hash_algo": "SHA2", 12 | "key_algo": "ECDSA521", 13 | "keystore": "pineapple.pem" 14 | } 15 | ] 16 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/.gitattributes: -------------------------------------------------------------------------------- 1 | # Tell Git to use LF for line endings on all platforms. 2 | # Required to have correct test data on Windows. 3 | # https://github.com/mvdan/github-actions-golang#caveats 4 | # https://github.com/actions/checkout/issues/135#issuecomment-613361104 5 | * text eol=lf 6 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/user_other.go: -------------------------------------------------------------------------------- 1 | // Package pq is a pure Go Postgres driver for the database/sql package. 2 | 3 | //go:build js || android || hurd || zos 4 | // +build js android hurd zos 5 | 6 | package pq 7 | 8 | func userCurrent() (string, error) { 9 | return "", ErrCouldNotDetectUsername 10 | } 11 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_bad_certificate.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | certificate = testdata/server.key 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_bad_private_key.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.crt 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_badconfig.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/badconfig.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | certificate = testdata/server.crt 9 | config = testdata/config.json 10 | 11 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_missing_certificate.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | certificate = testdata/enoent 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_missing_certificate_entry.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | 6 | [ backup ] 7 | private = file://testdata/server.key 8 | something_else = nothing 9 | config = testdata/config.json 10 | -------------------------------------------------------------------------------- /transport/roots/system/root_nacl.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package system 6 | 7 | // Possible certificate files; stop after finding one. 8 | var certFiles = []string{} 9 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_other_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !linux && !netbsd && !openbsd && arm64 6 | 7 | package cpu 8 | 9 | func doinit() {} 10 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/.gitignore: -------------------------------------------------------------------------------- 1 | # OSX leaves these everywhere on SMB shares 2 | ._* 3 | 4 | # OSX trash 5 | .DS_Store 6 | 7 | # Eclipse files 8 | .classpath 9 | .project 10 | .settings/** 11 | 12 | # Files generated by JetBrains IDEs, e.g. IntelliJ IDEA 13 | .idea/ 14 | *.iml 15 | 16 | # Vscode files 17 | .vscode 18 | -------------------------------------------------------------------------------- /vendor/github.com/ziutek/mymysql/mysql/field.go: -------------------------------------------------------------------------------- 1 | package mysql 2 | 3 | type Field struct { 4 | Catalog string 5 | Db string 6 | Table string 7 | OrgTable string 8 | Name string 9 | OrgName string 10 | DispLen uint32 11 | // Charset uint16 12 | Flags uint16 13 | Type byte 14 | Scale byte 15 | } 16 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/root-csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "key": { 3 | "algo": "ecdsa", 4 | "size": 256 5 | }, 6 | "names": [ 7 | { 8 | "C": "US", 9 | "L": "San Francisco", 10 | "O": "Root CA", 11 | "ST": "California" 12 | } 13 | ] 14 | } 15 | -------------------------------------------------------------------------------- /bundler/testdata/inter-L2.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MIGkAgEBBDAVVKPnV+KoCmQRq1zGg6n5PjjBFZdVPcKi9fNe78ZqMAMfLSfycPcS 3 | e6HJVt8ylCegBwYFK4EEACKhZANiAAQhWSM0kbB/cXRdYkfvJBJW3G6gGJ2Lkk2x 4 | DsWHERBxkSXdv7/WIXrRMFjZiLorAm4DqcgTvc8hcbJ82FOHDgPwKJltpyRD+5+D 5 | PYPK/HJYUM/MuvtNd4z/TBKn+KajFZ4= 6 | -----END EC PRIVATE KEY----- 7 | -------------------------------------------------------------------------------- /certdb/sqlite/dbconf.yml: -------------------------------------------------------------------------------- 1 | development: 2 | driver: sqlite3 3 | open: ./certstore_development.db 4 | 5 | test: 6 | driver: sqlite3 7 | open: ./certstore_test.db 8 | 9 | staging: 10 | driver: sqlite3 11 | open: ./certstore_staging.db 12 | 13 | production: 14 | driver: sqlite3 15 | open: ./certstore_production.db 16 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/README.md: -------------------------------------------------------------------------------- 1 | # Important Notice 2 | 3 | This is a fork of the `crypto/x509` Go package. The original source can be found on 4 | [GitHub](https://github.com/golang/go). 5 | 6 | Be careful about making local modifications to this code as it will 7 | make maintenance harder in future. 8 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_riscv64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build riscv64 6 | 7 | package cpu 8 | 9 | const cacheLineSize = 64 10 | 11 | func initOptions() {} 12 | -------------------------------------------------------------------------------- /cli/serve/README.md: -------------------------------------------------------------------------------- 1 | ## Compiling and serving static files using esc 2 | 3 | ``` 4 | go install github.com/mjibson/esc 5 | 6 | # Compile changes to static files 7 | esc -pkg serve -prefix cli/serve/static cli/serve/static > cli/serve/static.go 8 | 9 | # Build and run CFSSL 10 | go build ./cmd/cfssl/... 11 | ./cfssl serve 12 | ``` 13 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/asn1/README.md: -------------------------------------------------------------------------------- 1 | # Important Notice 2 | 3 | This is a fork of the `encoding/asn1` Go package. The original source can be found on 4 | [GitHub](https://github.com/golang/go). 5 | 6 | Be careful about making local modifications to this code as it will 7 | make maintenance harder in future. 8 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_loong64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build loong64 6 | 7 | package cpu 8 | 9 | const cacheLineSize = 64 10 | 11 | func initOptions() { 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_mipsx.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build mips || mipsle 6 | 7 | package cpu 8 | 9 | const cacheLineSize = 32 10 | 11 | func initOptions() {} 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !linux && riscv64 6 | 7 | package cpu 8 | 9 | func archInit() { 10 | Initialized = true 11 | } 12 | -------------------------------------------------------------------------------- /bundler/testdata/cfssl-leaf-ecdsa384.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MIGkAgEBBDAEwBewBsRvgqvyy/aJ0NsoTqkbwFeu3bL6rLxLGcxCfKzlOYz5te8j 3 | BR4cPZbv5WOgBwYFK4EEACKhZANiAATWIrww4dyIpJG/t/zqHIrcuCUF5sSz9p42 4 | U4WDbUeMuwcYsadOSi6KvILWs8nHA5JbnruDlhZ6ZpI8qj0PtDCH/wSSqAOEOIjY 5 | gjf2XxevdC0f6WT6zEWblkhlW9vPdC8= 6 | -----END EC PRIVATE KEY----- 7 | -------------------------------------------------------------------------------- /cli/version/version_test.go: -------------------------------------------------------------------------------- 1 | package version 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/cloudflare/cfssl/cli" 7 | ) 8 | 9 | func TestVersionMain(t *testing.T) { 10 | args := []string{"cfssl", "version"} 11 | err := versionMain(args, cli.Config{}) 12 | if err != nil { 13 | t.Fatal("version main failed") 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /doc/api/endpoint_health.txt: -------------------------------------------------------------------------------- 1 | THE HEALTH ENDPOINT 2 | 3 | Endpoint: /api/v1/cfssl/health 4 | Method: GET 5 | 6 | Result: 7 | 8 | The returned result is a JSON object with a single key: 9 | 10 | * healthy: a bool indicating if the API server is healthy 11 | 12 | Example: 13 | 14 | $ curl ${CFSSL_HOST}/api/v1/cfssl/health 15 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_db.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | dbconfig = testdata/db-config.json 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | -------------------------------------------------------------------------------- /transport/example/ca.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "dropsonde.net" 4 | ], 5 | "key": { 6 | "algo": "rsa", 7 | "size": 4096 8 | }, 9 | "names": [ 10 | { 11 | "C": "US", 12 | "L": "San Francisco", 13 | "OU": "Dropsonde Certificate Authority", 14 | "ST": "California" 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | reviewers: 3 | - harshanarayana 4 | - mengjiao-liu 5 | - pohly 6 | approvers: 7 | - dims 8 | - pohly 9 | - thockin 10 | emeritus_approvers: 11 | - brancz 12 | - justinsb 13 | - lavalamp 14 | - piosz 15 | - serathius 16 | - tallclair 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | 7 | package cpu 8 | 9 | func getisar0() uint64 10 | func getisar1() uint64 11 | func getpfr0() uint64 12 | -------------------------------------------------------------------------------- /initca/testdata/ca_csr_ed25519.json: -------------------------------------------------------------------------------- 1 | { 2 | "key": { 3 | "algo": "ed25519" 4 | }, 5 | "names": [ 6 | { 7 | "C": "US", 8 | "L": "San Francisco", 9 | "ST": "California", 10 | "O": "CloudFlare, Inc.", 11 | "OU": "Test Certificate Authority" 12 | } 13 | ], 14 | "ca": { 15 | "expiry": "5m" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_bad_db.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | dbconfig = testdata/bad-db-config.json 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | -------------------------------------------------------------------------------- /scan/crypto/sha512/sha512block_decl.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 6 | // +build amd64 7 | 8 | package sha512 9 | 10 | //go:noescape 11 | 12 | func block(dig *digest, p []byte) 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !linux && (mips64 || mips64le) 6 | 7 | package cpu 8 | 9 | func archInit() { 10 | Initialized = true 11 | } 12 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/encoding/prototext/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package prototext marshals and unmarshals protocol buffer messages as the 6 | // textproto format. 7 | package prototext 8 | -------------------------------------------------------------------------------- /helpers/testsuite/testdata/cert_csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "ca.example2.com" 4 | ], 5 | "names": [ 6 | { 7 | "C": "US", 8 | "ST": "California", 9 | "L": "San Francisco", 10 | "O": "Internet Widgets, LLC", 11 | "OU": "Certificate Authority" 12 | } 13 | ], 14 | "key": { 15 | "algo": "rsa", 16 | "size": 2048 17 | } 18 | } -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/flags/proto_legacy_enable.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build protolegacy 6 | // +build protolegacy 7 | 8 | package flags 9 | 10 | const protoLegacy = true 11 | -------------------------------------------------------------------------------- /config/testdata/invalid_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /scan/crypto/md5/md5block_generic.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !amd64 && !amd64p32 && !386 && !arm 6 | // +build !amd64,!amd64p32,!386,!arm 7 | 8 | package md5 9 | 10 | var block = blockGeneric 11 | -------------------------------------------------------------------------------- /scan/crypto/sha1/sha1block_generic.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !amd64 && !amd64p32 && !386 && !arm 6 | // +build !amd64,!amd64p32,!386,!arm 7 | 8 | package sha1 9 | 10 | var block = blockGeneric 11 | -------------------------------------------------------------------------------- /scan/crypto/sha256/sha256block_decl.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build 386 || amd64 6 | // +build 386 amd64 7 | 8 | package sha256 9 | 10 | //go:noescape 11 | 12 | func block(dig *digest, p []byte) 13 | -------------------------------------------------------------------------------- /vendor/github.com/ziutek/mymysql/godrv/appengine.go: -------------------------------------------------------------------------------- 1 | // +build appengine 2 | 3 | package godrv 4 | 5 | import ( 6 | "net" 7 | "time" 8 | 9 | "appengine/cloudsql" 10 | ) 11 | 12 | func init() { 13 | SetDialer(func(proto, laddr, raddr, user, dbname string, timeout time.Duration) (net.Conn, error) { 14 | return cloudsql.Dial(raddr) 15 | }) 16 | } 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (!amd64 && !ppc64le && !s390x) || !gc || purego 6 | 7 | package poly1305 8 | 9 | type mac struct{ macGeneric } 10 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/flags/proto_legacy_disable.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !protolegacy 6 | // +build !protolegacy 7 | 8 | package flags 9 | 10 | const protoLegacy = false 11 | -------------------------------------------------------------------------------- /initca/testdata/ca_csr_ecdsa.json: -------------------------------------------------------------------------------- 1 | { 2 | "key": { 3 | "algo": "ecdsa", 4 | "size": 256 5 | }, 6 | "names": [ 7 | { 8 | "C": "US", 9 | "L": "San Francisco", 10 | "ST": "California", 11 | "O": "CloudFlare, Inc.", 12 | "OU": "Test Certificate Authority" 13 | } 14 | ], 15 | "ca": { 16 | "expiry": "5m" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /initca/testdata/ca_csr_rsa.json: -------------------------------------------------------------------------------- 1 | { 2 | "key": { 3 | "algo": "rsa", 4 | "size": 2048 5 | }, 6 | "names": [ 7 | { 8 | "C": "US", 9 | "L": "San Francisco", 10 | "ST": "California", 11 | "O": "CloudFlare, Inc.", 12 | "OU": "Test Certificate Authority" 13 | } 14 | ], 15 | "ca": { 16 | "expiry": "5m" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_bad_whitelist.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | nets = 10.0.2.1/24,172.16.3.1/24,127.0.0.1 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | 12 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/ssl_windows.go: -------------------------------------------------------------------------------- 1 | //go:build windows 2 | // +build windows 3 | 4 | package pq 5 | 6 | // sslKeyPermissions checks the permissions on user-supplied ssl key files. 7 | // The key file should have very little access. 8 | // 9 | // libpq does not check key file permissions on Windows. 10 | func sslKeyPermissions(string) error { return nil } 11 | -------------------------------------------------------------------------------- /vendor/github.com/ziutek/mymysql/native/addons.go: -------------------------------------------------------------------------------- 1 | package native 2 | 3 | func NbinToNstr(nbin *[]byte) *string { 4 | if nbin == nil { 5 | return nil 6 | } 7 | str := string(*nbin) 8 | return &str 9 | } 10 | 11 | func NstrToNbin(nstr *string) *[]byte { 12 | if nstr == nil { 13 | return nil 14 | } 15 | bin := []byte(*nstr) 16 | return &bin 17 | } 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x 6 | 7 | package cpu 8 | 9 | func doinit() {} 10 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/klog_file_others.go: -------------------------------------------------------------------------------- 1 | //go:build !windows 2 | // +build !windows 3 | 4 | package klog 5 | 6 | import ( 7 | "os/user" 8 | ) 9 | 10 | func getUserName() string { 11 | userNameOnce.Do(func() { 12 | current, err := user.Current() 13 | if err == nil { 14 | userName = current.Username 15 | } 16 | }) 17 | 18 | return userName 19 | } 20 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_bad_whitelist2.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | nets = 10.0.2.1/24,172.16.3.1/24,257.0.0.1/24 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | 12 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_whitelist.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | nets = 10.0.2.1/24,172.16.3.1/24, 192.168.3.15/32 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | 12 | -------------------------------------------------------------------------------- /vendor/github.com/cespare/xxhash/v2/testall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -eu -o pipefail 3 | 4 | # Small convenience script for running the tests with various combinations of 5 | # arch/tags. This assumes we're running on amd64 and have qemu available. 6 | 7 | go test ./... 8 | go test -tags purego ./... 9 | GOARCH=arm64 go test 10 | GOARCH=arm64 go test -tags purego 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/ptrace_ios.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build ios 6 | 7 | package unix 8 | 9 | func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { 10 | return ENOTSUP 11 | } 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/empty.s: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !go1.12 6 | 7 | // This file is here to allow bodyless functions with go:linkname for Go 1.11 8 | // and earlier (see https://golang.org/issue/23311). 9 | -------------------------------------------------------------------------------- /multiroot/config/testdata/roots_whitelist_ipv6.conf: -------------------------------------------------------------------------------- 1 | [ primary ] 2 | private = file://testdata/server.key 3 | certificate = testdata/server.crt 4 | config = testdata/config.json 5 | nets = ::1/128, fd4d:9855:101d:e68b::/64, 10.0.4.1/24 6 | 7 | [ backup ] 8 | private = file://testdata/server.key 9 | certificate = testdata/server.crt 10 | config = testdata/config.json 11 | 12 | -------------------------------------------------------------------------------- /certdb/sql/sql_mysql_test.go: -------------------------------------------------------------------------------- 1 | //go:build mysql 2 | // +build mysql 3 | 4 | package sql 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/cloudflare/cfssl/certdb/testdb" 10 | ) 11 | 12 | func TestMySQL(t *testing.T) { 13 | db := testdb.MySQLDB() 14 | ta := TestAccessor{ 15 | Accessor: NewAccessor(db), 16 | DB: db, 17 | } 18 | testEverything(ta, t) 19 | } 20 | -------------------------------------------------------------------------------- /scan/crypto/md5/md5block_decl.