/
auth.go
60 lines (48 loc) · 1.31 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package agent
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/base64"
"github.com/google/uuid"
)
// https://github.com/aws/amazon-ssm-agent/blob/mainline/agent/managedInstances/auth/rsa_key.go
const (
keySize int = 2048
// KeyType returns the RSA Key Type
KeyType = "Rsa"
)
type rsaKey struct {
privateKey *rsa.PrivateKey
}
// createFingerPrint creates a new random fingerprint
func createFingerPrint() (string, error) {
uid, err := uuid.NewRandom()
if err != nil {
return "", nil
}
return uid.String(), nil
}
// createKeypair creates a new RSA keypair
func createKeypair() (*rsaKey, error) {
privateKey, err := rsa.GenerateKey(rand.Reader, keySize)
if err != nil {
return nil, err
}
return &rsaKey{
privateKey: privateKey,
}, nil
}
// encodePublicKey encodes a public key to a base 64 DER encoded string
func (rsaKey *rsaKey) encodePublicKey() (string, error) {
publicKeyBytes, err := x509.MarshalPKIXPublicKey(&rsaKey.privateKey.PublicKey)
if err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString(publicKeyBytes), nil
}
// encodePrivateKey encodes a private key to a base 64 DER encoded string
func (rsaKey *rsaKey) encodePrivateKey() string {
privateKeyBytes := x509.MarshalPKCS1PrivateKey(rsaKey.privateKey)
return base64.StdEncoding.EncodeToString(privateKeyBytes)
}