forked from TripwireTeam/tripwire
125 lines
2.9 KiB
Go
125 lines
2.9 KiB
Go
|
package main
|
||
|
|
||
|
import (
|
||
|
"crypto"
|
||
|
"crypto/rand"
|
||
|
"crypto/rsa"
|
||
|
"crypto/sha1"
|
||
|
"crypto/x509"
|
||
|
"encoding/pem"
|
||
|
"errors"
|
||
|
"io/fs"
|
||
|
"log"
|
||
|
"os"
|
||
|
)
|
||
|
|
||
|
var publicKey *rsa.PublicKey
|
||
|
var privateKey *rsa.PrivateKey
|
||
|
|
||
|
func initKeys() {
|
||
|
pubKeyBytes, err1 := os.ReadFile("keys/public.key")
|
||
|
privKeyBytes, err2 := os.ReadFile("keys/private.key")
|
||
|
if err1 != nil || err2 != nil {
|
||
|
log.Println("WARNING: At least one key half could not be opened, players will not have any textures!")
|
||
|
log.Println("Try generating a keypair by running \"tripwire gen-keys\".")
|
||
|
if config.DebugMode {
|
||
|
log.Println(err1)
|
||
|
log.Println(err2)
|
||
|
}
|
||
|
return
|
||
|
}
|
||
|
|
||
|
pubDer, _ := pem.Decode(pubKeyBytes)
|
||
|
privDer, _ := pem.Decode(privKeyBytes)
|
||
|
|
||
|
pubKey, err1 := x509.ParsePKIXPublicKey(pubDer.Bytes)
|
||
|
privKey, err2 := x509.ParsePKCS8PrivateKey(privDer.Bytes)
|
||
|
if err1 != nil || err2 != nil {
|
||
|
log.Println("WARNING: At least one key half could not be loaded, players will not have any textures!")
|
||
|
log.Println("Try generating a keypair by running \"tripwire gen-keys\".")
|
||
|
if config.DebugMode {
|
||
|
log.Println(err1)
|
||
|
log.Println(err2)
|
||
|
}
|
||
|
return
|
||
|
}
|
||
|
publicKey = pubKey.(*rsa.PublicKey)
|
||
|
privateKey = privKey.(*rsa.PrivateKey)
|
||
|
}
|
||
|
|
||
|
func genKeys() {
|
||
|
os.Mkdir("keys", 0700)
|
||
|
_, err1 := os.Stat("keys/public.key")
|
||
|
_, err2 := os.Stat("keys/public.key")
|
||
|
if err1 == nil || err2 == nil {
|
||
|
log.Println(
|
||
|
"Error: At least one key half is already present. " +
|
||
|
"If you are having errors reading the key " +
|
||
|
"files, you have likely incorrectly configured " +
|
||
|
"folder permissions.",
|
||
|
)
|
||
|
log.Println(
|
||
|
"If you would like to generate a new keypair anyway, " +
|
||
|
"delete the keys folder and run this command again.",
|
||
|
)
|
||
|
os.Exit(1)
|
||
|
}
|
||
|
if !errors.Is(err1, fs.ErrNotExist) || !errors.Is(err2, fs.ErrNotExist) {
|
||
|
log.Fatalln(
|
||
|
"Error: Could not access keys folder. " +
|
||
|
"Try recreating the folder, or running this command " +
|
||
|
"as a user that has permissions to view it.",
|
||
|
)
|
||
|
}
|
||
|
log.Println("Generating RSA keypair at 4096 bits...")
|
||
|
privkey, err := rsa.GenerateKey(rand.Reader, 4096)
|
||
|
if err != nil {
|
||
|
log.Fatalln(err)
|
||
|
}
|
||
|
|
||
|
pubkeygen, err := x509.MarshalPKIXPublicKey(&privkey.PublicKey)
|
||
|
if err != nil {
|
||
|
log.Fatalln(err)
|
||
|
}
|
||
|
|
||
|
err = os.WriteFile(
|
||
|
"keys/public.key",
|
||
|
encodePem(pubkeygen, "PUBLIC KEY"),
|
||
|
0600,
|
||
|
)
|
||
|
if err != nil {
|
||
|
log.Fatalln(err)
|
||
|
}
|
||
|
|
||
|
privkeygen, err := x509.MarshalPKCS8PrivateKey(privkey)
|
||
|
if err != nil {
|
||
|
log.Fatalln(err)
|
||
|
}
|
||
|
|
||
|
err = os.WriteFile(
|
||
|
"keys/private.key",
|
||
|
encodePem(privkeygen, "PRIVATE KEY"),
|
||
|
0600,
|
||
|
)
|
||
|
if err != nil {
|
||
|
log.Fatalln(err)
|
||
|
}
|
||
|
log.Println("Done!")
|
||
|
}
|
||
|
|
||
|
func signWithPrivateKey(value string) ([]byte, error) {
|
||
|
hasher := sha1.New()
|
||
|
hasher.Write([]byte(value))
|
||
|
|
||
|
return rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA1, hasher.Sum(nil))
|
||
|
}
|
||
|
|
||
|
func encodePem(in []byte, name string) []byte {
|
||
|
return pem.EncodeToMemory(
|
||
|
&pem.Block{
|
||
|
Type: name,
|
||
|
Bytes: in,
|
||
|
},
|
||
|
)
|
||
|
}
|