yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-28 14:15:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Re-add PublicKey to configuration file

Browse source
This commit is contained in:
Neil Alexander 2023-11-03 22:35:52 +00:00
parent e5e8c84d7c
commit af15f8adf3
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 17 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cmd/yggdrasil/main.go
View file

@ -136,8 +136,7 @@ func main() {
return return
} }
privateKey := ed25519.PrivateKey(cfg.PrivateKey) publicKey := ed25519.PublicKey(cfg.PublicKey)
publicKey := privateKey.Public().(ed25519.PublicKey)
switch { switch {
case *getaddr: case *getaddr:

21
src/config/config.go
View file

@ -42,6 +42,7 @@ import (
type NodeConfig struct { type NodeConfig struct {
PrivateKey KeyBytes `comment:"Your private key. DO NOT share this with anyone!"` PrivateKey KeyBytes `comment:"Your private key. DO NOT share this with anyone!"`
PrivateKeyPath string `json:",omitempty"` PrivateKeyPath string `json:",omitempty"`
PublicKey KeyBytes `comment:"Your public key. This is safe to share."`
Certificate *tls.Certificate `json:"-"` Certificate *tls.Certificate `json:"-"`
Peers []string `comment:"List of connection strings for outbound peer connections in URI format,\ne.g. tls://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j. These connections\nwill obey the operating system routing table, therefore you should\nuse this section when you may connect via different interfaces."` Peers []string `comment:"List of connection strings for outbound peer connections in URI format,\ne.g. tls://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j. These connections\nwill obey the operating system routing table, therefore you should\nuse this section when you may connect via different interfaces."`
InterfacePeers map[string][]string `comment:"List of connection strings for outbound peer connections in URI format,\narranged by source interface, e.g. { \"eth0\": [ \"tls://a.b.c.d:e\" ] }.\nNote that SOCKS peerings will NOT be affected by this option and should\ngo in the \"Peers\" section instead."` InterfacePeers map[string][]string `comment:"List of connection strings for outbound peer connections in URI format,\narranged by source interface, e.g. { \"eth0\": [ \"tls://a.b.c.d:e\" ] }.\nNote that SOCKS peerings will NOT be affected by this option and should\ngo in the \"Peers\" section instead."`
@ -128,7 +129,8 @@ func (cfg *NodeConfig) UnmarshalHJSON(b []byte) error {
func (cfg *NodeConfig) postprocessConfig() error { func (cfg *NodeConfig) postprocessConfig() error {
if cfg.PrivateKeyPath != "" { if cfg.PrivateKeyPath != "" {
cfg.PrivateKey = nil cfg.PrivateKey = cfg.PrivateKey[:0]
cfg.PublicKey = cfg.PublicKey[:0]
f, err := os.ReadFile(cfg.PrivateKeyPath) f, err := os.ReadFile(cfg.PrivateKeyPath)
if err != nil { if err != nil {
return err return err
@ -137,6 +139,13 @@ func (cfg *NodeConfig) postprocessConfig() error {
return err return err
} }
} }
if len(cfg.PrivateKey) < ed25519.SeedSize {
return fmt.Errorf("private key is not long enough")
}
privateKey := ed25519.NewKeyFromSeed(cfg.PrivateKey[:ed25519.SeedSize])
publicKey := privateKey.Public().(ed25519.PublicKey)
cfg.PrivateKey = append(cfg.PrivateKey[:0], privateKey[:ed25519.SeedSize]...)
cfg.PublicKey = append(cfg.PublicKey[:0], publicKey...)
switch { switch {
case cfg.Certificate == nil: case cfg.Certificate == nil:
// No self-signed certificate has been generated yet. // No self-signed certificate has been generated yet.
@ -173,7 +182,7 @@ func (cfg *NodeConfig) GenerateSelfSignedCertificate() error {
} }
func (cfg *NodeConfig) MarshalPEMCertificate() ([]byte, error) { func (cfg *NodeConfig) MarshalPEMCertificate() ([]byte, error) {
privateKey := ed25519.PrivateKey(cfg.PrivateKey) privateKey := ed25519.NewKeyFromSeed(cfg.PrivateKey[:ed25519.SeedSize])
publicKey := privateKey.Public().(ed25519.PublicKey) publicKey := privateKey.Public().(ed25519.PublicKey)
cert := &x509.Certificate{ cert := &x509.Certificate{
@ -201,15 +210,17 @@ func (cfg *NodeConfig) MarshalPEMCertificate() ([]byte, error) {
} }
func (cfg *NodeConfig) NewPrivateKey() { func (cfg *NodeConfig) NewPrivateKey() {
_, spriv, err := ed25519.GenerateKey(nil) spub, spriv, err := ed25519.GenerateKey(nil)
if err != nil { if err != nil {
panic(err) panic(err)
} }
cfg.PrivateKey = KeyBytes(spriv) cfg.PrivateKey = append(cfg.PrivateKey[:0], spriv[:ed25519.SeedSize]...)
cfg.PublicKey = append(cfg.PublicKey[:0], spub...)
} }
func (cfg *NodeConfig) MarshalPEMPrivateKey() ([]byte, error) { func (cfg *NodeConfig) MarshalPEMPrivateKey() ([]byte, error) {
b, err := x509.MarshalPKCS8PrivateKey(ed25519.PrivateKey(cfg.PrivateKey)) privateKey := ed25519.NewKeyFromSeed(cfg.PrivateKey[:ed25519.SeedSize])
b, err := x509.MarshalPKCS8PrivateKey(privateKey)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to marshal PKCS8 key: %w", err) return nil, fmt.Errorf("failed to marshal PKCS8 key: %w", err)
} }