More attempt at getting this shit to work
All checks were successful
/ docker (push) Successful in 4m9s
All checks were successful
/ docker (push) Successful in 4m9s
This commit is contained in:
parent
06e6d457da
commit
59dd8d82cf
SSH key fingerprint:
SHA256:9VAo09aaVNTWKzPW7Hq2LW+ox9OdwmTSHRoD4mlz1yI
10 changed files with 158 additions and 118 deletions
|
|
@ -59,6 +59,6 @@ func flagUsage() {
|
|||
fmt.Fprintln(os.Stderr, "\t\tIf set, writes logging messages as json objects instead")
|
||||
}
|
||||
|
||||
func init() {
|
||||
// flag.Usage = flagUsage
|
||||
}
|
||||
// func init() {
|
||||
// flag.Usage = flagUsage
|
||||
// }
|
||||
|
|
|
|||
|
|
@ -10,8 +10,6 @@ import (
|
|||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
|
||||
"git.mstar.dev/mstar/linstrom/config"
|
||||
)
|
||||
|
||||
const sanityCheckRawMessage = "test message for sanity checking keys"
|
||||
|
|
@ -45,14 +43,14 @@ func Sign(toSign string, keyBytes []byte, keyIsRsa bool) ([]byte, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
hasher := sha256.New()
|
||||
_, err = hasher.Write([]byte(toSign))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// hash := sha256.Sum256([]byte(toSign))
|
||||
hash := hasher.Sum(nil)
|
||||
signed, err := rsa.SignPKCS1v15(nil, key, crypto.SHA256, hash)
|
||||
// hasher := sha256.New()
|
||||
// _, err = hasher.Write([]byte(toSign))
|
||||
// if err != nil {
|
||||
// return nil, err
|
||||
// }
|
||||
// hash := hasher.Sum(nil)
|
||||
hash := sha256.Sum256([]byte(toSign))
|
||||
signed, err := rsa.SignPKCS1v15(nil, key, crypto.SHA256, hash[:])
|
||||
// signed, err := key.Sign(rand.Reader, hash[:], crypto.SHA256)
|
||||
return signed, err
|
||||
} else {
|
||||
|
|
@ -63,9 +61,9 @@ func Sign(toSign string, keyBytes []byte, keyIsRsa bool) ([]byte, error) {
|
|||
}
|
||||
}
|
||||
|
||||
func KeyBytesToPem(bytes []byte) string {
|
||||
func KeyBytesToPem(bytes []byte, isEd bool) string {
|
||||
var t string
|
||||
if config.GlobalConfig.Experimental.UseEd25519Keys {
|
||||
if isEd {
|
||||
t = "PUBLIC KEY"
|
||||
} else {
|
||||
// t = "RSA PUBLIC KEY"
|
||||
|
|
@ -79,6 +77,8 @@ func KeyBytesToPem(bytes []byte) string {
|
|||
return string(pem.EncodeToMemory(&block))
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair in direct format.
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckRawEdKeys(pub ed25519.PublicKey, priv ed25519.PrivateKey) error {
|
||||
hash := sha512.Sum512([]byte(sanityCheckRawMessage))
|
||||
signed, err := priv.Sign(rand.Reader, hash[:], crypto.SHA512)
|
||||
|
|
@ -90,12 +90,10 @@ func SanityCheckRawEdKeys(pub ed25519.PublicKey, priv ed25519.PrivateKey) error
|
|||
})
|
||||
}
|
||||
|
||||
func SanityCheckRawByteEdKeys(pub, priv []byte) error {
|
||||
pubKey := ed25519.PublicKey(pub)
|
||||
privKey := ed25519.PrivateKey(priv)
|
||||
return SanityCheckRawEdKeys(pubKey, privKey)
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair as stored in the database
|
||||
// (priv is the byte slice version of ed25519.PrivateKey,
|
||||
// pub a PKIX marshalled ed25519.PublicKey).
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckX509dEdKeys(pub, priv []byte) error {
|
||||
privKey := ed25519.PrivateKey(priv)
|
||||
rawPubKey, err := x509.ParsePKIXPublicKey(pub)
|
||||
|
|
@ -109,12 +107,16 @@ func SanityCheckX509dEdKeys(pub, priv []byte) error {
|
|||
return SanityCheckRawEdKeys(pubKey, privKey)
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair in PEM format
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckPemdEdKeys(pub, priv []byte) error {
|
||||
privBlock, _ := pem.Decode(priv)
|
||||
pubBlock, _ := pem.Decode(pub)
|
||||
return SanityCheckX509dEdKeys(pubBlock.Bytes, privBlock.Bytes)
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair in direct format
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckRawRsaKeys(pub *rsa.PublicKey, priv *rsa.PrivateKey) error {
|
||||
hash := sha256.Sum256([]byte(sanityCheckRawMessage))
|
||||
signed, err := priv.Sign(rand.Reader, hash[:], crypto.SHA256)
|
||||
|
|
@ -124,6 +126,9 @@ func SanityCheckRawRsaKeys(pub *rsa.PublicKey, priv *rsa.PrivateKey) error {
|
|||
return rsa.VerifyPKCS1v15(pub, crypto.SHA256, hash[:], signed)
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair as stored in the db.
|
||||
// (priv is PKCS1 private, pub PKIX public).
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckX509dRsaKeys(pub, priv []byte) error {
|
||||
privKey, err := x509.ParsePKCS1PrivateKey(priv)
|
||||
if err != nil {
|
||||
|
|
@ -140,6 +145,8 @@ func SanityCheckX509dRsaKeys(pub, priv []byte) error {
|
|||
return SanityCheckRawRsaKeys(pubKey, privKey)
|
||||
}
|
||||
|
||||
// Helper function for sanity checking the given key pair in PEM format
|
||||
// As this is a test itself, no tests for the test
|
||||
func SanityCheckPemdRsaKeys(pub, priv []byte) error {
|
||||
privBlock, _ := pem.Decode(priv)
|
||||
pubBlock, _ := pem.Decode(pub)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue