aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGibheer <gibheer@gmail.com>2015-03-30 21:34:05 +0200
committerGibheer <gibheer@gmail.com>2015-03-30 21:34:05 +0200
commit9ba6a88449e6297ea925e0c59e923c56e742983f (patch)
tree75972e862ac1d7295fa422ea90d4c34342b5148f
parent8e2db6f6c9ebaea1ca072b4880a63d4a3bda2da9 (diff)
split out all private key related functions
This moves all private key related functions out into a separate file to get flags.go smaller.
-rw-r--r--flags.go97
-rw-r--r--main.go29
-rw-r--r--private_key.go126
3 files changed, 126 insertions, 126 deletions
diff --git a/flags.go b/flags.go
index a78cd56..b93c156 100644
--- a/flags.go
+++ b/flags.go
@@ -21,14 +21,7 @@ import (
"github.com/gibheer/pki"
)
-const (
- RsaLowerLength = 2048
- RsaUpperLength = 16384
-)
-
var (
- // the possible ecdsa curves allowed to be used
- EcdsaCurves = []int{224, 256, 384, 521}
// the possible valid key usages to check against the commandline
ValidKeyUsages = map[string]x509.KeyUsage{
"digitalsignature": x509.KeyUsageDigitalSignature,
@@ -94,12 +87,6 @@ type (
certificatePath string // path to a certificate
}
- privateKeyGenerationFlags struct {
- Type string // type of the private key (rsa, ecdsa)
- Curve elliptic.Curve // curve for ecdsa
- Size int // bitsize for rsa
- }
-
certGenerationRaw struct {
serial int64
notBefore string
@@ -121,14 +108,6 @@ var (
certificate requests and certificates and sign/verify messages.`,
}
- CmdCreatePrivateKey = &Command{
- Use: "create-private",
- Short: "create a private key",
- Long: "Create an ecdsa or rsa key with this command",
- Example: "create-private -type=ecdsa -length=521",
- Run: create_private_key,
- }
-
CmdCreatePublicKey = &Command{
Use: "create-public",
Short: "create a public key from a private key",
@@ -182,8 +161,6 @@ certificate requests and certificates and sign/verify messages.`,
FlagOutput io.WriteCloser
// signature from the args
FlagSignature []byte
- // private key specific stuff
- FlagPrivateKeyGeneration privateKeyGenerationFlags
// a certificate filled with the parameters
FlagCertificateRequestData *pki.CertificateData
// the certificate sign request
@@ -238,39 +215,6 @@ func checkFlags(checks ...flagCheck) error {
return nil
}
-//// print a message with the usage part
-//func (f *Flags) Usagef(message string, args ...interface{}) {
-// fmt.Fprintf(os.Stderr, "error: " + message + "\n", args...)
-// f.flagset.Flags().Usage()
-//}
-
-// add the private key option to the requested flags
-func InitFlagPrivateKey(cmd *Command) {
- cmd.Flags().StringVar(&flagContainer.privateKeyPath, "private-key", "", "path to the private key (required)")
-}
-
-// check the private key flag and load the private key
-func checkPrivateKey() error {
- if flagContainer.privateKeyPath == "" {
- return fmt.Errorf("No private key given!")
- }
- // check permissions of private key file
- info, err := os.Stat(flagContainer.privateKeyPath)
- if err != nil {
- return fmt.Errorf("Error reading private key: %s", err)
- }
- if info.Mode().Perm().String()[4:] != "------" {
- return fmt.Errorf("private key file modifyable by others!")
- }
-
- pk, err := ReadPrivateKeyFile(flagContainer.privateKeyPath)
- if err != nil {
- return fmt.Errorf("Error reading private key: %s", err)
- }
- FlagPrivateKey = pk
- return nil
-}
-
// add the public key flag
func InitFlagPublicKey(cmd *Command) {
cmd.Flags().StringVar(&flagContainer.publicKeyPath, "public-key", "", "path to the public key (required)")
@@ -454,47 +398,6 @@ func checkInput() error {
return nil
}
-// This function adds the private key generation flags.
