update mint, and adapt to the new use of the extension handler

2018-02-01 10:57:02 +08:00
parent 65eaf8131d
commit 1cc209e4fb
17 changed files with 362 additions and 340 deletions
--- a/vendor/github.com/bifurcation/mint/crypto.go
+++ b/vendor/github.com/bifurcation/mint/crypto.go
@@ -11,11 +11,9 @@ import (
 	"crypto/rand"
 	"crypto/rsa"
 	"crypto/x509"
-	"crypto/x509/pkix"
 	"encoding/asn1"
 	"fmt"
 	"math/big"
-	"time"

 	"golang.org/x/crypto/curve25519"

@@ -331,40 +329,6 @@ func newSigningKey(sig SignatureScheme) (crypto.Signer, error) {
 	}
 }

-func newSelfSigned(name string, alg SignatureScheme, priv crypto.Signer) (*x509.Certificate, error) {
-	sigAlg, ok := x509AlgMap[alg]
-	if !ok {
-		return nil, fmt.Errorf("tls.selfsigned: Unknown signature algorithm [%04x]", alg)
-	}
-	if len(name) == 0 {
-		return nil, fmt.Errorf("tls.selfsigned: No name provided")
-	}
-
-	serial, err := rand.Int(rand.Reader, big.NewInt(0xA0A0A0A0))
-	if err != nil {
-		return nil, err
-	}
-
-	template := &x509.Certificate{
-		SerialNumber:       serial,
-		NotBefore:          time.Now(),
-		NotAfter:           time.Now().AddDate(0, 0, 1),
-		SignatureAlgorithm: sigAlg,
-		Subject:            pkix.Name{CommonName: name},
-		DNSNames:           []string{name},
-		KeyUsage:           x509.KeyUsageDigitalSignature | x509.KeyUsageKeyAgreement | x509.KeyUsageKeyEncipherment,
-		ExtKeyUsage:        []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
-	}
-	der, err := x509.CreateCertificate(prng, template, template, priv.Public(), priv)
-	if err != nil {
-		return nil, err
-	}
-
-	// It is safe to ignore the error here because we're parsing known-good data
-	cert, _ := x509.ParseCertificate(der)
-	return cert, nil
-}
-
 // XXX(rlb): Copied from crypto/x509
 type ecdsaSignature struct {
 	R, S *big.Int