forked from quic-go/quic-go
Lucas Clemente
42
crypto/cert_cache.go
Normal file
42
crypto/cert_cache.go
Normal file
@@ -0,0 +1,42 @@
|
||||
package crypto
|
||||
|
||||
import (
|
||||
"hash/fnv"
|
||||
"sync"
|
||||
)
|
||||
|
||||
var (
|
||||
compressedCertsCache = map[uint64][]byte{}
|
||||
compressedCertsCacheMutex sync.RWMutex
|
||||
)
|
||||
|
||||
func getCompressedCert(chain [][]byte, pCommonSetHashes, pCachedHashes []byte) ([]byte, error) {
|
||||
// Hash all inputs
|
||||
hash := fnv.New64a()
|
||||
for _, v := range chain {
|
||||
hash.Write(v)
|
||||
}
|
||||
hash.Write(pCommonSetHashes)
|
||||
hash.Write(pCachedHashes)
|
||||
hashRes := hash.Sum64()
|
||||
|
||||
compressedCertsCacheMutex.RLock()
|
||||
result, isCached := compressedCertsCache[hashRes]
|
||||
compressedCertsCacheMutex.RUnlock()
|
||||
if isCached {
|
||||
return result, nil
|
||||
}
|
||||
|
||||
compressedCertsCacheMutex.Lock()
|
||||
defer compressedCertsCacheMutex.Unlock()
|
||||
result, isCached = compressedCertsCache[hashRes]
|
||||
if isCached {
|
||||
return result, nil
|
||||
}
|
||||
cached, err := compressChain(chain, pCommonSetHashes, pCachedHashes)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
compressedCertsCache[hashRes] = cached
|
||||
return cached, nil
|
||||
}
|
||||
39
crypto/cert_cache_test.go
Normal file
39
crypto/cert_cache_test.go
Normal file
@@ -0,0 +1,39 @@
|
||||
package crypto
|
||||
|
||||
import (
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
)
|
||||
|
||||
var _ = Describe("Certificate cache", func() {
|
||||
BeforeEach(func() {
|
||||
compressedCertsCache = map[uint64][]byte{}
|
||||
})
|
||||
|
||||
It("gives a compressed cert", func() {
|
||||
chain := [][]byte{{0xde, 0xca, 0xfb, 0xad}}
|
||||
expected, err := compressChain(chain, nil, nil)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
compressed, err := getCompressedCert(chain, nil, nil)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(compressed).To(Equal(expected))
|
||||
})
|
||||
|
||||
It("gets the same result multiple times", func() {
|
||||
chain := [][]byte{{0xde, 0xca, 0xfb, 0xad}}
|
||||
compressed, err := getCompressedCert(chain, nil, nil)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
compressed2, err := getCompressedCert(chain, nil, nil)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
Expect(compressed).To(Equal(compressed2))
|
||||
})
|
||||
|
||||
It("stores cached values", func() {
|
||||
Expect(compressedCertsCache).To(HaveLen(0))
|
||||
chain := [][]byte{{0xde, 0xca, 0xfb, 0xad}}
|
||||
compressed, err := getCompressedCert(chain, nil, nil)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
Expect(compressedCertsCache).To(HaveLen(1))
|
||||
Expect(compressedCertsCache[3838929964809501833]).To(Equal(compressed))
|
||||
})
|
||||
})
|
||||
@@ -59,7 +59,7 @@ func (ps *proofSource) GetCertsCompressed(sni string, pCommonSetHashes, pCachedH
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return compressChain(cert.Certificate, pCommonSetHashes, pCachedHashes)
|
||||
return getCompressedCert(cert.Certificate, pCommonSetHashes, pCachedHashes)
|
||||
}
|
||||
|
||||
// GetLeafCert gets the leaf certificate
|
||||
|
||||
Reference in New Issue
Block a user