1 changed files with 32 additions and 34 deletions
Split View
Diff Options
-
+32 -34activitypub/keys.go
+ 32
- 34
activitypub/keys.go
View File
| @@ -1,68 +1,66 @@ | |||
| package activitypub | |||
| import ( | |||
| "crypto/rand" | |||
| "crypto" | |||
| "crypto/rsa" | |||
| "crypto/x509" | |||
| "encoding/pem" | |||
| "fmt" | |||
| "github.com/spacemonkeygo/openssl" | |||
| "log" | |||
| ) | |||
| const keyBitSize = 2048 | |||
| // GenerateKey creates an RSA keypair. | |||
| func GenerateKey() (*rsa.PrivateKey, error) { | |||
| priv, err := rsa.GenerateKey(rand.Reader, keyBitSize) | |||
| func GenerateKey() (openssl.PrivateKey, error) { | |||
| return openssl.GenerateRSAKey(keyBitSize) | |||
| } | |||
| // EncodeKeysToPEM encodes public and private key to PEM format, returning | |||
| // them in that order. | |||
| func EncodeKeysToPEM(privKey openssl.PrivateKey) (pubPEM []byte, privPEM []byte) { | |||
| var err error | |||
| privPEM, err = privKey.MarshalPKCS1PrivateKeyPEM() | |||
| if err != nil { | |||
| return nil, err | |||
| log.Printf("Unable to marshal private key: %v", err) | |||
| return nil, nil | |||
| } | |||
| err = priv.Validate() | |||
| pubPEM, err = privKey.MarshalPKIXPublicKeyPEM() | |||
| if err != nil { | |||
| return nil, err | |||
| log.Printf("Unable to marshal public key: %v", err) | |||
| return nil, nil | |||
| } | |||
| return priv, nil | |||
| return | |||
| } | |||
| // EncodeKeysToPEM encodes public and private key to PEM format, returning | |||
| // them in that order. | |||
| func EncodeKeysToPEM(privKey *rsa.PrivateKey) ([]byte, []byte) { | |||
| privDER := x509.MarshalPKCS1PrivateKey(privKey) | |||
| // pem.Block | |||
| privBlock := pem.Block{ | |||
| Type: "RSA PRIVATE KEY", | |||
| Bytes: privDER, | |||
| func parsePrivateKey(der []byte) (crypto.PrivateKey, error) { | |||
| if key, err := x509.ParsePKCS1PrivateKey(der); err == nil { | |||
| return key, nil | |||
| } | |||
| // Private key in PEM format | |||
| privPEM := pem.EncodeToMemory(&privBlock) | |||
| // Encode public key | |||
| pubKey, ok := privKey.Public().(*rsa.PublicKey) | |||
| if !ok { | |||
| log.Printf("Public key isn't RSA!") | |||
| return nil, nil | |||
| if key, err := x509.ParsePKCS8PrivateKey(der); err == nil { | |||
| switch key := key.(type) { | |||
| case *rsa.PrivateKey: | |||
| return key, nil | |||
| default: | |||
| return nil, fmt.Errorf("found unknown private key type in PKCS#8 wrapping") | |||
| } | |||
| } | |||
| pubDER := x509.MarshalPKCS1PublicKey(pubKey) | |||
| pubBlock := pem.Block{ | |||
| Type: "PUBLIC KEY", | |||
| Bytes: pubDER, | |||
| if key, err := x509.ParseECPrivateKey(der); err == nil { | |||
| return key, nil | |||
| } | |||
| pubPEM := pem.EncodeToMemory(&pubBlock) | |||
| return pubPEM, privPEM | |||
| return nil, fmt.Errorf("failed to parse private key") | |||
| } | |||
| // DecodePrivateKey encodes public and private key to PEM format, returning | |||
| // them in that order. | |||
| func DecodePrivateKey(k []byte) (*rsa.PrivateKey, error) { | |||
| func DecodePrivateKey(k []byte) (crypto.PrivateKey, error) { | |||
| block, _ := pem.Decode(k) | |||
| if block == nil || block.Type != "RSA PRIVATE KEY" { | |||
| return nil, fmt.Errorf("failed to decode PEM block containing private key") | |||
| } | |||
| return x509.ParsePKCS1PrivateKey(block.Bytes) | |||
| return parsePrivateKey(block.Bytes) | |||
| } | |||