Skip to content
/ keypair Public

A Go convenience wrapper which provides access to a private/public RSA keypair.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lidstromberg/keypair

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
config.go
config.go
 
 
env
env
 
 
errors.go
errors.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
gogets
gogets
 
 
keypair.go
keypair.go
 
 
keypair_test.go
keypair_test.go
 
 

Repository files navigation

Keypair - Go convenience wrapper for a private/public RSA keypair.

A Go convenience wrapper which provides access to a private/public RSA keypair, which is located in either a Google Cloud Platform Storage bucket or local storage.

What?

This provides synchronised access to private and public RSA keys for encrypt/decrypt operations.

Why?

Written to provide convenient encryption/decryption, and synchronised access to both keys so that they can be passed around.

How?

The best place to start is with the tests. If running locally, then ensure that Google Application Credentials have been created. If running from a GCP virtual machine, then ensure that the relevant service account (compute, appengine etc.) has the following IAM scopes: 'Storage Object Viewer' and 'Storage Object Creator', or 'Storage Object Admin'. See [GCP service accounts] for further details.

Examples

See the tests for usage examples.

Dependencies and services

This utilises the following fine pieces of work:

Installation

Install using go get.

$ go get -u github.com/lidstromberg/keypair

Environment Variables

You will also need to export (linux/macOS) or create (Windows) some environment variables.

################################
# KEYPAIR
################################
export KP_TYPE="bucket"
export KP_GCP_BUCKET="{{BUCKETNAME}}"
export KP_PRIKEY="jwt.key"
export KP_PUBKEY="jwt.key.pub"
################################
# GCP CREDENTIALS
################################
export GOOGLE_APPLICATION_CREDENTIALS="/PATH/TO/GCPCREDENTIALS.JSON"

(See Google Application Credentials)

Private/Public Certs

The following will generate RSA private/public keys (assuming you have openssl installed). Unfortunately the private key should not be password protected at this point (see RFC1423 Issue for details).

$ ssh-keygen -t rsa -b 4096 -m PEM -f jwt.key
$ openssl rsa -in jwt.key -pubout -outform PEM -pubout -out jwt.key.pub

Google Cloud Platform Requirements

If you intend to use GCP datastore as your backend, then you will require:

  • A GCP project
  • A GCP storage bucket (private) to store the RSA private/public keys (in the root of the bucket)
  • Your GOOGLE_APPLICATION_CREDENTIALS json credentials key should be created with the following IAM scopes: 'Storage Object Viewer' and 'Storage Object Creator', or 'Storage Object Admin'.

Main Files

File Purpose
keypair.go Logic manager
keypair_test.go Tests

Ancillary Files

File Purpose
config.go Boot package parameters, environment var collection
errors.go Package error definitions
env Package environment variables for local/dev installation
gogets Statements for go-getting required packages

About

A Go convenience wrapper which provides access to a private/public RSA keypair.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages