mirrors/XTLS_REALITY
0
0
Fork 0
mirror of https://github.com/XTLS/REALITY.git synced 2025-08-22 14:38:35 +00:00
Code

Generate template signedCert in advance

Browse Source
This commit is contained in:
RPRX 2023-03-06 07:23:16 +00:00 committed by GitHub
parent f90825ddae
commit 6f8fa90c03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
handshake_server_tls13.go
View File

@ -10,6 +10,7 @@ import (
"crypto" "crypto"
"crypto/ed25519" "crypto/ed25519"
"crypto/hmac" "crypto/hmac"
"crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/sha512" "crypto/sha512"
"crypto/x509" "crypto/x509"
@ -46,6 +47,17 @@ type serverHandshakeStateTLS13 struct {
clientFinished []byte clientFinished []byte
} }
var (
ed25519Priv ed25519.PrivateKey
signedCert []byte
)
func init() {
certificate := x509.Certificate{SerialNumber: &big.Int{}}
_, ed25519Priv, _ = ed25519.GenerateKey(rand.Reader)
signedCert, _ = x509.CreateCertificate(rand.Reader, &certificate, &certificate, ed25519.PublicKey(ed25519Priv[32:]), ed25519Priv)
}
func (hs *serverHandshakeStateTLS13) handshake() error { func (hs *serverHandshakeStateTLS13) handshake() error {
c := hs.c c := hs.c
@ -86,17 +98,15 @@ func (hs *serverHandshakeStateTLS13) handshake() error {
} }
*/ */
{ {
certificate := x509.Certificate{SerialNumber: &big.Int{}} signedCert := bytes.Clone(signedCert)
pub, priv, _ := ed25519.GenerateKey(c.config.rand())
signedCert, _ := x509.CreateCertificate(c.config.rand(), &certificate, &certificate, pub, priv)
h := hmac.New(sha512.New, c.AuthKey) h := hmac.New(sha512.New, c.AuthKey)
h.Write(pub) h.Write(ed25519Priv[32:])
h.Sum(signedCert[:len(signedCert)-64]) h.Sum(signedCert[:len(signedCert)-64])
hs.cert = &Certificate{ hs.cert = &Certificate{
Certificate: [][]byte{signedCert}, Certificate: [][]byte{signedCert},
PrivateKey: priv, PrivateKey: ed25519Priv,
} }
hs.sigAlg = Ed25519 hs.sigAlg = Ed25519
} }