personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-02-14 08:44:24 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Cert interface (#1212)

Browse Source
This commit is contained in:
Nate Brown
2024-10-10 18:00:22 -05:00
committed by GitHub
parent 16eaae306a
commit 08ac65362e
49 changed files with 2862 additions and 2833 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
connection_state.go
View File

@@ -18,8 +18,8 @@ type ConnectionState struct {
eKey *NebulaCipherState
dKey *NebulaCipherState
H *noise.HandshakeState
myCert *cert.NebulaCertificate
peerCert *cert.NebulaCertificate
myCert cert.Certificate
peerCert *cert.CachedCertificate
initiator bool
messageCounter atomic.Uint64
window *Bits
@@ -28,17 +28,17 @@ type ConnectionState struct {
func NewConnectionState(l *logrus.Logger, cipher string, certState *CertState, initiator bool, pattern noise.HandshakePattern, psk []byte, pskStage int) *ConnectionState {
var dhFunc noise.DHFunc
switch certState.Certificate.Details.Curve {
switch certState.Certificate.Curve() {
case cert.Curve_CURVE25519:
dhFunc = noise.DH25519
case cert.Curve_P256:
if certState.Certificate.Pkcs11Backed {
if certState.pkcs11Backed {
dhFunc = noiseutil.DHP256PKCS11
} else {
dhFunc = noiseutil.DHP256
}
default:
l.Errorf("invalid curve: %s", certState.Certificate.Details.Curve)
l.Errorf("invalid curve: %s", certState.Certificate.Curve())
return nil
}