首頁 探索 說明
登入
cpp
/
ZeroTierOne
镜像来自 https://github.com/zerotier/ZeroTierOne
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

Hide some low-level stuff from public certificate API in Go.

Adam Ierymenko 5 年之前
父節點
e5f2314055
當前提交
15f5125c8c
共有 3 個文件被更改,包括 29 次插入52 次删除
分割檢視 顯示文件統計
  1. 7 35
      cmd/zt_service_tests/certificate.go
  2. 5 0
      cmd/zt_service_tests/zt_service_tests.go
  3. 17 17
      pkg/zerotier/certificate.go

+ 7 - 35
cmd/zt_service_tests/certificate.go
查看文件 

@@ -15,23 +15,20 @@ package main
 
 
 import (
 
 	"bytes"
 
-	"encoding/json"
 
 	"fmt"
 
 	"zerotier/pkg/zerotier"
 
 )
 
 
 func TestCertificate() bool {
 
-	fmt.Println("Checking Certificate conversion to/from C ZT_Certificate structure...")
 
-
 
 	id, err := zerotier.NewIdentityFromString("8e4df28b72:0:ac3d46abe0c21f3cfe7a6c8d6a85cfcffcb82fbd55af6a4d6350657c68200843fa2e16f9418bbd9702cae365f2af5fb4c420908b803a681d4daef6114d78a2d7:bd8dd6e4ce7022d2f812797a80c6ee8ad180dc4ebf301dec8b06d1be08832bddd63a2f1cfa7b2c504474c75bdc8898ba476ef92e8e2d0509f8441985171ff16e")
 
 	if err != nil {
 
-		fmt.Printf("  Error deserializing test identity: %s\n", err.Error())
 
+		fmt.Printf("FATAL: error deserializing test identity: %s\n", err.Error())
 
 		return false
 
 	}
 
 
 	uniqueId, uniqueIdPrivate, err := zerotier.NewCertificateSubjectUniqueId(zerotier.CertificateUniqueIdTypeNistP384)
 
 	if err != nil {
 
-		fmt.Printf("  Error generating unique ID: %s", err.Error())
 
+		fmt.Printf("FATAL: error generating unique ID: %s", err.Error())
 
 		return false
 
 	}
 
 
@@ -92,33 +89,8 @@ func TestCertificate() bool {
 
 	c.MaxPathLength = 9999
 
 	c.Signature = []byte("qwerty")
 
 
-	for k := 0; k < 1; k++ {
 
-		cc := c.CCertificate()
 
-		if cc == nil {
 
-			fmt.Println("  Error converting Certificate to ZT_Certificate")
 
-			return false
 
-		}
 
-		c2 := zerotier.NewCertificateFromCCertificate(cc)
 
-		if c2 == nil {
 
-			fmt.Println("  Error converting ZT_Certificate to Certificate")
 
-			return false
 
-		}
 
-		zerotier.DeleteCCertificate(cc)
 
-
 
-		j, _ := json.Marshal(c)
 
-		j2, _ := json.Marshal(c2)
 
-		if !bytes.Equal(j, j2) {
 
-			j, _ = json.MarshalIndent(c, "", "  ")
 
-			j2, _ = json.MarshalIndent(c2, "", "  ")
 
-			fmt.Print("  Deep equality test failed: certificates do not match! (see dumps below)\n\n")
 
-			fmt.Println(string(j))
 
-			fmt.Println(string(j2))
 
-			return false
 
-		}
 
-	}
 
-
 
-	fmt.Printf("Checking certificate marshal/unmarshal... ")
 
-	for k := 0; k < 1; k++ {
 
+	fmt.Printf("Checking certificate marshal/unmarshal (10000 tests)... ")
 
+	for k := 0; k < 10000; k++ {
 
 		cb, err := c.Marshal()
 
 		if err != nil {
 
 			fmt.Printf("marshal FAILED (%s)\n", err.Error())
 
@@ -141,14 +113,14 @@ func TestCertificate() bool {
 
 	}
 
 	fmt.Println("OK")
 
 
-	fmt.Printf("Checking certificate CSR sign/verify... ")
 
-	for k := 0; k < 1; k++ {
 
+	fmt.Printf("Checking certificate CSR sign/verify (100 tests)... ")
 
+	for k := 0; k < 100; k++ {
 
 		csr, err := zerotier.NewCertificateCSR(&c.Subject, uniqueId, uniqueIdPrivate)
 
 		if err != nil {
 
 			fmt.Printf("CSR generate FAILED (%s)\n", err.Error())
 
 			return false
 
 		}
 
-		fmt.Printf("CSR size: %d ", len(csr))
 
+		//fmt.Printf("CSR size: %d ", len(csr))
 
 		csr2, err := zerotier.NewCertificateFromBytes(csr, false)
 
 		if err != nil {
 
 			fmt.Printf("CSR decode FAILED (%s)\n", err.Error())

+ 5 - 0
cmd/zt_service_tests/zt_service_tests.go
查看文件 

@@ -2,9 +2,14 @@ package main
 
 
 import (
 
 	"os"
 
+	"runtime"
 
+	"runtime/debug"
 
 )
 
 
 func main() {
 
+	runtime.GOMAXPROCS(1)
 
+	debug.SetGCPercent(15)
 
+
 
 	if !TestCertificate() {
 
 		os.Exit(1)
 
