[go-nuts] Re: Reduced error handling noice

2020-10-09 Thread Markus Heukelom 

In this case, because you call the same function, you could also try a 
helper function:

// GetParameters retrieves multiple parameters using GetParameter.
func GetParameters(params ...string) ([]string, error) {
var values []string
for _, param := range params {
value, err := GetParameter(param)
if err != nil {
return nil, err // alternatively you could also collect & combine all errors
}
values = append(values, value)
}
return values, err
}


params, err := GetParameters("TENANT_ID", "CLIENT_ID", "CLIENT_SECRET")
if err != nil {
return err
}
tenantID, clientID, clientSecret := params[0], params[1], params[2]

On Wednesday, October 7, 2020 at 8:36:07 PM UTC+2 johan.ma...@dexyos.fr 
wrote:

> Hi, I'm looking for thoughts from some experienced go programmers on a 
> technique to reduce error handling verbosity. 
>
> The basic idea is to be optimistic over a few instructions, and then 
> combine many errors in to one. This gist and explains the idea (note the 
> absence of if err != nil {} )
>
> tenantID, err1 := store.GetParameter("TENANT_ID")
> clientID, err2 := store.GetParameter("CLIENT_ID")
> clientSecret, err3 := store.GetParameter("CLIENT_SECRET")
>
> globalErr := multierr.Combine(err1, err2, err3)
> return connection{
> tenantID,
> clientID,
> clientSecret,
> }, globalErr
>
> There's some more detail in a post 
> http://martinsson-johan.blogspot.com/2020/10/less-error-handling-noice-in-go.html.
>  
> I'm sure someone else has already proposed this, but I wasn't able to find 
> it. Grateful for pointers
>  
> While it seems sound to me I'm a very interested in what people from the 
> community thinks.
>
> Cheers
> Johan Martinsson
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/18f311c2-8575-4214-b0ae-6a107e16f453n%40googlegroups.com.

Re: [go-nuts] Reduced error handling noice

2020-10-09 Thread Misha Gusarov 
On 8 Oct 2020, at 5:18, David Skinner wrote:

> When I do an API I may have a Doit and a MustDoit, one returns an error and
> the other panics. My way of keeping the code clean unless I can actually do
> something about the error.

Have a look at https://github.com/ridge/must — I got tired of writing Must*
functions and also of lack of Must* in various libraries.

It only covers simple cases, but works pretty well in practice.

-- 
Misha

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/8FE928AC-7C36-458D-8181-DEC364094180%40ridge.co.

[go-nuts] semantic versioning & Deprecated function

2020-10-09 Thread Jérôme LAFORGE 
Hello Gophers,
>From your point of view, is it acceptable to deprecate (// Deprecated: xxx) 
a function or something else into a Module with the change on its patch 
version number? (from 1.0.0 to 1.0.1).

Thx in adv
Best
Jérôme

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/d22dafef-adef-487c-b31a-38d2cd5b3e77n%40googlegroups.com.

[go-nuts] Re: fasthttp tls client

2020-10-09 Thread Brian Candler 
On Friday, 9 October 2020 20:15:06 UTC+1, Yashar Vasegh wrote:
>
> Yes, it works, thank you. I still not understand why root CA cause problem 
> here, but I was expecting for "Client side TLS AUTH" I need to add CA.
>

No: it's symmetrical.

* A server has a *server private key* and a *server certificate*.  The 
other side (the client) uses the *CA public key* of the CA which signed the 
server certificate, to verify it.

* A client has a *client private key* and a *client certificate*.  The 
other side (the server) uses the *CA public key* of the CA which signed the 
client certificate, to verify it.

Therefore, the only CA key that the client needs is the one which signed 
the server certificate.  If the server certificate was signed by a 
well-known root CA (i.e. one which is already in the client's default set 
of trusted root CAs) then no CA configuration is required at all on the 
client side.

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/a8940275-cf6f-46f7-aeae-210093f23fc3o%40googlegroups.com.

