LEFT | RIGHT |
1 // Copyright 2009 The Go Authors. All rights reserved. | 1 // Copyright 2009 The Go Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
4 | 4 |
5 // This package partially implements the TLS 1.1 protocol, as specified in RFC 4
346. | 5 // This package partially implements the TLS 1.1 protocol, as specified in RFC 4
346. |
6 package tls | 6 package tls |
7 | 7 |
8 import ( | 8 import ( |
9 "io/ioutil" | 9 "io/ioutil" |
10 "net" | 10 "net" |
11 "os" | 11 "os" |
12 "encoding/pem" | 12 "encoding/pem" |
13 "crypto/rsa" | 13 "crypto/rsa" |
14 "crypto/x509" | 14 "crypto/x509" |
15 "fmt" | |
16 ) | 15 ) |
17 | 16 |
18 func Server(conn net.Conn, config *Config) *Conn { | 17 func Server(conn net.Conn, config *Config) *Conn { |
19 return &Conn{conn: conn, config: config} | 18 return &Conn{conn: conn, config: config} |
20 } | 19 } |
21 | 20 |
22 func Client(conn net.Conn, config *Config) *Conn { | 21 func Client(conn net.Conn, config *Config) *Conn { |
23 return &Conn{conn: conn, config: config, isClient: true} | 22 return &Conn{conn: conn, config: config, isClient: true} |
24 } | 23 } |
25 | 24 |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
105 | 104 |
106 cert.PrivateKey = key | 105 cert.PrivateKey = key |
107 | 106 |
108 // We don't need to parse the public key for TLS, but we so do anyway | 107 // We don't need to parse the public key for TLS, but we so do anyway |
109 // to check that it looks sane and matches the private key. | 108 // to check that it looks sane and matches the private key. |
110 x509Cert, err := x509.ParseCertificate(certDERBlock.Bytes) | 109 x509Cert, err := x509.ParseCertificate(certDERBlock.Bytes) |
111 if err != nil { | 110 if err != nil { |
112 return | 111 return |
113 } | 112 } |
114 | 113 |
115 » if x509Cert.PublicKeyAlgorithm != x509.RSA || | 114 » if x509Cert.PublicKeyAlgorithm != x509.RSA || x509Cert.PublicKey.(*rsa.P
ublicKey).N.Cmp(key.PublicKey.N) != 0 { |
116 » » x509Cert.PublicKey.(*rsa.PublicKey).N.Cmp(key.PublicKey.N) != 0
{ | |
117 » » fmt.Printf("%d %v %v\n", x509Cert.PublicKeyAlgorithm, x509Cert.P
ublicKey.(*rsa.PublicKey).N, key.PublicKey.N) | |
118 err = os.ErrorString("Private key does not match public key") | 115 err = os.ErrorString("Private key does not match public key") |
119 return | 116 return |
120 } | 117 } |
121 | 118 |
122 return | 119 return |
123 } | 120 } |
LEFT | RIGHT |