~samwhited/xmpp

b70836baae663844f115f78ad8e29159a67b84f8 — Sam Whited a month ago d873124
internal/integration: add client cert creation

Signed-off-by: Sam Whited <sam@samwhited.com>
1 files changed, 26 insertions(+), 0 deletions(-)

M internal/integration/integration.go
M internal/integration/integration.go => internal/integration/integration.go +26 -0
@@ 13,6 13,7 @@ import (
	"context"
	"crypto/rand"
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	"encoding/pem"
	"errors"


@@ 91,6 92,31 @@ func New(ctx context.Context, name string, opts ...Option) (*Cmd, error) {
	return cmd, nil
}

// ClientCert generates and returns a client certificate.
func (cmd *Cmd) ClientCert(name string) (cert tls.Certificate, err error) {
	key, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		return cert, err
	}
	crt := &x509.Certificate{
		SerialNumber: big.NewInt(1),
		NotBefore:    time.Now(),
		NotAfter:     time.Now().Add(365 * 24 * time.Hour),
		DNSNames:     []string{name},
		ExtKeyUsage:  []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
	}
	crtBytes, err := x509.CreateCertificate(rand.Reader, crt, crt, key.Public(), key)
	if err != nil {
		return cert, err
	}
	return tls.Certificate{
		Certificate: [][]byte{
			crtBytes,
		},
		PrivateKey: key,
	}, nil
}

// C2SListen returns a listener with a random port.
// The listener is created on the first call to C2SListener.
// Subsequent calls ignore the arguments and return the existing listener.