[go-nuts] Re: fasthttp tls client

2020-10-09 Thread Brian Candler 
I suspect you may have misunderstood what a "CA Certificate" is.  It's not 
the Certificate Signing Request (CSR) that you created for your own public 
key.  It's the public key of the certificate authority which signed the 
server's certificate (i.e. google.com).

However, since google.com is signed by one of the standard public CAs, you 
don't need to specify a CA certificate at all, and it will use your 
system's default set of root CAs.

The following variation of your code works for me.  I removed the client 
cert/key as well, since google doesn't require you to present a client cert.

package main

import (
  "fmt"
  //log "github.com/sirupsen/logrus"
  "github.com/valyala/fasthttp"
  "crypto/tls"
  //"crypto/x509"
  //"io/ioutil"
)

func req(method string, url string, data []byte) (int, []byte) {
// Setup HTTPS client
tlsConfig := {
  Certificates: []tls.Certificate{},
}

  req := fasthttp.AcquireRequest()
  req.SetRequestURI(url)
  req.Header.SetMethod(method)
  req.SetBody(data)
  resp := fasthttp.AcquireResponse()

  client := {
TLSConfig: tlsConfig,
  }
  client.Do(req, resp)
  statusCode := resp.StatusCode()
  body := resp.Body()
  return statusCode, body
}

func main(){
  a, b := req("GET", "https://google.com;, nil)

  fmt.Printf(string(b))
  fmt.Println(a)

}

The result:


301 Moved
301 Moved
The document has moved
https://www.google.com/;>here.

301

(and if you change https://google.com to https://www.google.com then you 
get the search page)

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/ac90bbe8-9546-4ed7-b2f1-643d07d24abco%40googlegroups.com.

Re: [go-nuts] Building the embedded static assets prototype

2020-10-09 Thread David Moles 
Good thought. Even after git clean -fdx, though, the branch change-243945 
fails with the dwarf-related errors, and with go1.15.2 + cherry-picked 
95a456f I get this:

/Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:404:22: 
pp.EmbedPatterns undefined (type *build.Package has no field or method 
EmbedPatterns)
/Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:405:26: 
pp.TestEmbedPatterns undefined (type *build.Package has no field or method 
TestEmbedPatterns)
/Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:406:27: 
pp.XTestEmbedPatterns undefined (type *build.Package has no field or method 
XTestEmbedPatterns)

followed by the missing _go_.a above. (It's possible this was in the 
previous error as well, and I just forgot to paste it, sorry.)

I think the problem is with the cherry-pick — I was expecting the top-level 
commit to contain the complete prototype, but it doesn't; there's probably at 
least six commits 

 
I need, if not everything in the relation chain of the top-level commit. 
I'm not sure what the best way to apply all those is — I guess I can try 
one at a time and see what happens.

Boy howdy do branches and pull requests seem easier. But I assume this 
makes sense to experienced Gerrit users.

On Thursday, October 8, 2020 at 3:57:49 PM UTC-7 Ian Lance Taylor wrote:

> On Thu, Oct 8, 2020 at 3:46 PM David Moles  wrote:
> >
> > I'm trying to build the prototype code for the embedded static assets 
> proposal, but I'm not having any luck. I'm new to building Go from source, 
> and new to gerrit and to the Go contribution & development process, so 
> apologies in advance if I'm missing something obvious.
> >
> > I've cloned the Go source and applied the change with
> >
> > git fetch https://go.googlesource.com/go refs/changes/45/243945/2 && 
> git checkout -b change-243945 FETCH_HEAD
> >
> > but when I try to build with src/all.bash (using either go 1.15.2 or go 
> 1.14.9, on macOS Catalina), I get:
> >
> > /Users/david/Projects/Scratch/goroot/src/cmd/internal/obj/dwarf.go:49: 
> s.Func.Text undefined (type func() *FuncInfo has no field or method Text)
> >
> > followed by a bunch of similar errors. (Note that neither dwarf.go nor 
> funcinfo.go are involved in the prototype patchset.)
> >
> > Figuring the tree might have been in a broken state at the time the 
> prototype was committed, I then tried cherry-picking the commit (95a456f) 
> on top of the go1.15.2 release tag. This got me past the error above, but 
> the build then failed with:
> >
> > go tool dist: FAILED: 
> /Users/david/Projects/Scratch/goroot/pkg/tool/darwin_amd64/compile -std 
> -pack -o 
> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/_go_.a
>  
> -p cmd/go/internal/load -importcfg 
> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/importcfg
>  
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/flag.go 
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/path.go 
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go 
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/search.go 
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/test.go: exit 
> status 2
> > go tool dist: open 
> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/modfetch/codehost/_go_.a:
>  
> no such file or directory
> > go tool dist: open 
> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/_go_.a:
>  
> no such file or directory
> > go tool dist: open 
> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/version/_go_.a:
>  
> no such file or directory
> >
> > I assume that I'm doing this wrong, and that there's a right way to be 
> doing it -- what is the right way?
>
>
> These errors look like you have some mix of old and new sources. Make
> sure to start with an empty directory, with no files left over from
> earlier changes.
>
> Ian
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/a764df66-d697-449b-88cb-8c4357f6ef6en%40googlegroups.com.

