sig-auth/main.go

package main

import (
	"bytes"
	"crypto"
	"encoding/json"
	"flag"
	"fmt"
	"io"
	"log"
	"net/http"
	"os"

	"crispbyte.dev/sig-auth/client"
	"crispbyte.dev/sig-auth/server"
	"github.com/opencontainers/go-digest"
	"golang.org/x/crypto/ssh"
)

func main() {
	useClient := flag.Bool("c", false, "Run client")

	keyPath := flag.String("key", "", "Path to the private (client mode) or public (server mode) to use")

	flag.Parse()

	if *useClient {
		runClient(keyPath)
	} else {
		runServer(keyPath)
	}
}

func runClient(keyFile *string) {
	testData := map[string]string{"hello": "world"}
	json_data, _ := json.Marshal(testData)

	key, err := loadPrivateKey(*keyFile)

	if err != nil {
		log.Fatal(err)
	}

	client, err := client.GetSigningClient(key, "test-id")

	if err != nil {
		log.Fatal(err)
	}

	id := digest.FromBytes(json_data)

	req, err := http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))

	if err != nil {
		log.Fatal(err)
	}

	req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())
	req.Header.Add("Content-Type", "application/json")

	resp, err := client.Do(req)

	if err != nil {
		log.Fatal(err)
	}

	defer resp.Body.Close()

	out, err := io.ReadAll(resp.Body)

	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(resp.StatusCode)
	fmt.Println(string(out[:]))
}

func runServer(keyFile *string) {
	key, err := loadPublicKey(*keyFile)

	if err != nil {
		log.Fatal(err)
	}

	server.Start(key)
}

func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		return nil, err
	}

	return ssh.ParseRawPrivateKey(keyBytes)
}

func loadPublicKey(keyFile string) (crypto.PublicKey, error) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		return nil, err
	}

	pk, _, _, _, err := ssh.ParseAuthorizedKey(keyBytes)

	return pk.(ssh.CryptoPublicKey).CryptoPublicKey(), err
}