search

cBournhonesque / lightyear

A networking library to make multiplayer games for the Bevy game engine
https://cbournhonesque.github.io/lightyear/book
Apache License 2.0
280 stars 28 forks source link

Automate the fingerprint #388

Open simbleau opened 3 weeks ago

simbleau commented 3 weeks ago

The script for generating certificates is currently

# Generates a self-signed certificate valid for 14 days, to use for webtransport
# run this from the root folder
OUT=examples/certificates
openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -keyout $OUT/key.pem -out $OUT/cert.pem -days 14 -nodes -subj "/CN=localhost"

Seems reasonable we could add to the script, and output the fingerprint digest to a file, e.g.

FINGERPRINT=$(openssl x509 -in "$OUT/cert.pem" -noout -sha256 -fingerprint | sed 's/^.*=//')
echo "$FINGERPRINT" >> $OUT/digest

Then the client could include it with include_str!("..examples/certificates/digest")

Nul-led commented 3 weeks ago

might be worth looking into how xwt does this