prompt to generate new keys if none exist

2014-12-14 23:12:14 -06:00
parent ed933f89b6
commit 9d077f2ccc
5 changed files with 169 additions and 96 deletions
--- a/cmd/keygen.go
+++ b/cmd/keygen.go
@@ -1,16 +1,8 @@
 package cmd

 import (
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/x509"
-	"encoding/pem"
 	"fmt"
-	"log"
-	"os"

-	"github.com/MDrollette/go-i2p/reseed"
-	"github.com/MDrollette/go-i2p/su3"
 	"github.com/codegangsta/cli"
 )

@@ -25,7 +17,7 @@ func NewKeygenCommand() cli.Command {
 				Usage: "Generate a private key and certificate for the given su3 signing ID (ex. something@mail.i2p)",
 			},
 			cli.StringFlag{
-				Name:  "host",
+				Name:  "tlsHost",
 				Usage: "Generate a self-signed TLS certificate and private key for the given host",
 			},
 		},
@@ -34,79 +26,24 @@ func NewKeygenCommand() cli.Command {

 func keygenAction(c *cli.Context) {
 	signerId := c.String("signer")
-	host := c.String("host")
+	tlsHost := c.String("tlsHost")

-	if signerId == "" && host == "" {
-		fmt.Println("You must specify either --host or --signer")
+	if signerId == "" && tlsHost == "" {
+		fmt.Println("You must specify either --tlsHost or --signer")
 		return
 	}

 	if signerId != "" {
-		createSigner(signerId)
+		if err := createSigningCertificate(signerId); nil != err {
+			fmt.Println(err)
+			return
+		}
 	}

-	if host != "" {
-		createTLSCertificate(host)
+	if tlsHost != "" {
+		if err := createTLSCertificate(tlsHost); nil != err {
+			fmt.Println(err)
+			return
+		}
 	}
 }
-
-func createSigner(signerId string) {
-	// generate private key
-	fmt.Println("Generating signing keys. This may take a minute...")
-	signerKey, err := rsa.GenerateKey(rand.Reader, 4096)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	signerCert, err := su3.NewSigningCertificate(signerId, signerKey)
-
-	// save cert
-	certFile := signerFile(signerId) + ".crt"
-	certOut, err := os.Create(certFile)
-	if err != nil {
-		log.Printf("failed to open %s for writing\n", certFile)
-		log.Fatalln(err)
-	}
-	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: signerCert})
-	certOut.Close()
-	fmt.Println("signing certificate saved to:", certFile)
-
-	// save signing private key
-	privFile := signerFile(signerId) + ".pem"
-	keyOut, err := os.OpenFile(privFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		log.Printf("failed to open %s for writing\n", privFile)
-		log.Fatalln(err)
-	}
-	pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(signerKey)})
-	keyOut.Close()
-	fmt.Println("signing private key saved to:", privFile)
-}
-
-func createTLSCertificate(host string) {
-	fmt.Println("Generating TLS keys. This may take a minute...")
-	priv, err := rsa.GenerateKey(rand.Reader, 4096)
-	if err != nil {
-		log.Fatalln("failed to generate TLS private key:", err)
-	}
-
-	tlsCert, err := reseed.NewTLSCertificate(host, priv)
-
-	// save the TLS certificate
-	certOut, err := os.Create("tls_cert.pem")
-	if err != nil {
-		log.Fatalln("failed to open tls_cert.pem for writing:", err)
-	}
-	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: tlsCert})
-	certOut.Close()
-	fmt.Println("TLS certificate saved to: tls_cert.pem")
-
-	// save the TLS private key
-	keyOut, err := os.OpenFile("tls_key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		log.Fatalln("failed to open tls_key.pem for writing:", err)
-	}
-	pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
-	keyOut.Close()
-	fmt.Println("TLS private key saved to: tls_key.pem")
-}