[go-nuts] Re: fasthttp tls client

2020-10-09 Thread Yashar Vasegh 
thank you for your response,

This is for ""Clients TLS" not "Server TLS", and the target url is not 
google.com it is another server which supports "Clients tls". and even when 
I change the (and if you change https://google.com to https://www.google.com 
then 
you get the search page) I get no result.

any body have idea why it returns 200 even without make a request?


On Friday, October 9, 2020 at 12:40:16 PM UTC-4 b.ca...@pobox.com wrote:

> I suspect you may have misunderstood what a "CA Certificate" is.  It's not 
> the Certificate Signing Request (CSR) that you created for your own public 
> key.  It's the public key of the certificate authority which signed the 
> server's certificate (i.e. google.com).
>
> However, since google.com is signed by one of the standard public CAs, 
> you don't need to specify a CA certificate at all, and it will use your 
> system's default set of root CAs.
>
> The following variation of your code works for me.  I removed the client 
> cert/key as well, since google doesn't require you to present a client cert.
>
> package main
>
> import (
>   "fmt"
>   //log "github.com/sirupsen/logrus"
>   "github.com/valyala/fasthttp"
>   "crypto/tls"
>   //"crypto/x509"
>   //"io/ioutil"
> )
>
> func req(method string, url string, data []byte) (int, []byte) {
> // Setup HTTPS client
> tlsConfig := {
>   Certificates: []tls.Certificate{},
> }
>
>   req := fasthttp.AcquireRequest()
>   req.SetRequestURI(url)
>   req.Header.SetMethod(method)
>   req.SetBody(data)
>   resp := fasthttp.AcquireResponse()
>
>   client := {
> TLSConfig: tlsConfig,
>   }
>   client.Do(req, resp)
>   statusCode := resp.StatusCode()
>   body := resp.Body()
>   return statusCode, body
> }
>
> func main(){
>   a, b := req("GET", "https://google.com;, nil)
>
>   fmt.Printf(string(b))
>   fmt.Println(a)
>
> }
>
> The result:
>
>  content="text/html;charset=utf-8">
> 301 Moved
> 301 Moved
> The document has moved
> https://www.google.com/;>here.
> 
> 301
>
> (and if you change https://google.com to https://www.google.com then you 
> get the search page)
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/6e242f25-d34a-4f4a-9277-41a764d3a58dn%40googlegroups.com.

Re: [go-nuts] Building the embedded static assets prototype

2020-10-09 Thread David Moles 
I think I'm overthinking this -- what it seems to amount to is that this 
change  broke dwarf.go (as 
well as a bunch of other files) and that either the prototype never 
compiled, or there were some changes RSC forgot to check in. I found a few 
unrelated compilation errors as well, some only in tests, and had a go at 
fixing them (see attached patch) but still ran into test fialures. Time to 
give up and wait for the beta, I guess.

