GithubHelp home page GithubHelp logo

core's Introduction

pki.io

Hello there. I'm sad to say that I have decided to completely stop working on the pki.io project. I haven't actively worked on it for about a year and don't see this changing any time soon....

The project was started because as a sysadmin I had the need to easily manage and deploy TLS certificates in a secure way. I think the usability and security models of pki.io are still unique and powerful, but this project was started before Let's Encrypt and Netflix's Lemur were announced, so there are probably better alternatives out there now.

On a positive note, writing an open source security tool meant needing to threat model it in a modern, code-driven way. Thus pki.io gave birth to ThreatSpec.org which aims to make continuous threat modelling through code a reality. I'll definitely continue to work on ThreatSpec because it addresses a more general problem and I think that code-driven continuous threat modelling is a natural evolution of security shifting left.

I'd absolutely love it if you could fill out a survey on threat modelling as it would help me define the future of ThreatSpec: https://www.surveymonkey.com/r/N7SR5J6

If you'd like to help out with ThreatSpec, have thoughts or suggestions, check out the site at http://threatspec.org or talk to us on Twitter @ThreatSpec.

So, what's the future for pki.io? Well, I'll leave the source code on GitHub [1]. If you'd like to adopt the project in some way, drop me an email to [email protected]. Also, feel free to email me if you have any questions about pki.io.

Thanks to everyone for your thoughts, feedback, code contributions and support.

Farewell and all the best, Fraser

Open source and scalable X.509 certificate management.

Website: http://pki.io

Wiki: https://github.com/pki-io/pki-io/wiki

Repositories

  • pki-io - This repo containing documentation and wikis
  • admin - Admin command line utility
  • build - Self contained build system using Vagrant
  • web - The pki.io website
  • core - Packages shared between admin, agent and api
  • api - The API service

All other repos are 'vendored' dependencies that have been forked.

Contributing

  • Fork
  • Create branch
  • Make changes
  • Push branch
  • Create Pull Request
  • Optionally create a new topic on mailing list to discuss PR

See also the Developer and Community Guidelines.

core's People

Contributors

jonbonazza avatar kalloc avatar waffle-iron avatar zeroxten avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

jonbonazza kalloc chan2will mindstorms6 bartzjegr 1337mus cyb3renigm4

core's Issues

Could not read file: [...] org.conf leads to crash

Running this command (outside of org directory)
pki.io ca new tlabs-dev --dn-o falcon --dn-ou qa1 --tags consul
leads to

Loading admin app
&{{{0xc20805c480 map[] false {0 0} [true true false false false true] 0xc20805c540 0} 0xc2080749c0 0xc20805b200}}
*************************************************
*                CONGRATULATIONS                *
*************************************************

You may have just found a bug in pki.io :)

Please let us know by raising an issue on GitHub here: https://github.com/pki-io/core/issues

Or by dropping an email to: [email protected]

If possible, please include this full error message, including the below panic,
and anything else relevant like what command you ran.

Many thanks,
The pki.io team

The error was: Couldn't read org config: Could not read file: open /Users/hvolkmer/Downloads/pki.io/org.conf: no such file or directory


panic: ...

goroutine 1 [running]:
main.checkAppFatal(0x4dad30, 0x1c, 0xc20802b030, 0x1, 0x1)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/helpers.go:46 +0x22c
main.(*AdminApp).LoadOrgConfig(0xc20805a7c0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/adminApp.go:233 +0x133
main.(*AdminApp).Load(0xc20805a7c0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/adminApp.go:256 +0x106
main.caNew(0xc20808a420, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/runCA.go:25 +0x9b6
main.runCA(0xc20806e090, 0x9, 0x9, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/runCA.go:185 +0x166
main.runCommand(0x7fff5fbff74f, 0x2, 0xc208060300, 0x8, 0x8, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/pki.io.go:69 +0x321
main.main()
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/pki.io.go:52 +0x4b7

goroutine 5 [semacquire]:
sync.(*Cond).Wait(0xc20805a3c0)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c180, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c180)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 6 [semacquire]:
sync.(*Cond).Wait(0xc20805a880)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c300, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c300)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 7 [runnable]:
sync.(*Cond).Wait(0xc20805b200)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c4e0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c4e0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

Expected behavior in this case: Show error message about missing config file w/o crashing

I use this version: pki.io 0.1.1-release1 on Mac OS X

[crypto] Consider using larger shared key sizes

Current 128 bit random keys are used to match 128 bit security level provided by AES-256. Could increase the shared key size to 256 bits and maybe reduce the ID size from 128 bits to 64 bits.

