HGKeeper

grim/josetool

split the project up
draft
2017-02-07, Gary Kramlich

8403cd8ce5bf

Parents 8e69f7c906a6
Children c5f0ccd2dd62

split the project up

5 files changed, 139 insertions(+), 112 deletions(-)

+5 -1

.hgignore

+42 -0

ecdsa.go

+52 -0

gen.go

+3 -111

main.go

+37 -0

rsa.go

~~--- a/.hgignore Sun Feb 05 04:16:22 2017 -0600~~

+++ b/.hgignore Tue Feb 07 04:56:18 2017 +0000

@@ -1,3 +1,7 @@

syntax: regexp

~~-jwkgen~~

+josetool

+\.c9\/

+syntax: glob

+*.env

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/ecdsa.go Tue Feb 07 04:56:18 2017 +0000

@@ -0,0 +1,42 @@

+package main

+import (

+ "crypto/ecdsa"

+ "crypto/elliptic"

+ "crypto/rand"

+var (

+ ecdsaCmd = app.Command("ecdsa", "generate an ecdsa key")

+ ecdsaAlgorithm = ecdsaCmd.Flag("algorithm", "the algorithm to use").Short('a').Default("ES256").Enum("ES256", "ES384", "ES512")

+ ecdsaCurve = ecdsaCmd.Arg("curve", "the curve to use").Default("P-384").Enum("P-256", "P-384", "P-521")

+ ecdsaKid = ecdsaCmd.Flag("key-id", "the key id to use").Short('i').String()

+ ecdsaUse = ecdsaCmd.Flag("use", "how this key will be used").Short('u').Default("sig").Enum("sig", "enc")

+func genECDSA() error {

+ curves := map[string]elliptic.Curve{

+ "P-256": elliptic.P256(),

+ "P-384": elliptic.P384(),

+ "P-521": elliptic.P521(),

+ }

+ cryptoCurve := curves[*ecdsaCurve]

+ priv, err := ecdsa.GenerateKey(cryptoCurve, rand.Reader)

+ if err != nil {

+ return err

+ }

+ err = outputPrivate(priv, *ecdsaKid, *ecdsaAlgorithm, *ecdsaUse)

+ if err != nil {

+ return err

+ }

+ err = outputPublic(priv.Public(), *ecdsaKid, *ecdsaAlgorithm, *ecdsaUse)

+ if err != nil {

+ return err

+ }

+ return nil

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/gen.go Tue Feb 07 04:56:18 2017 +0000

@@ -0,0 +1,52 @@

+package main

+import (

+ "crypto"

+ "fmt"

+ "github.com/mendsley/gojwk"

+func outputPrivate(key crypto.PrivateKey, kid, algorithm, use string) error {

+ jwkPriv, err := gojwk.PrivateKey(key)

+ if err != nil {

+ return err

+ }

+ jwkPriv.Kid = kid

+ jwkPriv.Alg = algorithm

+ jwkPriv.Use = use

+ jsonPriv, err := gojwk.Marshal(jwkPriv)

+ if err != nil {

+ return err

+ }

+ fmt.Printf("----- begin private key -----\n")

+ fmt.Printf("%s\n", string(jsonPriv[:]))

+ fmt.Printf("------ end private key ------\n")

+ return nil

+func outputPublic(key crypto.PublicKey, kid, algorithm, use string) error {

+ jwkPub, err := gojwk.PublicKey(key)

+ if err != nil {

+ return err

+ }

+ jwkPub.Kid = kid

+ jwkPub.Alg = algorithm

+ jwkPub.Use = use

+ jsonPub, err := gojwk.Marshal(jwkPub)

+ if err != nil {

+ return err

+ }

+ fmt.Printf("----- begin public key -----\n")

+ fmt.Printf("%s\n", string(jsonPub[:]))

+ fmt.Printf("------ end public key ------\n")

+ return nil

~~--- a/main.go Sun Feb 05 04:16:22 2017 -0600~~

+++ b/main.go Tue Feb 07 04:56:18 2017 +0000

@@ -1,136 +1,28 @@

package main

import (

~~- "crypto"~~

~~- "crypto/ecdsa"~~

~~- "crypto/elliptic"~~

~~- "crypto/rand"~~

~~- "crypto/rsa"~~

"fmt"

"os"

"github.com/alecthomas/kingpin"

~~- "github.com/mendsley/gojwk"~~

)

var (

app = kingpin.New("jwkgen", "generates jwk's")

~~- kid = app.Flag("key-id", "the key id to use").Short('i').String()~~

~~- use = app.Flag("use", "how this key will be used").Short('u').Default("sig").Enum("sig", "enc")~~

~~- rsaCmd = app.Command("rsa", "generate an rsa key")~~

~~- rsaAlgorithm = rsaCmd.Flag("algorithm", "the algorithm to use").Short('a').Default("RS256").Enum("RS256", "RS384", "RS512")~~

~~- rsaBits = rsaCmd.Arg("bits", "the number of bits for the key").Default("2048").Int()~~

~~- ecdsaCmd = app.Command("ecdsa", "generate an ecdsa key")~~

~~- ecdsaAlgorithm = ecdsaCmd.Flag("algorithm", "the algorithm to use").Short('a').Default("ES256").Enum("ES256", "ES384", "ES512")~~