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 || amd64p32 || 386 || arm 6 | // +build amd64 amd64p32 386 arm 7 | 8 | package md5 9 | 10 | //go:noescape 11 | 12 | func block(dig *digest, p []byte) 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !aix && !linux && (ppc64 || ppc64le) 6 | 7 | package cpu 8 | 9 | func archInit() { 10 | PPC64.IsPOWER8 = true 11 | Initialized = true 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/aliases.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build windows && go1.9 6 | 7 | package windows 8 | 9 | import "syscall" 10 | 11 | type Errno = syscall.Errno 12 | type SysProcAttr = syscall.SysProcAttr 13 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/int-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "server": { 5 | "usages": ["server auth"], 6 | "expiry": "43830h" 7 | }, 8 | "client": { 9 | "usages": ["client auth"], 10 | "expiry": "43830h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["server auth"], 15 | "expiry": "43830h" 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /doc/README.txt: -------------------------------------------------------------------------------- 1 | CFSSL DOCUMENTATION GUIDE 2 | 3 | api/ API documentation 4 | authentication.txt A high-level overview of the CFSSL authentication 5 | system. 6 | cmd/ Documentation for the programs included in CFSSL, 7 | including configuration and operations. 8 | errorcode.txt Description of the error codes returned by CFSSL. 9 | 10 | -------------------------------------------------------------------------------- /scan/crypto/sha1/sha1block_decl.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 || amd64p32 || arm || 386 6 | // +build amd64 amd64p32 arm 386 7 | 8 | package sha1 9 | 10 | //go:noescape 11 | 12 | func block(dig *digest, p []byte) 13 | -------------------------------------------------------------------------------- /testdata/test.py: -------------------------------------------------------------------------------- 1 | import sys 2 | from m2ext import SSL 3 | from M2Crypto import X509 4 | 5 | print "Validating certificate %s using CApath %s" % (sys.argv[1], sys.argv[2]) 6 | cert = X509.load_cert(sys.argv[1]) 7 | ctx = SSL.Context() 8 | ctx.load_verify_locations(capath=sys.argv[2]) 9 | if ctx.validate_certificate(cert): 10 | print "valid" 11 | else: 12 | print "invalid" 13 | -------------------------------------------------------------------------------- /config/testdata/invalid_usage.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["BAD_USAGE"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/idna/pre_go118.go: -------------------------------------------------------------------------------- 1 | // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. 2 | 3 | // Copyright 2021 The Go Authors. All rights reserved. 4 | // Use of this source code is governed by a BSD-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build !go1.18 8 | 9 | package idna 10 | 11 | const transitionalLookup = true 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gccgo 6 | 7 | package cpu 8 | 9 | func getisar0() uint64 { return 0 } 10 | func getisar1() uint64 { return 0 } 11 | func getpfr0() uint64 { return 0 } 12 | -------------------------------------------------------------------------------- /certdb/sql/sql_pq_test.go: -------------------------------------------------------------------------------- 1 | //go:build postgresql 2 | // +build postgresql 3 | 4 | package sql 5 | 6 | import ( 7 | "testing" 8 | 9 | "github.com/cloudflare/cfssl/certdb/testdb" 10 | ) 11 | 12 | func TestPostgreSQL(t *testing.T) { 13 | db := testdb.PostgreSQLDB() 14 | ta := TestAccessor{ 15 | Accessor: NewAccessor(db), 16 | DB: db, 17 | } 18 | testEverything(ta, t) 19 | } 20 | -------------------------------------------------------------------------------- /config/testdata/invalid_default.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "invalid_expiry" 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /config/testdata/invalid_profile.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "invalid_expiry" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 && linux && gc 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | //go:noescape 12 | func gettimeofday(tv *Timeval) (err syscall.Errno) 13 | -------------------------------------------------------------------------------- /config/testdata/valid_config_auth_no_default.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "auth_key": "garbage", 6 | "remote": "localhost" 7 | } 8 | } 9 | }, 10 | "auth_keys": { 11 | "garbage": { 12 | "type":"standard", 13 | "key":"0123456789ABCDEF0123456789ABCDEF" 14 | } 15 | }, 16 | "remotes": { 17 | "localhost": "127.0.0.1:8888" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_aix.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package x509 6 | 7 | // Possible certificate files; stop after finding one. 8 | var certFiles = []string{ 9 | "/var/ssl/certs/ca-bundle.crt", 10 | } 11 | -------------------------------------------------------------------------------- /vendor/github.com/kisielk/sqlstruct/.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Object files, Static and Dynamic libs (Shared Objects) 2 | *.o 3 | *.a 4 | *.so 5 | 6 | # Folders 7 | _obj 8 | _test 9 | 10 | # Architecture specific extensions/prefixes 11 | *.[568vq] 12 | [568vq].out 13 | 14 | *.cgo1.go 15 | *.cgo2.c 16 | _cgo_defun.c 17 | _cgo_gotypes.go 18 | _cgo_export.* 19 | 20 | _testmain.go 21 | 22 | *.exe 23 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/fuzz.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | set -eu 3 | 4 | go get github.com/dvyukov/go-fuzz/go-fuzz 5 | go get github.com/dvyukov/go-fuzz/go-fuzz-build 6 | 7 | if [ ! -e toml-fuzz.zip ]; then 8 | go-fuzz-build github.com/pelletier/go-toml 9 | fi 10 | 11 | rm -fr fuzz 12 | mkdir -p fuzz/corpus 13 | cp *.toml fuzz/corpus 14 | 15 | go-fuzz -bin=toml-fuzz.zip -workdir=fuzz 16 | -------------------------------------------------------------------------------- /certdb/pg/dbconf.yml: -------------------------------------------------------------------------------- 1 | development: 2 | driver: postgres 3 | open: dbname=certdb_development sslmode=disable user=postgres 4 | 5 | test: 6 | driver: postgres 7 | open: dbname=certdb_test sslmode=disable 8 | 9 | staging: 10 | driver: postgres 11 | open: dbname=certdb_staging sslmode=disable 12 | 13 | production: 14 | driver: postgres 15 | open: dbname=certdb_production sslmode=disable 16 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zcrypto/x509/README.md: -------------------------------------------------------------------------------- 1 | Originally based on the go/crypto/x509 standard library, 2 | this package has now diverged enough that it is no longer 3 | updated with direct correspondence to new go releases. 4 | 5 | Approximately supports all the features of 6 | github.com/golang/go/crypto/x509 package at: 7 | branch: release-branch.go1.10 8 | revision: dea961ebd9f871b39b3bdaab32f952037f28cd71 9 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/endian_big.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | // 5 | //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64 6 | 7 | package unix 8 | 9 | const isBigEndian = true 10 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/ptrace_darwin.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build darwin && !ios 6 | 7 | package unix 8 | 9 | func ptrace(request int, pid int, addr uintptr, data uintptr) error { 10 | return ptrace1(request, pid, addr, data) 11 | } 12 | -------------------------------------------------------------------------------- /ocsp/config/config.go: -------------------------------------------------------------------------------- 1 | // Package config in the ocsp directory provides configuration data for an OCSP 2 | // signer. 3 | package config 4 | 5 | import "time" 6 | 7 | // Config contains configuration information required to set up an OCSP signer. 8 | type Config struct { 9 | CACertFile string 10 | ResponderCertFile string 11 | KeyFile string 12 | Interval time.Duration 13 | } 14 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_nocgo_darwin.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !cgo 6 | // +build !cgo 7 | 8 | package x509 9 | 10 | func loadSystemRoots() (*CertPool, error) { 11 | return execSecurityRoots() 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_solaris.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build solaris 7 | // +build solaris 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -D__EXTENSIONS__=1 13 | #cgo LDFLAGS: -lc 14 | */ 15 | import "C" 16 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.12-alpine3.9 as builder 2 | WORKDIR /go/src/github.com/pelletier/go-toml 3 | COPY . . 4 | ENV CGO_ENABLED=0 5 | ENV GOOS=linux 6 | RUN go install ./... 7 | 8 | FROM scratch 9 | COPY --from=builder /go/bin/tomll /usr/bin/tomll 10 | COPY --from=builder /go/bin/tomljson /usr/bin/tomljson 11 | COPY --from=builder /go/bin/jsontoml /usr/bin/jsontoml 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2021 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !arm64 || !gc || purego 6 | 7 | package field 8 | 9 | func (v *Element) carryPropagate() *Element { 10 | return v.carryPropagateGeneric() 11 | } 12 | -------------------------------------------------------------------------------- /vendor/github.com/cespare/xxhash/v2/xxhash_asm.go: -------------------------------------------------------------------------------- 1 | //go:build (amd64 || arm64) && !appengine && gc && !purego 2 | // +build amd64 arm64 3 | // +build !appengine 4 | // +build gc 5 | // +build !purego 6 | 7 | package xxhash 8 | 9 | // Sum64 computes the 64-bit xxHash digest of b. 10 | // 11 | //go:noescape 12 | func Sum64(b []byte) uint64 13 | 14 | //go:noescape 15 | func writeBlocks(d *Digest, b []byte) int 16 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zlint/v3/util/eku.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import "github.com/zmap/zcrypto/x509" 4 | 5 | // HasEKU tests whether an Extended Key Usage (EKU) is present in a certificate. 6 | func HasEKU(cert *x509.Certificate, eku x509.ExtKeyUsage) bool { 7 | for _, currentEku := range cert.ExtKeyUsage { 8 | if currentEku == eku { 9 | return true 10 | } 11 | } 12 | 13 | return false 14 | } 15 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/constants.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos 6 | 7 | package unix 8 | 9 | const ( 10 | R_OK = 0x4 11 | W_OK = 0x2 12 | X_OK = 0x1 13 | ) 14 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/impl/codec_map_go112.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build go1.12 6 | // +build go1.12 7 | 8 | package impl 9 | 10 | import "reflect" 11 | 12 | func mapRange(v reflect.Value) *reflect.MapIter { return v.MapRange() } 13 | -------------------------------------------------------------------------------- /bundler/testdata/cfssl-leaf-ecdsa521.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MIHcAgEBBEIBnn+dzn3tVUMj9s3nRs8I7waob9iLi/QhsIj5leFRj44hbWGwfymm 3 | OHLJR1jIG8VzyYaNssSPo7ioMpgOpX+R14+gBwYFK4EEACOhgYkDgYYABAEp3Uqq 4 | oJpe6UV7y9YR3a8SgMpoRotSKNqeA9JKi+3LyE6p5w3WsENvych1DQc4Tq7nvH4g 5 | jRPqO7521eXsbmrAYwEK3F1RdexFJJ53DaKuUnYOqiI5pcHKjTDqkr2CABh3cE11 6 | Hg2vPHf43vpMp82ojKFzNtSJBSnnV7ab9+g+ziveqA== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /cmd/cfssljson/cfssljson_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | func TestReadFile(t *testing.T) { 8 | _, err := readFile("-") 9 | if err != nil { 10 | t.Fatal(err) 11 | } 12 | 13 | file, err := readFile("./testdata/test.txt") 14 | if err != nil { 15 | t.Fatal(err) 16 | } 17 | if string(file) != "This is a test file" { 18 | t.Fatal("File not read correctly") 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/tomltree_writepub.go: -------------------------------------------------------------------------------- 1 | package toml 2 | 3 | // ValueStringRepresentation transforms an interface{} value into its toml string representation. 4 | func ValueStringRepresentation(v interface{}, commented string, indent string, ord MarshalOrder, arraysOneElementPerLine bool) (string, error) { 5 | return tomlValueStringRepresentation(v, commented, indent, ord, arraysOneElementPerLine) 6 | } 7 | -------------------------------------------------------------------------------- /signer/local/testdata/build_inter_pathlen_csrs.sh: -------------------------------------------------------------------------------- 1 | echo '{ "CN": "Pathlen 0 Issuer", "ca": { "pathlen": 0, "pathlenzero": true } }' | cfssl genkey -initca - | cfssljson -bare inter_pathlen_0 2 | echo '{ "CN": "Pathlen 1 Issuer", "ca": { "pathlen": 1 } }' | cfssl genkey -initca - | cfssljson -bare inter_pathlen_1 3 | echo '{ "CN": "Pathlen Unspecified", "ca": {} }' | cfssl genkey -initca - | cfssljson -bare inter_pathlen_unspecified 4 | -------------------------------------------------------------------------------- /signer/remote/testdata/client.json: -------------------------------------------------------------------------------- 1 | { 2 | "CN": "cfssl-client", 3 | "hosts": [ "" ], 4 | "key": { 5 | "algo": "rsa", 6 | "size": 2048 7 | }, 8 | "names": [ 9 | { 10 | "C": "US", 11 | "L": "San Francisco", 12 | "O": "CloudFlare", 13 | "OU": "Systems Engineering", 14 | "ST": "California" 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/jmoiron/sqlx/.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Object files, Static and Dynamic libs (Shared Objects) 2 | *.o 3 | *.a 4 | *.so 5 | 6 | # Folders 7 | _obj 8 | _test 9 | .idea 10 | 11 | # Architecture specific extensions/prefixes 12 | *.[568vq] 13 | [568vq].out 14 | 15 | *.cgo1.go 16 | *.cgo2.c 17 | _cgo_defun.c 18 | _cgo_gotypes.go 19 | _cgo_export.* 20 | 21 | _testmain.go 22 | 23 | *.exe 24 | tags 25 | environ 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_linux.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !386 && !amd64 && !amd64p32 && !arm64 6 | 7 | package cpu 8 | 9 | func archInit() { 10 | if err := readHWCAP(); err != nil { 11 | return 12 | } 13 | doinit() 14 | Initialized = true 15 | } 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_mips64x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build mips64 || mips64le 6 | 7 | package cpu 8 | 9 | const cacheLineSize = 32 10 | 11 | func initOptions() { 12 | options = []option{ 13 | {Name: "msa", Feature: &MIPS64X.HasMSA}, 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build go1.10 6 | 7 | package bidirule 8 | 9 | func (t *Transformer) isFinal() bool { 10 | return t.state == ruleLTRFinal || t.state == ruleRTLFinal || t.state == ruleInitial 11 | } 12 | -------------------------------------------------------------------------------- /helpers/testdata/openssl_secp384.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDCn5safCQ6/JAUEbf1/BvOBvP9XHfcsEvQooEd0g0v4akMNmH53nXKQ 6 | qvsZBUP14X6gBwYFK4EEACKhZANiAAR1q1+sGy8Pmgdco9LEB10gJkIO0lBid8aK 7 | 0xmtEL7U1RTQnNyraswwI0hxHwzwSHHKojD8Msdy5uOngxKnGrUBTuMubezfGbWz 8 | ULOFvrTemUIlNmSsWMcrzEBEnZxvOqY= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /transport/roots/system/root_nocgo_darwin.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !cgo 6 | // +build !cgo 7 | 8 | package system 9 | 10 | import "crypto/x509" 11 | 12 | func initSystemRoots() []*x509.Certificate { 13 | roots, _ := execSecurityRoots() 14 | return roots 15 | } 16 | -------------------------------------------------------------------------------- /vendor/filippo.io/edwards25519/field/fe_arm64_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2021 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !arm64 || !gc || purego 6 | // +build !arm64 !gc purego 7 | 8 | package field 9 | 10 | func (v *Element) carryPropagate() *Element { 11 | return v.carryPropagateGeneric() 12 | } 13 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/errors/is_go113.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build go1.13 6 | // +build go1.13 7 | 8 | package errors 9 | 10 | import "errors" 11 | 12 | // Is is errors.Is. 13 | func Is(err, target error) bool { return errors.Is(err, target) } 14 | -------------------------------------------------------------------------------- /multiroot/config/testdata/test.conf: -------------------------------------------------------------------------------- 1 | [ sectionName ] 2 | key1=some value 3 | key2 = some other value 4 | # we want to explain the importance and great forethought 5 | # in this next value. 6 | key3 = unintuitive value 7 | key4 = " space at beginning and end " 8 | key5 = ' is quoted with single quotes ' 9 | 10 | [ anotherSection ] 11 | key1 = a value 12 | key2 = yet another value 13 | key1 = overwrites previous value of a value 14 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_fts5.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build sqlite_fts5 || fts5 7 | // +build sqlite_fts5 fts5 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -DSQLITE_ENABLE_FTS5 13 | #cgo LDFLAGS: -lm 14 | */ 15 | import "C" 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/mmap_nomremap.go: -------------------------------------------------------------------------------- 1 | // Copyright 2023 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || openbsd || solaris 6 | 7 | package unix 8 | 9 | var mapper = &mmapper{ 10 | active: make(map[*byte][]byte), 11 | mmap: mmap, 12 | munmap: munmap, 13 | } 14 | -------------------------------------------------------------------------------- /.github/workflows/snapshot.yml: -------------------------------------------------------------------------------- 1 | name: Image snapshots 2 | 3 | on: 4 | push: 5 | pull_request: 6 | branches: [master] 7 | 8 | jobs: 9 | build: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - uses: actions/checkout@v4 13 | - run: make snapshot 14 | - name: Archive snapshot artifacts 15 | uses: actions/upload-artifact@v4 16 | with: 17 | name: binaries 18 | path: dist/ 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !amd64 || !gc || purego 6 | 7 | package field 8 | 9 | func feMul(v, x, y *Element) { feMulGeneric(v, x, y) } 10 | 11 | func feSquare(v, x *Element) { feSquareGeneric(v, x) } 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/endian_little.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | // 5 | //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh 6 | 7 | package unix 8 | 9 | const isBigEndian = false 10 | -------------------------------------------------------------------------------- /ocsp/universal/universal.go: -------------------------------------------------------------------------------- 1 | package universal 2 | 3 | import ( 4 | "github.com/cloudflare/cfssl/ocsp" 5 | ocspConfig "github.com/cloudflare/cfssl/ocsp/config" 6 | ) 7 | 8 | // NewSignerFromConfig generates a new OCSP signer from a config object. 