Split up the key stuff to prep for allowing password-based key file encryption as well and be better organized around this part
This commit is contained in:
idk
1
Makefile
1
Makefile
@ -77,6 +77,7 @@ deps:
|
||||
go get -u github.com/eyedeekay/udptunnel
|
||||
go get -u github.com/eyedeekay/sam-forwarder
|
||||
go get -u github.com/eyedeekay/sam-forwarder/i2pkeys
|
||||
go get -u github.com/eyedeekay/sam-forwarder/i2pkeys/aes
|
||||
go get -u github.com/eyedeekay/sam-forwarder/udp
|
||||
go get -u github.com/eyedeekay/sam-forwarder/config
|
||||
go get -u github.com/eyedeekay/sam-forwarder/manager
|
||||
|
||||
@ -131,12 +131,12 @@ Donate
|
||||
BTC:159M8MEUwhTzE9RXmcZxtigKaEjgfwRbHt
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAEBCgAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAlxfJPcACgkQ11wDs5te
|
||||
FOG8zQgAiUMuFC2gLkpQ7+BJWXmsL7yCHNlPiOcWdlK95NHYDbqQ7Ymp+RB1ZhsU
|
||||
dFlgLn2ydPH2M9kd2hPMiHaiqv3jI+q1VDwj8AgQUp85kD/bCAg312BWerUI1KMm
|
||||
pSDTYFCkhgn2Hn8AMWYQpevCfmhFxMUjJhP3Co3GT27xFjWXN5qgxa778hWAHzdJ
|
||||
c+hdK+0/votHO8aWvEQQlcs+9RXQttfQtJO4WtW8+3S4y84+iwWFyB4K0lyc8uyr
|
||||
KJM1pD2WZwtlofoh9MHuKrQ5CpeItfcNm55AfXYOGtWdtNe8Gvyo/TWMuOZ70u3e
|
||||
+owvf7ECkw+hD0rciS1YfExkhsgomA==
|
||||
=73F1
|
||||
iQEzBAEBCgAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAlxfLNkACgkQ11wDs5te
|
||||
FOHxHgf/Xw+yo+iRHpczI/u0I6jAX5OpgWKO94rwPKEl0h5tk9EiotQZmDxaJfby
|
||||
/DVZ7wmmzyz4Dm6gupEkWNXjGXFBFgR/YISREifbHz95U6URy5oBL33e3jAg691B
|
||||
JXa4nNnV+5iJj1Yk64sDJY0DvL2aFS59ovsF0UgRB6Jw0GkEtuggwERKA0zQIe1R
|
||||
QQ3vCFJ4zlXl013IrUIHfb7NNGALFYmWmMAaS/oGTVejbV4OEDuRIgGAzTQSNI8g
|
||||
vSY2VBcIKhhvrMwtKZT9L7tD9WfHUS3VNpvNePpBlrU5rlXtKC70CZHHebKcLNKV
|
||||
sqk+33b+hdKLPhcoT8wNMHpMkQ0M3A==
|
||||
=9eVD
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
@ -3,74 +3,21 @@ package i2pkeys
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"log"
|
||||
"path/filepath"
|
||||
|
||||
"github.com/eyedeekay/sam3"
|
||||
"github.com/eyedeekay/sam-forwarder/i2pkeys/aes"
|
||||
"github.com/eyedeekay/sam-forwarder/i2pkeys/password"
|
||||
"github.com/gtank/cryptopasta"
|
||||
)
|
||||
|
||||
func bytes(k [32]byte) []byte {
|
||||
var r []byte
|
||||
for _, v := range k {
|
||||
r = append(r, v)
|
||||
}
|
||||
return r
|
||||
}
|
||||
|
||||
func key(k []byte) *[32]byte {
|
||||
var r [32]byte
|
||||
for i, v := range k {
|
||||
r[i] = v
|
||||
}
|
||||
return &r
|
||||
}
|
||||
|
||||
func Encrypt(i2pkeypath, aeskeypath string) error {
|
||||
if aeskeypath != "" {
|
||||
if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
|
||||
return e
|
||||
} else {
|
||||
if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
|
||||
key := cryptopasta.NewEncryptionKey()
|
||||
ioutil.WriteFile(aeskeypath, bytes(*key), 644)
|
||||
} else if err != nil {
|
||||
return err
|
||||
}
|
||||
if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
|
||||
return e
|
||||
} else {
|
||||
crypted, err := cryptopasta.Encrypt(r, key(ra))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ioutil.WriteFile(i2pkeypath, crypted, 644)
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
return i2pkeyscrypt.EncryptKey(i2pkeypath, aeskeypath)
|
||||
}
|
||||
|
||||
func Decrypt(i2pkeypath, aeskeypath string) error {
|
||||
if aeskeypath != "" {
|
||||
if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
|
||||
return e
|
||||
} else {
|
||||
if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
|
||||
return err
|
||||
}
|
||||
if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
|
||||
return e
|
||||
} else {
|
||||
crypted, err := cryptopasta.Decrypt(r, key(ra))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ioutil.WriteFile(i2pkeypath, crypted, 644)
|
||||
}
|
||||
//crypted
|
||||
}
|
||||
}
|
||||
return nil
|
||||