 	}

+ 17 - 17
pkg/zerotier/certificate.go
查看文件 

@@ -50,7 +50,7 @@ type CertificateName struct {
 
 
 // CertificateIdentity bundles an identity with an optional locator.
 
 type CertificateIdentity struct {
 
-	Identity *Identity `json:"identity"`
 
+	Identity *Identity `json:"identity,omitempty"`
 
 	Locator  *Locator  `json:"locator,omitempty"`
 
 }
 
 
@@ -136,15 +136,15 @@ func NewCertificateFromBytes(cert []byte, verify bool) (*Certificate, error) {
 
 	}
 
 	defer C.ZT_Certificate_delete((*C.ZT_Certificate)(dec))
 
 
-	goCert := NewCertificateFromCCertificate(dec)
 
+	goCert := newCertificateFromCCertificate(dec)
 
 	if goCert == nil {
 
 		return nil, ErrInternal
 
 	}
 
 	return goCert, nil
 
 }
 
 
-// NewCertificateFromCCertificate translates a C ZT_Certificate into a Go Certificate.
 
-func NewCertificateFromCCertificate(ccptr unsafe.Pointer) *Certificate {
 
+// newCertificateFromCCertificate translates a C ZT_Certificate into a Go Certificate.
 
+func newCertificateFromCCertificate(ccptr unsafe.Pointer) *Certificate {
 
 	cc := (*C.ZT_Certificate)(ccptr)
 
 	c := new(Certificate)
 
 
@@ -265,14 +265,14 @@ func NewCertificateFromCCertificate(ccptr unsafe.Pointer) *Certificate {
 
 	return c
 
 }
 
 
-// DeleteCCertificate deletes a ZT_Certificate object returned by Certificate.CCertificate()
 
-func DeleteCCertificate(cc unsafe.Pointer) {
 
+// deleteCCertificate deletes a ZT_Certificate object returned by Certificate.CCertificate()
 
+func deleteCCertificate(cc unsafe.Pointer) {
 
 	C.ZT_Certificate_delete((*C.ZT_Certificate)(cc))
 
 }
 
 
-// CCertificate creates a C ZT_Certificate structure from the content of a Certificate.
 
-// It must be deleted with DeleteCCertificate.
 
-func (c *Certificate) CCertificate() unsafe.Pointer {
 
+// cCertificate creates a C ZT_Certificate structure from the content of a Certificate.
 
+// It must be deleted with deleteCCertificate.
 
+func (c *Certificate) cCertificate() unsafe.Pointer {
 
 	var cc C.ZT_Certificate
 
 	var subjectIdentities []C.ZT_Certificate_Identity
 
 	var subjectNetworks []C.ZT_Certificate_Network
 
@@ -400,11 +400,11 @@ func (c *Certificate) CCertificate() unsafe.Pointer {
 
 
 // Marshal encodes this certificate as a byte array.
 
 func (c *Certificate) Marshal() ([]byte, error) {
 
-	cc := c.CCertificate()
 
+	cc := c.cCertificate()
 
 	if cc == nil {
 
 		return nil, ErrInternal
 
 	}
 
-	defer DeleteCCertificate(cc)
 
+	defer deleteCCertificate(cc)
 
 	var encoded [16384]byte
 
 	encodedSize := C.int(16384)
 
 	rv := int(C.ZT_Certificate_encode((*C.ZT_Certificate)(cc), unsafe.Pointer(&encoded[0]), &encodedSize))
 
@@ -422,11 +422,11 @@ func (c *Certificate) Sign(id *Identity) (*Certificate, error) {
 
 	if id == nil || !id.HasPrivate() {
 
 		return nil, ErrInvalidParameter
 
 	}
 
-	ctmp := c.CCertificate()
 
+	ctmp := c.cCertificate()
 
 	if ctmp == nil {
 
 		return nil, ErrInternal
 
 	}
 
-	defer DeleteCCertificate(ctmp)
 
+	defer deleteCCertificate(ctmp)
 
 	var signedCert [16384]byte
 
 	signedCertSize := C.int(16384)
 
 	rv := int(C.ZT_Certificate_sign((*C.ZT_Certificate)(ctmp), id.cIdentity(), unsafe.Pointer(&signedCert[0]), &signedCertSize))
 
@@ -438,11 +438,11 @@ func (c *Certificate) Sign(id *Identity) (*Certificate, error) {
 
 
 // Verify returns nil on success or a certificate error if there is a problem with this certificate.
 
 func (c *Certificate) Verify() error {
 
-	cc := c.CCertificate()
 
+	cc := c.cCertificate()
 
 	if cc == nil {
 
 		return ErrInternal
 
 	}
 
-	defer DeleteCCertificate(cc)
 
+	defer deleteCCertificate(cc)
 
 	return certificateErrorToError(int(C.ZT_Certificate_verify((*C.ZT_Certificate)(cc))))
 
 }
 
 
@@ -496,11 +496,11 @@ func NewCertificateCSR(subject *CertificateSubject, uniqueId []byte, uniqueIdPri
 
 
 	var tmp Certificate
 
 	tmp.Subject = *subject
 
-	ctmp := tmp.CCertificate()
 
+	ctmp := tmp.cCertificate()
 
 	if ctmp == nil {
 
 		return nil, ErrInternal
 
 	}
 
-	defer DeleteCCertificate(ctmp)
 
+	defer deleteCCertificate(ctmp)
 
 
 	var csr [16384]byte
 
 	csrSize := C.int(16384)