9 | func NewSignerFromConfig(cfg ocspConfig.Config) (ocsp.Signer, error) { 10 | return ocsp.NewSignerFromFile(cfg.CACertFile, cfg.ResponderCertFile, 11 | cfg.KeyFile, cfg.Interval) 12 | } 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/README: -------------------------------------------------------------------------------- 1 | This package is kept in sync with crypto/ed25519/internal/edwards25519/field in 2 | the standard library. 3 | 4 | If there are any changes in the standard library that need to be synced to this 5 | package, run sync.sh. It will not overwrite any local changes made since the 6 | previous sync, so it's ok to land changes in this package first, and then sync 7 | to the standard library later. 8 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/mksyscall.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build generate 6 | 7 | package windows 8 | 9 | //go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go setupapi_windows.go 10 | -------------------------------------------------------------------------------- /certdb/mysql/dbconf.yml: -------------------------------------------------------------------------------- 1 | development: 2 | driver: mysql 3 | open: root@tcp(localhost:3306)/certdb_development?parseTime=true 4 | 5 | test: 6 | driver: mysql 7 | open: root@tcp(localhost:3306)/certdb_test?parseTime=true 8 | 9 | staging: 10 | driver: mysql 11 | open: root@tcp(localhost:3306)/certdb_staging?parseTime=true 12 | 13 | production: 14 | driver: mysql 15 | open: root@tcp(localhost:3306)/certdb_production?parseTime=true 16 | -------------------------------------------------------------------------------- /testdata/csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "cloudflare.com", 4 | "www.cloudflare.com" 5 | ], 6 | "key": { 7 | "algo": "rsa", 8 | "size": 2048 9 | }, 10 | "names": [ 11 | { 12 | "C": "US", 13 | "L": "San Francisco", 14 | "O": "CloudFlare", 15 | "OU": "Systems Engineering", 16 | "ST": "California" 17 | } 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_zos.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build zos 6 | // +build zos 7 | 8 | package x509 9 | 10 | // Possible certificate files; stop after finding one. 11 | var certFiles = []string{ 12 | "/etc/cacert.pem", // IBM zOS default 13 | } 14 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/runtime/protoiface/legacy.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package protoiface 6 | 7 | type MessageV1 interface { 8 | Reset() 9 | String() string 10 | ProtoMessage() 11 | } 12 | 13 | type ExtensionRangeV1 struct { 14 | Start, End int32 // both inclusive 15 | } 16 | -------------------------------------------------------------------------------- /cli/gencsr/testdata/csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "cloudflare.com", 4 | "www.cloudflare.com" 5 | ], 6 | "key": { 7 | "algo": "rsa", 8 | "size": 2048 9 | }, 10 | "names": [ 11 | { 12 | "C": "US", 13 | "L": "San Francisco", 14 | "O": "CloudFlare", 15 | "OU": "Systems Engineering", 16 | "ST": "California" 17 | } 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /cli/genkey/testdata/csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "cloudflare.com", 4 | "www.cloudflare.com" 5 | ], 6 | "key": { 7 | "algo": "rsa", 8 | "size": 2048 9 | }, 10 | "names": [ 11 | { 12 | "C": "US", 13 | "L": "San Francisco", 14 | "O": "CloudFlare", 15 | "OU": "Systems Engineering", 16 | "ST": "California" 17 | } 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /helpers/testsuite/testdata/initCA/ca_csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "cn": "example.com", 3 | "hosts": [ 4 | "ca.example.com" 5 | ], 6 | "names": [ 7 | { 8 | "C": "US", 9 | "ST": "California", 10 | "L": "San Francisco", 11 | "O": "Internet Widgets, LLC", 12 | "OU": "Certificate Authority" 13 | } 14 | ], 15 | "key": { 16 | "algo": "rsa", 17 | "size": 2048 18 | }, 19 | "ca": { 20 | "pathlen": 1, 21 | "expiry": "1/1/2015" 22 | } 23 | } -------------------------------------------------------------------------------- /vendor/filippo.io/edwards25519/field/fe_amd64_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !amd64 || !gc || purego 6 | // +build !amd64 !gc purego 7 | 8 | package field 9 | 10 | func feMul(v, x, y *Element) { feMulGeneric(v, x, y) } 11 | 12 | func feSquare(v, x *Element) { feSquareGeneric(v, x) } 13 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_os_trace.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2022 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build sqlite_os_trace 7 | // +build sqlite_os_trace 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -DSQLITE_FORCE_OS_TRACE=1 13 | #cgo CFLAGS: -DSQLITE_DEBUG_OS_TRACE=1 14 | */ 15 | import "C" 16 | -------------------------------------------------------------------------------- /testdata/good_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "default": { 4 | "expiry": "168h" 5 | }, 6 | "profiles": { 7 | "www": { 8 | "usages": [ 9 | "signing", 10 | "key encipherment", 11 | "server auth" 12 | ], 13 | "name_whitelist": "^.*\\.cloudflare.com$" 14 | } 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2022 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build sqlite_math_functions 7 | // +build sqlite_math_functions 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -DSQLITE_ENABLE_MATH_FUNCTIONS 13 | #cgo LDFLAGS: -lm 14 | */ 15 | import "C" 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/chacha20/chacha_noasm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (!arm64 && !s390x && !ppc64le) || !gc || purego 6 | 7 | package chacha20 8 | 9 | const bufSize = blockSize 10 | 11 | func (s *Cipher) xorKeyStreamBlocks(dst, src []byte) { 12 | s.xorKeyStreamBlocksGeneric(dst, src) 13 | } 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build arm64 && gc && !purego 6 | 7 | package field 8 | 9 | //go:noescape 10 | func carryPropagate(v *Element) 11 | 12 | func (v *Element) carryPropagate() *Element { 13 | carryPropagate(v) 14 | return v 15 | } 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | #include "textflag.h" 6 | 7 | TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 8 | JMP libc_sysctl(SB) 9 | 10 | GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 11 | DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) 12 | -------------------------------------------------------------------------------- /doc/api/endpoint_crl.txt: -------------------------------------------------------------------------------- 1 | THE CRL ENDPOINT 2 | 3 | Endpoint: /api/v1/cfssl/crl 4 | Method: GET 5 | 6 | Optional URL Query parameters: 7 | 8 | * expiry: a value, in seconds, after which the CRL should expire 9 | from the moment of the request. 10 | 11 | Result: 12 | 13 | The returned result is an empty JSON object 14 | 15 | Example: 16 | 17 | $ curl ${CFSSL_HOST}/api/v1/cfssl/crl 18 | $ curl ${CFSSL_HOST}/api/v1/cfssl/crl?expiry=7200h 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_ppc64x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build ppc64 || ppc64le 6 | 7 | package cpu 8 | 9 | const cacheLineSize = 128 10 | 11 | func initOptions() { 12 | options = []option{ 13 | {Name: "darn", Feature: &PPC64.HasDARN}, 14 | {Name: "scv", Feature: &PPC64.HasSCV}, 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/editiondefaults/defaults.go: -------------------------------------------------------------------------------- 1 | // Copyright 2024 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package editiondefaults contains the binary representation of the editions 6 | // defaults. 7 | package editiondefaults 8 | 9 | import _ "embed" 10 | 11 | //go:embed editions_defaults.binpb 12 | var Defaults []byte 13 | -------------------------------------------------------------------------------- /signer/local/testdata/inter_pathlen_0.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIH4MIGfAgEAMBsxGTAXBgNVBAMTEFBhdGhsZW4gMCBJc3N1ZXIwWTATBgcqhkjO 3 | PQIBBggqhkjOPQMBBwNCAASpwsWOMhWxFRhj5Kejzx9oqsxaTR8sElCDHBALtYEy 4 | 8eBZ7znb9cLWlJ8Kx6Jlw1pY7R7Ys9J9SuJ5jaBIBib1oCIwIAYJKoZIhvcNAQkO 5 | MRMwETAPBgNVHRMECDAGAQH/AgEAMAoGCCqGSM49BAMCA0gAMEUCIQDVsX+lxlvu 6 | JDEDEDnaVtN5NhxDYsomk9DpJwwoCa+A8wIgMboDaCkxGh4z+LejGkP+JvNKPX5E 7 | 0mlgWQaOp/5qfbI= 8 | -----END CERTIFICATE REQUEST----- 9 | -------------------------------------------------------------------------------- /signer/local/testdata/inter_pathlen_1.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIH5MIGfAgEAMBsxGTAXBgNVBAMTEFBhdGhsZW4gMSBJc3N1ZXIwWTATBgcqhkjO 3 | PQIBBggqhkjOPQMBBwNCAARJV1R1nX2e3Ev2NxG9V9R67Gkg1T0VSXargQSUhHQj 4 | ZNyYaoUKkke6lL3sG7H2t8yoC0AJcE5r30OWQoK1rB8goCIwIAYJKoZIhvcNAQkO 5 | MRMwETAPBgNVHRMECDAGAQH/AgEBMAoGCCqGSM49BAMCA0kAMEYCIQCJdPdRGltY 6 | hIvSBob0vcb5JmQEVByxLwKrWAivXDvMfAIhAP8fO0+Xkx0rNB9KnINeZtMGYy3X 7 | tk1GxikrK7klEnvN 8 | -----END CERTIFICATE REQUEST----- 9 | -------------------------------------------------------------------------------- /signer/remote/testdata/README.md: -------------------------------------------------------------------------------- 1 | Instructions to generate client key/certificate 2 | ----------------------------------------------- 3 | 4 | Use CFSSL to generate the client certificate if they expire 5 | 6 | ``` 7 | cfssl gencert -ca=ca.pem -ca-key=ca_key.pem -config=config.json -profile=client client.json | cfssljson -bare client 8 | cfssl gencert -ca=ca.pem -ca-key=ca_key.pem -config=config.json -profile=server server.json | cfssljson -bare server 9 | 10 | ``` 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !go1.10 6 | 7 | package bidirule 8 | 9 | func (t *Transformer) isFinal() bool { 10 | if !t.isRTL() { 11 | return true 12 | } 13 | return t.state == ruleLTRFinal || t.state == ruleRTLFinal || t.state == ruleInitial 14 | } 15 | -------------------------------------------------------------------------------- /cli/scan/scan_test.go: -------------------------------------------------------------------------------- 1 | package scan 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/cloudflare/cfssl/cli" 7 | ) 8 | 9 | var hosts = []string{"www.cloudflare.com", "google.com"} 10 | 11 | func TestScanMain(t *testing.T) { 12 | err := scanMain(hosts, cli.Config{}) 13 | if err != nil { 14 | t.Fatal(err) 15 | } 16 | 17 | err = scanMain(nil, cli.Config{Hostname: "www.cloudflare.com, google.com", List: true}) 18 | if err != nil { 19 | t.Fatal(err) 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/endian_big.go: -------------------------------------------------------------------------------- 1 | // Copyright 2023 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64 6 | 7 | package cpu 8 | 9 | // IsBigEndian records whether the GOARCH's byte order is big endian. 10 | const IsBigEndian = true 11 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/aliases.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | type Signal = syscall.Signal 12 | type Errno = syscall.Errno 13 | type SysProcAttr = syscall.SysProcAttr 14 | -------------------------------------------------------------------------------- /info/info.go: -------------------------------------------------------------------------------- 1 | // Package info contains the definitions for the info endpoint 2 | package info 3 | 4 | // Req is the request struct for an info API request. 5 | type Req struct { 6 | Label string `json:"label"` 7 | Profile string `json:"profile"` 8 | } 9 | 10 | // Resp is the response for an Info API request. 11 | type Resp struct { 12 | Certificate string `json:"certificate"` 13 | Usage []string `json:"usages"` 14 | ExpiryString string `json:"expiry"` 15 | } 16 | -------------------------------------------------------------------------------- /ocsp/testdata/server_broken.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | jmWYVEEjAkEAx3keAo1nFsVW35EPt5LIbh6L6ty7GrvGRvOVeSd6YLtixMety24k 3 | hpt1cEv2xlFnbjbBbMkr9eUiUNpttLT6KwJBANGKaLoSjqEwUFYjX1OV/wdtcGcn 4 | BOzx0qUouFQ2xZ0NBrNVbyt1bzPLx0yKHkwF35ybw+Qc1yRpby/3ZB6+j/MCQFLl 5 | vtcItOL9uBDJVGLSGYHKKBO/D/MYPlqWOHRVN8KjnXRyF4QHjh5y1OeKalAY3Ict 6 | Mk1nfWF/jDdVz2neHGkCQHHBR4Xt1/euDku+14z5aLpphTEQVuRD2vQoeKi/W/CY 7 | OgNmKj1DzucnCS6yRCrF8Q0Pn8l054a3Wdbl1gqI/gA= 8 | -----END RSA PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /signer/local/testdata/inter_pathlen_unspecified.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIH3MIGfAgEAMB4xHDAaBgNVBAMTE1BhdGhsZW4gVW5zcGVjaWZpZWQwWTATBgcq 3 | hkjOPQIBBggqhkjOPQMBBwNCAAS01AiSXS4086rrC0SvnEoKz+tAj5+oAXomw/DQ 4 | PljnAeMdUvYSa0HxIoszeSGyx6prN3VnfuR/1nMRGtXAQGREoB8wHQYJKoZIhvcN 5 | AQkOMRAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIHPU8Jml1HUc 6 | L7v5mp4/njpWoVxPH0XkPYwdgk7nUnOZAiAaS3MpwrXz/l5v550T5nilkomRWeeX 7 | BdXmSA24AN562A== 8 | -----END CERTIFICATE REQUEST----- 9 | -------------------------------------------------------------------------------- /vendor/filippo.io/edwards25519/field/fe_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build arm64 && gc && !purego 6 | // +build arm64,gc,!purego 7 | 8 | package field 9 | 10 | //go:noescape 11 | func carryPropagate(v *Element) 12 | 13 | func (v *Element) carryPropagate() *Element { 14 | carryPropagate(v) 15 | return v 16 | } 17 | -------------------------------------------------------------------------------- /vendor/github.com/ziutek/mymysql/native/common.go: -------------------------------------------------------------------------------- 1 | package native 2 | 3 | import ( 4 | "io" 5 | "runtime" 6 | ) 7 | 8 | var tab8s = " " 9 | 10 | func catchError(err *error) { 11 | if pv := recover(); pv != nil { 12 | switch e := pv.(type) { 13 | case runtime.Error: 14 | panic(pv) 15 | case error: 16 | if e == io.EOF { 17 | *err = io.ErrUnexpectedEOF 18 | } else { 19 | *err = e 20 | } 21 | default: 22 | panic(pv) 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go: -------------------------------------------------------------------------------- 1 | // Copyright 2023 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build go1.21 6 | 7 | package cpu 8 | 9 | import ( 10 | _ "unsafe" // for linkname 11 | ) 12 | 13 | //go:linkname runtime_getAuxv runtime.getAuxv 14 | func runtime_getAuxv() []uintptr 15 | 16 | func init() { 17 | getAuxvFn = runtime_getAuxv 18 | } 19 | -------------------------------------------------------------------------------- /config/testdata/invalid_no_auth_keys.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "remote": "localhost", 6 | "auth_key": "garbage" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_keys": { 19 | }, 20 | "remotes": { 21 | "localhost": "127.0.0.1:8888" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/.craft.yml: -------------------------------------------------------------------------------- 1 | minVersion: '0.9.2' 2 | github: 3 | owner: getsentry 4 | repo: sentry-go 5 | preReleaseCommand: bash scripts/craft-pre-release.sh 6 | changelogPolicy: simple 7 | statusProvider: 8 | name: github 9 | artifactProvider: 10 | name: none 11 | targets: 12 | - name: github 13 | includeNames: /none/ 14 | tagPrefix: v 15 | - name: registry 16 | type: sdk 17 | config: 18 | canonical: "github:getsentry/sentry-go" 19 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/.gitignore: -------------------------------------------------------------------------------- 1 | *.iml 2 | *.swo 3 | *.swp 4 | *.tfstate 5 | *.tfstate.backup 6 | *~ 7 | /.idea 8 | /certcheck 9 | /chainfix 10 | /coverage.txt 11 | /createtree 12 | /crlcheck 13 | /ctclient 14 | /ct_server 15 | /ct_hammer 16 | /data 17 | /dumpscts 18 | /findlog 19 | /goshawk 20 | /gosmin 21 | /gossip_server 22 | /preloader 23 | /scanlog 24 | /sctcheck 25 | /sctscan 26 | /trillian_log_server 27 | /trillian_log_signer 28 | /trillian.json 29 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_stat4.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_stat4 8 | // +build sqlite_stat4 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_ENABLE_STAT4 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/net/idna/go118.go: -------------------------------------------------------------------------------- 1 | // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. 2 | 3 | // Copyright 2021 The Go Authors. All rights reserved. 4 | // Use of this source code is governed by a BSD-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build go1.18 8 | 9 | package idna 10 | 11 | // Transitional processing is disabled by default in Go 1.18. 12 | // https://golang.org/issue/47510 13 | const transitionalLookup = false 14 | -------------------------------------------------------------------------------- /Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM golang:1.20-alpine AS builder 2 | 3 | WORKDIR /workdir 4 | COPY . /workdir 5 | 6 | RUN set -x && \ 7 | apk --no-cache add git gcc libc-dev make 8 | 9 | RUN git clone https://github.com/cloudflare/cfssl_trust.git /etc/cfssl && \ 10 | make clean && \ 11 | make all 12 | 13 | FROM alpine:3.11 14 | COPY --from=builder /etc/cfssl /etc/cfssl 15 | COPY --from=builder /workdir/bin/ /usr/bin 16 | 17 | EXPOSE 8888 18 | 19 | ENTRYPOINT ["cfssl"] 20 | CMD ["--help"] 21 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/pagesize_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris 6 | 7 | // For Unix, get the pagesize from the runtime. 8 | 9 | package unix 10 | 11 | import "syscall" 12 | 13 | func Getpagesize() int { 14 | return syscall.Getpagesize() 15 | } 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/readdirent_getdents.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || dragonfly || freebsd || linux || netbsd || openbsd 6 | 7 | package unix 8 | 9 | // ReadDirent reads directory entries from fd and writes them into buf. 10 | func ReadDirent(fd int, buf []byte) (n int, err error) { 11 | return Getdents(fd, buf) 12 | } 13 | -------------------------------------------------------------------------------- /initca/testdata/ed25519.