On Friday, October 9, 2020 at 12:02:52 PM UTC-7 David Moles wrote:

> Good thought. Even after git clean -fdx, though, the branch change-243945 
> fails with the dwarf-related errors, and with go1.15.2 + cherry-picked 
> 95a456f I get this:
>
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:404:22: 
> pp.EmbedPatterns undefined (type *build.Package has no field or method 
> EmbedPatterns)
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:405:26: 
> pp.TestEmbedPatterns undefined (type *build.Package has no field or method 
> TestEmbedPatterns)
> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go:406:27: 
> pp.XTestEmbedPatterns undefined (type *build.Package has no field or method 
> XTestEmbedPatterns)
>
> followed by the missing _go_.a above. (It's possible this was in the 
> previous error as well, and I just forgot to paste it, sorry.)
>
> I think the problem is with the cherry-pick — I was expecting the 
> top-level commit to contain the complete prototype, but it doesn't; there's 
> probably at least six commits 
> 
>  
> I need, if not everything in the relation chain of the top-level commit. 
> I'm not sure what the best way to apply all those is — I guess I can try 
> one at a time and see what happens.
>
> Boy howdy do branches and pull requests seem easier. But I assume this 
> makes sense to experienced Gerrit users.
>
> On Thursday, October 8, 2020 at 3:57:49 PM UTC-7 Ian Lance Taylor wrote:
>
>> On Thu, Oct 8, 2020 at 3:46 PM David Moles  wrote: 
>> > 
>> > I'm trying to build the prototype code for the embedded static assets 
>> proposal, but I'm not having any luck. I'm new to building Go from source, 
>> and new to gerrit and to the Go contribution & development process, so 
>> apologies in advance if I'm missing something obvious. 
>> > 
>> > I've cloned the Go source and applied the change with 
>> > 
>> > git fetch https://go.googlesource.com/go refs/changes/45/243945/2 && 
>> git checkout -b change-243945 FETCH_HEAD 
>> > 
>> > but when I try to build with src/all.bash (using either go 1.15.2 or go 
>> 1.14.9, on macOS Catalina), I get: 
>> > 
>> > /Users/david/Projects/Scratch/goroot/src/cmd/internal/obj/dwarf.go:49: 
>> s.Func.Text undefined (type func() *FuncInfo has no field or method Text) 
>> > 
>> > followed by a bunch of similar errors. (Note that neither dwarf.go nor 
>> funcinfo.go are involved in the prototype patchset.) 
>> > 
>> > Figuring the tree might have been in a broken state at the time the 
>> prototype was committed, I then tried cherry-picking the commit (95a456f) 
>> on top of the go1.15.2 release tag. This got me past the error above, but 
>> the build then failed with: 
>> > 
>> > go tool dist: FAILED: 
>> /Users/david/Projects/Scratch/goroot/pkg/tool/darwin_amd64/compile -std 
>> -pack -o 
>> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/_go_.a
>>  
>> -p cmd/go/internal/load -importcfg 
>> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/importcfg
>>  
>> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/flag.go 
>> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/path.go 
>> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/pkg.go 
>> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/search.go 
>> /Users/david/Projects/Scratch/goroot/src/cmd/go/internal/load/test.go: exit 
>> status 2 
>> > go tool dist: open 
>> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/modfetch/codehost/_go_.a:
>>  
>> no such file or directory 
>> > go tool dist: open 
>> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/load/_go_.a:
>>  
>> no such file or directory 
>> > go tool dist: open 
>> /var/folders/mq/dw4wtwsn7dlb_q99_qcd9kdcgn/T/go-tool-dist-150877791/cmd/go/internal/version/_go_.a:
>>  
>> no such file or directory 
>> > 
>> > I assume that I'm doing this wrong, and that there's a right way to be 
>> doing it -- what is the right way? 
>>
>>
>> These errors look like you have some mix of old and new sources. Make 
>> sure to start with an empty directory, with no files left over from 
>> earlier changes. 
>>
>> Ian 
>>
>

-- 
You received this message because you are subscribed to the Google

[go-nuts] TLS Handshake Failure Logging

2020-10-09 Thread Erika B 


Hi Gophers! Is there a way to get the subject of a client cert when the TLS 
handshake fails? We are getting spammed with TLS handshake errors and there 
is no easy way to see what clients are trying to authenticate. The remote 
address in the log is the load balancer IP.  Ideally, we’d like to log the 
client cert subject when TLS handshake fails. 

