forked from quic-go/quic-go
create interface for crypto.CertManager
This commit is contained in:
Marten Seemann
@@ -7,14 +7,26 @@ import (
|
||||
)
|
||||
|
||||
// CertManager manages the certificates sent by the server
|
||||
type CertManager struct {
|
||||
type CertManager interface {
|
||||
SetData([]byte) error
|
||||
GetLeafCert() []byte
|
||||
}
|
||||
|
||||
type certManager struct {
|
||||
chain [][]byte
|
||||
}
|
||||
|
||||
var _ CertManager = &certManager{}
|
||||
|
||||
var errNoCertificateChain = errors.New("No certicifate chain loaded")
|
||||
|
||||
// NewCertManager creates a new CertManager
|
||||
func NewCertManager() CertManager {
|
||||
return &certManager{}
|
||||
}
|
||||
|
||||
// SetData takes the byte-slice sent in the SHLO and decompresses it into the certificate chain
|
||||
func (c *CertManager) SetData(data []byte) error {
|
||||
func (c *certManager) SetData(data []byte) error {
|
||||
chain, err := decompressChain(data)
|
||||
if err != nil {
|
||||
return qerr.ProofInvalid
|
||||
@@ -26,7 +38,7 @@ func (c *CertManager) SetData(data []byte) error {
|
||||
|
||||
// GetLeafCert returns the leaf certificate of the certificate chain
|
||||
// it errors if the certificate chain has not yet been set
|
||||
func (c *CertManager) GetLeafCert() []byte {
|
||||
func (c *certManager) GetLeafCert() []byte {
|
||||
if len(c.chain) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -7,10 +7,10 @@ import (
|
||||
)
|
||||
|
||||
var _ = Describe("Cert Manager", func() {
|
||||
var cm *CertManager
|
||||
var cm *certManager
|
||||
|
||||
BeforeEach(func() {
|
||||
cm = &CertManager{}
|
||||
cm = NewCertManager().(*certManager)
|
||||
})
|
||||
|
||||
It("errors when given invalid data", func() {
|
||||
|
||||
@@ -27,7 +27,7 @@ type cryptoSetupClient struct {
|
||||
nonc []byte
|
||||
diversificationNonce []byte
|
||||
lastSentCHLO []byte
|
||||
certManager *crypto.CertManager
|
||||
certManager crypto.CertManager
|
||||
}
|
||||
|
||||
var _ crypto.AEAD = &cryptoSetupClient{}
|
||||
@@ -49,7 +49,7 @@ func NewCryptoSetupClient(
|
||||
connID: connID,
|
||||
version: version,
|
||||
cryptoStream: cryptoStream,
|
||||
certManager: &crypto.CertManager{},
|
||||
certManager: crypto.NewCertManager(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -11,15 +11,32 @@ import (
|
||||
. "github.com/onsi/gomega"
|
||||
)
|
||||
|
||||
type mockCertManager struct {
|
||||
setDataCalledWith []byte
|
||||
leafCert []byte
|
||||
}
|
||||
|
||||
func (m *mockCertManager) SetData(data []byte) error {
|
||||
m.setDataCalledWith = data
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *mockCertManager) GetLeafCert() []byte {
|
||||
return m.leafCert
|
||||
}
|
||||
|
||||
var _ = Describe("Crypto setup", func() {
|
||||
var cs *cryptoSetupClient
|
||||
var certManager *mockCertManager
|
||||
var stream *mockStream
|
||||
|
||||
BeforeEach(func() {
|
||||
stream = &mockStream{}
|
||||
certManager = &mockCertManager{}
|
||||
csInt, err := NewCryptoSetupClient(0, protocol.Version36, stream)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
cs = csInt.(*cryptoSetupClient)
|
||||
cs.certManager = certManager
|
||||
})
|
||||
|
||||
Context("Reading SHLOs", func() {
|
||||
@@ -64,9 +81,10 @@ var _ = Describe("Crypto setup", func() {
|
||||
})
|
||||
|
||||
It("passes the certificates to the CertManager", func() {
|
||||
tagMap[TagCERT] = []byte("invalid-cert")
|
||||
tagMap[TagCERT] = []byte("cert")
|
||||
err := cs.handleREJMessage(tagMap)
|
||||
Expect(err).To(MatchError(qerr.ProofInvalid))
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(certManager.setDataCalledWith).To(Equal(tagMap[TagCERT]))
|
||||
})
|
||||
|
||||
Context("Reading server configs", func() {
|
||||
|
||||
Reference in New Issue
Block a user