gen csr on server

controllers/server.go

@@ -1,6 +1,8 @@
 package controller
 
 import (
+	"crypto/ed25519"
+	"crypto/rand"
 	"encoding/json"
 	"net/http"
 	"strings"
@@ -12,7 +14,6 @@ import (
 	"github.com/gravitl/netmaker/netclient/config"
 	"github.com/gravitl/netmaker/servercfg"
 	"github.com/gravitl/netmaker/tls"
-	"github.com/kr/pretty"
 )
 
 func serverHandlers(r *mux.Router) {
@@ -175,9 +176,26 @@ func register(w http.ResponseWriter, r *http.Request) {
 		returnErrorResponse(w, r, errorResponse)
 		return
 	}
-	pretty.Println(&request.CSR.PublicKey)
-	pretty.Println(request.CSR.RawSubjectPublicKeyInfo)
-	cert, err := tls.NewEndEntityCert(*key, &request.CSR, ca, tls.CERTIFICATE_VALIDITY)
+	_, privKey, err := ed25519.GenerateKey(rand.Reader)
+	if err != nil {
+		logger.Log(2, "failed to generate client key", err.Error())
+		errorResponse := models.ErrorResponse{
+			Code: http.StatusInternalServerError, Message: err.Error(),
+		}
+		returnErrorResponse(w, r, errorResponse)
+		return
+	}
+	csr, err := tls.NewCSR(privKey, request.Name)
+	if err != nil {
+		logger.Log(2, "failed to generate client key", err.Error())
+		errorResponse := models.ErrorResponse{
+			Code: http.StatusInternalServerError, Message: err.Error(),
+		}
+		returnErrorResponse(w, r, errorResponse)
+		return
+	}
+
+	cert, err := tls.NewEndEntityCert(*key, csr, ca, tls.CERTIFICATE_VALIDITY)
 	if err != nil {
 		logger.Log(2, "unable to generate client certificate", err.Error())
 		errorResponse := models.ErrorResponse{
@@ -189,6 +207,7 @@ func register(w http.ResponseWriter, r *http.Request) {
 	response := config.RegisterResponse{
 		CA:   *ca,
 		Cert: *cert,
+		Key:  privKey,
 	}
 	w.WriteHeader(http.StatusOK)
 	json.NewEncoder(w).Encode(response)

netclient/config/config.go

@@ -2,7 +2,9 @@ package config
 
 import (
 	//"github.com/davecgh/go-spew/spew"
+	"crypto/ed25519"
 	"crypto/x509"
+	"crypto/x509/pkix"
 	"encoding/base64"
 	"encoding/json"
 	"errors"
@@ -41,12 +43,14 @@ type ServerConfig struct {
 
 // RegisterRequest - struct for registation with netmaker server
 type RegisterRequest struct {
-	CSR x509.CertificateRequest
+	Name pkix.Name
+	CSR  x509.CertificateRequest
 }
 
 type RegisterResponse struct {
 	CA   x509.Certificate
 	Cert x509.Certificate
+	Key  ed25519.PrivateKey
 }
 
 // Write - writes the config of a client to disk

netclient/functions/register.go

@@ -35,13 +35,17 @@ func Register(cfg *config.ClientConfig) error {
 		return err
 	}
 	data := config.RegisterRequest{
-		CSR: *csr,
+		Name: name,
+		CSR:  *csr,
 	}
 	pretty.Println(data.CSR.PublicKey)
+	pretty.Println(data.CSR.RawSubjectPublicKeyInfo)
+	pretty.Println("data\n", data)
 	payload, err := json.Marshal(data)
 	if err != nil {
 		return err
 	}
+	os.WriteFile("/tmp/data", payload, os.ModePerm)
 	url := cfg.Server.API + "/api/server/register"
 	log.Println("registering at ", url)
 
@@ -69,7 +73,7 @@ func Register(cfg *config.ClientConfig) error {
 	if err := tls.SaveCert(ncutils.GetNetclientPath(), "client.cert", &resp.Cert); err != nil {
 		return err
 	}
-	if err := tls.SaveKey(ncutils.GetNetclientPath(), "client.key", key); err != nil {
+	if err := tls.SaveKey(ncutils.GetNetclientPath(), "client.key", resp.Key); err != nil {
 		return err
 	}
 	logger.Log(0, "certificates/key saved ")

tls/tls.go

@@ -9,7 +9,6 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"log"
 	"math/big"
 	"os"
 	"time"
@@ -233,7 +232,6 @@ func ReadKey(name string) (*ed25519.PrivateKey, error) {
 		return nil, fmt.Errorf("unable to read file %w", err)
 	}
 	keyBytes, _ := pem.Decode(bytes)
-	log.Println(keyBytes.Type)
 	key, err := x509.ParsePKCS8PrivateKey(keyBytes.Bytes)
 	if err != nil {
 		return nil, fmt.Errorf("unable to parse file %w", err)