http: TLS handshake error from 10.x.x.x:12345: tls: failed to verify client 
certificate

http: TLS handshake error from 10.x.x.x:12345: tls: client didn't provide a 
certificate


caCert, _ := ioutil.ReadFile("ca.crt")

caCertPool := x509.NewCertPool()

caCertPool.AppendCertsFromPEM(caCert)

tlsConfig := {

ClientCAs: caCertPool,

ClientAuth: tls.RequireAndVerifyClientCert,

}

tlsConfig.BuildNameToCertificate()
r := mux.NewRouter()
r.HandleFunc("/", client.DefaultHandler)

server := {

Addr:  ":9443",

TLSConfig: tlsConfig,
Handler: r,

}

server.ListenAndServeTLS("server.crt", "server.key")


-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/7af5b0d4-efcb-4a6c-82d5-13da1a1e0bd8n%40googlegroups.com.

[go-nuts] Re: fasthttp tls client

2020-10-09 Thread Yashar Vasegh 
Yes, it works, thank you. I still not understand why root CA cause problem 
here, but I was expecting for "Client side TLS AUTH" I need to add CA.

On Friday, October 9, 2020 at 12:40:16 PM UTC-4 b.ca...@pobox.com wrote:

> I suspect you may have misunderstood what a "CA Certificate" is.  It's not 
> the Certificate Signing Request (CSR) that you created for your own public 
> key.  It's the public key of the certificate authority which signed the 
> server's certificate (i.e. google.com).
>
> However, since google.com is signed by one of the standard public CAs, 
> you don't need to specify a CA certificate at all, and it will use your 
> system's default set of root CAs.
>
> The following variation of your code works for me.  I removed the client 
> cert/key as well, since google doesn't require you to present a client cert.
>
> package main
>
> import (
>   "fmt"
>   //log "github.com/sirupsen/logrus"
>   "github.com/valyala/fasthttp"
>   "crypto/tls"
>   //"crypto/x509"
>   //"io/ioutil"
> )
>
> func req(method string, url string, data []byte) (int, []byte) {
> // Setup HTTPS client
> tlsConfig := {
>   Certificates: []tls.Certificate{},
> }
>
>   req := fasthttp.AcquireRequest()
>   req.SetRequestURI(url)
>   req.Header.SetMethod(method)
>   req.SetBody(data)
>   resp := fasthttp.AcquireResponse()
>
>   client := {
> TLSConfig: tlsConfig,
>   }
>   client.Do(req, resp)
>   statusCode := resp.StatusCode()
>   body := resp.Body()
>   return statusCode, body
> }
>
> func main(){
>   a, b := req("GET", "https://google.com;, nil)
>
>   fmt.Printf(string(b))
>   fmt.Println(a)
>
> }
>
> The result:
>
>  content="text/html;charset=utf-8">
> 301 Moved
> 301 Moved
> The document has moved
> https://www.google.com/;>here.
> 
> 301
>
> (and if you change https://google.com to https://www.google.com then you 
> get the search page)
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/c99757de-009d-499a-b07a-86717c0c64bdn%40googlegroups.com.

[go-nuts] Re: semantic versioning & Deprecated function

2020-10-09 Thread peterGo 
Jérôme,

Semantic Versioning Specification (SemVer)
https://semver.org/#semantic-versioning-specification-semver

7. Minor version Y (x.Y.z | x > 0) ... MUST be incremented if any public 
API functionality is marked as deprecated. 
https://semver.org/#spec-item-7

Peter

On Friday, October 9, 2020 at 2:40:58 PM UTC-4, Jérôme LAFORGE wrote:
>
> Hello Gophers,
> From your point of view, is it acceptable to deprecate (// Deprecated: 
> xxx) a function or something else into a Module with the change on its 
> patch version number? (from 1.0.0 to 1.0.1).
>
> Thx in adv
> Best
> Jérôme
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/e3aae5d9-c314-41b7-9c23-1885dd089ca6o%40googlegroups.com.

