quic explorations

author: atanarjuat <atanarjuat@example.com> 2022-05-30 13:37:16 +0200
committer: atanarjuat <atanarjuat@example.com> 2022-05-30 13:37:16 +0200
commit: 50c5fdc8a15f37d506292b02eef992e83752152b (patch)
tree: 2c711b8f0e96f77c9317235e14ff2058f32a7962 /tls.go
parent: 6e531a35a57887d0b5764f34e16225ffdf0ee8e7 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/tls.go b/tls.go
new file mode 100644
index 0000000..de560e1
--- /dev/null
+++ b/tls.go
@@ -0,0 +1,34 @@
+package obfsvpn
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/pem"
+	"math/big"
+)
+
+// Setup a bare-bones TLS config for the server
+func generateTLSConfig() *tls.Config {
+	key, err := rsa.GenerateKey(rand.Reader, 1024)
+	if err != nil {
+		panic(err)
+	}
+	template := x509.Certificate{SerialNumber: big.NewInt(1)}
+	certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &key.PublicKey, key)
+	if err != nil {
+		panic(err)
+	}
+	keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)})
+	certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})
+
+	tlsCert, err := tls.X509KeyPair(certPEM, keyPEM)
+	if err != nil {
+		panic(err)
+	}
+	return &tls.Config{
+		Certificates: []tls.Certificate{tlsCert},
+		NextProtos:   []string{"quic-echo-example"},
+	}
+}
author	atanarjuat <atanarjuat@example.com>	2022-05-30 13:37:16 +0200
committer	atanarjuat <atanarjuat@example.com>	2022-05-30 13:37:16 +0200
commit	50c5fdc8a15f37d506292b02eef992e83752152b (patch)
tree	2c711b8f0e96f77c9317235e14ff2058f32a7962 /tls.go
parent	6e531a35a57887d0b5764f34e16225ffdf0ee8e7 (diff)