Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
quant
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
danet
quant
Merge requests
!97
Move tls generation functions and data into own package
Code
Review changes
Check out branch
Download
Patches
Plain diff
Merged
Move tls generation functions and data into own package
tls-package
into
master
Overview
0
Commits
1
Pipelines
2
Changes
4
Merged
Malte Bauch
requested to merge
tls-package
into
master
1 year ago
Overview
0
Commits
1
Pipelines
2
Changes
4
Expand
Description
Related Issue
Motivation and Context
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Checklist:
My code follows the code style of this project.
My change requires a change to the documentation.
I have updated the documentation accordingly.
I have read the
CONTRIBUTING
document.
I have added tests to cover my changes.
All new and existing tests passed.
0
0
Merge request reports
Compare
master
version 1
685235d5
1 year ago
master (base)
and
latest version
latest version
2a448ea6
1 commit,
1 year ago
version 1
685235d5
1 commit,
1 year ago
4 files
+
77
−
70
Side-by-side
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
Files
4
Search (e.g. *.vue) (Ctrl+P)
goKMS/kms/tls/tls.go
0 → 100644
+
68
−
0
Options
package
kmstls
import
(
"crypto/tls"
"crypto/x509"
"fmt"
"os"
"google.golang.org/grpc/credentials"
)
type
TlsData
struct
{
TLS
bool
CaFile
string
CertFile
string
KeyFile
string
}
func
GenerateGRPCServerTransportCredsWithTLS
(
caFilePath
,
certFile
,
keyFile
string
)
(
credentials
.
TransportCredentials
,
error
)
{
cp
:=
x509
.
NewCertPool
()
b
,
err
:=
os
.
ReadFile
(
caFilePath
)
if
err
!=
nil
{
return
nil
,
err
}
if
!
cp
.
AppendCertsFromPEM
(
b
)
{
return
nil
,
fmt
.
Errorf
(
"credentials: failed to append certificates"
)
}
cert
,
err
:=
tls
.
LoadX509KeyPair
(
certFile
,
keyFile
)
if
err
!=
nil
{
return
nil
,
err
}
tlsConfig
:=
&
tls
.
Config
{
MinVersion
:
tls
.
VersionTLS13
,
ClientCAs
:
cp
,
Certificates
:
[]
tls
.
Certificate
{
cert
},
ClientAuth
:
tls
.
RequireAndVerifyClientCert
,
}
return
credentials
.
NewTLS
(
tlsConfig
),
nil
}
func
GenerateGRPCClientTransportCredsWithTLS
(
caFilePath
,
certFile
,
keyFile
string
)
(
credentials
.
TransportCredentials
,
error
)
{
cp
:=
x509
.
NewCertPool
()
b
,
err
:=
os
.
ReadFile
(
caFilePath
)
if
err
!=
nil
{
return
nil
,
err
}
if
!
cp
.
AppendCertsFromPEM
(
b
)
{
return
nil
,
fmt
.
Errorf
(
"credentials: failed to append certificates"
)
}
cert
,
err
:=
tls
.
LoadX509KeyPair
(
certFile
,
keyFile
)
if
err
!=
nil
{
return
nil
,
err
}
tlsConfig
:=
&
tls
.
Config
{
MinVersion
:
tls
.
VersionTLS13
,
RootCAs
:
cp
,
Certificates
:
[]
tls
.
Certificate
{
cert
},
}
return
credentials
.
NewTLS
(
tlsConfig
),
nil
}
Loading