Re: [go-nuts] ECDSA signature verification

2020-10-09 Thread Kevin Chadwick 
On 2020-10-08 16:22, Marcin Romaszewicz wrote:
> Practically, there isn't much reason today to use the P384 and P521 curves. 
> The
> security provided by P256 is very good, not known to be crackable today, and
> it's a widely supported curve. P384 is reasonably well supported, but not as
> widely, and P521 isn't well supported at all, since it's not in the NSA Suite 
> B
> crypto recommendations, which drive many crypto standards.

There is no good reason to use P384 and little reason to use P521 and no reason
to use p521 for a standard website. The only reason I know of to consider p521
which the browsers do not support (for no good reason, though ssh even installs
a 256 bit host key by default anyway, so maybe key variability simplicity) is
because it offers the greatest challenge in qubits to any potential quantum
computer. However, there is even a possibility that a quantum computer with
enough qubits to defeat p256 is never built or a traditionally binary computer
succeeds first in many years time.

I don't think the world is quite ready for tls 1.3 only yet but you could even
limit the provided algorithms to ed25519 or block P384 in tls 1.2. I would see
that as a far better choice than cgo personally!

Here is how
"https://blog.cloudflare.com/exposing-go-on-the-internet/;

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/1da205bc-b646-1595-75c2-d1c4c02d3ed2%40gmail.com.

Re: [go-nuts] ECDSA signature verification

2020-10-09 Thread Kevin Chadwick 
On 2020-10-09 09:01, Kevin Chadwick wrote:
>  However, there is even a possibility that a quantum computer with
> enough qubits to defeat p256 is never built or a traditionally binary computer
> succeeds first in many years time.

It is also worth noting that the amount of money required to build and run a
quantum computer, will be many times more than enough to subvert a certificate
authority today.

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/85d0dae2-397d-cfd0-8000-04e733cdd99f%40gmail.com.

Re: [go-nuts] ECDSA signature verification

2020-10-09 Thread Shobhit Srivastava 

Will consider your input
On Friday, October 9, 2020 at 2:25:22 PM UTC+5:30 m8il...@gmail.com wrote:

> On 2020-10-09 09:01, Kevin Chadwick wrote:
> > However, there is even a possibility that a quantum computer with
> > enough qubits to defeat p256 is never built or a traditionally binary 
> computer
> > succeeds first in many years time.
>
> It is also worth noting that the amount of money required to build and run 
> a
> quantum computer, will be many times more than enough to subvert a 
> certificate
> authority today.
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/b27567ff-7a13-49ad-83e0-34fd9ea13eebn%40googlegroups.com.

[go-nuts] fasthttp tls client

2020-10-09 Thread Yashar Vasegh 
Hello,

I need to implement client tls under fasthttp. when I set Client TLSConfig 
it is not even make a request and status code 200 return, could someone 
help me over it?

package main

import (
  "fmt"
  log "github.com/Sirupsen/logrus"
  "github.com/valyala/fasthttp"
  "crypto/tls"
  "crypto/x509"
  "io/ioutil"
)

func req(method string, url string, data []byte) (int, []byte) {
cert, err := tls.LoadX509KeyPair("a.txt", "a.key")
if err != nil {
  log.Fatal(err)
}

// Load CA cert
caCert, err := ioutil.ReadFile("a.csr")
if err != nil {
  log.Fatal(err)
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)

// Setup HTTPS client
tlsConfig := {
  Certificates: []tls.Certificate{cert},
  RootCAs:  caCertPool,
}

  req := fasthttp.AcquireRequest()
  req.SetRequestURI(url)
  req.Header.SetMethod(method)
  req.SetBody(data)
  resp := fasthttp.AcquireResponse()
  
  client := {
TLSConfig: tlsConfig,
  }
  client.Do(req, resp)  
  statusCode := resp.StatusCode()
  body := resp.Body()
  return statusCode, body
}

func main(){
  a, b := req("GET", "https://google.com;, nil)

  fmt.Printf(string(b))
  fmt.Println(a)

}

 


-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/37cb0a30-27b4-4822-bdea-0da6d63e3741n%40googlegroups.com.