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBFzCBygIBADBqMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW 3 | MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGDAW 4 | BgNVBAMTD3d3dy5leGFtcGxlLmNvbTAqMAUGAytlcAMhAIvEIdwMxpLmXW+ZKI+u 5 | hb4/H/1qaEOCSbWmWF95m1HzoC0wKwYJKoZIhvcNAQkOMR4wHDAaBgNVHREEEzAR 6 | gg93d3cuZXhhbXBsZS5jb20wBQYDK2VwA0EA/FCjbBOJT6z5wdBLgCJb3WrQGO9E 7 | lOizNutfEk9NlGJliNKkdZO3SZP9Uw/pKHiyxH+vWfUJ3E1DbtTVzmH8DA== 8 | -----END CERTIFICATE REQUEST----- 9 | -------------------------------------------------------------------------------- /signer/remote/testdata/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "default": { 4 | "expiry": "43800h" 5 | }, 6 | "profiles": { 7 | "client": { 8 | "expiry": "43800h", 9 | "usages": [ 10 | "signing", 11 | "key encipherment", 12 | "client auth" 13 | ] 14 | }, 15 | "server": { 16 | "expiry": "43800h", 17 | "usages": [ 18 | "signing", 19 | "key encipherment", 20 | "server auth" 21 | ] 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/runtime_auxv.go: -------------------------------------------------------------------------------- 1 | // Copyright 2023 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package cpu 6 | 7 | // getAuxvFn is non-nil on Go 1.21+ (via runtime_auxv_go121.go init) 8 | // on platforms that use auxv. 9 | var getAuxvFn func() []uintptr 10 | 11 | func getAuxv() []uintptr { 12 | if getAuxvFn == nil { 13 | return nil 14 | } 15 | return getAuxvFn() 16 | } 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/sysvshm_unix_other.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build darwin && !ios 6 | 7 | package unix 8 | 9 | // SysvShmCtl performs control operations on the shared memory segment 10 | // specified by id. 11 | func SysvShmCtl(id, cmd int, desc *SysvShmDesc) (result int, err error) { 12 | return shmctl(id, cmd, desc) 13 | } 14 | -------------------------------------------------------------------------------- /signer/local/testdata/ed25519.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBFzCBygIBADBqMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW 3 | MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGDAW 4 | BgNVBAMTD3d3dy5leGFtcGxlLmNvbTAqMAUGAytlcAMhAIvEIdwMxpLmXW+ZKI+u 5 | hb4/H/1qaEOCSbWmWF95m1HzoC0wKwYJKoZIhvcNAQkOMR4wHDAaBgNVHREEEzAR 6 | gg93d3cuZXhhbXBsZS5jb20wBQYDK2VwA0EA/FCjbBOJT6z5wdBLgCJb3WrQGO9E 7 | lOizNutfEk9NlGJliNKkdZO3SZP9Uw/pKHiyxH+vWfUJ3E1DbtTVzmH8DA== 8 | -----END CERTIFICATE REQUEST----- 9 | -------------------------------------------------------------------------------- /transport/roots/system/root_solaris.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package system 6 | 7 | // Possible certificate files; stop after finding one. 8 | var certFiles = []string{ 9 | "/etc/certs/ca-certificates.crt", // Solaris 11.2+ 10 | "/etc/ssl/certs/ca-certificates.crt", // Joyent SmartOS 11 | "/etc/ssl/cacert.pem", // OmniOS 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_introspect.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_introspect 8 | // +build sqlite_introspect 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_INTROSPECTION_PRAGMAS 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/endian_little.go: -------------------------------------------------------------------------------- 1 | // Copyright 2023 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh || wasm 6 | 7 | package cpu 8 | 9 | // IsBigEndian records whether the GOARCH's byte order is big endian. 10 | const IsBigEndian = false 11 | -------------------------------------------------------------------------------- /config/testdata/valid_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_key": { 19 | "garbage": { 20 | "type":"standard", 21 | "key":"0123456789ABCDEF0123456789ABCDEF" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_secure_delete 8 | // +build sqlite_secure_delete 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_SECURE_DELETE=1 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_full.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_vacuum_full 8 | // +build sqlite_vacuum_full 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_DEFAULT_AUTOVACUUM=1 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_incr.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_vacuum_incr 8 | // +build sqlite_vacuum_incr 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_DEFAULT_AUTOVACUUM=2 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | 7 | #include "textflag.h" 8 | 9 | // 10 | // System calls for ppc64, AIX are implemented in runtime/syscall_aix.go 11 | // 12 | 13 | TEXT ·syscall6(SB),NOSPLIT,$0-88 14 | JMP syscall·syscall6(SB) 15 | 16 | TEXT ·rawSyscall6(SB),NOSPLIT,$0-88 17 | JMP syscall·rawSyscall6(SB) 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/asm_aix_ppc64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | 7 | #include "textflag.h" 8 | 9 | // 10 | // System calls for ppc64, AIX are implemented in runtime/syscall_aix.go 11 | // 12 | 13 | TEXT ·syscall6(SB),NOSPLIT,$0-88 14 | JMP syscall·syscall6(SB) 15 | 16 | TEXT ·rawSyscall6(SB),NOSPLIT,$0-88 17 | JMP syscall·rawSyscall6(SB) 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build arm && gc && linux 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | // Underlying system call writes to newoffset via pointer. 12 | // Implemented in assembly to avoid allocation. 13 | func seek(fd int, offset int64, whence int) (newoffset int64, err syscall.Errno) 14 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/genid/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package genid contains constants for declarations in descriptor.proto 6 | // and the well-known types. 7 | package genid 8 | 9 | import protoreflect "google.golang.org/protobuf/reflect/protoreflect" 10 | 11 | const GoogleProtobuf_package protoreflect.FullName = "google.protobuf" 12 | -------------------------------------------------------------------------------- /signer/remote/testdata/server.json: -------------------------------------------------------------------------------- 1 | { 2 | "CN": "CloudFlare server", 3 | "hosts": [ 4 | "cloudflare.com", 5 | "www.cloudflare.com", 6 | "127.0.0.1" 7 | ], 8 | "key": { 9 | "algo": "rsa", 10 | "size": 2048 11 | }, 12 | "names": [ 13 | { 14 | "C": "US", 15 | "L": "San Francisco", 16 | "O": "CloudFlare", 17 | "OU": "Systems Engineering", 18 | "ST": "California" 19 | } 20 | ] 21 | } 22 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_foreign_keys.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_foreign_keys 8 | // +build sqlite_foreign_keys 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_DEFAULT_FOREIGN_KEYS=1 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_other.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build !windows 7 | // +build !windows 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -I. 13 | #cgo linux LDFLAGS: -ldl 14 | #cgo linux,ppc LDFLAGS: -lpthread 15 | #cgo linux,ppc64 LDFLAGS: -lpthread 16 | #cgo linux,ppc64le LDFLAGS: -lpthread 17 | */ 18 | import "C" 19 | -------------------------------------------------------------------------------- /config/testdata/invalid_no_remotes.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "auth_key": "garbage", 6 | "remote": "localhoster" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_keys": { 19 | "garbage": { 20 | "type":"standard", 21 | "key":"0123456789ABCDEF0123456789ABCDEF" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_app_armor.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build !windows && sqlite_app_armor 8 | // +build !windows,sqlite_app_armor 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_ENABLE_API_ARMOR 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /cli/testdata/bad_oid_csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "cloudflare.com", 4 | "www.cloudflare.com" 5 | ], 6 | "key": { 7 | "algo": "rsa", 8 | "size": 2048 9 | }, 10 | "names": [ 11 | { 12 | "C": "US", 13 | "L": "San Francisco", 14 | "O": "CloudFlare", 15 | "OU": "Systems Engineering", 16 | "ST": "California", 17 | "OID": { 18 | "abc": "abc" 19 | } 20 | } 21 | ] 22 | } -------------------------------------------------------------------------------- /crl/testdata/ca-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0 3 | fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu 4 | /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu 5 | RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/ 6 | EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A 7 | IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS 8 | tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V 9 | -----END RSA PRIVATE KEY----- -------------------------------------------------------------------------------- /vendor/github.com/cespare/xxhash/v2/xxhash_safe.go: -------------------------------------------------------------------------------- 1 | //go:build appengine 2 | // +build appengine 3 | 4 | // This file contains the safe implementations of otherwise unsafe-using code. 5 | 6 | package xxhash 7 | 8 | // Sum64String computes the 64-bit xxHash digest of s. 9 | func Sum64String(s string) uint64 { 10 | return Sum64([]byte(s)) 11 | } 12 | 13 | // WriteString adds more data to d. It always returns len(s), nil. 14 | func (d *Digest) WriteString(s string) (n int, err error) { 15 | return d.Write([]byte(s)) 16 | } 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete_fast.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_secure_delete_fast 8 | // +build sqlite_secure_delete_fast 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_SECURE_DELETE=FAST 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build windows 7 | // +build windows 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -I. 13 | #cgo CFLAGS: -fno-stack-check 14 | #cgo CFLAGS: -fno-stack-protector 15 | #cgo CFLAGS: -mno-stack-arg-probe 16 | #cgo windows,386 CFLAGS: -D_USE_32BIT_TIME_T 17 | */ 18 | import "C" 19 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/build_certs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | rm *.pem *.csr 3 | cfssl genkey -initca root-csr.json | cfssljson -bare root 4 | cfssl gencert -ca root.pem -ca-key root-key.pem -config root-config.json int-csr.json | cfssljson -bare int 5 | cfssl gencert -ca int.pem -ca-key int-key.pem -config int-config.json -profile server leaf-server-csr.json | cfssljson -bare leaf-server 6 | cfssl gencert -ca int.pem -ca-key int-key.pem -config int-config.json -profile client leaf-client-csr.json | cfssljson -bare leaf-client 7 | rm *.csr *-key.pem -------------------------------------------------------------------------------- /ocsp/testdata/response_broken.pem: -------------------------------------------------------------------------------- 1 | MIICGAoBAKCCAhEwggINBgkrBgEFBQcwAQEEggH+OZ4ZSKS2J85Kr9UaI2LAEFKvOM8/hjk8uyp7KnqJ12h8GOhGZAgIBdaADAQH/GA8wMDAxMDEwMTAwMDAwMFqgERgPMDAwMTAxMDEwMDAwMDBaMA0GCSqGSIb3DQEBCwUAA4IBAQCBGs+8UNwUdkEBladnajZIV+sHtmao/mMTIvpyPqnmV2Ab9KfNWlSDSDuMtZYKS4VsEwtbZ+4kKWI8DugE6egjP3o64R7VP2aqrh41IORwccLGVsexILBpxg4h602JbhXM0sxgXoh5WAt9f1oy6PsHAt/XAuJGSo7yMNv3nHKNFwjExmZt21sNLYlWlljjtX92rlo/mBTWKO0js4YRNyeNQhchARbn9oL18jW0yAVqB9a8rees+EippbTfoktFf0cIhnmkiknPZSZ+dN2qHkxiXIujWlymZzUZcqRTNtrmmhlOdt35QSg7Vw8eyw2rl8ZU94zaI5DPWn1QYn0dk7l9 -------------------------------------------------------------------------------- /vendor/github.com/go-logr/logr/.golangci.yaml: -------------------------------------------------------------------------------- 1 | run: 2 | timeout: 1m 3 | tests: true 4 | 5 | linters: 6 | disable-all: true 7 | enable: 8 | - asciicheck 9 | - errcheck 10 | - forcetypeassert 11 | - gocritic 12 | - gofmt 13 | - goimports 14 | - gosimple 15 | - govet 16 | - ineffassign 17 | - misspell 18 | - revive 19 | - staticcheck 20 | - typecheck 21 | - unused 22 | 23 | issues: 24 | exclude-use-default: false 25 | max-issues-per-linter: 0 26 | max-same-issues: 10 27 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_solaris.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package x509 6 | 7 | // Possible certificate files; stop after finding one. 8 | var certFiles = []string{ 9 | "/etc/certs/ca-certificates.crt", // Solaris 11.2+ 10 | "/etc/ssl/certs/ca-certificates.crt", // Joyent SmartOS 11 | "/etc/ssl/cacert.pem", // OmniOS 12 | } 13 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_allow_uri_authority.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // Copyright (C) 2018 G.J.R. Timmer . 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build sqlite_allow_uri_authority 8 | // +build sqlite_allow_uri_authority 9 | 10 | package sqlite3 11 | 12 | /* 13 | #cgo CFLAGS: -DSQLITE_ALLOW_URI_AUTHORITY 14 | #cgo LDFLAGS: -lm 15 | */ 16 | import "C" 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go: -------------------------------------------------------------------------------- 1 | // Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT. 2 | 3 | //go:build amd64 && gc && !purego 4 | 5 | package field 6 | 7 | // feMul sets out = a * b. It works like feMulGeneric. 8 | // 9 | //go:noescape 10 | func feMul(out *Element, a *Element, b *Element) 11 | 12 | // feSquare sets out = a * a. It works like feSquareGeneric. 13 | // 14 | //go:noescape 15 | func feSquare(out *Element, a *Element) 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/asm_solaris_amd64.s: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc 6 | 7 | #include "textflag.h" 8 | 9 | // 10 | // System calls for amd64, Solaris are implemented in runtime/syscall_solaris.go 11 | // 12 | 13 | TEXT ·sysvicall6(SB),NOSPLIT,$0-88 14 | JMP syscall·sysvicall6(SB) 15 | 16 | TEXT ·rawSysvicall6(SB),NOSPLIT,$0-88 17 | JMP syscall·rawSysvicall6(SB) 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc) 6 | 7 | package unix 8 | 9 | func init() { 10 | // On 32-bit Linux systems, the fcntl syscall that matches Go's 11 | // Flock_t type is SYS_FCNTL64, not SYS_FCNTL. 12 | fcntl64Syscall = SYS_FCNTL64 13 | } 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_alarm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && (386 || amd64 || mips || mipsle || mips64 || mipsle || ppc64 || ppc64le || ppc || s390x || sparc64) 6 | 7 | package unix 8 | 9 | // SYS_ALARM is not defined on arm or riscv, but is available for other GOARCH 10 | // values. 11 | 12 | //sys Alarm(seconds uint) (remaining uint, err error) 13 | -------------------------------------------------------------------------------- /transport/example/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "default": { 4 | "expiry": "168h" 5 | }, 6 | "profiles": { 7 | "client": { 8 | "expiry": "1h", 9 | "usages": [ 10 | "signing", 11 | "key encipherment", 12 | "client auth" 13 | ] 14 | }, 15 | "server": { 16 | "expiry": "1h", 17 | "usages": [ 18 | "signing", 19 | "key encipherment", 20 | "server auth" 21 | ] 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /vendor/filippo.io/edwards25519/field/fe_amd64.go: -------------------------------------------------------------------------------- 1 | // Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT. 2 | 3 | //go:build amd64 && gc && !purego 4 | // +build amd64,gc,!purego 5 | 6 | package field 7 | 8 | // feMul sets out = a * b. It works like feMulGeneric. 9 | // 10 | //go:noescape 11 | func feMul(out *Element, a *Element, b *Element) 12 | 13 | // feSquare sets out = a * a. It works like feSquareGeneric. 14 | // 15 | //go:noescape 16 | func feSquare(out *Element, a *Element) 17 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_wasm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build wasm 6 | 7 | package cpu 8 | 9 | // We're compiling the cpu package for an unknown (software-abstracted) CPU. 10 | // Make CacheLinePad an empty struct and hope that the usual struct alignment 11 | // rules are good enough. 12 | 13 | const cacheLineSize = 0 14 | 15 | func initOptions() {} 16 | 17 | func archInit() {} 18 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/chacha20/chacha_arm64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc && !purego 6 | 7 | package chacha20 8 | 9 | const bufSize = 256 10 | 11 | //go:noescape 12 | func xorKeyStreamVX(dst, src []byte, key *[8]uint32, nonce *[3]uint32, counter *uint32) 13 | 14 | func (c *Cipher) xorKeyStreamBlocks(dst, src []byte) { 15 | xorKeyStreamVX(dst, src, &c.key, &c.nonce, &c.counter) 16 | } 17 | -------------------------------------------------------------------------------- /ocsp/testdata/server_broken.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | IFdpZGdpdHMgUHR5IEx0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtpjl 3 | nodhz31kLEJoeLSkRmrv8l7exkGtO0REtIbirj9BBy64ZXVBE7khKGO2cnM8U7yj 4 | w7Ntfh+IvCjZVA3d2XqHS3Pjrt4HmU/cGCONE8+NEXoqdzLUDPOix1qDDRBvXs81 5 | KAV2qh6CYHZbdqixhDerjvJcD4Nsd7kExEZfHuECAwEAATANBgkqhkiG9w0BAQUF 6 | AAOBgQCyOqs7+qpMrYCgL6OamDeCVojLoEp036PsnaYWf2NPmsVXdpYW40Foyyjp 7 | iv5otkxO5rxtGPv7o2J1eMBpCuSkydvoz3Ey/QwGqbBwEXQ4xYCgra336gqW2KQt 8 | +LnDCkE8f5oBhCIisExc2i8PDvsRsY70g/2gs983ImJjVR8sDw== 9 | -----END CERTIFICATE----- 10 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/genid/wrappers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package genid 6 | 7 | import protoreflect "google.golang.org/protobuf/reflect/protoreflect" 8 | 9 | // Generic field name and number for messages in wrappers.proto. 10 | const ( 11 | WrapperValue_Value_field_name protoreflect.Name = "value" 12 | WrapperValue_Value_field_number protoreflect.FieldNumber = 1 13 | ) 14 | -------------------------------------------------------------------------------- /config/testdata/invalid_auth_bad_key.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "remote": "localhost", 6 | "auth_key": "garbage" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_keys": { 19 | "garbage": { 20 | "type":"standard", 21 | "key":"BAD_KEY" 22 | } 23 | }, 24 | "remotes": { 25 | "localhost": "127.0.0.1:8888" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gc && !purego 6 | 7 | package chacha20 8 | 9 | const bufSize = 256 10 | 11 | //go:noescape 12 | func chaCha20_ctr32_vsx(out, inp *byte, len int, key *[8]uint32, counter *uint32) 13 | 14 | func (c *Cipher) xorKeyStreamBlocks(dst, src []byte) { 15 | chaCha20_ctr32_vsx(&dst[0], &src[0], len(src), &c.key, &c.counter) 16 | } 17 | -------------------------------------------------------------------------------- /cli/testdata/csr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hosts": [ 3 | "cloudflare.com", 4 | "www.cloudflare.com" 5 | ], 6 | "key": { 7 | "algo": "rsa", 8 | "size": 2048 9 | }, 10 | "names": [ 11 | { 12 | "C": "US", 13 | "L": "San Francisco", 14 | "O": "CloudFlare", 15 | "OU": "Systems Engineering", 16 | "ST": "California", 17 | "OID": { 18 | "1.2.3.4.5": "abc" 19 | } 20 | } 21 | ], 22 | "delegation_enabled": true 23 | } 24 | -------------------------------------------------------------------------------- /transport/roots/system/root_linux.