dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Identity management plumbing to Go

Browse source
This commit is contained in:
Adam Ierymenko 2019-09-30 18:59:57 -07:00
parent 7fc78129f4
commit 47a08ccbd4
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
7 changed files with 247 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
go/cmd/zerotier/cli/help.go
View file

@ -48,7 +48,7 @@ Commands:
newdnskey Create a secure DNS name and secret
getdns <key> <locator> Create secure DNS TXT records
identity <command> [args] Identity management commands
new Create new identity (including secret)
new [c25519|p384] Create new identity (including secret)
getpublic <identity> Extract only public part of identity
validate <identity> Locally validate an identity
sign <identity> <file> Sign a file with an identity's key

129
go/cmd/zerotier/cli/identity.go
View file

@ -13,6 +13,135 @@
package cli
import (
"encoding/hex"
"fmt"
"io/ioutil"
"os"
"strings"
"zerotier/pkg/zerotier"
)
/*
identity <command> [args] Identity management commands
new Create new identity (including secret)
getpublic <identity> Extract only public part of identity
validate <identity> Locally validate an identity
sign <identity> <file> Sign a file with an identity's key
verify <identity> <file> <sig> Verify a signature
*/
// Identity command
func Identity(args []string) {
if len(args) > 0 {
switch args[0] {
case "new":
idType := zerotier.IdentityTypeC25519
if len(args) > 1 {
if len(args) > 2 {
Help()
os.Exit(1)
}
switch args[1] {
case "c25519":
case "p384":
idType = zerotier.IdentityTypeP384
default:
Help()
os.Exit(1)
}
}
id, err := zerotier.NewIdentity(idType)
if err != nil {
fmt.Printf("ERROR: internal error generating identity: %s\n", err.Error())
os.Exit(1)
}
fmt.Println(id.PrivateKeyString())
os.Exit(0)
case "getpublic":
if len(args) == 2 {
idData, err := ioutil.ReadFile(args[1])
if err != nil {
fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
os.Exit(1)
}
id, err := zerotier.NewIdentityFromString(string(idData))
if err != nil {
fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
os.Exit(1)
}
fmt.Println(id.String())
os.Exit(0)
}
case "validate":
if len(args) == 2 {
idData, err := ioutil.ReadFile(args[1])
if err != nil {
fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
os.Exit(1)
}
id, err := zerotier.NewIdentityFromString(string(idData))
if err != nil {
fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
os.Exit(1)
}
if id.LocallyValidate() {
fmt.Println("OK")
os.Exit(0)
}
fmt.Println("FAILED")
os.Exit(1)
}
case "sign", "verify":
if len(args) > 2 {
idData, err := ioutil.ReadFile(args[1])
if err != nil {
fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
os.Exit(1)
}
id, err := zerotier.NewIdentityFromString(string(idData))
if err != nil {
fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
os.Exit(1)
}
msg, err := ioutil.ReadFile(args[2])
if err != nil {
fmt.Printf("ERROR: unable to read input file: %s\n", err.Error())
os.Exit(1)
}
if args[0] == "verify" {
if len(args) == 4 {
sig, err := hex.DecodeString(strings.TrimSpace(args[3]))
if err != nil {
fmt.Println("FAILED")
os.Exit(1)
}
if id.Verify(msg, sig) {
fmt.Println("OK")
os.Exit(0)
}
}
fmt.Println("FAILED")
os.Exit(1)
} else {
sig, err := id.Sign(msg)
if err != nil {
fmt.Printf("ERROR: internal error signing message: %s\n", err.Error())
os.Exit(1)
}
fmt.Println(hex.EncodeToString(sig))
os.Exit(0)
}
}
}
}
Help()
os.Exit(1)
}

10
go/cmd/zerotier/cli/locator.go
View file

@ -116,6 +116,16 @@ func locatorGetDNS(args []string) {
fmt.Printf("FATAL: locator invalid: %s", err.Error())
os.Exit(1)
}
txt, err := loc.MakeTXTRecords(&sk)
if err != nil {
fmt.Printf("FATAL: error creating TXT records: %s\n", err.Error())
os.Exit(1)
}
for _, t := range txt {
fmt.Println(t)
}
os.Exit(0)
}
// Locator CLI command