[x509] Apply cert naming policy

The CA supports a DN scope that can be used for enforce a naming scheme on the client certs.

Need to allow this to be used when creating a CA on the command line.

[crypto] Comment the eciesEncrypt and decrypt functions

Could be clearer with what it is doing, either providing a reference to how EC IES should be implemented, or commenting the code with a description of what and why. Crypto implementations are notoriously hard to get right, so we need to maximise transparency.

[x509] Request: SubjectAltName support

WebID Protocol has existed for a number of years, it enables decentralized web friendly client authentication. Users authenticate over HTTP+TLS by presenting a certificate with a subjectAltName (SAN) containing a URI Identifier (a WebID) which can be used as a name for the person, for example http://www.w3.org/People/Berners-Lee/card#i is Sir Tim Berners-Lee's WebID.

subjectAltName is reasonably hard to configure with openssl tooling, requiring the SAN to be specified in the openssl.cnf file (re configure for every certificate created!)

Please, please, support certificate extensions easily, especially subjectAltName.

Thank you.

[crypto] Make keys map easier to use

At the moment you have to manually build the map using the ID and key. Would be nice to provide a method that returns a pre-made map, perhaps even merging with an existing map if provided.

E.g.

keys := new(map[string]string)
entityA.PublicKeys(keys)
entityB.PublicKeys(keys)

ECIES encryption/decryption code is not correct

While the encryption works as far as the tests are concerned, the key derivation function is broken. It returns an array of 32 0's, which is obviously incorrect. What this means is, regardless of public or private key, the AES key will always be 16 0's. Not exactly secure. :P I tried switching it to use the existing ExpandKey() function (which I didn't even realize we had), but some other issues creep up when using that. I need to revisit the ECIES encryption/decryption code in its entirety. I will add any documentation I use in the process to the comments.

Need to use some sort of dependency version control

When I was working with the code for my recent PR, things wouldn't build because gojsonschema changed its interfaces. In my PR, I took the liberty of updating the code to use the new interfaces.

You should look into a more robust dependency management solution such as Goop as 'go get' doesn't support version freezing. Supporting Goop in particular is just a matter of adding a single file to the repo, so it's not very intrusive either. This would allow you to always build using the same versions of your dependencies.

I managed to get a "corrupt" org and I have no idea how

Unfortunately I thought I knew what I'd done, so I just deleted it after saving this one error. Worst users ever.

I believe what I did was:

pki.io init foo
cd foo
pki.io ca list

...but that obviously doesn't reproduce the problem right now, on exactly the same machine / name / setup / etc.

% pki.io ca list
&{{{0xc20805a480 map[] false {0 0} [true true false false false true] 0xc20805a540 0} 0xc20807a9c0 0xc208069180}}
Loading admin app
Loading admin config
Loading admin entity
Loading org entity
*************************************************
[..]
The error was: Could not decrypt container: Could not decrypt: Could not decrypt container: Can't initialise cipher: crypto/aes: invalid key size 0


panic: ...