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package system 6 | 7 | // Possible certificate files; stop after finding one. 8 | var certFiles = []string{ 9 | "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc. 10 | "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 11 | "/etc/ssl/ca-bundle.pem", // OpenSUSE 12 | "/etc/pki/tls/cacert.pem", // OpenELEC 13 | } 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build gccgo && linux && amd64 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | //extern gettimeofday 12 | func realGettimeofday(*Timeval, *byte) int32 13 | 14 | func gettimeofday(tv *Timeval) (err syscall.Errno) { 15 | r := realGettimeofday(tv, nil) 16 | if r < 0 { 17 | return syscall.GetErrno() 18 | } 19 | return 0 20 | } 21 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/RELEASE.md: -------------------------------------------------------------------------------- 1 | # Release Process 2 | 3 | The `klog` is released on an as-needed basis. The process is as follows: 4 | 5 | 1. An issue is proposing a new release with a changelog since the last release 6 | 1. All [OWNERS](OWNERS) must LGTM this release 7 | 1. An OWNER runs `git tag -s $VERSION` and inserts the changelog and pushes the tag with `git push $VERSION` 8 | 1. The release issue is closed 9 | 1. An announcement email is sent to `kubernetes-dev@googlegroups.com` with the subject `[ANNOUNCE] kubernetes-template-project $VERSION is released` 10 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/leaf-client.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBRTCB7KADAgECAhQkohme3ew65nA12dLsCP0HbB10dTAKBggqhkjOPQQDAjAA 3 | MB4XDTI1MDIwODIxNTEwMFoXDTMwMDIwOTAzNTEwMFowADBZMBMGByqGSM49AgEG 4 | CCqGSM49AwEHA0IABFSTiC6rAR2mPgwHOaE0tWA4VfVFzfEOou2NYsTohznuf38Q 5 | yf+EUB8aUtXzpkVyKTA+YMxnb/Dqd/Wwk3FpZlOjRDBCMBMGA1UdJQQMMAoGCCsG 6 | AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAADwiVPrql46XbO5RGejGmw 7 | YjrpMAoGCCqGSM49BAMCA0gAMEUCIF8rB8803j76yJgKnxiu8r7k+/FIzXgukxjE 8 | HOhwtGVrAiEAzaL/hZTHmUPzc4t3K8fL8IDDlNK2PMf34/wx++zQv9E= 9 | -----END CERTIFICATE----- 10 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/leaf-server.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBRDCB7KADAgECAhQodna3/WiA0mgCI09unScTMUF5sDAKBggqhkjOPQQDAjAA 3 | MB4XDTI1MDIwODIxNTEwMFoXDTMwMDIwOTAzNTEwMFowADBZMBMGByqGSM49AgEG 4 | CCqGSM49AwEHA0IABNLlARthGNIzbvAOpbg0VK0kvv0s1H3ouq0TbkVHfNounVBk 5 | NhuyJPY6g0FhYOXYUGAe3c/wGzQ9Y8N7oKgznLWjRDBCMBMGA1UdJQQMMAoGCCsG 6 | AQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFcK5HrSaocNvQd8qPj1PhUT 7 | N3uoMAoGCCqGSM49BAMCA0cAMEQCICety0pRXbTu47qx+ZXY670lXmKnxWvZDD4b 8 | ctUrPi0cAiAgxI6Z8CZsG7DybwMISScDqqIbgBZgr4RUIFOZ4SYP+A== 9 | -----END CERTIFICATE----- 10 | -------------------------------------------------------------------------------- /config/testdata/invalid_auth.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "remote": "localhost", 6 | "auth_key": "garbage" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_keys": { 19 | "garbage": { 20 | "type":"stadardo", 21 | "key":"0123456789ABCDEF0123456789ABCDEF" 22 | } 23 | }, 24 | "remotes": { 25 | "localhost": "127.0.0.1:8888" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /certdb/sqlite/migrations/002_AddMetadataToCertificates.sql: -------------------------------------------------------------------------------- 1 | -- +goose Up 2 | -- SQL in section 'Up' is executed when this migration is applied 3 | 4 | ALTER TABLE certificates ADD COLUMN "issued_at" timestamp; 5 | ALTER TABLE certificates ADD COLUMN "not_before" timestamp; 6 | ALTER TABLE certificates ADD COLUMN "metadata" text; 7 | ALTER TABLE certificates ADD COLUMN "sans" text; 8 | ALTER TABLE certificates ADD COLUMN "common_name" text; 9 | 10 | -- +goose Down 11 | -- SQL section 'Down' is executed when this migration is rolled back 12 | 13 | -- can't drop columns in sqlite 14 | -------------------------------------------------------------------------------- /config/testdata/invalid_remotes.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "auth_key": "garbage", 6 | "remote": "localhoster" 7 | }, 8 | "email": { 9 | "usages": ["s/mime"], 10 | "expiry": "720h" 11 | } 12 | }, 13 | "default": { 14 | "usages": ["digital signature", "email protection"], 15 | "expiry": "8000h" 16 | } 17 | }, 18 | "auth_keys": { 19 | "garbage": { 20 | "type":"standard", 21 | "key":"0123456789ABCDEF0123456789ABCDEF" 22 | } 23 | }, 24 | "remotes": { 25 | "localhost": "127.0.0.1:8888" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zlint/v3/lints/apple/time.go: -------------------------------------------------------------------------------- 1 | package apple 2 | 3 | import "time" 4 | 5 | // In the context of a root policy update on trusted certificate lifetimes[0] 6 | // Apple provided an unambiguous definition for the length of a day: 7 | // 8 | // "398 days is measured with a day being equal to 86,400 seconds. Any time 9 | // greater than this indicates an additional day of validity." 10 | // 11 | // We provide that value as a constant here for lints to use. 12 | // 13 | // [0]: https://support.apple.com/en-us/HT211025 14 | var appleDayLength = 86400 * time.Second 15 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zcrypto/x509/extended_key_usage_schema.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # TODO: This should really be generated by Go code as a subrecord, but 5 | # importing in Python is hard. This is quick and dirty. 6 | 7 | FIELDS=$(\ 8 | cat extended_key_usage.go |\ 9 | grep json |\ 10 | cut -d ':' -f 2 |\ 11 | sed 's|,omitempty||g' |\ 12 | tr -d '`') 13 | echo "extended_key_usage = SubRecord({" 14 | for f in $FIELDS; do 15 | if [ $f == "\"unknown\"" ]; then 16 | echo " $f: ListOf(OID())" 17 | else 18 | echo " $f: Boolean()," 19 | fi 20 | done 21 | echo "})" 22 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_gc_x86.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (386 || amd64 || amd64p32) && gc 6 | 7 | package cpu 8 | 9 | // cpuid is implemented in cpu_x86.s for gc compiler 10 | // and in cpu_gccgo.c for gccgo. 11 | func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) 12 | 13 | // xgetbv with ecx = 0 is implemented in cpu_x86.s for gc compiler 14 | // and in cpu_gccgo.c for gccgo. 15 | func xgetbv() (eax, edx uint32) 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && gc 6 | 7 | package unix 8 | 9 | // SyscallNoError may be used instead of Syscall for syscalls that don't fail. 10 | func SyscallNoError(trap, a1, a2, a3 uintptr) (r1, r2 uintptr) 11 | 12 | // RawSyscallNoError may be used instead of RawSyscall for syscalls that don't 13 | // fail. 14 | func RawSyscallNoError(trap, a1, a2, a3 uintptr) (r1, r2 uintptr) 15 | -------------------------------------------------------------------------------- /cli/gencrl/gencrl_test.go: -------------------------------------------------------------------------------- 1 | package gencrl 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/cloudflare/cfssl/cli" 7 | ) 8 | 9 | func TestGencrl(t *testing.T) { 10 | 11 | var err error 12 | 13 | err = gencrlMain([]string{"testdata/serialList", "testdata/caTwo.pem", "testdata/ca-keyTwo.pem"}, cli.Config{}) 14 | if err != nil { 15 | t.Fatal(err) 16 | } 17 | 18 | } 19 | 20 | func TestGencrlTime(t *testing.T) { 21 | err := gencrlMain([]string{"testdata/serialList", "testdata/caTwo.pem", "testdata/ca-keyTwo.pem", "123"}, cli.Config{}) 22 | if err != nil { 23 | t.Fatal(err) 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/cloudflare/backoff/.travis.yml: -------------------------------------------------------------------------------- 1 | sudo: false 2 | language: go 3 | go: 4 | - 1.6 5 | - 1.7 6 | - tip 7 | 8 | before_script: 9 | - go get github.com/GeertJohan/fgt 10 | - go get github.com/golang/lint/golint 11 | - go get golang.org/x/tools/cmd/goimports 12 | - go get honnef.co/go/staticcheck/cmd/staticcheck 13 | 14 | script: 15 | - find . -name \*.go | xargs fgt goimports -l 16 | - fgt go vet ./... 17 | - fgt golint ./... 18 | - fgt staticcheck ./... 19 | - go test ./... 20 | 21 | notifications: 22 | email: 23 | recipients: 24 | - kyle@cloudflare.com 25 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/race0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build windows && !race 6 | 7 | package windows 8 | 9 | import ( 10 | "unsafe" 11 | ) 12 | 13 | const raceenabled = false 14 | 15 | func raceAcquire(addr unsafe.Pointer) { 16 | } 17 | 18 | func raceReleaseMerge(addr unsafe.Pointer) { 19 | } 20 | 21 | func raceReadRange(addr unsafe.Pointer, len int) { 22 | } 23 | 24 | func raceWriteRange(addr unsafe.Pointer, len int) { 25 | } 26 | -------------------------------------------------------------------------------- /helpers/testdata/noheadercert.pem: -------------------------------------------------------------------------------- 1 | MIIB7jCCAVmgAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD 2 | bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTEyMDkwNzIyMDAwNFoXDTEzMDkwNzIy 3 | MDUwNFowJjEQMA4GA1UEChMHQWNtZSBDbzESMBAGA1UEAxMJMTI3LjAuMC4xMIGd 4 | MAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1C 5 | cqhEvLFbu3MCAwEAAaMyMDAwDgYDVR0PAQH/BAQDAgCgMA0GA1UdDgQGBAQBAgME 6 | MA8GA1UdIwQIMAaABAECAwQwCwYJKoZIhvcNAQEFA4GBABndWRIcfi+QB9Sakr+m 7 | dYnXTgYCnFio53L2Z+6EHTGG+rEhWtUEGhL4p4pzXX4siAnjWvwcgXTo92cafcfi 8 | uB7wRfK+NL9CTJdpN6cdL+fiNHzH8hsl3bj1nL0CSmdn2hkUWVLbLhSgWlib/I8O 9 | aq+K7aVrgHkPnWeRiG6tl+ZA 10 | -------------------------------------------------------------------------------- /transport/example/maclient/client.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "CN": "test client", 4 | "hosts": ["127.0.0.1"] 5 | }, 6 | "profiles": { 7 | "paths": { 8 | "private_key": "client.key", 9 | "certificate": "client.pem" 10 | }, 11 | "cfssl": { 12 | "profile": "client", 13 | "remote": "127.0.0.1:8888" 14 | } 15 | }, 16 | "roots": [ 17 | { 18 | "type": "system" 19 | }, 20 | { 21 | "type": "cfssl", 22 | "metadata": { 23 | "host": "127.0.0.1:8888", 24 | "profile": "server" 25 | } 26 | } 27 | ] 28 | } 29 | -------------------------------------------------------------------------------- /certdb/pg/migrations/002_AddMetadataToCertificates.sql: -------------------------------------------------------------------------------- 1 | -- +goose Up 2 | -- SQL in section 'Up' is executed when this migration is applied 3 | ALTER TABLE certificates 4 | ADD COLUMN issued_at timestamptz, 5 | ADD COLUMN not_before timestamptz, 6 | ADD COLUMN metadata jsonb, 7 | ADD COLUMN sans jsonb, 8 | ADD COLUMN common_name TEXT; 9 | -- +goose Down 10 | -- SQL section 'Down' is executed when this migration is rolled back 11 | ALTER TABLE certificates DROP COLUMN issued_at, 12 | DROP COLUMN not_before, 13 | DROP COLUMN metadata, 14 | DROP COLUMN sans, 15 | DROP COLUMN common_name; -------------------------------------------------------------------------------- /transport/roots/system/root_bsd.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build dragonfly || freebsd || netbsd || openbsd 6 | // +build dragonfly freebsd netbsd openbsd 7 | 8 | package system 9 | 10 | // Possible certificate files; stop after finding one. 11 | var certFiles = []string{ 12 | "/usr/local/share/certs/ca-root-nss.crt", // FreeBSD/DragonFly 13 | "/etc/ssl/cert.pem", // OpenBSD 14 | "/etc/openssl/certs/ca-certificates.crt", // NetBSD 15 | } 16 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_hurd_386.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build 386 && hurd 6 | 7 | package unix 8 | 9 | const ( 10 | TIOCGETA = 0x62251713 11 | ) 12 | 13 | type Winsize struct { 14 | Row uint16 15 | Col uint16 16 | Xpixel uint16 17 | Ypixel uint16 18 | } 19 | 20 | type Termios struct { 21 | Iflag uint32 22 | Oflag uint32 23 | Cflag uint32 24 | Lflag uint32 25 | Cc [20]uint8 26 | Ispeed int32 27 | Ospeed int32 28 | } 29 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && (mips64 || mips64le) 6 | 7 | package cpu 8 | 9 | // HWCAP bits. These are exposed by the Linux kernel 5.4. 10 | const ( 11 | // CPU features 12 | hwcap_MIPS_MSA = 1 << 1 13 | ) 14 | 15 | func doinit() { 16 | // HWCAP feature bits 17 | MIPS64X.HasMSA = isSet(hwCap, hwcap_MIPS_MSA) 18 | } 19 | 20 | func isSet(hwc uint, value uint) bool { 21 | return hwc&value != 0 22 | } 23 | -------------------------------------------------------------------------------- /initca/testdata/README.md: -------------------------------------------------------------------------------- 1 | 1. To generate 5min-rsa.pem and 5min-rsa-key.pem 2 | 3 | ``` 4 | $ cfssl gencert -initca ca_csr_rsa.json | cfssljson -bare 5min-rsa 5 | ``` 6 | 7 | 2. To generate 5min-ecdsa.pem and 5min-ecdsa-key.pem 8 | 9 | ``` 10 | $ cfssl gencert -initca ca_csr_ecdsa.json | cfssljson -bare 5min-ecdsa 11 | ``` 12 | 13 | 2. To generate 5min-ed25519.pem and 5min-ed25519-key.pem 14 | 15 | ``` 16 | $ cfssl gencert -initca ca_csr_ed25519.json | cfssljson -bare 5min-ed25519 17 | ``` 18 | 19 | The above commands will generate 5min-rsa.csr, 5min-ecdsa.csr 5min-ed25519.csr 20 | accordingly, but those files can be ignored. 21 | -------------------------------------------------------------------------------- /vendor/bitbucket.org/liamstask/goose/cmd/goose/cmd.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | ) 6 | 7 | // shamelessly snagged from the go tool 8 | // each command gets its own set of args, 9 | // defines its own entry point, and provides its own help 10 | type Command struct { 11 | Run func(cmd *Command, args ...string) 12 | Flag flag.FlagSet 13 | 14 | Name string 15 | Usage string 16 | 17 | Summary string 18 | Help string 19 | } 20 | 21 | func (c *Command) Exec(args []string) { 22 | c.Flag.Usage = func() { 23 | // helpFunc(c, c.Name) 24 | } 25 | c.Flag.Parse(args) 26 | c.Run(c, c.Flag.Args()...) 27 | } 28 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/internal/crypto/randutil/randutil.go: -------------------------------------------------------------------------------- 1 | package randutil 2 | 3 | import ( 4 | "crypto/rand" 5 | "encoding/binary" 6 | ) 7 | 8 | const ( 9 | floatMax = 1 << 53 10 | floatMask = floatMax - 1 11 | ) 12 | 13 | // Float64 returns a cryptographically secure random number in [0.0, 1.0). 14 | func Float64() float64 { 15 | // The implementation is, in essence: 16 | // return float64(rand.Int63n(1<<53)) / (1<<53) 17 | b := make([]byte, 8) 18 | _, err := rand.Read(b) 19 | if err != nil { 20 | panic(err) 21 | } 22 | return float64(binary.LittleEndian.Uint64(b)&floatMask) / floatMax 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/ptr_uint_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !go1.11 6 | // +build !go1.11 7 | 8 | package x509 9 | 10 | import "unsafe" 11 | 12 | // For Go versions before 1.11, the ExtraPolicyPara field in 13 | // syscall.CertChainPolicyPara was of type uintptr. See: 14 | // https://github.com/golang/go/commit/4869ec00e87ef 15 | 16 | func convertToPolicyParaType(p unsafe.Pointer) uintptr { 17 | return uintptr(p) 18 | } 19 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_js.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build js && wasm 6 | // +build js,wasm 7 | 8 | package x509 9 | 10 | // Possible certificate files; stop after finding one. 11 | var certFiles = []string{} 12 | 13 | func loadSystemRoots() (*CertPool, error) { 14 | return NewCertPool(), nil 15 | } 16 | 17 | func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { 18 | return nil, nil 19 | } 20 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_wasip1.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build wasip1 6 | // +build wasip1 7 | 8 | package x509 9 | 10 | // Possible certificate files; stop after finding one. 11 | var certFiles = []string{} 12 | 13 | func loadSystemRoots() (*CertPool, error) { 14 | return NewCertPool(), nil 15 | } 16 | 17 | func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { 18 | return nil, nil 19 | } 20 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/str.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build windows 6 | 7 | package windows 8 | 9 | func itoa(val int) string { // do it here rather than with fmt to avoid dependency 10 | if val < 0 { 11 | return "-" + itoa(-val) 12 | } 13 | var buf [32]byte // big enough for int64 14 | i := len(buf) - 1 15 | for val >= 10 { 16 | buf[i] = byte(val%10 + '0') 17 | i-- 18 | val /= 10 19 | } 20 | buf[i] = byte(val + '0') 21 | return string(buf[i:]) 22 | } 23 | -------------------------------------------------------------------------------- /config/testdata/valid_config_auth.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "profiles": { 4 | "CA": { 5 | "usages": ["cert sign"], 6 | "expiry": "720h", 7 | "auth_key": "garbage", 8 | "remote": "localhost" 9 | }, 10 | "email": { 11 | "usages": ["s/mime"], 12 | "expiry": "720h" 13 | } 14 | }, 15 | "default": { 16 | "usages": ["digital signature", "email protection"], 17 | "expiry": "8000h" 18 | } 19 | }, 20 | "auth_keys": { 21 | "garbage": { 22 | "type":"standard", 23 | "key":"0123456789ABCDEF0123456789ABCDEF" 24 | } 25 | }, 26 | "remotes": { 27 | "localhost": "127.0.0.1:8888" 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/jmoiron/sqlx/doc.go: -------------------------------------------------------------------------------- 1 | // Package sqlx provides general purpose extensions to database/sql. 2 | // 3 | // It is intended to seamlessly wrap database/sql and provide convenience 4 | // methods which are useful in the development of database driven applications. 5 | // None of the underlying database/sql methods are changed. Instead all extended 6 | // behavior is implemented through new methods defined on wrapper types. 7 | // 8 | // Additions include scanning into structs, named query support, rebinding 9 | // queries for different drivers, convenient shorthands for common error handling 10 | // and more. 11 | // 12 | package sqlx 13 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/sysvshm_linux.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux 6 | 7 | package unix 8 | 9 | import "runtime" 10 | 11 | // SysvShmCtl performs control operations on the shared memory segment 12 | // specified by id. 13 | func SysvShmCtl(id, cmd int, desc *SysvShmDesc) (result int, err error) { 14 | if runtime.GOARCH == "arm" || 15 | runtime.GOARCH == "mips64" || runtime.GOARCH == "mips64le" { 16 | cmd |= ipc_64 17 | } 18 | 19 | return shmctl(id, cmd, desc) 20 | } 21 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/proto/proto_reflect.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // The protoreflect build tag disables use of fast-path methods. 