| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- package tls
- import (
- "crypto/rand"
- "crypto/rsa"
- "crypto/x509"
- "crypto/x509/pkix"
- "encoding/pem"
- "log"
- "math/big"
- "time"
- "v2ray.com/core/common"
- v2tls "v2ray.com/core/transport/internet/tls"
- )
- func GenerateCertificateForTest() *v2tls.Certificate {
- priv, err := rsa.GenerateKey(rand.Reader, 2048)
- common.Must(err)
- serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
- serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
- if err != nil {
- log.Fatalf("failed to generate serial number: %s", err)
- }
- template := x509.Certificate{
- SerialNumber: serialNumber,
- Subject: pkix.Name{
- Organization: []string{"V2Ray Inc"},
- },
- NotBefore: time.Now().Add(time.Hour * -1),
- NotAfter: time.Now().Add(time.Hour),
- KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
- ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
- BasicConstraintsValid: true,
- DNSNames: []string{"www.v2ray.com", "v2ray.com"},
- }
- derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
- common.Must(err)
- certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
- keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
- return &v2tls.Certificate{
- Certificate: certPEM,
- Key: keyPEM,
- }
- }
|
