MCPcopy
hub / github.com/grpc/grpc-go / setupTLSConn

Function setupTLSConn

security/advancedtls/crl_test.go:456–497  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

454}
455
456func setupTLSConn(t *testing.T) (net.Listener, *x509.Certificate, *ecdsa.PrivateKey) {
457 t.Helper()
458 templ := x509.Certificate{
459 SerialNumber: big.NewInt(5),
460 BasicConstraintsValid: true,
461 NotBefore: time.Now().Add(-time.Hour),
462 NotAfter: time.Now().Add(time.Hour),
463 IsCA: true,
464 Subject: pkix.Name{CommonName: "test-cert"},
465 KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
466 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
467 IPAddresses: []net.IP{netip.MustParseAddr("::1").AsSlice()},
468 CRLDistributionPoints: []string{"http://static.corp.google.com/crl/campus-sln/borg"},
469 }
470
471 key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
472 if err != nil {
473 t.Fatalf("ecdsa.GenerateKey failed err = %v", err)
474 }
475 rawCert, err := x509.CreateCertificate(rand.Reader, &templ, &templ, key.Public(), key)
476 if err != nil {
477 t.Fatalf("x509.CreateCertificate failed err = %v", err)
478 }
479 cert, err := x509.ParseCertificate(rawCert)
480 if err != nil {
481 t.Fatalf("x509.ParseCertificate failed err = %v", err)
482 }
483
484 srvCfg := tls.Config{
485 Certificates: []tls.Certificate{
486 {
487 Certificate: [][]byte{cert.Raw},
488 PrivateKey: key,
489 },
490 },
491 }
492 l, err := tls.Listen("tcp6", "[::1]:0", &srvCfg)
493 if err != nil {
494 t.Fatalf("tls.Listen failed err = %v", err)
495 }
496 return l, cert, key
497}
498
499// TestVerifyConnection will setup a client/server connection and check revocation in the real TLS dialer
500func TestVerifyConnection(t *testing.T) {

Callers 1

TestVerifyConnectionFunction · 0.85

Calls 3

NowMethod · 0.80
AddMethod · 0.65
FatalfMethod · 0.65

Tested by

no test coverage detected