dejvino
/
secushare-box
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
2 Branches
47 KiB
 
Branch: fork
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fork'
${ noResults }
secushare-box/utils/sshkeygen.go

104 lines
2.3 KiB
Raw Permalink Blame History 

  1. // This shows an example of how to generate a SSH RSA Private/Public key pair and save it locally

  2. 

  3. package utils

  4. 

  5. import (

  6. 	"crypto/rand"

  7. 	"crypto/rsa"

  8. 	"crypto/x509"

  9. 	"encoding/pem"

  10. 	"io/ioutil"

  11. 	"log"

  12. 

  13. 	"golang.org/x/crypto/ssh"

  14. )

  15. 

  16. func GenerateSSHKeys(sshPrivKeyFile string, sshPubKeyFile string) {

  17. 	savePrivateFileTo := sshPrivKeyFile

  18. 	savePublicFileTo := sshPubKeyFile

  19. 	bitSize := 4096

  20. 

  21. 	privateKey, err := generatePrivateKey(bitSize)

  22. 	if err != nil {

  23. 		log.Fatal(err.Error())

  24. 	}

  25. 

  26. 	publicKeyBytes, err := generatePublicKey(&privateKey.PublicKey)

  27. 	if err != nil {

  28. 		log.Fatal(err.Error())

  29. 	}

  30. 

  31. 	privateKeyBytes := encodePrivateKeyToPEM(privateKey)

  32. 

  33. 	err = writeKeyToFile(privateKeyBytes, savePrivateFileTo)

  34. 	if err != nil {

  35. 		log.Fatal(err.Error())

  36. 	}

  37. 

  38. 	err = writeKeyToFile([]byte(publicKeyBytes), savePublicFileTo)

  39. 	if err != nil {

  40. 		log.Fatal(err.Error())

  41. 	}

  42. }

  43. 

  44. // generatePrivateKey creates a RSA Private Key of specified byte size

  45. func generatePrivateKey(bitSize int) (*rsa.PrivateKey, error) {

  46. 	// Private Key generation

  47. 	privateKey, err := rsa.GenerateKey(rand.Reader, bitSize)

  48. 	if err != nil {

  49. 		return nil, err

  50. 	}

  51. 

  52. 	// Validate Private Key

  53. 	err = privateKey.Validate()

  54. 	if err != nil {

  55. 		return nil, err

  56. 	}

  57. 

  58. 	log.Println("Private Key generated")

  59. 	return privateKey, nil

  60. }

  61. 

  62. // encodePrivateKeyToPEM encodes Private Key from RSA to PEM format

  63. func encodePrivateKeyToPEM(privateKey *rsa.PrivateKey) []byte {

  64. 	// Get ASN.1 DER format

  65. 	privDER := x509.MarshalPKCS1PrivateKey(privateKey)

  66. 

  67. 	// pem.Block

  68. 	privBlock := pem.Block{

  69. 		Type:    "RSA PRIVATE KEY",

  70. 		Headers: nil,

  71. 		Bytes:   privDER,

  72. 	}

  73. 

  74. 	// Private key in PEM format

  75. 	privatePEM := pem.EncodeToMemory(&privBlock)

  76. 

  77. 	return privatePEM

  78. }

  79. 

  80. // generatePublicKey take a rsa.PublicKey and return bytes suitable for writing to .pub file

  81. // returns in the format "ssh-rsa ..."

  82. func generatePublicKey(privatekey *rsa.PublicKey) ([]byte, error) {

  83. 	publicRsaKey, err := ssh.NewPublicKey(privatekey)

  84. 	if err != nil {

  85. 		return nil, err

  86. 	}

  87. 

  88. 	pubKeyBytes := ssh.MarshalAuthorizedKey(publicRsaKey)

  89. 

  90. 	log.Println("Public key generated")

  91. 	return pubKeyBytes, nil

  92. }

  93. 

  94. // writePemToFile writes keys to a file

  95. func writeKeyToFile(keyBytes []byte, saveFileTo string) error {

  96. 	err := ioutil.WriteFile(saveFileTo, keyBytes, 0600)

  97. 	if err != nil {

  98. 		return err

  99. 	}

  100. 

  101. 	log.Printf("Key saved to: %s", saveFileTo)

  102. 	return nil

  103. }