mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 15:26:04 +08:00
gen csr on server
This commit is contained in:
parent
9677957023
commit
38cf8b0ceb
|
@ -1,6 +1,8 @@
|
|||
package controller
|
||||
|
||||
import (
|
||||
"crypto/ed25519"
|
||||
"crypto/rand"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
@ -12,7 +14,6 @@ import (
|
|||
"github.com/gravitl/netmaker/netclient/config"
|
||||
"github.com/gravitl/netmaker/servercfg"
|
||||
"github.com/gravitl/netmaker/tls"
|
||||
"github.com/kr/pretty"
|
||||
)
|
||||
|
||||
func serverHandlers(r *mux.Router) {
|
||||
|
@ -175,9 +176,26 @@ func register(w http.ResponseWriter, r *http.Request) {
|
|||
returnErrorResponse(w, r, errorResponse)
|
||||
return
|
||||
}
|
||||
pretty.Println(&request.CSR.PublicKey)
|
||||
pretty.Println(request.CSR.RawSubjectPublicKeyInfo)
|
||||
cert, err := tls.NewEndEntityCert(*key, &request.CSR, ca, tls.CERTIFICATE_VALIDITY)
|
||||
_, privKey, err := ed25519.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
logger.Log(2, "failed to generate client key", err.Error())
|
||||
errorResponse := models.ErrorResponse{
|
||||
Code: http.StatusInternalServerError, Message: err.Error(),
|
||||
}
|
||||
returnErrorResponse(w, r, errorResponse)
|
||||
return
|
||||
}
|
||||
csr, err := tls.NewCSR(privKey, request.Name)
|
||||
if err != nil {
|
||||
logger.Log(2, "failed to generate client key", err.Error())
|
||||
errorResponse := models.ErrorResponse{
|
||||
Code: http.StatusInternalServerError, Message: err.Error(),
|
||||
}
|
||||
returnErrorResponse(w, r, errorResponse)
|
||||
return
|
||||
}
|
||||
|
||||
cert, err := tls.NewEndEntityCert(*key, csr, ca, tls.CERTIFICATE_VALIDITY)
|
||||
if err != nil {
|
||||
logger.Log(2, "unable to generate client certificate", err.Error())
|
||||
errorResponse := models.ErrorResponse{
|
||||
|
@ -189,6 +207,7 @@ func register(w http.ResponseWriter, r *http.Request) {
|
|||
response := config.RegisterResponse{
|
||||
CA: *ca,
|
||||
Cert: *cert,
|
||||
Key: privKey,
|
||||
}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(response)
|
||||
|
|
|
@ -2,7 +2,9 @@ package config
|
|||
|
||||
import (
|
||||
//"github.com/davecgh/go-spew/spew"
|
||||
"crypto/ed25519"
|
||||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
|
@ -41,12 +43,14 @@ type ServerConfig struct {
|
|||
|
||||
// RegisterRequest - struct for registation with netmaker server
|
||||
type RegisterRequest struct {
|
||||
CSR x509.CertificateRequest
|
||||
Name pkix.Name
|
||||
CSR x509.CertificateRequest
|
||||
}
|
||||
|
||||
type RegisterResponse struct {
|
||||
CA x509.Certificate
|
||||
Cert x509.Certificate
|
||||
Key ed25519.PrivateKey
|
||||
}
|
||||
|
||||
// Write - writes the config of a client to disk
|
||||
|
|
|
@ -35,13 +35,17 @@ func Register(cfg *config.ClientConfig) error {
|
|||
return err
|
||||
}
|
||||
data := config.RegisterRequest{
|
||||
CSR: *csr,
|
||||
Name: name,
|
||||
CSR: *csr,
|
||||
}
|
||||
pretty.Println(data.CSR.PublicKey)
|
||||
pretty.Println(data.CSR.RawSubjectPublicKeyInfo)
|
||||
pretty.Println("data\n", data)
|
||||
payload, err := json.Marshal(data)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
os.WriteFile("/tmp/data", payload, os.ModePerm)
|
||||
url := cfg.Server.API + "/api/server/register"
|
||||
log.Println("registering at ", url)
|
||||
|
||||
|
@ -69,7 +73,7 @@ func Register(cfg *config.ClientConfig) error {
|
|||
if err := tls.SaveCert(ncutils.GetNetclientPath(), "client.cert", &resp.Cert); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := tls.SaveKey(ncutils.GetNetclientPath(), "client.key", key); err != nil {
|
||||
if err := tls.SaveKey(ncutils.GetNetclientPath(), "client.key", resp.Key); err != nil {
|
||||
return err
|
||||
}
|
||||
logger.Log(0, "certificates/key saved ")
|
||||
|
|
|
@ -9,7 +9,6 @@ import (
|
|||
"encoding/pem"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"math/big"
|
||||
"os"
|
||||
"time"
|
||||
|
@ -233,7 +232,6 @@ func ReadKey(name string) (*ed25519.PrivateKey, error) {
|
|||
return nil, fmt.Errorf("unable to read file %w", err)
|
||||
}
|
||||
keyBytes, _ := pem.Decode(bytes)
|
||||
log.Println(keyBytes.Type)
|
||||
key, err := x509.ParsePKCS8PrivateKey(keyBytes.Bytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to parse file %w", err)
|
||||
|
|
Loading…
Reference in a new issue