134 lines
2.5 KiB
Go
134 lines
2.5 KiB
Go
package main
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto"
|
|
"encoding/json"
|
|
"flag"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
|
|
"crispbyte.dev/sig-auth/client"
|
|
"crispbyte.dev/sig-auth/server"
|
|
"crispbyte.dev/sig-auth/sqlite_directory"
|
|
"github.com/opencontainers/go-digest"
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
func main() {
|
|
useClient := flag.Bool("c", false, "Run client")
|
|
|
|
keyPath := flag.String("key", "", "Path to the private key (client mode) or public key (server mode) to use - Required")
|
|
|
|
simulateCaddy := flag.Bool("caddy", false, "Simulate caddy reverse proxy")
|
|
|
|
flag.Parse()
|
|
|
|
if *keyPath == "" {
|
|
flag.PrintDefaults()
|
|
return
|
|
}
|
|
|
|
if *useClient {
|
|
runClient(keyPath, *simulateCaddy)
|
|
} else {
|
|
runServer(keyPath, *simulateCaddy)
|
|
}
|
|
}
|
|
|
|
func runClient(keyFile *string, simulateCaddy bool) {
|
|
testData := map[string]string{"hello": "world"}
|
|
json_data, _ := json.Marshal(testData)
|
|
|
|
key, err := loadPrivateKey(*keyFile)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
client, err := client.GetSigningClient(key, "test-id")
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
id := digest.FromBytes(json_data)
|
|
|
|
var req *http.Request
|
|
|
|
req, err = http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())
|
|
req.Header.Add("Content-Type", "application/json")
|
|
|
|
if simulateCaddy {
|
|
req.Header.Add("X-Forwarded-Method", req.Method)
|
|
req.Header.Add("X-Forwarded-Uri", req.RequestURI)
|
|
}
|
|
|
|
resp, err := client.Do(req)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
out, err := io.ReadAll(resp.Body)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
fmt.Println(resp.StatusCode)
|
|
fmt.Println(resp.Header)
|
|
fmt.Println(string(out[:]))
|
|
}
|
|
|
|
func runServer(keyFile *string, simulateCaddy bool) {
|
|
key, alg, err := loadPublicKey(*keyFile)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
keyDir := sqlite_directory.CreateDirectory(alg, key)
|
|
|
|
server.Start(simulateCaddy, keyDir)
|
|
}
|
|
|
|
func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
|
|
keyBytes, err := os.ReadFile(keyFile)
|
|
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return ssh.ParseRawPrivateKey(keyBytes)
|
|
}
|
|
|
|
func loadPublicKey(keyFile string) (crypto.PublicKey, string, error) {
|
|
keyBytes, err := os.ReadFile(keyFile)
|
|
|
|
if err != nil {
|
|
return nil, "", err
|
|
}
|
|
|
|
pk, _, _, _, err := ssh.ParseAuthorizedKey(keyBytes)
|
|
|
|
var alg string
|
|
|
|
switch pk.Type() {
|
|
case "ssh-ed25519":
|
|
alg = "ed25519"
|
|
}
|
|
|
|
return pk.(ssh.CryptoPublicKey).CryptoPublicKey(), alg, err
|
|
}
|