-// VoRS -- Vo(IP) Really Simple
-// Copyright (C) 2024 Sergey Matveev <stargrave@stargrave.org>
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as
-// published by the Free Software Foundation, version 3 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program. If not, see <http://www.gnu.org/licenses/>.
-
package main
import (
- "crypto/ed25519"
"crypto/rand"
- "crypto/x509"
- "crypto/x509/pkix"
- "encoding/pem"
+ "encoding/hex"
+ "flag"
"fmt"
+ "io"
"log"
- "math/big"
"os"
- "time"
- vors "go.stargrave.org/vors/internal"
+ "github.com/flynn/noise"
)
func main() {
- log.SetFlags(log.Lmicroseconds | log.Lshortfile)
- pub, prv, err := ed25519.GenerateKey(rand.Reader)
- if err != nil {
- log.Fatal(err)
- }
- notBefore := time.Now()
- tmpl := x509.Certificate{
- SerialNumber: big.NewInt(1),
- Subject: pkix.Name{CommonName: vors.CN},
- NotBefore: notBefore,
- NotAfter: notBefore.Add(365 * 24 * time.Hour),
- KeyUsage: x509.KeyUsageDigitalSignature,
- ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
- BasicConstraintsValid: true,
- DNSNames: []string{vors.CN},
- }
- der, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, pub, prv)
- if err != nil {
- log.Fatal(err)
- }
- cer, err := x509.ParseCertificate(der)
- if err != nil {
- log.Fatal(err)
- }
- fmt.Fprintln(os.Stderr, "SPKI hash:", vors.SPKIHash(cer))
- key, err := x509.MarshalPKCS8PrivateKey(prv)
- if err != nil {
- log.Fatal(err)
- }
- err = pem.Encode(os.Stdout, &pem.Block{Type: "PRIVATE KEY", Bytes: key})
- if err != nil {
- log.Fatal(err)
+ pub := flag.Bool("pub", false, "Print hexadecimal public key")
+ flag.Parse()
+ if *pub {
+ data, err := io.ReadAll(os.Stdin)
+ if err != nil {
+ log.Fatal(err)
+ }
+ if len(data) != 2*32 {
+ log.Fatal("wrong length")
+ }
+ fmt.Printf("%s\n", hex.EncodeToString(data[32:]))
+ return
}
- err = pem.Encode(os.Stdout, &pem.Block{Type: "CERTIFICATE", Bytes: der})
+ kp, err := noise.DH25519.GenerateKeypair(rand.Reader)
if err != nil {
log.Fatal(err)
}
+ os.Stdout.Write(kp.Private[:])
+ os.Stdout.Write(kp.Public[:])
}