return i2pkeyscrypt.DecryptKey(i2pkeypath, aeskeypath)
|
||||
}
|
||||
|
||||
func Save(FilePath, TunName, passfile string, SamKeys *sam3.I2PKeys) error {
|
||||
@ -110,12 +57,14 @@ func Save(FilePath, TunName, passfile string, SamKeys *sam3.I2PKeys) error {
|
||||
|
||||
func Load(FilePath, TunName, passfile string, samConn *sam3.SAM) (sam3.I2PKeys, error) {
|
||||
if _, err := os.Stat(filepath.Join(FilePath, TunName+".i2pkeys")); os.IsNotExist(err) {
|
||||
log.Println("Generating keys from SAM bridge")
|
||||
SamKeys, err := samConn.NewKeys()
|
||||
if err != nil {
|
||||
return sam3.I2PKeys{}, err
|
||||
}
|
||||
return SamKeys, nil
|
||||
}
|
||||
log.Println("Generating keys from disk")
|
||||
file, err := os.Open(filepath.Join(FilePath, TunName+".i2pkeys"))
|
||||
if err != nil {
|
||||
return sam3.I2PKeys{}, err
|
||||
|
||||
@ -19,8 +19,10 @@ func TestKeysGenLoad(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
log.Println("Loaded tunnel keys")
|
||||
err = Save("./", "test", "", &sk)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
log.Println("Saved tunnel keys")
|
||||
}
|
||||
|
||||
72
i2pkeys/keys/keys.go
Normal file
72
i2pkeys/keys/keys.go
Normal file
@ -0,0 +1,72 @@
|
||||
package i2pkeyscrypt
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
|
||||
"github.com/gtank/cryptopasta"
|
||||
)
|
||||
|
||||
func bytes(k [32]byte) []byte {
|
||||
var r []byte
|
||||
for _, v := range k {
|
||||
r = append(r, v)
|
||||
}
|
||||
return r
|
||||
}
|
||||
|
||||
func key(k []byte) *[32]byte {
|
||||
var r [32]byte
|
||||
for i, v := range k {
|
||||
r[i] = v
|
||||
}
|
||||
return &r
|
||||
}
|
||||
|
||||
func EncryptKey(i2pkeypath, aeskeypath string) error {
|
||||
if aeskeypath != "" {
|
||||
if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
|
||||
return e
|
||||
} else {
|
||||
if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
|
||||
key := cryptopasta.NewEncryptionKey()
|
||||
ioutil.WriteFile(aeskeypath, bytes(*key), 644)
|
||||
} else if err != nil {
|
||||
return err
|
||||
}
|
||||
if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
|
||||
return e
|
||||
} else {
|
||||
crypted, err := cryptopasta.Encrypt(r, key(ra))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ioutil.WriteFile(i2pkeypath, crypted, 644)
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func DecryptKey(i2pkeypath, aeskeypath string) error {
|
||||
if aeskeypath != "" {
|
||||
if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
|
||||
return e
|
||||
} else {
|
||||
if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
|
||||
return err
|
||||
}
|
||||
if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
|
||||
return e
|
||||
} else {
|
||||
crypted, err := cryptopasta.Decrypt(r, key(ra))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ioutil.WriteFile(i2pkeypath, crypted, 644)
|
||||
}
|
||||
//crypted
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
36
i2pkeys/password/password.go
Normal file
36
i2pkeys/password/password.go
Normal file
@ -0,0 +1,36 @@
|
||||
package i2pkeysaes
|
||||
|
||||
import (
|
||||
//"io/ioutil"
|
||||
//"os"
|
||||
//"log"
|
||||
//"path/filepath"
|
||||
|
||||
//"github.com/eyedeekay/sam3"
|
||||
//"github.com/gtank/cryptopasta"
|
||||
)
|
||||
|
||||
func bytes(k [32]byte) []byte {
|
||||
var r []byte
|
||||
for _, v := range k {
|
||||
r = append(r, v)
|
||||
}
|
||||
return r
|
||||
}
|
||||
|
||||
func key(k []byte) *[32]byte {
|
||||
var r [32]byte
|
||||
for i, v := range k {
|
||||
r[i] = v
|
||||
}
|
||||
return &r
|
||||
}
|
||||
|
||||
|
||||
func EncryptPassword(i2pkeypath, password string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func DecryptPassword(i2pkeypath, password string) error {
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user