/
keymanage.go
130 lines (115 loc) · 2.89 KB
/
keymanage.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
/***********************************************************************
MicroCore
Copyright 2020 - 2020 by Danyil Dobryvechir (dobrivecher@yahoo.com ddobryvechir@gmail.com)
************************************************************************/
package dvcrypt
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"errors"
"io/ioutil"
"strings"
)
var keyFolder = "/etc/secrets/"
var privateKeyCache = make(map[string]*rsa.PrivateKey)
var publicKeyCache = make(map[string]*rsa.PublicKey)
func SetKeyFolder(path string) {
path = strings.TrimSpace(path)
if path != "" {
c := path[len(path)-1]
if c != '/' && c != '\\' {
path += "/"
}
}
keyFolder = path
}
func GetPublicKey(key string) (*rsa.PublicKey, error) {
if res, ok := publicKeyCache[key]; ok {
return res, nil
}
publicKey, err := LoadPublicKey(key)
if err != nil {
return nil, err
}
publicKeyCache[key] = publicKey
return publicKey, nil
}
func GetPrivateKey(key string) (*rsa.PrivateKey, error) {
if res, ok := privateKeyCache[key]; ok {
return res, nil
}
privateKey, err := LoadPrivateKey(key)
if err != nil {
return nil, err
}
privateKeyCache[key] = privateKey
return privateKey, nil
}
func LoadEncodedData(path string) ([]byte, error) {
data, err := ioutil.ReadFile(path)
if err != nil {
return nil, err
}
return DecodeByteLine(data)
}
func SaveEncodedData(path string, data []byte) error {
data = EncodeByteLine(data)
return ioutil.WriteFile(path, data, 0644)
}
func loadByteKey(key string) ([]byte, error) {
return LoadEncodedData(keyFolder + key)
}
func saveByteKey(key string, data []byte) error {
return SaveEncodedData(keyFolder+key, data)
}
func LoadPublicKey(key string) (*rsa.PublicKey, error) {
data, err := loadByteKey(key)
if err != nil {
return nil, err
}
res, err1 := x509.ParsePKCS1PublicKey(data)
if err1 != nil {
return nil, err1
}
return res, nil
}
func LoadPrivateKey(key string) (*rsa.PrivateKey, error) {
data, err := loadByteKey(key)
if err != nil {
return nil, err
}
res, err1 := x509.ParsePKCS8PrivateKey(data)
if err1 != nil {
return nil, err1
}
privKey, ok := res.(*rsa.PrivateKey)
if !ok {
return nil, errors.New("Key " + key + " is not RSA private key")
}
return privKey, nil
}
func SavePublicKey(keyName string, key *rsa.PublicKey) error {
data := x509.MarshalPKCS1PublicKey(key)
return saveByteKey(keyName, data)
}
func SavePrivateKey(keyName string, key *rsa.PrivateKey) error {
data := x509.MarshalPKCS1PrivateKey(key)
return saveByteKey(keyName, data)
}
func CreatePublicPrivatePair(publicName string, privateName string, bits int) error {
privKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return err
}
err = SavePrivateKey(privateName, privKey)
if err != nil {
return err
}
pubKey := privKey.Public()
rsaPubKey, ok := pubKey.(rsa.PublicKey)
if !ok {
return errors.New("Public key is not RSA")
}
return SavePublicKey(publicName, &rsaPubKey)
}