mirror of
https://github.com/mickael-kerjean/filestash.git
synced 2025-10-28 12:16:48 +08:00
74 lines
1.5 KiB
Go
74 lines
1.5 KiB
Go
package ssl
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"encoding/pem"
|
|
"io/ioutil"
|
|
"os"
|
|
)
|
|
|
|
func GetPrivateKey() (*rsa.PrivateKey, []byte, error) {
|
|
if private, privatePEM, err := pullPrivateKeyFromFS(); err == nil {
|
|
return private, privatePEM, nil
|
|
}
|
|
key, keyPEM, err := generateNewPrivateKey()
|
|
if err != nil {
|
|
Clear()
|
|
return nil, nil, err
|
|
}
|
|
if err = savePrivateKeyToFS(keyPEM); err != nil {
|
|
Clear()
|
|
return nil, nil, err
|
|
}
|
|
return key, keyPEM, nil
|
|
}
|
|
|
|
func generateNewPrivateKey() (*rsa.PrivateKey, []byte, error) {
|
|
key, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
return key, pem.EncodeToMemory(&pem.Block{
|
|
Type: "RSA PRIVATE KEY",
|
|
Bytes: x509.MarshalPKCS1PrivateKey(key),
|
|
}), nil
|
|
}
|
|
|
|
func pullPrivateKeyFromFS() (*rsa.PrivateKey, []byte, error) {
|
|
file, err := os.OpenFile(keyPEMPath(), os.O_RDONLY, os.ModePerm)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
defer file.Close()
|
|
|
|
keyPEM, err := ioutil.ReadAll(file)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
block, _ := pem.Decode(keyPEM)
|
|
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
return priv, keyPEM, nil
|
|
}
|
|
|
|
func savePrivateKeyToFS(privatePEM []byte) error {
|
|
file, err := os.OpenFile(keyPEMPath(), os.O_WRONLY|os.O_CREATE, 0600)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
_, err = file.Write(privatePEM)
|
|
file.Close()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func clearPrivateKey() {
|
|
os.Remove(keyPEMPath())
|
|
}
|