From 1cf9ac77e9b7e2a2085ea8464de062c98b09b3dd Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Fri, 15 Apr 2022 15:03:54 -0400 Subject: [PATCH] changed encoding of structs --- controllers/server.go | 26 +++++++++++++++++++++++--- netclient/config/config.go | 31 ++++++++++++++++++++++++++++--- netclient/functions/register.go | 14 ++++++++++++-- 3 files changed, 63 insertions(+), 8 deletions(-) diff --git a/controllers/server.go b/controllers/server.go index 7e01e7d8..c21714a1 100644 --- a/controllers/server.go +++ b/controllers/server.go @@ -176,10 +176,30 @@ func register(w http.ResponseWriter, r *http.Request) { return } + caBytes, err := config.ConvertCertToBytes(*ca) + if err != nil { + logger.Log(0, "failed to encode CA cert ", err.Error()) + errorResponse := models.ErrorResponse{ + Code: http.StatusInternalServerError, Message: err.Error(), + } + returnErrorResponse(w, r, errorResponse) + return + } + + certBytes, err := config.ConvertCertToBytes(*cert) + if err != nil { + logger.Log(0, "failed to encode CA cert ", err.Error()) + errorResponse := models.ErrorResponse{ + Code: http.StatusInternalServerError, Message: err.Error(), + } + returnErrorResponse(w, r, errorResponse) + return + } + response := config.RegisterResponse{ - Key: *key, - CA: *ca, - Cert: *cert, + Key: *key, + CABytes: caBytes, + CertBytes: certBytes, } w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(response) diff --git a/netclient/config/config.go b/netclient/config/config.go index d73a19aa..e1f2b702 100644 --- a/netclient/config/config.go +++ b/netclient/config/config.go @@ -2,9 +2,11 @@ package config import ( //"github.com/davecgh/go-spew/spew" + "bytes" "crypto/ed25519" "crypto/x509" "encoding/base64" + "encoding/gob" "encoding/json" "errors" "fmt" @@ -46,10 +48,33 @@ type RegisterRequest struct { Key ed25519.PublicKey } +// ConvertStructToByte - util to convert bytes to a key to use elsewhere +func ConvertCertToBytes(cert x509.Certificate) ([]byte, error) { + var buffer bytes.Buffer + var enc = gob.NewEncoder(&buffer) + if err := enc.Encode(cert); err != nil { + return nil, err + } + return buffer.Bytes(), nil +} + +// ConvertStructToByte - util to convert bytes to a key to use elsewhere +func ConvertBytesToCert(data []byte) (x509.Certificate, error) { + var buffer = bytes.NewBuffer(data) + var dec = gob.NewDecoder(buffer) + var result = new(x509.Certificate) + var err = dec.Decode(result) + if err != nil { + return *result, err + } + return *result, nil +} + +// RegisterResponse - the response to register function type RegisterResponse struct { - Key ed25519.PrivateKey - CA x509.Certificate - Cert x509.Certificate + Key ed25519.PrivateKey + CABytes []byte + CertBytes []byte } // Write - writes the config of a client to disk diff --git a/netclient/functions/register.go b/netclient/functions/register.go index 5236d393..672dbf86 100644 --- a/netclient/functions/register.go +++ b/netclient/functions/register.go @@ -16,6 +16,7 @@ import ( "github.com/gravitl/netmaker/tls" ) +// Register - the function responsible for registering with the server and acquiring certs func Register(cfg *config.ClientConfig) error { if cfg.Server.Server == "" { return errors.New("no server provided") @@ -62,10 +63,19 @@ func Register(cfg *config.ClientConfig) error { if err := json.NewDecoder(response.Body).Decode(&resp); err != nil { return errors.New("unmarshal cert error " + err.Error()) } - if err := tls.SaveCert(ncutils.GetNetclientPath()+cfg.Server.Server+"/", "root.pem", &resp.CA); err != nil { + responseCA, err := config.ConvertBytesToCert(resp.CABytes) + if err != nil { + return errors.New("could not acquire CA from response " + err.Error()) + } + responseCert, err := config.ConvertBytesToCert(resp.CertBytes) + if err != nil { + return errors.New("could not acquire client certificate from response " + err.Error()) + } + + if err := tls.SaveCert(ncutils.GetNetclientPath()+cfg.Server.Server+"/", "root.pem", &responseCA); err != nil { return err } - if err := tls.SaveCert(ncutils.GetNetclientPath()+cfg.Server.Server+"/", "client.pem", &resp.Cert); err != nil { + if err := tls.SaveCert(ncutils.GetNetclientPath()+cfg.Server.Server+"/", "client.pem", &responseCert); err != nil { return err } if err := tls.SaveKey(ncutils.GetNetclientPath(), "client.key", private); err != nil {