github.com/daeuniverse/quic-go@v0.0.0-20240413031024-943f218e0810/internal/testdata/cert.go

github.com/daeuniverse/quic-go@v0.0.0-20240413031024-943f218e0810/internal/testdata/cert.go (about)

     1  package testdata
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  	"os"
     7  	"path"
     8  	"runtime"
     9  )
    10  
    11  var certPath string
    12  
    13  func init() {
    14  	_, filename, _, ok := runtime.Caller(0)
    15  	if !ok {
    16  		panic("Failed to get current frame")
    17  	}
    18  
    19  	certPath = path.Dir(filename)
    20  }
    21  
    22  // GetCertificatePaths returns the paths to certificate and key
    23  func GetCertificatePaths() (string, string) {
    24  	return path.Join(certPath, "cert.pem"), path.Join(certPath, "priv.key")
    25  }
    26  
    27  // GetTLSConfig returns a tls config for quic.clemente.io
    28  func GetTLSConfig() *tls.Config {
    29  	cert, err := tls.LoadX509KeyPair(GetCertificatePaths())
    30  	if err != nil {
    31  		panic(err)
    32  	}
    33  	return &tls.Config{
    34  		MinVersion:   tls.VersionTLS13,
    35  		Certificates: []tls.Certificate{cert},
    36  	}
    37  }
    38  
    39  // AddRootCA adds the root CA certificate to a cert pool
    40  func AddRootCA(certPool *x509.CertPool) {
    41  	caCertPath := path.Join(certPath, "ca.pem")
    42  	caCertRaw, err := os.ReadFile(caCertPath)
    43  	if err != nil {
    44  		panic(err)
    45  	}
    46  	if ok := certPool.AppendCertsFromPEM(caCertRaw); !ok {
    47  		panic("Could not add root ceritificate to pool.")
    48  	}
    49  }
    50  
    51  // GetRootCA returns an x509.CertPool containing (only) the CA certificate
    52  func GetRootCA() *x509.CertPool {
    53  	pool := x509.NewCertPool()
    54  	AddRootCA(pool)
    55  	return pool
    56  }