diff --git a/pkg/crypto/key_files.go b/pkg/crypto/key_files.go new file mode 100644 index 0000000..87b5c0e --- /dev/null +++ b/pkg/crypto/key_files.go @@ -0,0 +1,50 @@ +package crypto + +import ( + "crypto/ecdh" + "encoding/base64" + "os" +) + +func LoadPrivateKeyFromFile(fp string) *ecdh.PrivateKey { + kb, err := loadKeyFile(fp) + if err != nil { + panic(err) + } + return PrivateKeyFromBytes(kb) +} + +func LoadPublicKeyFromFile(fp string) *ecdh.PublicKey { + kb, err := loadKeyFile(fp) + if err != nil { + panic(err) + } + + return PublicKeyFromBytes(kb) +} + +func SavePrivateKeyToFile(fp string, k *ecdh.PrivateKey) error { + return saveKeyFile(fp, k.Bytes(), privateKeyFileMode) +} + +func SavePublicKeyToFile(fp string, k *ecdh.PublicKey) error { + return saveKeyFile(fp, k.Bytes(), publicKeyFileMode) +} + +func loadKeyFile(fp string) ([]byte, error) { + b64Key, err := os.ReadFile(fp) + if err != nil { + return nil, err + } + + keyBytes := make([]byte, KeySize) + base64.StdEncoding.Decode(keyBytes, b64Key) + return keyBytes, nil +} + +func saveKeyFile(fp string, key []byte, fm os.FileMode) error { + b64Key := make([]byte, base64.StdEncoding.EncodedLen(len(key))) + base64.StdEncoding.Encode(b64Key, key) + + return os.WriteFile(fp, b64Key, fm) +} diff --git a/pkg/crypto/keys.go b/pkg/crypto/keys.go index a24054d..db983ec 100644 --- a/pkg/crypto/keys.go +++ b/pkg/crypto/keys.go @@ -64,6 +64,24 @@ func NewSharedKey(local *ecdh.PrivateKey, remote *ecdh.PublicKey, direction Dire return key } +func PrivateKeyFromB64(encodedKey []byte) *ecdh.PrivateKey { + keyBytes := make([]byte, base64.StdEncoding.DecodedLen(len(encodedKey))) + _, err := base64.StdEncoding.Decode(keyBytes, encodedKey) + if err != nil { + panic(fmt.Errorf("could not decode base64 private key: %w", err)) + } + return PrivateKeyFromBytes(keyBytes) +} + +func PublicKeyFromB64(encodedKey []byte) *ecdh.PublicKey { + keyBytes := make([]byte, base64.StdEncoding.DecodedLen(len(encodedKey))) + _, err := base64.StdEncoding.Decode(keyBytes, encodedKey) + if err != nil { + panic(fmt.Errorf("could not decode base64 public key: %w", err)) + } + return PublicKeyFromBytes(keyBytes) +} + func PrivateKeyFromBytes(keyBytes []byte) *ecdh.PrivateKey { key, err := ecdh.X25519().NewPrivateKey(keyBytes) if err != nil { @@ -79,61 +97,3 @@ func PublicKeyFromBytes(keyBytes []byte) *ecdh.PublicKey { } return key } - -func LoadPrivateKeyFromFile(fp string) (*ecdh.PrivateKey, error) { - var kb []byte - var err error - if os.Getenv("CCCLIP_LOAD_RAW_KEYS") == "" { - kb, err = loadKey(fp) - } else { - kb = make([]byte, KeySize) - base64.StdEncoding.Decode(kb, []byte(fp)) - } - if err != nil { - return nil, err - } - - return PrivateKeyFromBytes(kb), nil -} - -func LoadPublicKeyFromFile(fp string) (*ecdh.PublicKey, error) { - var kb []byte - var err error - if os.Getenv("CCCLIP_LOAD_RAW_KEYS") == "" { - kb, err = loadKey(fp) - } else { - kb = make([]byte, KeySize) - base64.StdEncoding.Decode(kb, []byte(fp)) - } - if err != nil { - return nil, err - } - - return PublicKeyFromBytes(kb), nil -} - -func SavePrivateKeyToFile(fp string, k *ecdh.PrivateKey) error { - return saveKey(fp, k.Bytes(), privateKeyFileMode) -} - -func SavePublicKeyToFile(fp string, k *ecdh.PublicKey) error { - return saveKey(fp, k.Bytes(), publicKeyFileMode) -} - -func loadKey(fp string) ([]byte, error) { - b64Key, err := os.ReadFile(fp) - if err != nil { - return nil, err - } - - keyBytes := make([]byte, KeySize) - base64.StdEncoding.Decode(keyBytes, b64Key) - return keyBytes, nil -} - -func saveKey(fp string, key []byte, fm os.FileMode) error { - b64Key := make([]byte, base64.StdEncoding.EncodedLen(len(key))) - base64.StdEncoding.Encode(b64Key, key) - - return os.WriteFile(fp, b64Key, fm) -}