From 62e2598a8d9f6d0a42f70395f22f0f53a2753678 Mon Sep 17 00:00:00 2001 From: Ciprian Dorin Craciun Date: Tue, 21 Dec 2021 23:16:27 +0200 Subject: [PATCH] [server] Add support for both RSA and Ed25519 embedded self-signed certificates. --- sources/cmd/server/server.go | 40 ++++++++++-- sources/cmd/server/usage.txt | 2 + .../files/tls/server-ed25519-private.pem | 3 + .../files/tls/server-ed25519-public.pem | 43 +++++++++++++ .../lib/server/files/tls/server-private.pem | 28 --------- .../lib/server/files/tls/server-public.pem | 19 ------ .../server/files/tls/server-rsa-private.pem | 28 +++++++++ .../server/files/tls/server-rsa-public.pem | 63 +++++++++++++++++++ sources/lib/server/tls.go | 15 +++-- 9 files changed, 186 insertions(+), 55 deletions(-) create mode 100644 sources/lib/server/files/tls/server-ed25519-private.pem create mode 100644 sources/lib/server/files/tls/server-ed25519-public.pem delete mode 100644 sources/lib/server/files/tls/server-private.pem delete mode 100644 sources/lib/server/files/tls/server-public.pem create mode 100644 sources/lib/server/files/tls/server-rsa-private.pem create mode 100644 sources/lib/server/files/tls/server-rsa-public.pem diff --git a/sources/cmd/server/server.go b/sources/cmd/server/server.go index d800811..cc3d134 100644 --- a/sources/cmd/server/server.go +++ b/sources/cmd/server/server.go @@ -656,6 +656,8 @@ func main_0 () (error) { var _http3AltSvc string var _tlsPrivate string var _tlsPublic string + var _tlsEmbeddedRsa bool + var _tlsEmbeddedEd bool var _archivePath string var _archiveInmem bool var _archiveMmap bool @@ -712,6 +714,8 @@ func main_0 () (error) { _tlsPrivate_0 := _flags.String ("tls-private", "", "") _tlsPublic_0 := _flags.String ("tls-public", "", "") _tlsBundle_0 := _flags.String ("tls-bundle", "", "") + _tlsEmbeddedRsa_0 := _flags.Bool ("tls-self-rsa", false, "") + _tlsEmbeddedEd_0 := _flags.Bool ("tls-self-ed25519", false, "") _processes_0 := _flags.Uint ("processes", 0, "") _threads_0 := _flags.Uint ("threads", 0, "") _slave_0 := _flags.Uint ("slave", 0, "") @@ -779,10 +783,15 @@ func main_0 () (error) { _tlsPrivate = *_tlsPrivate_0 _tlsPublic = *_tlsPublic_0 } + _tlsEmbeddedRsa = *_tlsEmbeddedRsa_0 + _tlsEmbeddedEd = *_tlsEmbeddedEd_0 if ((_tlsPrivate != "") && (_tlsPublic == "")) || ((_tlsPublic != "") && (_tlsPrivate == "")) { AbortError (nil, "[6e5b42e4] TLS private/public must be specified together!") } - if ((_tlsPrivate != "") || (_tlsPublic != "")) && ((_bindTls1 == "") && (_bindTls2 == "") && (_bindQuic == "")) { + if (_tlsPrivate != "") && (_tlsEmbeddedRsa || _tlsEmbeddedEd) { + AbortError (nil, "[3de098d3] TLS self-signed and TLS bundle or TLS private/public are mutually exclusive!") + } + if ((_tlsPrivate != "") || (_tlsPublic != "") || _tlsEmbeddedRsa || _tlsEmbeddedEd) && ((_bindTls1 == "") && (_bindTls2 == "") && (_bindQuic == "")) { AbortError (nil, "[4e31f251] TLS certificate specified, but TLS not enabled!") } @@ -976,6 +985,12 @@ func main_0 () (error) { if _tlsPublic != "" { _processArguments = append (_processArguments, "--tls-public", _tlsPublic) } + if _tlsEmbeddedRsa { + _processArguments = append (_processArguments, "--tls-self-rsa") + } + if _tlsEmbeddedEd { + _processArguments = append (_processArguments, "--tls-self-ed25519") + } if _timeoutDisabled { _processArguments = append (_processArguments, "--timeout-disable") } @@ -1460,10 +1475,27 @@ func main_0 () (error) { } } if len (_tls1Config.Certificates) == 0 { - if !_quiet { - log.Printf ("[ii] [344ba198] [tls.....] no TLS certificate specified; using self-signed!\n") + var _tlsPublic, _tlsPrivate []byte + if _tlsEmbeddedRsa { + if !_quiet { + log.Printf ("[ii] [46ad23d6] [tls.....] using self-signed RSA certificate!\n") + } + _tlsPublic = DefaultTlsRsaCertificatePublic + _tlsPrivate = DefaultTlsRsaCertificatePrivate + } else if _tlsEmbeddedEd { + if !_quiet { + log.Printf ("[ii] [80c7d1b7] [tls.....] using self-signed Ed25519 certificate!\n") + } + _tlsPublic = DefaultTlsEd25519CertificatePublic + _tlsPrivate = DefaultTlsEd25519CertificatePrivate + } else { + if !_quiet { + log.Printf ("[ii] [344ba198] [tls.....] no TLS certificate specified; using self-signed RSA certificate!\n") + } + _tlsPublic = DefaultTlsRsaCertificatePublic + _tlsPrivate = DefaultTlsRsaCertificatePrivate } - if _certificate, _error := tls.X509KeyPair ([]byte (DefaultTlsCertificatePublic), []byte (DefaultTlsCertificatePrivate)); _error == nil { + if _certificate, _error := tls.X509KeyPair (_tlsPublic, _tlsPrivate); _error == nil { _tls1Config.Certificates = append (_tls1Config.Certificates, _certificate) } else { AbortError (_error, "[98ba6d23] [tls.....] failed parsing TLS certificate!") diff --git a/sources/cmd/server/usage.txt b/sources/cmd/server/usage.txt index e3148c5..03f9b7c 100644 --- a/sources/cmd/server/usage.txt +++ b/sources/cmd/server/usage.txt @@ -29,6 +29,8 @@ --tls-bundle (TLS certificate bundle) --tls-public (TLS certificate public) --tls-private (TLS certificate private) + --tls-self-rsa (use self-signed RSA) + --tls-self-ed25519 (use self-signed Ed25519) --processes (of slave processes) --threads (of threads per process) diff --git a/sources/lib/server/files/tls/server-ed25519-private.pem b/sources/lib/server/files/tls/server-ed25519-private.pem new file mode 100644 index 0000000..36e9b1b --- /dev/null +++ b/sources/lib/server/files/tls/server-ed25519-private.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIMQKB9u2kZZ9VbGnZddN3yhq865Q/IU014UjTY5uPfiE +-----END PRIVATE KEY----- diff --git a/sources/lib/server/files/tls/server-ed25519-public.pem b/sources/lib/server/files/tls/server-ed25519-public.pem new file mode 100644 index 0000000..ce887c2 --- /dev/null +++ b/sources/lib/server/files/tls/server-ed25519-public.pem @@ -0,0 +1,43 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCBNOgAwIBAgIBAjAFBgMrZXAwFjEUMBIGA1UEAxMLa2F3aXBpa28tY2Ew +HhcNMjAwMTAxMDAwMDAwWhcNNDAxMjMxMjM1OTU5WjAaMRgwFgYDVQQDEw9rYXdp +cGlrby1zZXJ2ZXIwKjAFBgMrZXADIQDxM9xzekdhsBs7Ahc0Fw/I2diBKsRxmkUf +xyqvpwmbtqOCBEAwggQ8MAwGA1UdEwEB/wQCMAAwggPFBgNVHREEggO8MIIDuIII +a2F3aXBpa2+CCioua2F3aXBpa2+CCWxvY2FsaG9zdIILKi5sb2NhbGhvc3SCBHRl +c3SCBioudGVzdIIHZXhhbXBsZYIJKi5leGFtcGxlggtleGFtcGxlLmNvbYINKi5l +eGFtcGxlLmNvbYILZXhhbXBsZS5uZXSCDSouZXhhbXBsZS5uZXSCC2V4YW1wbGUu +b3Jngg0qLmV4YW1wbGUub3JnggdpbnZhbGlkggkqLmludmFsaWSHBH8AAACHBH8A +AAGHBH8AAAKHBH8AAAOHBH8AAASHBH8AAAWHBH8AAAaHBH8AAAeHBH8AAAiHBH8A +AAmHBH8AAAqHBH8AAAuHBH8AAAyHBH8AAA2HBH8AAA6HBH8AAA+HBH8AABCHBH8A +ABGHBH8AABKHBH8AABOHBH8AABSHBH8AABWHBH8AABaHBH8AABeHBH8AABiHBH8A +ABmHBH8AABqHBH8AABuHBH8AAByHBH8AAB2HBH8AAB6HBH8AAB+HBH8AACCHBH8A +ACGHBH8AACKHBH8AACOHBH8AACSHBH8AACWHBH8AACaHBH8AACeHBH8AACiHBH8A +ACmHBH8AACqHBH8AACuHBH8AACyHBH8AAC2HBH8AAC6HBH8AAC+HBH8AADCHBH8A +ADGHBH8AADKHBH8AADOHBH8AADSHBH8AADWHBH8AADaHBH8AADeHBH8AADiHBH8A +ADmHBH8AADqHBH8AADuHBH8AADyHBH8AAD2HBH8AAD6HBH8AAD+HBH8AAECHBH8A +AEGHBH8AAEKHBH8AAEOHBH8AAESHBH8AAEWHBH8AAEaHBH8AAEeHBH8AAEiHBH8A +AEmHBH8AAEqHBH8AAEuHBH8AAEyHBH8AAE2HBH8AAE6HBH8AAE+HBH8AAFCHBH8A +AFGHBH8AAFKHBH8AAFOHBH8AAFSHBH8AAFWHBH8AAFaHBH8AAFeHBH8AAFiHBH8A +AFmHBH8AAFqHBH8AAFuHBH8AAFyHBH8AAF2HBH8AAF6HBH8AAF+HBH8AAGCHBH8A +AGGHBH8AAGKHBH8AAGOHBH8AAGSHBH8AAGWHBH8AAGaHBH8AAGeHBH8AAGiHBH8A +AGmHBH8AAGqHBH8AAGuHBH8AAGyHBH8AAG2HBH8AAG6HBH8AAG+HBH8AAHCHBH8A +AHGHBH8AAHKHBH8AAHOHBH8AAHSHBH8AAHWHBH8AAHaHBH8AAHeHBH8AAHiHBH8A +AHmHBH8AAHqHBH8AAHuHBH8AAHyHBH8AAH2HBH8AAH6HBH8AAH8wEwYDVR0lBAww +CgYIKwYBBQUHAwEwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBSiumt/SOr3Fl24 +MqbO24S1p9MWCjAfBgNVHSMEGDAWgBTQVcoX632ljxv20Gh8NAS/1VYqtzAFBgMr +ZXADQQDvxgE/H82cA41fqwlMgEK4bypC8pwKEv51D2AvIAIMEIsL404WriZDTupH +tSQOhqP7o0G5ia0EFLBxsWH66GYC +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB+TCCAaugAwIBAgIBATAFBgMrZXAwFjEUMBIGA1UEAxMLa2F3aXBpa28tY2Ew +HhcNMjAwMTAxMDAwMDAwWhcNNDAxMjMxMjM1OTU5WjAWMRQwEgYDVQQDEwtrYXdp +cGlrby1jYTAqMAUGAytlcAMhAG7iAxaqyOj/Yckknf09zbMt1ABMqJINuxs78UeE +GYato4IBHDCCARgwDwYDVR0TAQH/BAUwAwEB/zCB5QYDVR0eAQH/BIHaMIHXoIHU +MAqHCH8AAAD/AAAAMAqCCGthd2lwaWtvMAuCCWxvY2FsaG9zdDAGggR0ZXN0MAmC +B2V4YW1wbGUwDYILZXhhbXBsZS5jb20wDYILZXhhbXBsZS5uZXQwDYILZXhhbXBs +ZS5vcmcwCYIHaW52YWxpZDAKgQhrYXdpcGlrbzALgQlsb2NhbGhvc3QwBoEEdGVz +dDAJgQdleGFtcGxlMA2BC2V4YW1wbGUuY29tMA2BC2V4YW1wbGUubmV0MA2BC2V4 +YW1wbGUub3JnMAmBB2ludmFsaWQwHQYDVR0OBBYEFNBVyhfrfaWPG/bQaHw0BL/V +Viq3MAUGAytlcANBAJQ1/xxifLV25+92zUki6efxjrDzKQ50WmK7vjMcFTrvPSg0 +K43TIK6/bV2YWAiAOTCdBjVYGhlF6tiPEeuingo= +-----END CERTIFICATE----- diff --git a/sources/lib/server/files/tls/server-private.pem b/sources/lib/server/files/tls/server-private.pem deleted file mode 100644 index 28c676c..0000000 --- a/sources/lib/server/files/tls/server-private.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC+jojvRd7zso5q -PvriGVYRwBZZoScGbMyAm06ICAV8boHe8y5ITzhGjtrS6pXCQeqFg6sTrqMUGjya -g8E4EAGi9WkO00aNYYT7EWp/rT0wS5aWgM27h3rCAGN2Nxd9lnophyx+xy1yhF55 -iWOC6PH6W9GA5EpLidac47Jjc73AlEzFrchORF9VTCVCBqakopwiTeJd1Gp0A63C -zpM7dVPBVnWmgMNLJhwpNbppChCaw4IMSBCH6nJhAlJUgSqIU/fZyOrjeikeid86 -nKQCIvZ7syJFgm6vkTnEfZmZP1J6uw9wAIygK7UOIc8loa/F+Xr3eB/imBfqsNs9 -ZM0mpamrAgMBAAECggEAORjSVQeVj2XAIHuwhtDapkTtLXwJCnbNK/fdJwtoQWmH -RnuNMaNzFEk3rh0WNHe1wr26JBKe0KYv5Ih3+8loBCEOkp+hszk2NFh6lbkd7Xuo -qn37pyYoFTsykjhdtIbDIfBb17zslDSvbjFJfO85mi+q7bj5vfqWMLpVOFF02N/S -SmASAzAYTAOE+wheMuTWkm8r3PXh8WhJViWLp/9l6gyLT0mOazxaVayOWyJ/pg1w -qPZiNOavTbNyP7jzUysA4LX9CdBQx3k48IQm0c59Zu49Rl7H6ZT9Vp2CSkvbZRZS -qVLKYtE4o5SIyAPI5QBCRyNVkHQnZAzPIv/vwbky4QKBgQDmcxY9YVIVpjZQCcVg -R++ClrjKKzuR4dmUvmF3H6F4uT6S+7zPsaaIbgBUo2B/Z5QZ+vv6FeKcGZhGSVzU -gtiQeNvEPE25oHbJm3ui71Wvw2mEpTp52bYL6k68b45ydq/CCpohSLym/WjlVVSz -ce2IJZaviGn68jY175bRRDAb2wKBgQDTrykGt8gfACmSBZcULkaXCDqT0nfnWccx -OHuimbIDgSU0Q/KJA9P0pSbtL/2rUXEnZpUJ0oDDEi0MpBkSX3Tb3U959aY97hXK -arHI0iziUcW1ZZ2XGO5KtRviQ0D5CKZWR1Ttjm1oCJkmxAag070CF/UdcTGEizrK -OeI7o1l6cQKBgBo21z3ON0ctLBp4shIcvLsPKCAfQNx8Y4LPEUk6uOSBtgOETVsW -60mzsafvGcgEYU1/RnCRUsDNDIxaRgwKglYU2XL+JR1Lipeubyb+sLGYugUTwo4f -3NyIH8LBseOFasLY7+V/X65jPy5vQX5UJGALXpPDIcMhEFecVHyjlBFnAoGABtWs -+W6No5KZxQExM5Ga7d1yJruw62NWrxwnwcQ8nyhYTyuydQIOoeODMj1Ob22dvavu -O/bz+Vho4/OYa6NxXnfyzPlFeNJrGbIAM3+1u0jwnT6+q9Y+O2NFlzScsG27ESYU -c+cZWTaN21aQ8Dhl7d9gJqc09haYu1bLGynXBcECgYEAsxgIbbO3CtxPfqgtJrAo -eRPPLX7UOdXmarOBYFL+jsG5SWSyECqKDgkjyeQFVqHzK+W4k654TobZoMUhDIUL -GeNAoNAIjPciush/0yYI8w3EybHIkB6JSi4LyhWBQazGaAr3Ai0NHbKt3ZzcOM1D -azCipM9H6CJO+MjoG+S53Xo= ------END PRIVATE KEY----- diff --git a/sources/lib/server/files/tls/server-public.pem b/sources/lib/server/files/tls/server-public.pem deleted file mode 100644 index 3c7ca52..0000000 --- a/sources/lib/server/files/tls/server-public.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDIzCCAgugAwIBAgIUVyUIITgu0+by4ASAy3b9vOM+B2wwDQYJKoZIhvcNAQEL -BQAwHzEdMBsGA1UEAxMUa2F3aXBpa28udm9sdXRpb24ucm8wIBcNMTkwODE0MTUw -OTEzWhgPMjA1OTA4MTQxNTA5MTNaMB8xHTAbBgNVBAMTFGthd2lwaWtvLnZvbHV0 -aW9uLnJvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo6I70Xe87KO -aj764hlWEcAWWaEnBmzMgJtOiAgFfG6B3vMuSE84Ro7a0uqVwkHqhYOrE66jFBo8 -moPBOBABovVpDtNGjWGE+xFqf609MEuWloDNu4d6wgBjdjcXfZZ6KYcsfsctcoRe -eYljgujx+lvRgORKS4nWnOOyY3O9wJRMxa3ITkRfVUwlQgampKKcIk3iXdRqdAOt -ws6TO3VTwVZ1poDDSyYcKTW6aQoQmsOCDEgQh+pyYQJSVIEqiFP32cjq43opHonf -OpykAiL2e7MiRYJur5E5xH2ZmT9SersPcACMoCu1DiHPJaGvxfl693gf4pgX6rDb -PWTNJqWpqwIDAQABo1UwUzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUF -BwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFPDjABVCI490LdvHPeotzNq3 -xa9KMA0GCSqGSIb3DQEBCwUAA4IBAQA0cYKpYneOgBRGL/5q86g17qGOrQOWjdDr -1k7i817pBjIfRj9bm1n2iaSrC4GCt4Ok+hl/DyjPNDDUXZxEmfmxlugi6dKLPQp9 -p30hlTB7E3ArHKkWXYGo19URewAUYOMEIR1lB5/RS21rnpUKHawrwi9pZHTwYQ5Q -QcnpA9/FvCbPo8gb9kPAuDyj39tdzzgNK/Xvj8ym9RhUbTtBgbWujRCIWU0L6bfl -i7DLfJoPSK+s6S5YGr88VAz0y9zAGD/2wGq9R1hUSDw0OfMgEm9GoSz6FpXKKBtl -M01bP11akztK8sWChdels4OXOsPQ1SdF2XE4od82cm6lA8IgE1hY ------END CERTIFICATE----- diff --git a/sources/lib/server/files/tls/server-rsa-private.pem b/sources/lib/server/files/tls/server-rsa-private.pem new file mode 100644 index 0000000..5a29692 --- /dev/null +++ b/sources/lib/server/files/tls/server-rsa-private.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDKxWyu2s++wp9n +YYwqTBOehkMzf2oY0sm1lH3yEQZIKK7ik2yjYPsOLyXT1mrzuOb2DE4GP8CighKY +j2Mpk3tKj+iz4JQq5BZtGBNrtS8qC/o/NphQzGEZ19XMF1x7lcqkTmbhpfcK9rVl +RbKN/Vsx/nuMJTL654fHRLxpA7b9rgosbykyse3lB2drWTfrjauKXno89fnEfv70 +IPLYL0hkgO+IE0CONUGR60RBD/GuSCKQRHECmDCUvCTLnJkKtiqYOkIDXPnhZrxl +5GCUXDI4Fh0RCOpkzr30ABg6kXFFzWAVJg0JkkbYDLgOZcsQLXUCFhewbFKa2/CN +JPPftwVjAgMBAAECggEBALCoafS4y++tTgValiwvlZQx8xBFvKCd3IBnO4cO0AND +9oGN4UNB9dg4uWMi1pE6EXZh6ARHvMOYQS1LFyCczfh7AkjcqxnnF6a6KAlZlBq0 +zrQOE4upVBuY0Dp8S+Wb7i1R5Q5Icr/JiuYNX++WwMIArZC+w/iWiNPSDbgMNXwy +fAepv8XhR5AMpvzZ/gnQg9C5HF+oyxSitrDcO8jJKezI7iSGj/LhMAdiWQKBxpVp +MuXD0ZDFhZR0LCkgi4SvcGorXS55wo2n1VUxM+5630N0cvyv8Fx3Li9cms5y6FGq +gELeRAlxABGwrWy/GIKhgyi8tF/Uef7Hix8dqk1eankCgYEA1jEXEDYjPijugqRF +5SQnwYCEeI4K6GD4yHMxPTyrf70m2KyABPZnHd3DOQ19cH1fsdpeCMWhuvZFkMdH +rJ9pVugKWIPZ8F3VXZMZ0/NGDDeC35866esyNEMaxeppiCN6bDHHIXKEt6DDpBll +wn5WKgtTCBbzbdw7iHKRDEUDABcCgYEA8lmpftCxsBwii/NozbvFB+qGZ6w2wJHq +v0XzUySh5Z40vcHyvYH7oovw+8BqoItEU2R4XoYl6rC52zcRx1tP0Sgg/lxqHgCK +vBdSExJEUTRpTGfcQ5MjfufP1LWYF2JhyzGBC5z8DsMjlMOxETOsAAmSPjaL+yJz +lIB+0QQKyJUCgYEAvY4+OfOfZvB0fBuDW9GOeXoSQlp6nsLLCSKgrfAWWnr8eP7Y +YQvroAvVLJWasMXTvaNiWuMESWCPmhwyezuszuOV3FX7tvRj0mdPkTqXgFJUOTFC +wyeJi6TjecoFUR0Mx9mZwCkH+TaGTaDIZMLH4HebKOqezlf8O7ogUbp1eEsCgYB0 +Dx5NnfHKLd8ZeIrzI337CYQuN9nMpNRvnzck1QE3LmmBilUODiaMtEnGtmIZ2jfx +W8cNNV8JInMPGTNJbmAuAPKz/VvQXGAULXLfsTrITLo0nfRs5BT2nFr6ObDJWhMN +NPrgreBDzY3Hm2O7oiw3pF3Fr2ef7+K79kFFJZNodQKBgH5ZOibAlJkpEqvkHO88 +RY5ITEzkstaKW8ktkNjkqbCk3EVjl+nfKcEexKpbDPMfPEfowG8zfNTDd9AMoCV2 +zzCvHJThxc+W9dPLfEgjE87Ci2lcJx5+hjGpgTbgAX/pglc3gnrdKRoILXdQd0Ar +oDim4HdjGEK2jM6YMvcRnjFp +-----END PRIVATE KEY----- diff --git a/sources/lib/server/files/tls/server-rsa-public.pem b/sources/lib/server/files/tls/server-rsa-public.pem new file mode 100644 index 0000000..08994eb --- /dev/null +++ b/sources/lib/server/files/tls/server-rsa-public.pem @@ -0,0 +1,63 @@ +-----BEGIN CERTIFICATE----- +MIIG7TCCBdWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtrYXdp +cGlrby1jYTAeFw0yMDAxMDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBoxGDAWBgNV +BAMTD2thd2lwaWtvLXNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMrFbK7az77Cn2dhjCpME56GQzN/ahjSybWUffIRBkgoruKTbKNg+w4vJdPW +avO45vYMTgY/wKKCEpiPYymTe0qP6LPglCrkFm0YE2u1LyoL+j82mFDMYRnX1cwX +XHuVyqROZuGl9wr2tWVFso39WzH+e4wlMvrnh8dEvGkDtv2uCixvKTKx7eUHZ2tZ +N+uNq4peejz1+cR+/vQg8tgvSGSA74gTQI41QZHrREEP8a5IIpBEcQKYMJS8JMuc +mQq2Kpg6QgNc+eFmvGXkYJRcMjgWHREI6mTOvfQAGDqRcUXNYBUmDQmSRtgMuA5l +yxAtdQIWF7BsUprb8I0k89+3BWMCAwEAAaOCBEAwggQ8MAwGA1UdEwEB/wQCMAAw +ggPFBgNVHREEggO8MIIDuIIIa2F3aXBpa2+CCioua2F3aXBpa2+CCWxvY2FsaG9z +dIILKi5sb2NhbGhvc3SCBHRlc3SCBioudGVzdIIHZXhhbXBsZYIJKi5leGFtcGxl +ggtleGFtcGxlLmNvbYINKi5leGFtcGxlLmNvbYILZXhhbXBsZS5uZXSCDSouZXhh +bXBsZS5uZXSCC2V4YW1wbGUub3Jngg0qLmV4YW1wbGUub3JnggdpbnZhbGlkggkq +LmludmFsaWSHBH8AAACHBH8AAAGHBH8AAAKHBH8AAAOHBH8AAASHBH8AAAWHBH8A +AAaHBH8AAAeHBH8AAAiHBH8AAAmHBH8AAAqHBH8AAAuHBH8AAAyHBH8AAA2HBH8A +AA6HBH8AAA+HBH8AABCHBH8AABGHBH8AABKHBH8AABOHBH8AABSHBH8AABWHBH8A +ABaHBH8AABeHBH8AABiHBH8AABmHBH8AABqHBH8AABuHBH8AAByHBH8AAB2HBH8A +AB6HBH8AAB+HBH8AACCHBH8AACGHBH8AACKHBH8AACOHBH8AACSHBH8AACWHBH8A +ACaHBH8AACeHBH8AACiHBH8AACmHBH8AACqHBH8AACuHBH8AACyHBH8AAC2HBH8A +AC6HBH8AAC+HBH8AADCHBH8AADGHBH8AADKHBH8AADOHBH8AADSHBH8AADWHBH8A +ADaHBH8AADeHBH8AADiHBH8AADmHBH8AADqHBH8AADuHBH8AADyHBH8AAD2HBH8A +AD6HBH8AAD+HBH8AAECHBH8AAEGHBH8AAEKHBH8AAEOHBH8AAESHBH8AAEWHBH8A +AEaHBH8AAEeHBH8AAEiHBH8AAEmHBH8AAEqHBH8AAEuHBH8AAEyHBH8AAE2HBH8A +AE6HBH8AAE+HBH8AAFCHBH8AAFGHBH8AAFKHBH8AAFOHBH8AAFSHBH8AAFWHBH8A +AFaHBH8AAFeHBH8AAFiHBH8AAFmHBH8AAFqHBH8AAFuHBH8AAFyHBH8AAF2HBH8A +AF6HBH8AAF+HBH8AAGCHBH8AAGGHBH8AAGKHBH8AAGOHBH8AAGSHBH8AAGWHBH8A +AGaHBH8AAGeHBH8AAGiHBH8AAGmHBH8AAGqHBH8AAGuHBH8AAGyHBH8AAG2HBH8A +AG6HBH8AAG+HBH8AAHCHBH8AAHGHBH8AAHKHBH8AAHOHBH8AAHSHBH8AAHWHBH8A +AHaHBH8AAHeHBH8AAHiHBH8AAHmHBH8AAHqHBH8AAHuHBH8AAHyHBH8AAH2HBH8A +AH6HBH8AAH8wEwYDVR0lBAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/BAQDAgWgMB0G +A1UdDgQWBBS1bniT+SX/BGBx+adGV/6BV0ZiMDAfBgNVHSMEGDAWgBSGL52Tf1kz +/Qi7QphPDaA72dhbNDANBgkqhkiG9w0BAQsFAAOCAQEAf55M8RReFsXLZL6UJJue +vde0bg7+VALaLA2+DzjABe24riYuvwY6deluKy/PHgm3q8R7IDtMg4ZgCLoz1nRs +gv/f1zFL79jA89R8s2eclm1Ll5Rdhx51cp4/HovOKQiEvGNrOYDDCfG4ZOpmJepo +5BZCCLSLOsCiRXayTR0BQECkpSpnY0GOVzOK8X4Z0CGNtESRZhs3rfr/J84CM9tW +FLVtpoL5sIV1iP5xo3RasxlDbzSiCxbEaEa1PFZKzQ9332oCeO3mM68JHTvcYPGJ +CWYEjTExhVpTETSOr4HZltuUDjUqvp/511BQE7YHhxAg9OkbMlQ4V8Vb3doh3juL +XA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtrYXdp +cGlrby1jYTAeFw0yMDAxMDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC2thd2lwaWtvLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +qVvdvjwNaOykQoa/Qz2GkiY/qUEL4vFuLoUAy2UqWuCTsWFYdMcK67KGGz6u9BRq +7t5MTx3/WIiNHLWA/A4nAL1To4jrE+3Aj/oYXXnozqk7z2lGCVywxgLbZBo2vWVG ++hgUEghikagU5fN3NsdTmdQeGnKv6Vm6ZJUNZDySYN1Tt50nzoA1pa5zvHlcLlzX +dQNr/A9L/hJpVqiEub25DgxXUsCJgA+1KFiY1rMWXY6pzelcVoiZ2A40oXVI2cst +UtNmTKwCvnyzlzMhgsLbY7iTp5xfnZE3QzIziaWkq9dOLqNi4oiaF4nkLjqzItjs +99lteqQ9c1cqyxGY8X0AEwIDAQABo4IBHDCCARgwDwYDVR0TAQH/BAUwAwEB/zCB +5QYDVR0eAQH/BIHaMIHXoIHUMAqHCH8AAAD/AAAAMAqCCGthd2lwaWtvMAuCCWxv +Y2FsaG9zdDAGggR0ZXN0MAmCB2V4YW1wbGUwDYILZXhhbXBsZS5jb20wDYILZXhh +bXBsZS5uZXQwDYILZXhhbXBsZS5vcmcwCYIHaW52YWxpZDAKgQhrYXdpcGlrbzAL +gQlsb2NhbGhvc3QwBoEEdGVzdDAJgQdleGFtcGxlMA2BC2V4YW1wbGUuY29tMA2B +C2V4YW1wbGUubmV0MA2BC2V4YW1wbGUub3JnMAmBB2ludmFsaWQwHQYDVR0OBBYE +FIYvnZN/WTP9CLtCmE8NoDvZ2Fs0MA0GCSqGSIb3DQEBCwUAA4IBAQCD9Rq/CTOZ +9v0XoEq208y1akWLG0l3YDvor+ee9Ier8GcQKuaX/WaOLceqPuMFpi2hmlblmkw+ +X11IVefWGcO9TCO0gPRpzXXpx/ZMlbgvOoM/WE3PtrVfPLxNn91LeENPUj+jrCNo +594Prq+/FaBKs/xOfzgLR1wVEHt2lyXsvQbJ38qkAkIlQdjpolmDopNkFnlglM5Y +cMO/3ywYpI/X5+ge5TpOlDf4iwo6dm8uxpY/12gwlSpf/B5KuDqaeae6oHTB7Gn4 +Q8TCLS2Awha2lFFcQEoes14Lri0ARFygav0X1aP4P2vPM5ioA8vW2vgCPHLOccP8 +vOyisHCQ3eIe +-----END CERTIFICATE----- diff --git a/sources/lib/server/tls.go b/sources/lib/server/tls.go index ca177f0..e36f90c 100644 --- a/sources/lib/server/tls.go +++ b/sources/lib/server/tls.go @@ -8,9 +8,16 @@ import _ "embed" -//go:embed files/tls/server-public.pem -var DefaultTlsCertificatePublic []byte +//go:embed files/tls/server-rsa-public.pem +var DefaultTlsRsaCertificatePublic []byte -//go:embed files/tls/server-private.pem -var DefaultTlsCertificatePrivate []byte +//go:embed files/tls/server-rsa-private.pem +var DefaultTlsRsaCertificatePrivate []byte + + +//go:embed files/tls/server-ed25519-public.pem +var DefaultTlsEd25519CertificatePublic []byte + +//go:embed files/tls/server-ed25519-private.pem +var DefaultTlsEd25519CertificatePrivate []byte