zishuo/golib
1
0
Fork 0
mirror of https://github.com/nabbar/golib.git synced 2025-10-08 09:10:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
golib/test/test-https-bench/cert.go
Nicolas JUHEL 9ca3530b1d Package Config/component/LDAP: 
- replace mutex by atomic
- fix minor bugs & optimize code

Package Size:
- add function 'mul' allowing do a multiplaction on the size value by a float64 given value (could use another size.float64)
- add function 'div' allowing do a division of the size value by a float64 given value (could use another size.float64)
- add function 'add' allowing do an addtion of the size value with a uint64 given value (could use another size.uint64)
- add function 'sub' allowing do an substraction of the size value with a uint64 given value (could use another size.uint64)

Package Encoding:
- rework completly crypt package to new package encoding
- part aes of old crypt become new subpackage encoding/aes
- part hex of old crypt (associated with aes) become new standalone subpackage encoding/hexa
- adding new subpackage mux to use multiplexer/de-multiplexer of io stream
- mux is different of multireader / multiwriter in way as io send from mux in one channel will be received only in the coresponding channel  of de-mux
- mux is encoding subpackage becauxse based on hex + cbor marshalling / unmarshalling
- all subpackage can be used directly of by io reader / writer

Package Socket/server
- rework server to use as possible direct io to con
- rework server to optimize & fix managment (context / shutdown...)
- rework server to stop connection befor stopping server
- rework server to not load incoming and send it to handler by allowing handler to manager io input/output directly
- server not more used buff internally (less memory consuption)
- adding counter of opened connection
- adding some testing who's checking server & client for each protocol

Package Socket/client
- rework client to allow connect to server before reading/writing on io stream
- rework client to allow consum direct io stream instead of reading locally / call function
- rework client to allow having less memory consumption by removing internal buffer
- rework client allowing to use root io function (bufio, io copy, ...)

Package Socket/multi
- adding new subpackage multi to simplfy using of 1 reader / x writer
- if no writer is define, using an extended io discard
- allowing asynch instancing, populate writer and calling main writer
- allowing calling writer / reader to expose the main io reader / writer

Package Socket/delim:
- adding new subpackage delim to simplify using of bufio reader with delimiter
- using 1 writer / 1 reader
- allowing root io function like readwritecloser, writeto, ...
- use local buffer to prevent race if reader and writer are not is same process

Package PProf:
- fix missing \n in message

Package HttpServer:
- fix bug with init TLS & http2

Other:
- bump dependencies
2024-03-23 15:33:24 +01:00

122 lines
3.2 KiB
Go
Raw Permalink Blame History

/*
* MIT License
*
* Copyright (c) 2024 Nicolas JUHEL
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
*
*/
package main
import (
"bytes"
"crypto/ed25519"
"crypto/rand"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"math/big"
"net"
"time"
)
// extract of src/crypto/tls/generate_cert.go
func pubKey(priv any) any {
switch k := priv.(type) {
case *rsa.PrivateKey:
return &k.PublicKey
case ed25519.PrivateKey:
return k.Public().(ed25519.PublicKey)
default:
return nil
}
}
func getCert(priv any) ([]byte, error) {
var (
err error
now = time.Now()
tpl *x509.Certificate
ser *big.Int
srl = new(big.Int).Lsh(big.NewInt(1), 128)
)
if ser, err = rand.Int(rand.Reader, srl); err != nil {
return nil, err
}
tpl = &x509.Certificate{
SerialNumber: ser,
Subject: pkix.Name{
Organization: []string{"Acme Co"},
},
NotBefore: now,
NotAfter: now.Add(365 * 24 * time.Hour),
KeyUsage: x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
IPAddresses: append(make([]net.IP, 0), net.ParseIP("127.0.0.1"), net.ParseIP("::1")),
DNSNames: append(make([]string, 0), "localhost"),
}
if _, isRSA := priv.(*rsa.PrivateKey); isRSA {
tpl.KeyUsage |= x509.KeyUsageKeyEncipherment
}
return x509.CreateCertificate(rand.Reader, tpl, tpl, pubKey(priv), priv)
}
func genTLSCertificate(ed bool) (tls.Certificate, error) {
var (
err error
priv any
cert []byte
pvbt []byte
bufKey = bytes.NewBuffer(make([]byte, 0))
bufCrt = bytes.NewBuffer(make([]byte, 0))
)
if ed {
_, priv, err = ed25519.GenerateKey(rand.Reader)
} else {
priv, err = rsa.GenerateKey(rand.Reader, 4096)
}
if err != nil {
panic(err)
} else if cert, err = getCert(priv); err != nil {
panic(err)
} else if err = pem.Encode(bufCrt, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
panic(err)
} else if pvbt, err = x509.MarshalPKCS8PrivateKey(priv); err != nil {
panic(err)
} else if err = pem.Encode(bufKey, &pem.Block{Type: "PRIVATE KEY", Bytes: pvbt}); err != nil {
panic(err)
}
return tls.X509KeyPair(bufCrt.Bytes(), bufKey.Bytes())
}
Reference in New Issue View Git Blame Copy Permalink