goroutine 1 [running]:
main.checkAppFatal(0x8d8910, 0x1f, 0xc2080b8400, 0x1, 0x1)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/helpers.go:44 +0x214
main.(*AdminApp).LoadOrgEntity(0xc208068680)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/adminApp.go:208 +0x91a
main.(*AdminApp).Load(0xc208068680)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/adminApp.go:261 +0x14c
main.caList(0xc20809e000, 0x0, 0x0)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/runCA.go:77 +0x60
main.runCA(0xc20809d200, 0x2, 0x2, 0x0, 0x0)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/runCA.go:187 +0x21b
main.runCommand(0x7fffa822e78a, 0x2, 0xc20802b550, 0x1, 0x1, 0x0, 0x0)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/pki.io.go:69 +0x321
main.main()
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/pki.io.go:52 +0x4b7

goroutine 5 [runnable]:
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805a1e0)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:61
created by github.com/cihub/seelog.newAsyncLoopLogger
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 6 [runnable]:
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805a300)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:61
created by github.com/cihub/seelog.newAsyncLoopLogger
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 7 [runnable]:
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805a4e0)
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:61
created by github.com/cihub/seelog.newAsyncLoopLogger
    /tmp/tmp.Yo5NzUr1SO/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

DoS due to parsing documents

Before a message can be verified, it still has to be parsed. Need to look at protecting against nested or large (or any other logic) documents that could cause a DoS when parsed.

Document memory safety limitations

At the moment we don't wipe/zero memory containing sensitive data. Also we don't/can't set memory to non-paged.

Need to document it as part of the threat model.

[x509] Request: Support EC private keys.

RSA is just not good enough these days. I would love to see EC support. This would make pitching the use of this software to our security team much easier. =)

[config] Get rid of global config

Gone off the idea. Instead just have a config file in the directory that scopes the org/admin etc.

e.g.

/path/to/org1
  .pki.io.conf
  public
  private
/path/to/org2
  .pki.io.conf
  public
  private

ECIES error

Just got a random one-off error

[file-structure][fscott@ukm043583 test-org]$ gom run ../*.go node new server1 --pairing-id 6f18aad6be59961dd81695686d1f7c5b --pairing-key a88077882a6bc6d6ed9997b21deb8593
Loading admin app
Loading admin entity
Loading org entity
Creating new node
Generating node keys
Encrypting node for org
Could encrypt and authenticate node: Couldn't encrypt content: Could not encrypt container: Could not group encrypt: ecies: shared key is too big:
panic: Could encrypt and authenticate node: Couldn't encrypt content: Could not encrypt container: Could not group encrypt: ecies: shared key is too big:
...

Running the same command again worked.

Referencing a non existing CA will crash pki binary

command:
pki.io cert new some.cn --expiry 120 --ca non-existing-ca --export testx.tar.gz

The error was: Couldn't get CA id: key non-existing-ca does not exist


panic: ...

goroutine 1 [running]:
main.checkAppFatal(0x4b93b0, 0x16, 0xc20802b130, 0x1, 0x1)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/helpers.go:46 +0x22c
main.certNew(0xc20808ff20, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/runCert.go:75 +0x1c5d
main.runCert(0xc20803ea90, 0xd, 0xd, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/runCert.go:129 +0x162
main.runCommand(0x7fff5fbff71f, 0x4, 0xc20806e300, 0xc, 0x10, 0x0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/pki.io.go:71 +0x3a2
main.main()
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/pki.io.go:52 +0x4b7

goroutine 5 [semacquire]:
sync.(*Cond).Wait(0xc20805a580)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c180, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c180)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 6 [semacquire]:
sync.(*Cond).Wait(0xc20805a880)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c300, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c300)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

goroutine 7 [runnable]:
sync.(*Cond).Wait(0xc20805b300)
    /usr/local/go/src/sync/cond.go:62 +0x9e
github.com/cihub/seelog.(*asyncLoopLogger).processItem(0xc20805c5a0, 0x0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:50 +0xc2
github.com/cihub/seelog.(*asyncLoopLogger).processQueue(0xc20805c5a0)
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:63 +0x31
created by github.com/cihub/seelog.newAsyncLoopLogger
    /var/folders/n1/4ss_2rt10396zylvvdsjqv5cm4l758/T/tmp.qwP1TKnYGq/go/src/github.com/pki-io/admin/_vendor/src/github.com/cihub/seelog/behavior_asynclooplogger.go:40 +0x8e

Expected behavior: Message about non-existing CA without crash

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.