6 | //go:build protoreflect 7 | // +build protoreflect 8 | 9 | package proto 10 | 11 | import ( 12 | "google.golang.org/protobuf/reflect/protoreflect" 13 | "google.golang.org/protobuf/runtime/protoiface" 14 | ) 15 | 16 | const hasProtoMethods = false 17 | 18 | func protoMethods(m protoreflect.Message) *protoiface.Methods { 19 | return nil 20 | } 21 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/fuzz.go: -------------------------------------------------------------------------------- 1 | // +build gofuzz 2 | 3 | package toml 4 | 5 | func Fuzz(data []byte) int { 6 | tree, err := LoadBytes(data) 7 | if err != nil { 8 | if tree != nil { 9 | panic("tree must be nil if there is an error") 10 | } 11 | return 0 12 | } 13 | 14 | str, err := tree.ToTomlString() 15 | if err != nil { 16 | if str != "" { 17 | panic(`str must be "" if there is an error`) 18 | } 19 | panic(err) 20 | } 21 | 22 | tree, err = Load(str) 23 | if err != nil { 24 | if tree != nil { 25 | panic("tree must be nil if there is an error") 26 | } 27 | return 0 28 | } 29 | 30 | return 1 31 | } 32 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zlint/v3/.goreleaser.yml: -------------------------------------------------------------------------------- 1 | project_name: zlint 2 | before: 3 | hooks: 4 | - go mod tidy 5 | builds: 6 | - 7 | main: ./cmd/zlint/main.go 8 | binary: zlint 9 | env: 10 | - CGO_ENABLED=0 11 | goos: 12 | - linux 13 | - freebsd 14 | - windows 15 | - darwin 16 | goarch: 17 | - amd64 18 | archives: 19 | - 20 | wrap_in_directory: true 21 | replacements: 22 | darwin: Darwin 23 | linux: Linux 24 | windows: Windows 25 | amd64: x86_64 26 | snapshot: 27 | name_template: "{{ .Tag }}-next" 28 | release: 29 | draft: true 30 | prerelease: auto 31 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build !purego && !appengine 6 | // +build !purego,!appengine 7 | 8 | package impl 9 | 10 | // When using unsafe pointers, we can just treat enum values as int32s. 11 | 12 | var ( 13 | coderEnumNoZero = coderInt32NoZero 14 | coderEnum = coderInt32 15 | coderEnumPtr = coderInt32Ptr 16 | coderEnumSlice = coderInt32Slice 17 | coderEnumPackedSlice = coderInt32PackedSlice 18 | ) 19 | -------------------------------------------------------------------------------- /testdata/server.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBhDCB7gIBADBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEh 3 | MB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEB 4 | AQUAA4GNADCBiQKBgQC2mOWeh2HPfWQsQmh4tKRGau/yXt7GQa07RES0huKuP0EH 5 | LrhldUETuSEoY7ZyczxTvKPDs21+H4i8KNlUDd3ZeodLc+Ou3geZT9wYI40Tz40R 6 | eip3MtQM86LHWoMNEG9ezzUoBXaqHoJgdlt2qLGEN6uO8lwPg2x3uQTERl8e4QID 7 | AQABoAAwDQYJKoZIhvcNAQEFBQADgYEALOuXHteRZ7f+vH5mv2Odz8KHgFm+YfdD 8 | YSRDiFGnMXZ4/Z5440Jl+lsytH9XRdU+CAvMwXISCLx6NI8JfNpSMvltDNRmBGfM 9 | HjTdVKPDb9xns7by8sgwuSNnOONuefbZNXPGbjDfKzEa2UdHJT+YaLOVzCDPlPBr 10 | BUo2gGkLUAs= 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /transport/core/rand.go: -------------------------------------------------------------------------------- 1 | package core 2 | 3 | import ( 4 | "crypto/rand" 5 | "encoding/binary" 6 | "io" 7 | mrand "math/rand" 8 | 9 | "github.com/cloudflare/cfssl/log" 10 | ) 11 | 12 | var seeded bool 13 | 14 | func seed() error { 15 | if seeded { 16 | return nil 17 | } 18 | 19 | var buf [8]byte 20 | _, err := io.ReadFull(rand.Reader, buf[:]) 21 | if err != nil { 22 | return err 23 | } 24 | 25 | n := int64(binary.LittleEndian.Uint64(buf[:])) 26 | mrand.Seed(n) 27 | seeded = true 28 | return nil 29 | } 30 | 31 | func init() { 32 | err := seed() 33 | if err != nil { 34 | log.Errorf("seeding mrand failed: %v", err) 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package x509 6 | 7 | import "sync" 8 | 9 | var ( 10 | once sync.Once 11 | systemRoots *CertPool 12 | systemRootsErr error 13 | ) 14 | 15 | func systemRootsPool() *CertPool { 16 | once.Do(initSystemRoots) 17 | return systemRoots 18 | } 19 | 20 | func initSystemRoots() { 21 | systemRoots, systemRootsErr = loadSystemRoots() 22 | if systemRootsErr != nil { 23 | systemRoots = nil 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/sockcmsg_dragonfly.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package unix 6 | 7 | // Round the length of a raw sockaddr up to align it properly. 8 | func cmsgAlignOf(salen int) int { 9 | salign := SizeofPtr 10 | if SizeofPtr == 8 && !supportsABI(_dragonflyABIChangeVersion) { 11 | // 64-bit Dragonfly before the September 2019 ABI changes still requires 12 | // 32-bit aligned access to network subsystem. 13 | salign = 4 14 | } 15 | return (salen + salign - 1) & ^(salign - 1) 16 | } 17 | -------------------------------------------------------------------------------- /initca/testdata/ecdsa256.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBgTCCASgCAQAwgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQDEw5jbG91ZGZsYXJl 5 | LmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBn9Ldie6BOcMHezn2dPuYqW 6 | z/NoLYMLGNBqhOxUyEidYClI0JW2pWyUgT3A2UazFp1WgE94y7Z+2YlfRz+vcrKg 7 | PzA9BgkqhkiG9w0BCQ4xMDAuMCwGA1UdEQQlMCOCDmNsb3VkZmxhcmUuY29tghF3 8 | d3djbG91ZGZsYXJlLmNvbTAKBggqhkjOPQQDAgNHADBEAiBM+QRxe8u6rkdr10Jy 9 | cxbR6NxrGrNeg5QqiOqF96JEmgIgDbtjd5e3y3I8W/+ih2us3WtMxgnTXfqPd48i 10 | VLcv28Q= 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /signer/local/testdata/ecdsa256-inter.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBezCCASECAQAwgYwxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMR0wGwYDVQQDExRjbG91ZGZsYXJl 5 | LWludGVyLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLgOKlWwIAIeURde 6 | yvDMhgfn6xPp1gn8oUeLmsniBm7I+j84IsVzUso8/MpjMZ9nB8lQUanhv3Kmqcyj 7 | HNj+iFegMjAwBgkqhkiG9w0BCQ4xIzAhMB8GA1UdEQQYMBaCFGNsb3VkZmxhcmUt 8 | aW50ZXIuY29tMAoGCCqGSM49BAMCA0gAMEUCIEJcy2mn2YyK8lVE+HHmr2OsmdbH 9 | 4CLDVXFBwxke8ObqAiEAx/il1cDKvQ/I36b4XjBnOX2jcQ5oaCNPFFBE74WQ/ps= 10 | -----END CERTIFICATE REQUEST----- 11 | -------------------------------------------------------------------------------- /transport/ca/cert_provider.go: -------------------------------------------------------------------------------- 1 | // Package ca provides the CertificateAuthority interface for the 2 | // transport package, which provides an interface to get a CSR signed 3 | // by some certificate authority. 4 | package ca 5 | 6 | // A CertificateAuthority is capable of signing certificates given 7 | // certificate signing requests. 8 | type CertificateAuthority interface { 9 | // SignCSR submits a PKCS #10 certificate signing request to a 10 | // CA for signing. 11 | SignCSR(csrPEM []byte) (cert []byte, err error) 12 | 13 | // CACertificate returns the certificate authority's 14 | // certificate. 15 | CACertificate() (cert []byte, err error) 16 | } 17 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/proto/proto_methods.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // The protoreflect build tag disables use of fast-path methods. 6 | //go:build !protoreflect 7 | // +build !protoreflect 8 | 9 | package proto 10 | 11 | import ( 12 | "google.golang.org/protobuf/reflect/protoreflect" 13 | "google.golang.org/protobuf/runtime/protoiface" 14 | ) 15 | 16 | const hasProtoMethods = true 17 | 18 | func protoMethods(m protoreflect.Message) *protoiface.Methods { 19 | return m.ProtoMethods() 20 | } 21 | -------------------------------------------------------------------------------- /certdb/mysql/migrations/002_AddMetadataToCertificates.sql: -------------------------------------------------------------------------------- 1 | -- +goose Up 2 | -- SQL in section 'Up' is executed when this migration is applied 3 | ALTER TABLE certificates 4 | ADD COLUMN issued_at timestamp DEFAULT '0000-00-00 00:00:00', 5 | ADD COLUMN not_before timestamp DEFAULT '0000-00-00 00:00:00', 6 | ADD COLUMN metadata JSON, 7 | ADD COLUMN sans JSON, 8 | ADD COLUMN common_name TEXT; 9 | -- +goose Down 10 | -- SQL section 'Down' is executed when this migration is rolled back 11 | ALTER TABLE certificates DROP COLUMN issued_at, 12 | DROP COLUMN not_before, 13 | DROP COLUMN metadata, 14 | DROP COLUMN sans, 15 | DROP COLUMN common_name; -------------------------------------------------------------------------------- /helpers/testdata/ecdsa256.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBgTCCASgCAQAwgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQDEw5jbG91ZGZsYXJl 5 | LmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBn9Ldie6BOcMHezn2dPuYqW 6 | z/NoLYMLGNBqhOxUyEidYClI0JW2pWyUgT3A2UazFp1WgE94y7Z+2YlfRz+vcrKg 7 | PzA9BgkqhkiG9w0BCQ4xMDAuMCwGA1UdEQQlMCOCDmNsb3VkZmxhcmUuY29tghF3 8 | d3djbG91ZGZsYXJlLmNvbTAKBggqhkjOPQQDAgNHADBEAiBM+QRxe8u6rkdr10Jy 9 | cxbR6NxrGrNeg5QqiOqF96JEmgIgDbtjd5e3y3I8W/+ih2us3WtMxgnTXfqPd48i 10 | VLcv28Q= 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /helpers/testdata/messedupcert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB7jCCAVmgAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD 3 | bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTEyMDkwNzIyMDAwNFoXDTEzMDkwNzIy 4 | MDUwNFowJjEQMA4GA1UEChMHQWNtZSBDbzESMBAGA1UEAxMJMTI3LjAuMC4xMIGd 5 | MAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1C 6 | cqhEvLFbu3MCAwEAAaMyMDAwDgYDVR0PAQH/BAQDAgCgMA0GA1UdDgQGBAQBAgME 7 | MA8GA1UdIwQIMAaABAECAwQwCwYJKoZIhvcNAQEFA4GBABndWRIcfi+QB9Sakr+m 8 | dYnXTgYCnFio53L2Z+6EHTGG+rEhWtUEGhL4p4pzXX4siAnjWvwcgXTo92cafcfi 9 | uB7wRfK+NL9CTJdpN6cdL+fiNHzH8hsl3bj1nL0CSmdn2hkUWVLbLhSgWlib/I8O 10 | aq+K7aVrgHkPnWeRiG6tl+ZA 11 | -----END CERTIFICATE----- 12 | -------------------------------------------------------------------------------- /transport/example/maserver/server.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "CN": "test server", 4 | "hosts": [ 5 | "127.0.0.1" 6 | ] 7 | }, 8 | "profiles": { 9 | "paths": { 10 | "private_key": "server.key", 11 | "certificate": "server.pem" 12 | }, 13 | "cfssl": { 14 | "profile": "server", 15 | "remote": "127.0.0.1:8888" 16 | } 17 | }, 18 | "roots": [ 19 | { 20 | "type": "system" 21 | } 22 | ], 23 | "client_roots": [ 24 | { 25 | "type": "cfssl", 26 | "metadata": { 27 | "host": "127.0.0.1:8888", 28 | "profile": "maclient" 29 | } 30 | } 31 | ] 32 | } 33 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/.golangci.yaml: -------------------------------------------------------------------------------- 1 | run: 2 | deadline: 90s 3 | skip-dirs: 4 | - (^|/)x509($|/) 5 | - (^|/)x509util($|/) 6 | - (^|/)asn1($|/) 7 | 8 | linters-settings: 9 | gocyclo: 10 | min-complexity: 25 11 | depguard: 12 | list-type: blacklist 13 | packages: 14 | - ^golang.org/x/net/context$ 15 | - github.com/gogo/protobuf/proto 16 | - encoding/asn1 17 | - crypto/x509 18 | 19 | issues: 20 | exclude-use-default: false 21 | exclude: 22 | - "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked" 23 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/codecov.yml: -------------------------------------------------------------------------------- 1 | # Customizations to codecov for c-t-go repo. This will be merged into 2 | # the team / default codecov yaml file. 3 | # 4 | # Validate changes with: 5 | # curl --data-binary @codecov.yml https://codecov.io/validate 6 | 7 | # Exclude code that's for testing, demos or utilities that aren't really 8 | # part of production releases. 9 | ignore: 10 | - "**/mock_*.go" 11 | - "**/testonly" 12 | - "trillian/integration" 13 | 14 | coverage: 15 | status: 16 | project: 17 | default: 18 | # Allow 1% coverage drop without complaining, to avoid being too noisy. 19 | threshold: 1% 20 | -------------------------------------------------------------------------------- /signer/local/testdata/ecdsa256.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBgTCCASgCAQAwgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQDEw5jbG91ZGZsYXJl 5 | LmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBn9Ldie6BOcMHezn2dPuYqW 6 | z/NoLYMLGNBqhOxUyEidYClI0JW2pWyUgT3A2UazFp1WgE94y7Z+2YlfRz+vcrKg 7 | PzA9BgkqhkiG9w0BCQ4xMDAuMCwGA1UdEQQlMCOCDmNsb3VkZmxhcmUuY29tghF3 8 | d3djbG91ZGZsYXJlLmNvbTAKBggqhkjOPQQDAgNHADBEAiBM+QRxe8u6rkdr10Jy 9 | cxbR6NxrGrNeg5QqiOqF96JEmgIgDbtjd5e3y3I8W/+ih2us3WtMxgnTXfqPd48i 10 | VLcv28Q= 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 G.J.R. Timmer . 2 | // Copyright (C) 2018 segment.com 3 | // 4 | // Use of this source code is governed by an MIT-style 5 | // license that can be found in the LICENSE file. 6 | 7 | //go:build cgo 8 | // +build cgo 9 | 10 | package sqlite3 11 | 12 | // SQLitePreUpdateData represents all of the data available during a 13 | // pre-update hook call. 14 | type SQLitePreUpdateData struct { 15 | Conn *SQLiteConn 16 | Op int 17 | DatabaseName string 18 | TableName string 19 | OldRowID int64 20 | NewRowID int64 21 | } 22 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/genid/map_entry.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package genid 6 | 7 | import protoreflect "google.golang.org/protobuf/reflect/protoreflect" 8 | 9 | // Generic field names and numbers for synthetic map entry messages. 10 | const ( 11 | MapEntry_Key_field_name protoreflect.Name = "key" 12 | MapEntry_Value_field_name protoreflect.Name = "value" 13 | 14 | MapEntry_Key_field_number protoreflect.FieldNumber = 1 15 | MapEntry_Value_field_number protoreflect.FieldNumber = 2 16 | ) 17 | -------------------------------------------------------------------------------- /transport/roots/doc.go: -------------------------------------------------------------------------------- 1 | // Package roots includes support for loading trusted roots from 2 | // various sources. 3 | // 4 | // The following are supported trusted roout sources provided: 5 | // 6 | // The "system" type does not take any metadata. It will use the 7 | // default system certificates provided by the operating system. 8 | // 9 | // The "cfssl" provider takes keys for the CFSSL "host", "label", and 10 | // "profile", and loads the returned certificate into the trust store. 11 | // 12 | // The "file" provider takes a source file (specified under the 13 | // "source" key) that contains one or more certificates and adds 14 | // them into the source tree. 15 | package roots 16 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/ptr_sysptr_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build go1.11 6 | // +build go1.11 7 | 8 | package x509 9 | 10 | import ( 11 | "syscall" 12 | "unsafe" 13 | ) 14 | 15 | // For Go versions >= 1.11, the ExtraPolicyPara field in 16 | // syscall.CertChainPolicyPara is of type syscall.Pointer. See: 17 | // https://github.com/golang/go/commit/4869ec00e87ef 18 | 19 | func convertToPolicyParaType(p unsafe.Pointer) syscall.Pointer { 20 | return (syscall.Pointer)(p) 21 | } 22 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/uuid.go: -------------------------------------------------------------------------------- 1 | package pq 2 | 3 | import ( 4 | "encoding/hex" 5 | "fmt" 6 | ) 7 | 8 | // decodeUUIDBinary interprets the binary format of a uuid, returning it in text format. 9 | func decodeUUIDBinary(src []byte) ([]byte, error) { 10 | if len(src) != 16 { 11 | return nil, fmt.Errorf("pq: unable to decode uuid; bad length: %d", len(src)) 12 | } 13 | 14 | dst := make([]byte, 36) 15 | dst[8], dst[13], dst[18], dst[23] = '-', '-', '-', '-' 16 | hex.Encode(dst[0:], src[0:4]) 17 | hex.Encode(dst[9:], src[4:6]) 18 | hex.Encode(dst[14:], src[6:8]) 19 | hex.Encode(dst[19:], src[8:10]) 20 | hex.Encode(dst[24:], src[10:16]) 21 | 22 | return dst, nil 23 | } 24 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_column_metadata.go: -------------------------------------------------------------------------------- 1 | //go:build sqlite_column_metadata 2 | // +build sqlite_column_metadata 3 | 4 | package sqlite3 5 | 6 | /* 7 | #ifndef USE_LIBSQLITE3 8 | #cgo CFLAGS: -DSQLITE_ENABLE_COLUMN_METADATA 9 | #include 10 | #else 11 | #include 12 | #endif 13 | */ 14 | import "C" 15 | 16 | // ColumnTableName returns the table that is the origin of a particular result 17 | // column in a SELECT statement. 18 | // 19 | // See https://www.sqlite.org/c3ref/column_database_name.html 20 | func (s *SQLiteStmt) ColumnTableName(n int) string { 21 | return C.GoString(C.sqlite3_column_table_name(s.s, C.int(n))) 22 | } 23 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/genid/empty_gen.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Code generated by generate-protos. DO NOT EDIT. 6 | 7 | package genid 8 | 9 | import ( 10 | protoreflect "google.golang.org/protobuf/reflect/protoreflect" 11 | ) 12 | 13 | const File_google_protobuf_empty_proto = "google/protobuf/empty.proto" 14 | 15 | // Names for google.protobuf.Empty. 16 | const ( 17 | Empty_message_name protoreflect.Name = "Empty" 18 | Empty_message_fullname protoreflect.FullName = "google.protobuf.Empty" 19 | ) 20 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM --platform=${TARGETPLATFORM} golang:1.20 2 | 3 | ARG TARGETPLATFORM 4 | ARG BUILDPLATFORM 5 | RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" 6 | 7 | LABEL org.opencontainers.image.source https://github.com/cloudflare/cfssl 8 | LABEL org.opencontainers.image.description "Cloudflare's PKI toolkit" 9 | 10 | ARG TARGETOS 11 | ARG TARGETARCH 12 | 13 | WORKDIR /workdir 14 | COPY . /workdir 15 | 16 | RUN git clone https://github.com/cloudflare/cfssl_trust.git /etc/cfssl && \ 17 | make clean && \ 18 | GOOS=${TARGETOS} GOARCH=${TARGETARCH} make all && cp bin/* /usr/bin/ 19 | 20 | EXPOSE 8888 21 | 22 | ENTRYPOINT ["cfssl"] 23 | CMD ["--help"] 24 | -------------------------------------------------------------------------------- /signer/local/testdata/ip.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBlTCB/wIBADBWMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxDzANBgNVBAcM 3 | Bkl0aGFjYTEQMA4GA1UECgwHQ29ybmVsbDEXMBUGA1UEAwwOMTI4Ljg0LjEyNi4y 4 | MTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAME+bO/VzV5ABrXJO0njmg84 5 | IBGuGoNhXrq6vM1fXMcNnOLiWu4h8jer7UxwAKzgUgYkCQFQLY5kJqaxHrKbk9ov 6 | 350Z+BW9/rD8agFvrlvG7D8iAefOF8QeyT2dXxa2FMQeZP2b2WGQ8xkFUMhUVbqI 7 | 4IKkDBHoj1dcHfSgpMg3AgMBAAGgADANBgkqhkiG9w0BAQsFAAOBgQBS7FBieNEN 8 | PfXQRhPeiZ86QatshBBrj+TmhdC4GjtJ9lQA2NSRg2HnSHDErxdezZ7tw1ordd5D 9 | hZpJ8XkPggsb7mghwPD7Zzgp0M/ldqbZ9fFEtNcpiEL05vKtap5uSGzNn32NDbQa 10 | g+4QnDavffTQuzfuOoGJ9bG3jQtxo9HZCA== 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /vendor/github.com/go-logr/logr/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Logr is open to pull-requests, provided they fit within the intended scope of 4 | the project. Specifically, this library aims to be VERY small and minimalist, 5 | with no external dependencies. 