-func InitFlagPrivateKeyGeneration(cmd *Command) {
- cmd.Flags().StringVar(&flagContainer.cryptType, "type", "ecdsa", "the type of the private key (ecdsa, rsa)")
- cmd.Flags().IntVar(
- &flagContainer.length,
- "length", 521,
- fmt.Sprintf("%d - %d for rsa; one of %v for ecdsa", RsaLowerLength, RsaUpperLength, EcdsaCurves),
- )
-}
-
-// check the private key generation variables and move them to the work space
-func checkPrivateKeyGeneration() error {
- pk_type := flagContainer.cryptType
- FlagPrivateKeyGeneration.Type = pk_type
- switch pk_type {
- case "ecdsa":
- switch flagContainer.length {
- case 224:
- FlagPrivateKeyGeneration.Curve = elliptic.P224()
- case 256:
- FlagPrivateKeyGeneration.Curve = elliptic.P256()
- case 384:
- FlagPrivateKeyGeneration.Curve = elliptic.P384()
- case 521:
- FlagPrivateKeyGeneration.Curve = elliptic.P521()
- default:
- return fmt.Errorf("Curve %d unknown!", flagContainer.length)
- }
- case "rsa":
- size := flagContainer.length
- if RsaLowerLength <= size && size <= RsaUpperLength {
- FlagPrivateKeyGeneration.Size = size
- } else {
- return fmt.Errorf("Length of %d is not allowed for rsa!", size)
- }
- default:
- return fmt.Errorf("Type %s is unknown!", pk_type)
- }
- return nil
-}
-
// add the signature flag to load a signature from a signing process
func InitFlagSignature(cmd *Command) {
cmd.Flags().StringVar(&flagContainer.signature, "signature", "", "the base64 encoded signature to use for verification")
diff --git a/main.go b/main.go
index fff9e4d..a4eec3f 100644
--- a/main.go
+++ b/main.go
@@ -26,35 +26,6 @@ func main() {
CmdRoot.Execute()
}
-// create a new private key
-func create_private_key(cmd *Command, args []string) {
- err := checkFlags(checkOutput, checkPrivateKeyGeneration)
- if err != nil {
- crash_with_help(cmd, ErrorFlagInput, "Flags invalid: %s", err)
- }
-
- var pk pki.Pemmer
- switch FlagPrivateKeyGeneration.Type {
- case "ecdsa":
- pk, err = pki.NewPrivateKeyEcdsa(FlagPrivateKeyGeneration.Curve)
- case "rsa":
- pk, err = pki.NewPrivateKeyRsa(FlagPrivateKeyGeneration.Size)
- default:
- crash_with_help(cmd, ErrorInput, "Unknown private key type '%s'", FlagPrivateKeyGeneration.Type)
- }
- if err != nil {
- crash_with_help(cmd, ErrorProgram, "Error creating private key: %s", err)
- }
- marsh_pem, err := pk.MarshalPem()
- if err != nil {
- crash_with_help(cmd, ErrorProgram, "Error when marshalling to pem: %s", err)
- }
- _, err = marsh_pem.WriteTo(FlagOutput)
- if err != nil {
- crash_with_help(cmd, ErrorProgram, "Error when writing output: %s", err)
- }
-}
-
// create a public key derived from a private key
func create_public_key(cmd *Command, args []string) {
err := checkFlags(checkPrivateKey, checkOutput)
diff --git a/private_key.go b/private_key.go
index 4996f5e..335023e 100644
--- a/private_key.go
+++ b/private_key.go
@@ -5,12 +5,138 @@ import (
"github.com/gibheer/pki"
)
+const (
+ RsaLowerLength = 2048
+ RsaUpperLength = 16384
+)
+
var (
+ // error messages
ErrNoPKFound = errors.New("no private key found")
ErrNoPUFound = errors.New("no public key found")
ErrUnknownFormat = errors.New("key is an unknown format")
+
+ // the possible ecdsa curves allowed to be used
+ EcdsaCurves = []int{224, 256, 384, 521}
+
+ // Command to create a private key
+ CmdCreatePrivateKey = &Command{
+ Use: "create-private",
+ Short: "create a private key",
+ Long: "Create an ecdsa or rsa key with this command",
+ Example: "create-private -type=ecdsa -length=521",
+ Run: create_private_key,
+ }
+ // private key specific stuff
