Generate soon-expiring certificate

mxinden · Aug 19, 2023 · bf6488a · bf6488a
1 parent 4badac4
commit bf6488a
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 17 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/transports/webtransport/Cargo.toml b/transports/webtransport/Cargo.toml
@@ -35,6 +35,9 @@ h3-quinn = { git = "https://github.com/hyperium/h3" }
 h3-webtransport = { git = "https://github.com/hyperium/h3" }
 http = "0.2.9"
 env_logger = "0.10.0"
+# TODO
+rcgen = "*"
+time = "0.3"
 
 [features]
 tokio = ["if-watch/tokio", "quinn/runtime-tokio"]

diff --git a/transports/webtransport/src/lib.rs b/transports/webtransport/src/lib.rs
@@ -16,9 +16,22 @@ pub struct Transport(
 
 impl Transport {
     pub fn new(peer_id: PeerId) -> Result<Self, Box<dyn std::error::Error>> {
-        let cert = Certificate(std::fs::read("server.cert")?);
+        let mut params = rcgen::CertificateParams::new(vec![
+            "hello.world.example".to_string(),
+            "localhost".to_string(),
+        ]);
+
+        // Set not_before and not_after
+        params.not_before = time::OffsetDateTime::now_utc();
+        // TODO: Obviously we can do better.
+        params.not_after =
+            time::OffsetDateTime::now_utc() + std::time::Duration::from_secs(60 * 60 * 24);
+
+        let x = rcgen::Certificate::from_params(params).unwrap();
+        let cert = Certificate(x.serialize_der().unwrap());
+
         let fingerprint = fingerprint::Fingerprint::from_certificate(cert.as_ref());
-        let key = PrivateKey(std::fs::read("server.key")?);
+        let key = PrivateKey(x.serialize_private_key_der());
 
         let socket_addr: SocketAddr = "[::1]:4433".parse().unwrap();
 

diff --git a/wasm-tests/webtransport-tests/echo-server/main.go b/wasm-tests/webtransport-tests/echo-server/main.go
@@ -17,7 +17,6 @@ import (
 
 // This provides a way for test cases to discover the WebTransport address
 func addrReporter(ma multiaddr.Multiaddr) {
-    fmt.Println(ma)
     http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
         h := w.Header()
         h.Add("Access-Control-Allow-Origin", "*")

diff --git a/wasm-tests/webtransport-tests/src/lib.rs b/wasm-tests/webtransport-tests/src/lib.rs
@@ -320,20 +320,7 @@ async fn new_connection_to_echo_server() -> Connection {
 /// It fetches the multiaddress via HTTP request to
 /// 127.0.0.1:4455.
 async fn fetch_server_addr() -> Multiaddr {
-    let url = "http://127.0.0.1:4455/";
-    let window = window().expect("failed to get browser window");
-
-    let value = JsFuture::from(window.fetch_with_str(url))
-        .await
-        .expect("fetch failed");
-    let resp = value.dyn_into::<Response>().expect("cast failed");
-
-    let text = resp.text().expect("text failed");
-    let text = JsFuture::from(text).await.expect("text promise failed");
-
-    text.as_string()
-        .filter(|s| !s.is_empty())
-        .expect("response not a text")
+    "/ip6/::1/udp/4433/quic-v1/webtransport/certhash/uEiC2fS1kSZDhvit28_w7FwEtRuL5W0hRUrPKCi414xFFVg/p2p/12D3KooWL6cCLH7Y6SEHFhgfRtWMRpJG5vhsz7SYGMgT5znXAASJ"
         .parse()
         .unwrap()
 }