6 | 7 | ## Compatibility 8 | 9 | This project intends to follow [semantic versioning](http://semver.org) and 10 | is very strict about compatibility. Any proposed changes MUST follow those 11 | rules. 12 | 13 | ## Performance 14 | 15 | As a logging library, logr must be as light-weight as possible. Any proposed 16 | code change must include results of running the [benchmark](./benchmark) 17 | before and after the change. 18 | -------------------------------------------------------------------------------- /bundler/testdata/cfssl-leaf-ecdsa256.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBkTCCATcCAQAwgYsxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRwwGgYDVQQDExNjbG91ZGZsYXJl 5 | LWxlYWYuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjEb98b3L+COUBe8H 6 | vtt4REtsGig33wUYUDFVQDkiCXKW+CZ83FSYjyYzZTD23M4ub285ECtpJIzj/qJK 7 | kImt4KBJMEcGCSqGSIb3DQEJDjE6MDgwNgYDVR0RBC8wLYITY2xvdWRmbGFyZS1s 8 | ZWFmLmNvbYIWd3d3Y2xvdWRmbGFyZS1sZWFmLmNvbTAKBggqhkjOPQQDAgNIADBF 9 | AiEA+hlls8mNtLv47Rr8B7dGGKCDa1/qLHectmhdAnyrTVwCIFnAgTgiPAerNAct 10 | KjOJZdHDuaBGeu5o+5SLD232m/2E 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/race0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix || (darwin && !race) || (linux && !race) || (freebsd && !race) || netbsd || openbsd || solaris || dragonfly || zos 6 | 7 | package unix 8 | 9 | import ( 10 | "unsafe" 11 | ) 12 | 13 | const raceenabled = false 14 | 15 | func raceAcquire(addr unsafe.Pointer) { 16 | } 17 | 18 | func raceReleaseMerge(addr unsafe.Pointer) { 19 | } 20 | 21 | func raceReadRange(addr unsafe.Pointer, len int) { 22 | } 23 | 24 | func raceWriteRange(addr unsafe.Pointer, len int) { 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && gc && 386 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | // Underlying system call writes to newoffset via pointer. 12 | // Implemented in assembly to avoid allocation. 13 | func seek(fd int, offset int64, whence int) (newoffset int64, err syscall.Errno) 14 | 15 | func socketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (n int, err syscall.Errno) 16 | func rawsocketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (n int, err syscall.Errno) 17 | -------------------------------------------------------------------------------- /signer/local/testdata/ex.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBnzCCAQgCAQAwXzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMQ8wDQYDVQQH 3 | DAZJdGhhY2ExHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxFDASBgNVBAMM 4 | C2V4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBPmzv1c1e 5 | QAa1yTtJ45oPOCARrhqDYV66urzNX1zHDZzi4lruIfI3q+1McACs4FIGJAkBUC2O 6 | ZCamsR6ym5PaL9+dGfgVvf6w/GoBb65bxuw/IgHnzhfEHsk9nV8WthTEHmT9m9lh 7 | kPMZBVDIVFW6iOCCpAwR6I9XXB30oKTINwIDAQABoAAwDQYJKoZIhvcNAQELBQAD 8 | gYEAndd8OjJ+Jr74jqwuV9cUDqlItsLc84TYn+lly0EPezGQIIYz2KUoDyHQ+PQ9 9 | 7JI3G3FWR8Wpow7HooLJRxHNWOw7u8ekLCP0LjkoHse+Dou5C0jzo99jfrjXNWGt 10 | DZO0Wrpu2eDclqwMJO/DtiovzcmOsGC52NHUW6+Moo9N2lM= 11 | -----END CERTIFICATE REQUEST----- 12 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/x509/root_bsd.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build dragonfly || freebsd || netbsd || openbsd 6 | // +build dragonfly freebsd netbsd openbsd 7 | 8 | package x509 9 | 10 | // Possible certificate files; stop after finding one. 11 | var certFiles = []string{ 12 | "/usr/local/etc/ssl/cert.pem", // FreeBSD 13 | "/etc/ssl/cert.pem", // OpenBSD 14 | "/usr/local/share/certs/ca-root-nss.crt", // DragonFly 15 | "/etc/openssl/certs/ca-certificates.crt", // NetBSD 16 | } 17 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go: -------------------------------------------------------------------------------- 1 | //go:build libsqlite3 && !sqlite_serialize 2 | // +build libsqlite3,!sqlite_serialize 3 | 4 | package sqlite3 5 | 6 | import ( 7 | "errors" 8 | ) 9 | 10 | /* 11 | #cgo CFLAGS: -DSQLITE_OMIT_DESERIALIZE 12 | */ 13 | import "C" 14 | 15 | func (c *SQLiteConn) Serialize(schema string) ([]byte, error) { 16 | return nil, errors.New("sqlite3: Serialize requires the sqlite_serialize build tag when using the libsqlite3 build tag") 17 | } 18 | 19 | func (c *SQLiteConn) Deserialize(b []byte, schema string) error { 20 | return errors.New("sqlite3: Deserialize requires the sqlite_serialize build tag when using the libsqlite3 build tag") 21 | } 22 | -------------------------------------------------------------------------------- /vendor/k8s.io/klog/v2/SECURITY_CONTACTS: -------------------------------------------------------------------------------- 1 | # Defined below are the security contacts for this repo. 2 | # 3 | # They are the contact point for the Product Security Committee to reach out 4 | # to for triaging and handling of incoming issues. 5 | # 6 | # The below names agree to abide by the 7 | # [Embargo Policy](https://git.k8s.io/security/private-distributors-list.md#embargo-policy) 8 | # and will be removed and replaced if they violate that agreement. 9 | # 10 | # DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE 11 | # INSTRUCTIONS AT https://kubernetes.io/security/ 12 | 13 | dims 14 | thockin 15 | justinsb 16 | tallclair 17 | piosz 18 | brancz 19 | DirectXMan12 20 | lavalamp 21 | -------------------------------------------------------------------------------- /api/health/health.go: -------------------------------------------------------------------------------- 1 | package health 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | 7 | "github.com/cloudflare/cfssl/api" 8 | ) 9 | 10 | // Response contains the response to the /health API 11 | type Response struct { 12 | Healthy bool `json:"healthy"` 13 | } 14 | 15 | func healthHandler(w http.ResponseWriter, r *http.Request) error { 16 | response := api.NewSuccessResponse(&Response{Healthy: true}) 17 | return json.NewEncoder(w).Encode(response) 18 | } 19 | 20 | // NewHealthCheck creates a new handler to serve health checks. 21 | func NewHealthCheck() http.Handler { 22 | return api.HTTPHandler{ 23 | Handler: api.HandlerFunc(healthHandler), 24 | Methods: []string{"GET"}, 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /vendor/bitbucket.org/liamstask/goose/cmd/goose/cmd_dbversion.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bitbucket.org/liamstask/goose/lib/goose" 5 | "fmt" 6 | "log" 7 | ) 8 | 9 | var dbVersionCmd = &Command{ 10 | Name: "dbversion", 11 | Usage: "", 12 | Summary: "Print the current version of the database", 13 | Help: `dbversion extended help here...`, 14 | Run: dbVersionRun, 15 | } 16 | 17 | func dbVersionRun(cmd *Command, args ...string) { 18 | conf, err := dbConfFromFlags() 19 | if err != nil { 20 | log.Fatal(err) 21 | } 22 | 23 | current, err := goose.GetDBVersion(conf) 24 | if err != nil { 25 | log.Fatal(err) 26 | } 27 | 28 | fmt.Printf("goose: dbversion %v\n", current) 29 | } 30 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zlint/v3/newProfile.sh: -------------------------------------------------------------------------------- 1 | # Script to create new profile from template 2 | 3 | USAGE="Usage: $0 4 | 5 | ARG1: file_name" 6 | 7 | if [ $# -eq 0 ]; then 8 | echo "No arguments provided..." 9 | echo "$USAGE" 10 | exit 1 11 | fi 12 | 13 | if [ ! -d profiles ] 14 | then 15 | echo "Directory 'profiles' does not exist. Can't make new file." 16 | exit 1 17 | fi 18 | 19 | 20 | if [ -e profiles/profile_$1.go ] 21 | then 22 | echo "File already exists. Can't make new file." 23 | exit 1 24 | fi 25 | 26 | PROFILE=$1 27 | 28 | sed -e "s/PROFILE/${PROFILE}/" profileTemplate > profiles/profile_${PROFILE}.go 29 | 30 | echo "Created file profiles/lint_${PROFILE}.go" 31 | -------------------------------------------------------------------------------- /.github/workflows/semgrep.yml: -------------------------------------------------------------------------------- 1 | on: 2 | pull_request: {} 3 | workflow_dispatch: {} 4 | push: 5 | branches: 6 | - main 7 | - master 8 | schedule: 9 | - cron: '0 0 * * *' 10 | name: Semgrep config 11 | jobs: 12 | semgrep: 13 | name: semgrep/ci 14 | runs-on: ubuntu-latest 15 | env: 16 | SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} 17 | SEMGREP_URL: https://cloudflare.semgrep.dev 18 | SEMGREP_APP_URL: https://cloudflare.semgrep.dev 19 | SEMGREP_VERSION_CHECK_URL: https://cloudflare.semgrep.dev/api/check-version 20 | container: 21 | image: semgrep/semgrep 22 | steps: 23 | - uses: actions/checkout@v4 24 | - run: semgrep ci 25 | -------------------------------------------------------------------------------- /vendor/github.com/zmap/zcrypto/x509/generated_certvalidationlevel_string.go: -------------------------------------------------------------------------------- 1 | // Code generated by "stringer -type=CertValidationLevel -output=generated_certvalidationlevel_string.go"; DO NOT EDIT. 2 | 3 | package x509 4 | 5 | import "strconv" 6 | 7 | const _CertValidationLevel_name = "UnknownValidationLevelDVOVEV" 8 | 9 | var _CertValidationLevel_index = [...]uint8{0, 22, 24, 26, 28} 10 | 11 | func (i CertValidationLevel) String() string { 12 | if i < 0 || i >= CertValidationLevel(len(_CertValidationLevel_index)-1) { 13 | return "CertValidationLevel(" + strconv.FormatInt(int64(i), 10) + ")" 14 | } 15 | return _CertValidationLevel_name[_CertValidationLevel_index[i]:_CertValidationLevel_index[i+1]] 16 | } 17 | -------------------------------------------------------------------------------- /transport/example/maserver/server_auth.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "CN": "test server", 4 | "hosts": ["127.0.0.1"] 5 | }, 6 | "profiles": { 7 | "paths": { 8 | "private_key": "server.key", 9 | "certificate": "server.pem" 10 | }, 11 | "cfssl": { 12 | "profile": "server", 13 | "remote": "127.0.0.1:8888", 14 | "auth-type": "standard", 15 | "auth-key": "4f4f26686209f672e0ec7b19cbbc8b6d94fdd12cc0b20326f9005d5f234e6e3e" 16 | } 17 | }, 18 | "roots": [{ 19 | "type": "system" 20 | }], 21 | "client_roots": [{ 22 | "type": "cfssl", 23 | "metadata": { 24 | "host": "127.0.0.1:8888", 25 | "profile": "client" 26 | } 27 | }] 28 | } 29 | -------------------------------------------------------------------------------- /vendor/github.com/lib/pq/user_posix.go: -------------------------------------------------------------------------------- 1 | // Package pq is a pure Go Postgres driver for the database/sql package. 2 | 3 | //go:build aix || darwin || dragonfly || freebsd || (linux && !android) || nacl || netbsd || openbsd || plan9 || solaris || rumprun || illumos 4 | // +build aix darwin dragonfly freebsd linux,!android nacl netbsd openbsd plan9 solaris rumprun illumos 5 | 6 | package pq 7 | 8 | import ( 9 | "os" 10 | "os/user" 11 | ) 12 | 13 | func userCurrent() (string, error) { 14 | u, err := user.Current() 15 | if err == nil { 16 | return u.Username, nil 17 | } 18 | 19 | name := os.Getenv("USER") 20 | if name != "" { 21 | return name, nil 22 | } 23 | 24 | return "", ErrCouldNotDetectUsername 25 | } 26 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build sqlite_icu || icu 7 | // +build sqlite_icu icu 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo LDFLAGS: -licuuc -licui18n 13 | #cgo CFLAGS: -DSQLITE_ENABLE_ICU 14 | #cgo darwin,amd64 CFLAGS: -I/usr/local/opt/icu4c/include 15 | #cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/icu4c/lib 16 | #cgo darwin,arm64 CFLAGS: -I/opt/homebrew/opt/icu4c/include 17 | #cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/icu4c/lib 18 | #cgo openbsd LDFLAGS: -lsqlite3 19 | */ 20 | import "C" 21 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/int.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBsDCCAVegAwIBAgIUQ+SzyUX7rjP3Na9pqW9WjfZ++mgwCgYIKoZIzj0EAwIw 3 | TDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh 4 | biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMjUwMjA4MjE1MTAwWhcN 5 | MzAwMjA5MDM1MTAwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJ1aTpusR 6 | LupK5Fz1Z3zameCiHaBkmQj7W0RXzr6Z79K56Rpvw26TwLOrBn7TXtxDuWGLMsNo 7 | OZkrSrMMEVhKSaNjMGEwDgYDVR0PAQH/BAQDAgIEMA8GA1UdEwEB/wQFMAMBAf8w 8 | HQYDVR0OBBYEFEUmFK1ZjWprR7uasbTkKJkRbopDMB8GA1UdIwQYMBaAFH+WjwVZ 9 | HowLuyc+wkl/DmRpQNsJMAoGCCqGSM49BAMCA0cAMEQCIBf7y7WJq8Ok5BlmSwuo 10 | HfMI99OGo0Yx3o9OgOOGjN+SAiBqZtkw/M457iU0xPq93Ao0sOxQug0hix2B8Hel 11 | b65f8w== 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /scan/crypto/md5/example_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2013 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package md5_test 6 | 7 | import ( 8 | "crypto/md5" 9 | "fmt" 10 | "io" 11 | ) 12 | 13 | func ExampleNew() { 14 | h := md5.New() 15 | io.WriteString(h, "The fog is getting thicker!") 16 | io.WriteString(h, "And Leon's getting laaarger!") 17 | fmt.Printf("%x", h.Sum(nil)) 18 | // Output: e2c569be17396eca2a2e3c11578123ed 19 | } 20 | 21 | func ExampleSum() { 22 | data := []byte("These pretzels are making me thirsty.") 23 | fmt.Printf("%x", md5.Sum(data)) 24 | // Output: b0804ec967f48520697662a204f5fe72 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build linux && gccgo && arm 6 | 7 | package unix 8 | 9 | import ( 10 | "syscall" 11 | "unsafe" 12 | ) 13 | 14 | func seek(fd int, offset int64, whence int) (int64, syscall.Errno) { 15 | var newoffset int64 16 | offsetLow := uint32(offset & 0xffffffff) 17 | offsetHigh := uint32((offset >> 32) & 0xffffffff) 18 | _, _, err := Syscall6(SYS__LLSEEK, uintptr(fd), uintptr(offsetHigh), uintptr(offsetLow), uintptr(unsafe.Pointer(&newoffset)), uintptr(whence), 0) 19 | return newoffset, err 20 | } 21 | -------------------------------------------------------------------------------- /cli/serve/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFSSL 6 | 10 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /transport/example/maclient/client_auth.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": { 3 | "CN": "test client", 4 | "hosts": ["127.0.0.1"] 5 | }, 6 | "profiles": { 7 | "paths": { 8 | "private_key": "client.key", 9 | "certificate": "client.pem" 10 | }, 11 | "cfssl": { 12 | "profile": "client", 13 | "remote": "127.0.0.1:8888", 14 | "auth-type": "standard", 15 | "auth-key": "52abb3ac91971bb72bce17e7a289cd04476490b19e0d8eb7810dc42d4ac16c41" 16 | } 17 | }, 18 | "roots": [ 19 | { 20 | "type": "system" 21 | }, 22 | { 23 | "type": "cfssl", 24 | "metadata": { 25 | "host": "127.0.0.1:8888", 26 | "profile": "server" 27 | } 28 | } 29 | ] 30 | } 31 | -------------------------------------------------------------------------------- /vendor/github.com/go-sql-driver/mysql/conncheck_dummy.go: -------------------------------------------------------------------------------- 1 | // Go MySQL Driver - A MySQL-Driver for Go's database/sql package 2 | // 3 | // Copyright 2019 The Go-MySQL-Driver Authors. All rights reserved. 4 | // 5 | // This Source Code Form is subject to the terms of the Mozilla Public 6 | // License, v. 2.0. If a copy of the MPL was not distributed with this file, 7 | // You can obtain one at http://mozilla.org/MPL/2.0/. 8 | 9 | //go:build !linux && !darwin && !dragonfly && !freebsd && !netbsd && !openbsd && !solaris && !illumos 10 | // +build !linux,!darwin,!dragonfly,!freebsd,!netbsd,!openbsd,!solaris,!illumos 11 | 12 | package mysql 13 | 14 | import "net" 15 | 16 | func connCheck(conn net.Conn) error { 17 | return nil 18 | } 19 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_unix_gc.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (darwin || dragonfly || freebsd || (linux && !ppc64 && !ppc64le) || netbsd || openbsd || solaris) && gc 6 | 7 | package unix 8 | 9 | import "syscall" 10 | 11 | func Syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err syscall.Errno) 12 | func Syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err syscall.Errno) 13 | func RawSyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err syscall.Errno) 14 | func RawSyscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err syscall.Errno) 15 | -------------------------------------------------------------------------------- /vendor/google.golang.org/protobuf/internal/impl/enum.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package impl 6 | 7 | import ( 8 | "reflect" 9 | 10 | "google.golang.org/protobuf/reflect/protoreflect" 11 | ) 12 | 13 | type EnumInfo struct { 14 | GoReflectType reflect.Type // int32 kind 15 | Desc protoreflect.EnumDescriptor 16 | } 17 | 18 | func (t *EnumInfo) New(n protoreflect.EnumNumber) protoreflect.Enum { 19 | return reflect.ValueOf(n).Convert(t.GoReflectType).Interface().(protoreflect.Enum) 20 | } 21 | func (t *EnumInfo) Descriptor() protoreflect.EnumDescriptor { return t.Desc } 22 | -------------------------------------------------------------------------------- /vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | set -euo pipefail 3 | 4 | cd "$(git rev-parse --show-toplevel)" 5 | 6 | STD_PATH=src/crypto/ed25519/internal/edwards25519/field 7 | LOCAL_PATH=curve25519/internal/field 8 | LAST_SYNC_REF=$(cat $LOCAL_PATH/sync.checkpoint) 9 | 10 | git fetch https://go.googlesource.com/go master 11 | 12 | if git diff --quiet $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH; then 13 | echo "No changes." 14 | else 15 | NEW_REF=$(git rev-parse FETCH_HEAD | tee $LOCAL_PATH/sync.checkpoint) 16 | echo "Applying changes from $LAST_SYNC_REF to $NEW_REF..." 17 | git diff $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH | \ 18 | git apply -3 --directory=$LOCAL_PATH 19 | fi 20 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_x86.s: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (386 || amd64 || amd64p32) && gc 6 | 7 | #include "textflag.h" 8 | 9 | // func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) 10 | TEXT ·cpuid(SB), NOSPLIT, $0-24 11 | MOVL eaxArg+0(FP), AX 12 | MOVL ecxArg+4(FP), CX 13 | CPUID 14 | MOVL AX, eax+8(FP) 15 | MOVL BX, ebx+12(FP) 16 | MOVL CX, ecx+16(FP) 17 | MOVL DX, edx+20(FP) 18 | RET 19 | 20 | // func xgetbv() (eax, edx uint32) 21 | TEXT ·xgetbv(SB),NOSPLIT,$0-8 22 | MOVL $0, CX 23 | XGETBV 24 | MOVL AX, eax+0(FP) 25 | MOVL DX, edx+4(FP) 26 | RET 27 | -------------------------------------------------------------------------------- /initca/testdata/ecdsa384.