Skip to content

Commit 66d70c0

Browse files
SnawootSnawoot
authored
Merge pull request #126 from SenseUnit/cert_auth_sn_interning
cert auth: proper cert SN interning
2 parents 3ff3432 + cc2d381 commit 66d70c0

File tree

3 files changed

+14
-12
lines changed

3 files changed

+14
-12
lines changed

auth/cert.go

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ import (
1515
"time"
1616

1717
clog "github.com/SenseUnit/dumbproxy/log"
18+
19+
us "github.com/Snawoot/uniqueslice"
1820
)
1921

2022
type serialNumberSetFile struct {
@@ -149,22 +151,20 @@ func formatSerial(serial *big.Int) string {
149151
return string(buf[:len(buf)-1])
150152
}
151153

152-
type serialNumberKey = [20]byte
154+
type serialNumberKey = us.Handle[[]byte, byte]
153155
type serialNumberSet struct {
154156
sns map[serialNumberKey]struct{}
155157
}
156158

157-
func normalizeSNBytes(b []byte) serialNumberKey {
158-
var k serialNumberKey
159-
copy(
160-
k[max(len(k)-len(b), 0):],
161-
b[max(len(b)-len(k), 0):],
162-
)
163-
return k
159+
func cutLeadingZeroes(b []byte) []byte {
160+
for len(b) > 1 && b[0] == 0 {
161+
b = b[1:]
162+
}
163+
return b
164164
}
165165

166166
func (s *serialNumberSet) Has(serial *big.Int) bool {
167-
key := normalizeSNBytes(serial.Bytes())
167+
key := us.Make(cutLeadingZeroes(serial.Bytes()))
168168
if s == nil || s.sns == nil {
169169
return false
170170
}
@@ -188,7 +188,7 @@ func newSerialNumberSetFromReader(r io.Reader, bad func(error)) (*serialNumberSe
188188
}
189189
continue
190190
}
191-
set[normalizeSNBytes(serial)] = struct{}{}
191+
set[us.Make(cutLeadingZeroes(serial))] = struct{}{}
192192
}
193193

194194
if err := scanner.Err(); err != nil {

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ go 1.23.0
55
toolchain go1.24.1
66

77
require (
8+
github.com/Snawoot/uniqueslice v0.1.1
89
github.com/coreos/go-systemd/v22 v22.5.0
910
github.com/dop251/goja v0.0.0-20250309171923-bcd7cc6bf64c
1011
github.com/hashicorp/go-multierror v1.1.1
@@ -14,12 +15,11 @@ require (
1415
github.com/tg123/go-htpasswd v1.2.3
1516
github.com/zeebo/xxh3 v1.0.2
1617
golang.org/x/crypto v0.37.0
18+
golang.org/x/crypto/x509roots/fallback v0.0.0-20250406160420-959f8f3db0fb
1719
golang.org/x/net v0.39.0
1820
golang.org/x/time v0.11.0
1921
)
2022

21-
require golang.org/x/crypto/x509roots/fallback v0.0.0-20250406160420-959f8f3db0fb
22-
2323
require (
2424
github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 // indirect
2525
github.com/cespare/xxhash/v2 v2.3.0 // indirect

go.sum

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 h1:IEjq88XO4PuBDcv
22
github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5/go.mod h1:exZ0C/1emQJAw5tHOaUDyY1ycttqBAPcxuzf7QbY6ec=
33
github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0=
44
github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
5+
github.com/Snawoot/uniqueslice v0.1.1 h1:KEfv3FtAXiNEoxvcc79pFQDhnqwYXQyZIkxOM4e/qpw=
6+
github.com/Snawoot/uniqueslice v0.1.1/go.mod h1:K9zIaHO43FGLHbqm6WCDFeY6+CN/du5eiio/vxvDVC8=
57
github.com/Snawoot/xtime v0.0.0-20250501122004-d1ce456948bb h1:PleTDwc/EQenzLsvIal2BgvIXr2D214M88RFac3WkeI=
68
github.com/Snawoot/xtime v0.0.0-20250501122004-d1ce456948bb/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
79
github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=

0 commit comments

Comments
 (0)