forked from inconshreveable/go-update
/
create_keys.go
75 lines (64 loc) · 1.49 KB
/
create_keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package main
import (
"crypto/ed25519"
"crypto/rand"
"crypto/x509"
"encoding/pem"
"io/ioutil"
"github.com/urfave/cli/v2"
)
func createKeys() *cli.Command {
a := &application{}
return &cli.Command{
Name: "create-keys",
Usage: "Create public and private keys to be use to certify.",
Description: "You may specify a filename for the Private and the Public Keys",
Flags: []cli.Flag{
&cli.StringFlag{
Name: "private-key",
Aliases: []string{"priv"},
Usage: "The private key file to store the new key in.",
Destination: &a.privateKey,
Value: "ed25519.key",
},
&cli.StringFlag{
Name: "public-key",
Aliases: []string{"pub"},
Usage: "The public key file to store the new key in.",
Destination: &a.publicKey,
Value: "ed25519.pem",
},
},
Action: func(_ *cli.Context) error {
return a.createKeys()
},
}
}
func (a *application) createKeys() error {
pub, priv, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
return err
}
b, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil {
return err
}
block := &pem.Block{
Type: "PRIVATE KEY",
Bytes: b,
}
err = ioutil.WriteFile(a.privateKey, pem.EncodeToMemory(block), 0600)
if err != nil {
return err
}
b, err = x509.MarshalPKIXPublicKey(pub)
if err != nil {
return err
}
block = &pem.Block{
Type: "PUBLIC KEY",
Bytes: b,
}
err = ioutil.WriteFile(a.publicKey, pem.EncodeToMemory(block), 0644)
return err
}