apacheservices68 · September 26, 2023 04:05
diff --git a/asymmetric_encryption.md b/asymmetric_encryption.md
diff --git a/client.go b/client.go
 package main

 import (
 	"crypto/tls"
 	"crypto/x509"
 	"log"
 	"os"
 )

 func main() {
 	log.SetFlags(log.Lshortfile)

 	// Load certificate of the CA who signed server's certificate
 	pemServerCA, err := os.ReadFile("cert/ca-cert.pem")
 	if err != nil {
 		log.Println(err)
 		return
 	}

 	certPool := x509.NewCertPool()
 	if !certPool.AppendCertsFromPEM(pemServerCA) {
 		log.Println(err)
 		return
 	}

 	// Load client's certificate and private key
 	clientCert, err := tls.LoadX509KeyPair("cert/client-cert.pem", "cert/client-key.pem")
 	if err != nil {
 		log.Println(err)
 		return
 	}

 	// Create the credentials and return it
 	config := &tls.Config{
 		RootCAs: certPool,
 		//ClientAuth:   tls.RequireAndVerifyClientCert,
 		Certificates: []tls.Certificate{clientCert},
 	}

 	conn, err := tls.Dial("tcp", "0.0.0.0:10443", config)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	defer conn.Close()

 	n, err := conn.Write([]byte("hello\n"))
 	if err != nil {
 		log.Println(n, err)
 		return
 	}

 	buf := make([]byte, 100)
 	n, err = conn.Read(buf)
 	if err != nil {
 		log.Println(n, err)
 		return
 	}

 	println(string(buf[:n]))
 }
diff --git a/server.go b/server.go
 package main

 import (
 	"bufio"
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
 	"io"
 	"log"
 	"net"
 	"os"
 	"strings"
 )

 func main() {
 	log.SetFlags(log.Lshortfile)

 	// Load certificate of the CA who signed client's certificate
 	pemClientCA, err := os.ReadFile("cert/ca-cert.pem")
 	if err != nil {
 		log.Println(err)
 		return
 	}

 	certPool := x509.NewCertPool()
 	if !certPool.AppendCertsFromPEM(pemClientCA) {
 		log.Println(err)
 		return
 	}

 	// Load server's certificate and private key
 	serverCert, err := tls.LoadX509KeyPair("cert/server-cert.pem", "cert/server-key.pem")
 	if err != nil {
 		log.Println(err)
 		return
 	}

 	// Create the credentials and return it
 	config := &tls.Config{
 		Certificates: []tls.Certificate{serverCert},
 		ClientAuth:   tls.NoClientCert,
 		ClientCAs:    certPool,
 	}
 	ln, err := tls.Listen("tcp", ":10443", config)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	defer ln.Close()

 	for {
 		conn, err := ln.Accept()
 		if err != nil {
 			log.Println(err)
 			continue
 		}
 		go handleConnection(conn)
 	}
 }

 func handleConnection(conn net.Conn) {
 	defer conn.Close()
 	r := bufio.NewReader(conn)
 	for {
 		line, err := r.ReadString('\n')
 		if len(line) == 0 && err != nil {
 			if err == io.EOF {
 				break
 			}
 			return
 		}
 		line = strings.TrimSuffix(line, "\n")

 		fmt.Println(line)

 		_, err = conn.Write([]byte("world\n"))
 		if err != nil {
 			if err == io.EOF {
 				break
 			}
 			return
 		}
 	}
 }
	package main

	import (
	"crypto/tls"
	"crypto/x509"
	"log"
	"os"
	)

	func main() {
	log.SetFlags(log.Lshortfile)

	// Load certificate of the CA who signed server's certificate
	pemServerCA, err := os.ReadFile("cert/ca-cert.pem")
	if err != nil {
	log.Println(err)
	return
	}

	certPool := x509.NewCertPool()
	if !certPool.AppendCertsFromPEM(pemServerCA) {
	log.Println(err)
	return
	}

	// Load client's certificate and private key
	clientCert, err := tls.LoadX509KeyPair("cert/client-cert.pem", "cert/client-key.pem")
	if err != nil {
	log.Println(err)
	return
	}

	// Create the credentials and return it
	config := &tls.Config{
	RootCAs: certPool,
	//ClientAuth: tls.RequireAndVerifyClientCert,
	Certificates: []tls.Certificate{clientCert},
	}

	conn, err := tls.Dial("tcp", "0.0.0.0:10443", config)
	if err != nil {
	log.Println(err)
	return
	}
	defer conn.Close()

	n, err := conn.Write([]byte("hello\n"))
	if err != nil {
	log.Println(n, err)
	return
	}

	buf := make([]byte, 100)
	n, err = conn.Read(buf)
	if err != nil {
	log.Println(n, err)
	return
	}

	println(string(buf[:n]))
	}
	package main

	import (
	"bufio"
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"io"
	"log"
	"net"
	"os"
	"strings"
	)

	func main() {
	log.SetFlags(log.Lshortfile)

	// Load certificate of the CA who signed client's certificate
	pemClientCA, err := os.ReadFile("cert/ca-cert.pem")
	if err != nil {
	log.Println(err)
	return
	}

	certPool := x509.NewCertPool()
	if !certPool.AppendCertsFromPEM(pemClientCA) {
	log.Println(err)
	return
	}

	// Load server's certificate and private key
	serverCert, err := tls.LoadX509KeyPair("cert/server-cert.pem", "cert/server-key.pem")
	if err != nil {
	log.Println(err)
	return
	}

	// Create the credentials and return it
	config := &tls.Config{
	Certificates: []tls.Certificate{serverCert},
	ClientAuth: tls.NoClientCert,
	ClientCAs: certPool,
	}
	ln, err := tls.Listen("tcp", ":10443", config)
	if err != nil {
	log.Println(err)
	return
	}
	defer ln.Close()

	for {
	conn, err := ln.Accept()
	if err != nil {
	log.Println(err)
	continue
	}
	go handleConnection(conn)
	}
	}

	func handleConnection(conn net.Conn) {
	defer conn.Close()
	r := bufio.NewReader(conn)
	for {
	line, err := r.ReadString('\n')
	if len(line) == 0 && err != nil {
	if err == io.EOF {
	break
	}
	return
	}
	line = strings.TrimSuffix(line, "\n")

	fmt.Println(line)

	_, err = conn.Write([]byte("world\n"))
	if err != nil {
	if err == io.EOF {
	break
	}
	return
	}
	}
	}