~~- ecdsaCurve = ecdsaCmd.Arg("curve", "the curve to use").Default("P-384").Enum("P-256", "P-384", "P-521")~~

)

~~-func genRSA() (crypto.PrivateKey, crypto.PublicKey, error) {~~

~~- fmt.Printf("generating key, this may take some time...\n")~~

~~- priv, err := rsa.GenerateKey(rand.Reader, *rsaBits)~~

~~- if err != nil {~~

~~- return priv, nil, err~~

~~- }~~

~~- return priv, priv.Public(), nil~~

~~-func genECDSA() (crypto.PrivateKey, crypto.PublicKey, error) {~~

~~- curves := map[string]elliptic.Curve{~~

~~- "P-256": elliptic.P256(),~~

~~- "P-384": elliptic.P384(),~~

~~- "P-521": elliptic.P521(),~~

~~- }~~

~~- cryptoCurve := curves[*ecdsaCurve]~~

~~- priv, err := ecdsa.GenerateKey(cryptoCurve, rand.Reader)~~

~~- if err != nil {~~

~~- return priv, nil, err~~

~~- }~~

~~- return priv, priv.Public(), nil~~

~~-func outputPrivate(key crypto.PrivateKey, algorithm string) error {~~

~~- jwkPriv, err := gojwk.PrivateKey(key)~~

~~- if err != nil {~~

~~- return err~~

~~- }~~

~~- jwkPriv.Kid = *kid~~

~~- jwkPriv.Alg = algorithm~~

~~- jwkPriv.Use = *use~~

~~- jsonPriv, err := gojwk.Marshal(jwkPriv)~~

~~- if err != nil {~~

~~- return err~~

~~- }~~

~~- fmt.Printf("----- begin private key -----\n")~~

~~- fmt.Printf("%s\n", string(jsonPriv[:]))~~

~~- fmt.Printf("------ end private key ------\n")~~

~~- return nil~~

~~-func outputPublic(key crypto.PublicKey, algorithm string) error {~~

~~- jwkPub, err := gojwk.PublicKey(key)~~

~~- if err != nil {~~

~~- return err~~

~~- }~~

~~- jwkPub.Kid = *kid~~

~~- jwkPub.Alg = algorithm~~

~~- jwkPub.Use = *use~~

~~- jsonPub, err := gojwk.Marshal(jwkPub)~~

~~- if err != nil {~~

~~- return err~~

~~- }~~

~~- fmt.Printf("----- begin public key -----\n")~~

~~- fmt.Printf("%s\n", string(jsonPub[:]))~~

~~- fmt.Printf("------ end public key ------\n")~~

~~- return nil~~

func main() {

~~- var (~~

~~- privKey crypto.PrivateKey~~

~~- pubKey crypto.PublicKey~~

~~- algorithm string~~

~~- err error~~

~~- )~~

+ var err error

switch kingpin.MustParse(app.Parse(os.Args[1:])) {

case rsaCmd.FullCommand():

~~- privKey, pubKey, err = genRSA()~~

~~- algorithm = *rsaAlgorithm~~

+ err = genRSA()

case ecdsaCmd.FullCommand():

~~- privKey, pubKey, err = genECDSA()~~

~~- algorithm = *ecdsaAlgorithm~~

+ err = genECDSA()

}

if err != nil {

fmt.Printf("error: %s\n", err)

os.Exit(1)

}

~~- err = outputPrivate(privKey, algorithm)~~

~~- if err != nil {~~

~~- fmt.Printf("error: %s\n", err)~~

~~- os.Exit(1)~~

~~- }~~

~~- err = outputPublic(pubKey, algorithm)~~

~~- if err != nil {~~

~~- fmt.Printf("error: %s\n", err)~~

~~- os.Exit(1)~~

~~- }~~

}

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/rsa.go Tue Feb 07 04:56:18 2017 +0000

@@ -0,0 +1,37 @@

+package main

+import (

+ "fmt"

+ "crypto/rand"

+ "crypto/rsa"

+var (

+ rsaCmd = app.Command("rsa", "generate an rsa key")

+ rsaAlgorithm = rsaCmd.Flag("algorithm", "the algorithm to use").Short('a').Default("RS256").Enum("RS256", "RS384", "RS512")

+ rsaBits = rsaCmd.Arg("bits", "the number of bits for the key").Default("2048").Int()

+ rsaKid = rsaCmd.Flag("key-id", "the key id to use").Short('i').String()

+ rsaUse = rsaCmd.Flag("use", "how this key will be used").Short('u').Default("sig").Enum("sig", "enc")

+func genRSA() error {

+ fmt.Printf("generating RSA key, this may take some time...\n")

+ priv, err := rsa.GenerateKey(rand.Reader, *rsaBits)

+ if err != nil {

+ return err

+ }

+ err = outputPrivate(priv, *rsaKid, *rsaAlgorithm, *rsaUse)

+ if err != nil {

+ return err

+ }

+ err = outputPublic(priv.Public(), *rsaKid, *rsaAlgorithm, *rsaUse)

+ if err != nil {

+ return err

+ }

+ return nil