Compare commits
No commits in common. "aa713af15300b0f47b6d13698247d8d526a725ac" and "d94d5ec27cba24aee9723c9e5cd38bdb8d583ab1" have entirely different histories.
aa713af153
...
d94d5ec27c
44
README.md
44
README.md
|
@ -1,44 +0,0 @@
|
|||
# go-grpc-certificate
|
||||
|
||||
## Problem's context
|
||||
I've got some trouble while I want to use gRPC through TLS certificates. I've created a certificated from a .pem key file which had
|
||||
a password and I couldn't use it through `go` standard library. I found a solution based on this **[SO answer](https://stackoverflow.com/a/56131169/6329540)** to this **[question](https://stackoverflow.com/questions/56129533/tls-with-certificate-private-key-and-pass-phrase/56131169#comment132834574_56131169)**
|
||||
|
||||
## Solution
|
||||
I've decided to use **[openssl](https://www.openssl.org/docs/manmaster/man1/)** to achieve this task as far as I was not able to found a solution in go standard library.
|
||||
|
||||
## Installation requirements
|
||||
I've used this version on development. So we should check if it backwards compatible.
|
||||
```shell
|
||||
$ openssl version
|
||||
OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023)
|
||||
```
|
||||
|
||||
|
||||
## How to use
|
||||
In your `go` project you just have to type in your terminal:
|
||||
```shell
|
||||
$ go get gitea.urkob.com/urko/go-grpc-certificate
|
||||
```
|
||||
|
||||
Then place in your code like this
|
||||
```go
|
||||
package main
|
||||
|
||||
// here should be defined your imports
|
||||
certcreds "gitea.urkob.com/urko/go-grpc-certificate/pkg/credentials"
|
||||
|
||||
|
||||
func main() {
|
||||
certPath := "place your certificate path"
|
||||
certKeyPath := "place your key file path"
|
||||
keyPassword := "place your key password here"
|
||||
|
||||
creds, err = certcreds.CredentialsFromKeyWithPasswd(
|
||||
certPah, certKeyPath, keyPassword,
|
||||
)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed loading certificates: %v\n", err)
|
||||
}
|
||||
}
|
||||
```
|
|
@ -12,10 +12,7 @@ import (
|
|||
"google.golang.org/grpc/credentials"
|
||||
)
|
||||
|
||||
// FromRSAKeyWithPassword receives a certificate .pem file which was
|
||||
// requested with .pem key file secured by password. By default go doesn't provide a
|
||||
// standard packag that is not deprecated:
|
||||
func FromRSAKeyWithPassword(certFile, certKey, passwd string) (credentials.TransportCredentials, error) {
|
||||
func CredentialsFromKeyWithPasswd(certFile, certKey, passwd string) (credentials.TransportCredentials, error) {
|
||||
if certFile == "" {
|
||||
return nil, errors.New("certFile cannot be empty")
|
||||
}
|
||||
|
|
|
@ -83,10 +83,10 @@ func TestCredentialsFromKeyWithPasswd(t *testing.T) {
|
|||
require.NoError(t, deleteTestDir())
|
||||
}()
|
||||
|
||||
_, err := FromRSAKeyWithPassword(testCert, testCertKey, testKeyPass)
|
||||
_, err := CredentialsFromKeyWithPasswd(testCert, testCertKey, testKeyPass)
|
||||
assert.NoError(t, err, "key with password should not fail")
|
||||
|
||||
_, err = FromRSAKeyWithPassword(testCert, testCertKey, "wrong-pass")
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKey, "wrong-pass")
|
||||
assert.Error(t, err, "key with wrong pass password should not fail")
|
||||
}
|
||||
|
||||
|
@ -98,30 +98,30 @@ func TestCredentialsFromKeyWithPasswdError(t *testing.T) {
|
|||
require.NoError(t, deleteTestDir())
|
||||
}()
|
||||
|
||||
_, err := FromRSAKeyWithPassword("", "", "")
|
||||
_, err := CredentialsFromKeyWithPasswd("", "", "")
|
||||
assert.Error(t, err)
|
||||
|
||||
_, err = FromRSAKeyWithPassword(testCert, "", "")
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, "", "")
|
||||
assert.Error(t, err)
|
||||
|
||||
_, err = FromRSAKeyWithPassword(testCert, "not-exists.txt", "")
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, "not-exists.txt", "")
|
||||
assert.Error(t, err)
|
||||
|
||||
require.NoError(t, os.WriteFile(testKeyError, []byte(""), os.ModeAppend))
|
||||
|
||||
_, err = FromRSAKeyWithPassword(testCert, testKeyError, testKeyPass)
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, testKeyError, testKeyPass)
|
||||
require.Error(t, err)
|
||||
|
||||
require.NoError(t, os.WriteFile(testCertKeyError, []byte(certKeyError), os.ModeAppend))
|
||||
_, err = FromRSAKeyWithPassword(testCert, testCertKeyError, testKeyPass)
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKeyError, testKeyPass)
|
||||
assert.Error(t, err)
|
||||
|
||||
require.NoError(t, os.Remove(testCertKeyError))
|
||||
assert.NoError(t, os.WriteFile(testCertKeyError, []byte(certKeyOk), os.ModeAppend))
|
||||
_, err = FromRSAKeyWithPassword(testCert, testCertKeyError, testKeyPass)
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKeyError, testKeyPass)
|
||||
assert.Error(t, err, "key without password should fail")
|
||||
|
||||
require.NoError(t, createEncryptedKeyFile())
|
||||
_, err = FromRSAKeyWithPassword(testCert, testCertKey, testKeyPass)
|
||||
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKey, testKeyPass)
|
||||
assert.Error(t, err, "key without password should fail")
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue