mirror of
https://github.com/Start9Labs/start-os.git
synced 2026-03-26 18:31:52 +00:00
54 lines
1.9 KiB
Rust
54 lines
1.9 KiB
Rust
use std::fs::File;
|
|
use std::io::Write;
|
|
use std::path::Path;
|
|
|
|
use ed25519::pkcs8::EncodePrivateKey;
|
|
use ed25519::PublicKeyBytes;
|
|
use ed25519_dalek::{SigningKey, VerifyingKey};
|
|
use tracing::instrument;
|
|
|
|
use crate::context::CliContext;
|
|
use crate::prelude::*;
|
|
use crate::util::serde::Pem;
|
|
|
|
#[instrument(skip_all)]
|
|
pub fn init(ctx: CliContext) -> Result<(), Error> {
|
|
if !ctx.developer_key_path.exists() {
|
|
let parent = ctx.developer_key_path.parent().unwrap_or(Path::new("/"));
|
|
if !parent.exists() {
|
|
std::fs::create_dir_all(parent)
|
|
.with_ctx(|_| (crate::ErrorKind::Filesystem, parent.display().to_string()))?;
|
|
}
|
|
tracing::info!("Generating new developer key...");
|
|
let secret = SigningKey::generate(&mut ssh_key::rand_core::OsRng::default());
|
|
tracing::info!("Writing key to {}", ctx.developer_key_path.display());
|
|
let keypair_bytes = ed25519::KeypairBytes {
|
|
secret_key: secret.to_bytes(),
|
|
public_key: Some(PublicKeyBytes(VerifyingKey::from(&secret).to_bytes())),
|
|
};
|
|
let mut dev_key_file = File::create(&ctx.developer_key_path)
|
|
.with_ctx(|_| (ErrorKind::Filesystem, ctx.developer_key_path.display()))?;
|
|
dev_key_file.write_all(
|
|
keypair_bytes
|
|
.to_pkcs8_pem(base64ct::LineEnding::default())
|
|
.with_kind(crate::ErrorKind::Pem)?
|
|
.as_bytes(),
|
|
)?;
|
|
dev_key_file.sync_all()?;
|
|
println!(
|
|
"New developer key generated at {}",
|
|
ctx.developer_key_path.display()
|
|
);
|
|
} else {
|
|
println!(
|
|
"Developer key already exists at {}",
|
|
ctx.developer_key_path.display()
|
|
);
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
pub fn pubkey(ctx: CliContext) -> Result<Pem<ed25519_dalek::VerifyingKey>, Error> {
|
|
Ok(Pem(ctx.developer_key()?.verifying_key()))
|
|
}
|