gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
Files
97187c5a3199d1d330464d49f2fae08e9f63f6bb
quic-go/crypto/proof_rsa.go
Lucas Clemente 97187c5a31 fix proof signature algorithm
2016-04-12 12:16:46 +02:00

54 lines
1.3 KiB
Go
Raw Blame History

package crypto
import (
"bytes"
"compress/zlib"
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"io/ioutil"
"github.com/lucas-clemente/quic-go/utils"
)
// KeyData stores a key and a certificate for the server proof
type KeyData struct {
key *rsa.PrivateKey
cert *x509.Certificate
}
// LoadKeyData loads the key and cert from files
func LoadKeyData(certFileName string, keyFileName string) (*KeyData, error) {
keyDER, err := ioutil.ReadFile(keyFileName)
if err != nil {
return nil, err
}
key, err := x509.ParsePKCS1PrivateKey(keyDER)
if err != nil {
return nil, err
}
certDER, err := ioutil.ReadFile(certFileName)
if err != nil {
return nil, err
}
cert, err := x509.ParseCertificate(certDER)
if err != nil {
return nil, err
}
return &KeyData{key: key, cert: cert}, nil
}
// SignServerProof signs CHLO and server config for use in the server proof
func (kd *KeyData) SignServerProof(chlo []byte, serverConfigData []byte) ([]byte, error) {
hash := sha256.New()
hash.Write([]byte("QUIC CHLO and server config signature\x00"))
chloHash := sha256.Sum256(chlo)
hash.Write([]byte{32, 0, 0, 0})
hash.Write(chloHash[:])
hash.Write(serverConfigData)
return rsa.SignPSS(rand.Reader, kd.key, crypto.SHA256, hash.Sum(nil), &rsa.PSSOptions{SaltLength: 32})
}
View Git Blame Copy Permalink