2021-05-05 05:06:05 +07:00
|
|
|
package commands
|
|
|
|
|
|
|
|
import (
|
2021-08-03 16:55:21 +07:00
|
|
|
"fmt"
|
2021-05-05 05:06:05 +07:00
|
|
|
"os"
|
2021-08-03 16:55:21 +07:00
|
|
|
"path/filepath"
|
2021-05-05 05:06:05 +07:00
|
|
|
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
|
2021-08-11 08:04:35 +07:00
|
|
|
"github.com/authelia/authelia/v4/internal/utils"
|
2021-05-05 05:06:05 +07:00
|
|
|
)
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
// NewRSACmd returns a new RSA Cmd.
|
|
|
|
func NewRSACmd() (cmd *cobra.Command) {
|
|
|
|
cmd = &cobra.Command{
|
|
|
|
Use: "rsa",
|
|
|
|
Short: "Commands related to rsa keypair generation",
|
|
|
|
Args: cobra.NoArgs,
|
|
|
|
}
|
2021-05-05 05:06:05 +07:00
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
cmd.AddCommand(newRSAGenerateCmd())
|
2021-05-05 05:06:05 +07:00
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
return cmd
|
2021-05-05 05:06:05 +07:00
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
func newRSAGenerateCmd() (cmd *cobra.Command) {
|
|
|
|
cmd = &cobra.Command{
|
|
|
|
Use: "generate",
|
|
|
|
Short: "Generate a RSA keypair",
|
|
|
|
Args: cobra.NoArgs,
|
|
|
|
Run: cmdRSAGenerateRun,
|
|
|
|
}
|
2021-05-05 05:06:05 +07:00
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
cmd.Flags().StringP("dir", "d", "", "Target directory where the keypair will be stored")
|
|
|
|
cmd.Flags().IntP("key-size", "b", 2048, "Sets the key size in bits")
|
2021-05-05 05:06:05 +07:00
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
return cmd
|
|
|
|
}
|
|
|
|
|
|
|
|
func cmdRSAGenerateRun(cmd *cobra.Command, _ []string) {
|
|
|
|
bits, err := cmd.Flags().GetInt("key-size")
|
2021-05-05 05:06:05 +07:00
|
|
|
if err != nil {
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("Failed to parse key-size flag: %v\n", err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
privateKey, publicKey := utils.GenerateRsaKeyPair(bits)
|
|
|
|
|
|
|
|
rsaTargetDirectory, err := cmd.Flags().GetString("dir")
|
2021-05-05 05:06:05 +07:00
|
|
|
if err != nil {
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("Failed to parse dir flag: %v\n", err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
keyPath := filepath.Join(rsaTargetDirectory, "key.pem")
|
|
|
|
|
|
|
|
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
|
|
|
|
if err != nil {
|
|
|
|
fmt.Printf("Failed to open %s for writing: %v\n", keyPath, err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
defer func() {
|
|
|
|
if err := keyOut.Close(); err != nil {
|
|
|
|
fmt.Printf("Unable to close private key file: %v\n", err)
|
|
|
|
os.Exit(1)
|
|
|
|
}
|
|
|
|
}()
|
2021-05-05 05:06:05 +07:00
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
_, err = keyOut.WriteString(utils.ExportRsaPrivateKeyAsPemStr(privateKey))
|
2021-05-05 05:06:05 +07:00
|
|
|
if err != nil {
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("Failed to write private key: %v\n", err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("RSA Private Key written to %s\n", keyPath)
|
|
|
|
|
|
|
|
certPath := filepath.Join(rsaTargetDirectory, "key.pub")
|
|
|
|
|
|
|
|
certOut, err := os.OpenFile(certPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
|
2021-05-05 05:06:05 +07:00
|
|
|
if err != nil {
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("Failed to open %s for writing: %v\n", keyPath, err)
|
|
|
|
return
|
2021-05-05 05:06:05 +07:00
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
defer func() {
|
|
|
|
if err := certOut.Close(); err != nil {
|
|
|
|
fmt.Printf("Failed to close public key file: %v\n", err)
|
|
|
|
os.Exit(1)
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
publicPem, err := utils.ExportRsaPublicKeyAsPemStr(publicKey)
|
2021-05-05 05:06:05 +07:00
|
|
|
if err != nil {
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("Failed to marshal public key: %v\n", err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
_, err = certOut.WriteString(publicPem)
|
|
|
|
if err != nil {
|
|
|
|
fmt.Printf("Failed to write private key: %v\n", err)
|
2021-05-05 05:06:05 +07:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-03 16:55:21 +07:00
|
|
|
fmt.Printf("RSA Public Key written to %s\n", certPath)
|
2021-05-05 05:06:05 +07:00
|
|
|
}
|