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBvzCCAUUCAQAwgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQDEw5jbG91ZGZsYXJl 5 | LmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABBk/Q+zMsZOJGkufRzGCWtSUtRjq 6 | 0QqChDGWbHLaa0h6ODVeEoKYOMvFJTg4V186tuuBe97KEey0OPDegzCBp5kBIiwg 7 | HB/0xWoKdnfdRk6VyjmubPx399cGoZn8aCqgC6A/MD0GCSqGSIb3DQEJDjEwMC4w 8 | LAYDVR0RBCUwI4IOY2xvdWRmbGFyZS5jb22CEXd3d2Nsb3VkZmxhcmUuY29tMAoG 9 | CCqGSM49BAMDA2gAMGUCMQC57VfwMXDyL5kM7vmO2ynbpgSAuFZT6Yd3C3NnV2jz 10 | Biozw3eqIDXqCb2LI09stZMCMGIwCuVARr2IRctxf7AmX7/O2SIaIhCpMFKRedQ7 11 | RiWGZIucp5r6AfT9381PB29bHA== 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /signer/local/testdata/ecdsa384.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBvzCCAUUCAQAwgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQDEw5jbG91ZGZsYXJl 5 | LmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABBk/Q+zMsZOJGkufRzGCWtSUtRjq 6 | 0QqChDGWbHLaa0h6ODVeEoKYOMvFJTg4V186tuuBe97KEey0OPDegzCBp5kBIiwg 7 | HB/0xWoKdnfdRk6VyjmubPx399cGoZn8aCqgC6A/MD0GCSqGSIb3DQEJDjEwMC4w 8 | LAYDVR0RBCUwI4IOY2xvdWRmbGFyZS5jb22CEXd3d2Nsb3VkZmxhcmUuY29tMAoG 9 | CCqGSM49BAMDA2gAMGUCMQC57VfwMXDyL5kM7vmO2ynbpgSAuFZT6Yd3C3NnV2jz 10 | Biozw3eqIDXqCb2LI09stZMCMGIwCuVARr2IRctxf7AmX7/O2SIaIhCpMFKRedQ7 11 | RiWGZIucp5r6AfT9381PB29bHA== 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /vendor/bitbucket.org/liamstask/goose/cmd/goose/cmd_up.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bitbucket.org/liamstask/goose/lib/goose" 5 | "log" 6 | ) 7 | 8 | var upCmd = &Command{ 9 | Name: "up", 10 | Usage: "", 11 | Summary: "Migrate the DB to the most recent version available", 12 | Help: `up extended help here...`, 13 | Run: upRun, 14 | } 15 | 16 | func upRun(cmd *Command, args ...string) { 17 | 18 | conf, err := dbConfFromFlags() 19 | if err != nil { 20 | log.Fatal(err) 21 | } 22 | 23 | target, err := goose.GetMostRecentDBVersion(conf.MigrationsDir) 24 | if err != nil { 25 | log.Fatal(err) 26 | } 27 | 28 | if err := goose.RunMigrations(conf, conf.MigrationsDir, target); err != nil { 29 | log.Fatal(err) 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build amd64 && solaris 6 | 7 | package unix 8 | 9 | func setTimespec(sec, nsec int64) Timespec { 10 | return Timespec{Sec: sec, Nsec: nsec} 11 | } 12 | 13 | func setTimeval(sec, usec int64) Timeval { 14 | return Timeval{Sec: sec, Usec: usec} 15 | } 16 | 17 | func (iov *Iovec) SetLen(length int) { 18 | iov.Len = uint64(length) 19 | } 20 | 21 | func (msghdr *Msghdr) SetIovlen(length int) { 22 | msghdr.Iovlen = int32(length) 23 | } 24 | 25 | func (cmsg *Cmsghdr) SetLen(length int) { 26 | cmsg.Len = uint32(length) 27 | } 28 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/race.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build windows && race 6 | 7 | package windows 8 | 9 | import ( 10 | "runtime" 11 | "unsafe" 12 | ) 13 | 14 | const raceenabled = true 15 | 16 | func raceAcquire(addr unsafe.Pointer) { 17 | runtime.RaceAcquire(addr) 18 | } 19 | 20 | func raceReleaseMerge(addr unsafe.Pointer) { 21 | runtime.RaceReleaseMerge(addr) 22 | } 23 | 24 | func raceReadRange(addr unsafe.Pointer, len int) { 25 | runtime.RaceReadRange(addr, len) 26 | } 27 | 28 | func raceWriteRange(addr unsafe.Pointer, len int) { 29 | runtime.RaceWriteRange(addr, len) 30 | } 31 | -------------------------------------------------------------------------------- /crl/testdata/ca.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB5DCCAZCgAwIBAgIBATALBgkqhkiG9w0BAQUwLTEQMA4GA1UEChMHQWNtZSBDbzEZMBcGA1UE 3 | AxMQdGVzdC5leGFtcGxlLmNvbTAeFw03MDAxMDEwMDE2NDBaFw03MDAxMDIwMzQ2NDBaMC0xEDAO 4 | BgNVBAoTB0FjbWUgQ28xGTAXBgNVBAMTEHRlc3QuZXhhbXBsZS5jb20wWjALBgkqhkiG9w0BAQED 5 | SwAwSAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0fd7Ai2KW5ToIwzFo 6 | fvJcS/STa6HA5gQenRUCAwEAAaOBnjCBmzAOBgNVHQ8BAf8EBAMCAAQwDwYDVR0TAQH/BAUwAwEB 7 | /zANBgNVHQ4EBgQEAQIDBDAPBgNVHSMECDAGgAQBAgMEMBsGA1UdEQQUMBKCEHRlc3QuZXhhbXBs 8 | ZS5jb20wDwYDVR0gBAgwBjAEBgIqAzAqBgNVHR4EIzAhoB8wDoIMLmV4YW1wbGUuY29tMA2CC2V4 9 | YW1wbGUuY29tMAsGCSqGSIb3DQEBBQNBAHKZKoS1wEQOGhgklx4+/yFYQlnqwKXvar/ZecQvJwui 10 | 0seMQnwBhwdBkHfVIU2Fu5VUMRyxlf0ZNaDXcpU581k= 11 | -----END CERTIFICATE----- -------------------------------------------------------------------------------- /api/testdata/csr.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIB0jCCAVcCAQAwgYwxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMR0wGwYDVQQDExRjbG91ZGZsYXJl 5 | LWludGVyLmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABCFZIzSRsH9xdF1iR+8k 6 | ElbcbqAYnYuSTbEOxYcREHGRJd2/v9YhetEwWNmIuisCbgOpyBO9zyFxsnzYU4cO 7 | A/AomW2nJEP7n4M9g8r8clhQz8y6+013jP9MEqf4pqMVnqBLMEkGCSqGSIb3DQEJ 8 | DjE8MDowOAYDVR0RBDEwL4IUY2xvdWRmbGFyZS1pbnRlci5jb22CF3d3d2Nsb3Vk 9 | ZmxhcmUtaW50ZXIuY29tMAoGCCqGSM49BAMDA2kAMGYCMQD6kSGGc3/DeFAWrPUX 10 | qSlnTTm57DpzUoHQE306DfbFB6DFfoORNM5Z98chnZ+Ell4CMQCzYhOvIh3+GPGF 11 | MuYYIAfQV2JG+n7pjfpJ+X1Ee2bOtA4ZO39P9/FTEtJUXt+Ivqw= 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /vendor/github.com/google/certificate-transparency-go/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 5 | 6 | ### Checklist 7 | 8 | 13 | 14 | - [ ] I have updated the [CHANGELOG](CHANGELOG.md). 15 | - Adjust the draft version number according to [semantic versioning](https://semver.org/) rules. 16 | - [ ] I have updated [documentation](docs/) accordingly. 17 | -------------------------------------------------------------------------------- /bundler/testdata/inter-L2.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIB0jCCAVcCAQAwgYwxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMR0wGwYDVQQDExRjbG91ZGZsYXJl 5 | LWludGVyLmNvbTB2MBAGByqGSM49AgEGBSuBBAAiA2IABCFZIzSRsH9xdF1iR+8k 6 | ElbcbqAYnYuSTbEOxYcREHGRJd2/v9YhetEwWNmIuisCbgOpyBO9zyFxsnzYU4cO 7 | A/AomW2nJEP7n4M9g8r8clhQz8y6+013jP9MEqf4pqMVnqBLMEkGCSqGSIb3DQEJ 8 | DjE8MDowOAYDVR0RBDEwL4IUY2xvdWRmbGFyZS1pbnRlci5jb22CF3d3d2Nsb3Vk 9 | ZmxhcmUtaW50ZXIuY29tMAoGCCqGSM49BAMDA2kAMGYCMQD6kSGGc3/DeFAWrPUX 10 | qSlnTTm57DpzUoHQE306DfbFB6DFfoORNM5Z98chnZ+Ell4CMQCzYhOvIh3+GPGF 11 | MuYYIAfQV2JG+n7pjfpJ+X1Ee2bOtA4ZO39P9/FTEtJUXt+Ivqw= 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /vendor/github.com/getsentry/sentry-go/internal/ratelimit/deadline.go: -------------------------------------------------------------------------------- 1 | package ratelimit 2 | 3 | import "time" 4 | 5 | // A Deadline is a time instant when a rate limit expires. 6 | type Deadline time.Time 7 | 8 | // After reports whether the deadline d is after other. 9 | func (d Deadline) After(other Deadline) bool { 10 | return time.Time(d).After(time.Time(other)) 11 | } 12 | 13 | // Equal reports whether d and e represent the same deadline. 14 | func (d Deadline) Equal(e Deadline) bool { 15 | return time.Time(d).Equal(time.Time(e)) 16 | } 17 | 18 | // String returns the deadline formatted for debugging. 19 | func (d Deadline) String() string { 20 | // Like time.Time.String, but without the monotonic clock reading. 21 | return time.Time(d).Round(0).String() 22 | } 23 | -------------------------------------------------------------------------------- /bundler/testdata/client-auth/root.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB3DCCAYKgAwIBAgIUe9lCrcENqlcuEIfCjz5sYf6G55swCgYIKoZIzj0EAwIw 3 | TDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh 4 | biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMjUwMjA4MjE1MTAwWhcN 5 | MzAwMjA3MjE1MTAwWjBMMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p 6 | YTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHUm9vdCBDQTBZMBMG 7 | ByqGSM49AgEGCCqGSM49AwEHA0IABHIGkTTSQv2h0/BShHPKSHgmiCWYwZN/ZcTU 8 | yOXEpVaWI8LRKkILBn3x9rOo+1+/svphVb0p+pCDRjMcbt/kL7qjQjBAMA4GA1Ud 9 | DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR/lo8FWR6MC7sn 10 | PsJJfw5kaUDbCTAKBggqhkjOPQQDAgNIADBFAiAiY3W19EHWVz5wHLkR8PlyqF7h 11 | a610mibj/x4L3zS3hwIhAMU7W0TWc2KEEvOdWMiqx08cqstq5LZp5C/zlP945XHA 12 | -----END CERTIFICATE----- 13 | -------------------------------------------------------------------------------- /vendor/github.com/jmoiron/sqlx/.travis.yml: -------------------------------------------------------------------------------- 1 | # vim: ft=yaml sw=2 ts=2 2 | 3 | language: go 4 | 5 | # enable database services 6 | services: 7 | - mysql 8 | - postgresql 9 | 10 | # create test database 11 | before_install: 12 | - mysql -e 'CREATE DATABASE IF NOT EXISTS sqlxtest;' 13 | - psql -c 'create database sqlxtest;' -U postgres 14 | - go get github.com/mattn/goveralls 15 | - export SQLX_MYSQL_DSN="travis:@/sqlxtest?parseTime=true" 16 | - export SQLX_POSTGRES_DSN="postgres://postgres:@localhost/sqlxtest?sslmode=disable" 17 | - export SQLX_SQLITE_DSN="$HOME/sqlxtest.db" 18 | 19 | # go versions to test 20 | go: 21 | - "1.15.x" 22 | - "1.16.x" 23 | 24 | # run tests w/ coverage 25 | script: 26 | - travis_retry $GOPATH/bin/goveralls -service=travis-ci 27 | -------------------------------------------------------------------------------- /bundler/testdata/cfssl-leaf-ecdsa384.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBzjCCAVQCAQAwgYsxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpDbG91ZEZsYXJl 3 | MRwwGgYDVQQLExNTeXN0ZW1zIEVuZ2luZWVyaW5nMRYwFAYDVQQHEw1TYW4gRnJh 4 | bmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRwwGgYDVQQDExNjbG91ZGZsYXJl 5 | LWxlYWYuY29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE1iK8MOHciKSRv7f86hyK 6 | 3LglBebEs/aeNlOFg21HjLsHGLGnTkouiryC1rPJxwOSW567g5YWemaSPKo9D7Qw 7 | h/8EkqgDhDiI2II39l8Xr3QtH+lk+sxFm5ZIZVvbz3QvoEkwRwYJKoZIhvcNAQkO 8 | MTowODA2BgNVHREELzAtghNjbG91ZGZsYXJlLWxlYWYuY29tghZ3d3djbG91ZGZs 9 | YXJlLWxlYWYuY29tMAoGCCqGSM49BAMDA2gAMGUCMF4FEJtaKJXcrj6ZHxtFGWp2 10 | IIBmMKRctjcQLm46S6toh9oT/TQGvIYBTiyYmxWhVgIxANsA3GzCIPSiwhKiBFxv 11 | 026lKuw4Ci9mlH4pJ7cJnCgSmxHP6jr8O+XovT7SzN1zag== 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /scan/crypto/sha1/example_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package sha1_test 6 | 7 | import ( 8 | "crypto/sha1" 9 | "fmt" 10 | "io" 11 | ) 12 | 13 | func ExampleNew() { 14 | h := sha1.New() 15 | io.WriteString(h, "His money is twice tainted:") 16 | io.WriteString(h, " 'taint yours and 'taint mine.") 17 | fmt.Printf("% x", h.Sum(nil)) 18 | // Output: 59 7f 6a 54 00 10 f9 4c 15 d7 18 06 a9 9a 2c 87 10 e7 47 bd 19 | } 20 | 21 | func ExampleSum() { 22 | data := []byte("This page intentionally left blank.") 23 | fmt.Printf("% x", sha1.Sum(data)) 24 | // Output: af 06 49 23 bb f2 30 15 96 aa c4 c2 73 ba 32 17 8e bc 4a 96 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_aix.go: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build aix 6 | 7 | package cpu 8 | 9 | const ( 10 | // getsystemcfg constants 11 | _SC_IMPL = 2 12 | _IMPL_POWER8 = 0x10000 13 | _IMPL_POWER9 = 0x20000 14 | ) 15 | 16 | func archInit() { 17 | impl := getsystemcfg(_SC_IMPL) 18 | if impl&_IMPL_POWER8 != 0 { 19 | PPC64.IsPOWER8 = true 20 | } 21 | if impl&_IMPL_POWER9 != 0 { 22 | PPC64.IsPOWER8 = true 23 | PPC64.IsPOWER9 = true 24 | } 25 | 26 | Initialized = true 27 | } 28 | 29 | func getsystemcfg(label int) (n uint64) { 30 | r0, _ := callgetsystemcfg(label) 31 | n = uint64(r0) 32 | return 33 | } 34 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package cpu 6 | 7 | func initS390Xbase() { 8 | // get the facilities list 9 | facilities := stfle() 10 | 11 | // mandatory 12 | S390X.HasZARCH = facilities.Has(zarch) 13 | S390X.HasSTFLE = facilities.Has(stflef) 14 | S390X.HasLDISP = facilities.Has(ldisp) 15 | S390X.HasEIMM = facilities.Has(eimm) 16 | 17 | // optional 18 | S390X.HasETF3EH = facilities.Has(etf3eh) 19 | S390X.HasDFP = facilities.Has(dfp) 20 | S390X.HasMSA = facilities.Has(msa) 21 | S390X.HasVX = facilities.Has(vx) 22 | if S390X.HasVX { 23 | S390X.HasVXE = facilities.Has(vxe) 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /api/testdata/cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB7jCCAVmgAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD 3 | bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTEyMDkwNzIyMDAwNFoXDTEzMDkwNzIy 4 | MDUwNFowJjEQMA4GA1UEChMHQWNtZSBDbzESMBAGA1UEAxMJMTI3LjAuMC4xMIGd 5 | MAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1C 6 | MS59jJOLomfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvr 7 | GsNivkRUzXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+ 8 | cqhEvLFbu3MCAwEAAaMyMDAwDgYDVR0PAQH/BAQDAgCgMA0GA1UdDgQGBAQBAgME 9 | MA8GA1UdIwQIMAaABAECAwQwCwYJKoZIhvcNAQEFA4GBABndWRIcfi+QB9Sakr+m 10 | dYnXTgYCnFio53L2Z+6EHTGG+rEhWtUEGhL4p4pzXX4siAnjWvwcgXTo92cafcfi 11 | uB7wRfK+NL9CTJdpN6cdL+fiNHzH8hsl3bj1nL0CSmdn2hkUWVLbLhSgWlib/I8O 12 | aq+K7aVrgHkPnWeRiG6tl+ZA 13 | -----END CERTIFICATE----- 14 | -------------------------------------------------------------------------------- /vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension_omit.go: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2019 Yasuhiro Matsumoto . 2 | // 3 | // Use of this source code is governed by an MIT-style 4 | // license that can be found in the LICENSE file. 5 | 6 | //go:build sqlite_omit_load_extension 7 | // +build sqlite_omit_load_extension 8 | 9 | package sqlite3 10 | 11 | /* 12 | #cgo CFLAGS: -DSQLITE_OMIT_LOAD_EXTENSION 13 | */ 14 | import "C" 15 | import ( 16 | "errors" 17 | ) 18 | 19 | func (c *SQLiteConn) loadExtensions(extensions []string) error { 20 | return errors.New("Extensions have been disabled for static builds") 21 | } 22 | 23 | func (c *SQLiteConn) LoadExtension(lib string, entry string) error { 24 | return errors.New("Extensions have been disabled for static builds") 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/unix/race.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build (darwin && race) || (linux && race) || (freebsd && race) 6 | 7 | package unix 8 | 9 | import ( 10 | "runtime" 11 | "unsafe" 12 | ) 13 | 14 | const raceenabled = true 15 | 16 | func raceAcquire(addr unsafe.Pointer) { 17 | runtime.RaceAcquire(addr) 18 | } 19 | 20 | func raceReleaseMerge(addr unsafe.Pointer) { 21 | runtime.RaceReleaseMerge(addr) 22 | } 23 | 24 | func raceReadRange(addr unsafe.Pointer, len int) { 25 | runtime.RaceReadRange(addr, len) 26 | } 27 | 28 | func raceWriteRange(addr unsafe.Pointer, len int) { 29 | runtime.RaceWriteRange(addr, len) 30 | } 31 | -------------------------------------------------------------------------------- /helpers/testdata/cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB7DCCAZKgAwIBAgIIE/Qz49ebG7kwCgYIKoZIzj0EAwIwTDELMAkGA1UEBhMC 3 | VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x 4 | EDAOBgNVBAoTB2FjbWUuY28wHhcNMTcwNTIzMTk1MTQ0WhcNMTcwODIzMDE1NjQ0 5 | WjBMMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN 6 | U2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHYWNtZS5jbzBZMBMGByqGSM49AgEGCCqG 7 | SM49AwEHA0IABEW8F+k/avvdBm/KRsuDnTZ3p+VuVdsqDF+aD9nIYeOhx5sj574y 8 | hEIZOpgbEsi3BvqY63y2jYyPFodf25+CA9GjXjBcMA4GA1UdDwEB/wQEAwIFoDAd 9 | BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV 10 | HQ4EFgQUzDpu+HN89EC1M8aNl7f0Ln5JnnIwCgYIKoZIzj0EAwIDSAAwRQIgC4/r 11 | urbw/pzE3LDA6GpIts6TVyzgftLLEfU2BzQsjp0CIQDo+sn8t7XC6JN4KKRr2ABl 12 | ZI+JifgG+2KCy9ln2LxGJQ== 13 | -----END CERTIFICATE----- 14 | -------------------------------------------------------------------------------- /transport/roots/system/nilref_zero_darwin.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | //go:build cgo && !arm && !arm64 && !ios && go1.10 6 | // +build cgo,!arm,!arm64,!ios,go1.10 7 | 8 | package system 9 | 10 | /* 11 | #cgo LDFLAGS: -framework CoreFoundation -framework Security 12 | #include 13 | */ 14 | import "C" 15 | 16 | // For Go versions >= 1.10, nil values for Apple's CoreFoundation 17 | // CF*Ref types are represented by zero. See: 18 | // https://github.com/golang/go/commit/b868616b63a8 19 | func setNilCFRef(v *C.CFDataRef) { 20 | *v = 0 21 | } 22 | 23 | func isNilCFRef(v C.CFDataRef) bool { 24 | return v == 0 25 | } 26 | -------------------------------------------------------------------------------- /vendor/bitbucket.org/liamstask/goose/lib/goose/util.go: -------------------------------------------------------------------------------- 1 | package goose 2 | 3 | import ( 4 | "io" 5 | "os" 6 | "text/template" 7 | ) 8 | 9 | // common routines 10 | 11 | func writeTemplateToFile(path string, t *template.Template, data interface{}) (string, error) { 12 | f, e := os.Create(path) 13 | if e != nil { 14 | return "", e 15 | } 16 | defer f.Close() 17 | 18 | e = t.Execute(f, data) 19 | if e != nil { 20 | return "", e 21 | } 22 | 23 | return f.Name(), nil 24 | } 25 | 26 | func copyFile(dst, src string) (int64, error) { 27 | sf, err := os.Open(src) 28 | if err != nil { 29 | return 0, err 30 | } 31 | defer sf.Close() 32 | 33 | df, err := os.Create(dst) 34 | if err != nil { 35 | return 0, err 36 | } 37 | defer df.Close() 38 | 39 | return io.Copy(df, sf) 40 | } 41 | -------------------------------------------------------------------------------- /vendor/github.com/jmoiron/sqlx/reflectx/README.md: -------------------------------------------------------------------------------- 1 | # reflectx 2 | 3 | The sqlx package has special reflect needs. In particular, it needs to: 4 | 5 | * be able to map a name to a field 6 | * understand embedded structs 7 | * understand mapping names to fields by a particular tag 8 | * user specified name -> field mapping functions 9 | 10 | These behaviors mimic the behaviors by the standard library marshallers and also the 11 | behavior of standard Go accessors. 12 | 13 | The first two are amply taken care of by `Reflect.Value.FieldByName`, and the third is 14 | addressed by `Reflect.Value.FieldByNameFunc`, but these don't quite understand struct 15 | tags in the ways that are vital to most marshallers, and they are slow. 16 | 17 | This reflectx package extends reflect to achieve these goals. 18 | -------------------------------------------------------------------------------- /vendor/github.com/pelletier/go-toml/Makefile: -------------------------------------------------------------------------------- 1 | export CGO_ENABLED=0 2 | go := go 3 | go.goos ?= $(shell echo `go version`|cut -f4 -d ' '|cut -d '/' -f1) 4 | go.goarch ?= $(shell echo `go version`|cut -f4 -d ' '|cut -d '/' -f2) 5 | 6 | out.tools := tomll tomljson jsontoml 7 | out.dist := $(out.tools:=_$(go.goos)_$(go.goarch).tar.xz) 8 | sources := $(wildcard **/*.go) 9 | 10 | 11 | .PHONY: 12 | tools: $(out.tools) 13 | 14 | $(out.tools): $(sources) 15 | GOOS=$(go.goos) GOARCH=$(go.goarch) $(go) build ./cmd/$@ 16 | 17 | .PHONY: 18 | dist: $(out.dist) 19 | 20 | $(out.dist):%_$(go.goos)_$(go.goarch).tar.xz: % 21 | if [ "$(go.goos)" = "windows" ]; then \ 22 | tar -cJf $@ $^.exe; \ 23 | else \ 24 | tar -cJf $@ $^; \ 25 | fi 26 | 27 | .PHONY: 28 | clean: 29 | rm -rf $(out.tools) $(out.dist) 30 | --------------------------------------------------------------------------------