+ FlagPrivateKeyGeneration privateKeyGenerationFlags
)
+type (
+ // The flags specific to create a private key
+ privateKeyGenerationFlags struct {
+ Type string // type of the private key (rsa, ecdsa)
+ Curve elliptic.Curve // curve for ecdsa
+ Size int // bitsize for rsa
+ }
+)
+
+// create a new private key
+func create_private_key(cmd *Command, args []string) {
+ err := checkFlags(checkOutput, checkPrivateKeyGeneration)
+ if err != nil {
+ crash_with_help(cmd, ErrorFlagInput, "Flags invalid: %s", err)
+ }
+
+ var pk pki.Pemmer
+ switch FlagPrivateKeyGeneration.Type {
+ case "ecdsa":
+ pk, err = pki.NewPrivateKeyEcdsa(FlagPrivateKeyGeneration.Curve)
+ case "rsa":
+ pk, err = pki.NewPrivateKeyRsa(FlagPrivateKeyGeneration.Size)
+ default:
+ crash_with_help(cmd, ErrorInput, "Unknown private key type '%s'", FlagPrivateKeyGeneration.Type)
+ }
+ if err != nil {
+ crash_with_help(cmd, ErrorProgram, "Error creating private key: %s", err)
+ }
+ marsh_pem, err := pk.MarshalPem()
+ if err != nil {
+ crash_with_help(cmd, ErrorProgram, "Error when marshalling to pem: %s", err)
+ }
+ _, err = marsh_pem.WriteTo(FlagOutput)
+ if err != nil {
+ crash_with_help(cmd, ErrorProgram, "Error when writing output: %s", err)
+ }
+}
+
+// This function adds the private key generation flags.
+func InitFlagPrivateKeyGeneration(cmd *Command) {
+ cmd.Flags().StringVar(&flagContainer.cryptType, "type", "ecdsa", "the type of the private key (ecdsa, rsa)")
+ cmd.Flags().IntVar(
+ &flagContainer.length,
+ "length", 521,
+ fmt.Sprintf("%d - %d for rsa; one of %v for ecdsa", RsaLowerLength, RsaUpperLength, EcdsaCurves),
+ )
+}
+
+// check the private key generation variables and move them to the work space
+func checkPrivateKeyGeneration() error {
+ pk_type := flagContainer.cryptType
+ FlagPrivateKeyGeneration.Type = pk_type
+ switch pk_type {
+ case "ecdsa":
+ switch flagContainer.length {
+ case 224:
+ FlagPrivateKeyGeneration.Curve = elliptic.P224()
+ case 256:
+ FlagPrivateKeyGeneration.Curve = elliptic.P256()
+ case 384:
+ FlagPrivateKeyGeneration.Curve = elliptic.P384()
+ case 521:
+ FlagPrivateKeyGeneration.Curve = elliptic.P521()
+ default:
+ return fmt.Errorf("Curve %d unknown!", flagContainer.length)
+ }
+ case "rsa":
+ size := flagContainer.length
+ if RsaLowerLength <= size && size <= RsaUpperLength {
+ FlagPrivateKeyGeneration.Size = size
+ } else {
+ return fmt.Errorf("Length of %d is not allowed for rsa!", size)
+ }
+ default:
+ return fmt.Errorf("Type %s is unknown!", pk_type)
+ }
+ return nil
+}
+
+// add the private key option to the requested flags
+func InitFlagPrivateKey(cmd *Command) {
+ cmd.Flags().StringVar(&flagContainer.privateKeyPath, "private-key", "", "path to the private key (required)")
+}
+
+// check the private key flag and load the private key
+func checkPrivateKey() error {
+ if flagContainer.privateKeyPath == "" {
+ return fmt.Errorf("No private key given!")
+ }
+ // check permissions of private key file
+ info, err := os.Stat(flagContainer.privateKeyPath)
+ if err != nil {
+ return fmt.Errorf("Error reading private key: %s", err)
+ }
+ if info.Mode().Perm().String()[4:] != "------" {
+ return fmt.Errorf("private key file modifyable by others!")
+ }
+
+ pk, err := ReadPrivateKeyFile(flagContainer.privateKeyPath)
+ if err != nil {
+ return fmt.Errorf("Error reading private key: %s", err)
+ }
+ FlagPrivateKey = pk
+ return nil
+}
+
// Read the private key from the path and try to figure out which type of key it
// might be.
func ReadPrivateKeyFile(path string) (pki.PrivateKey, error) {