Add a second arg to idtool generate to make generating both secret and public easier, add new supernode identities after generating them, fix known good and bad IDs in selftest.

idtool.cpp

@@ -41,7 +41,7 @@ static void printHelp(char *pn)
 {
 	std::cout << "Usage: " << pn << " <command> [<args>]" << std::endl << std::endl;
 	std::cout << "Commands:" << std::endl;
-	std::cout << "\tgenerate [<identity.secret>]" << std::endl;
+	std::cout << "\tgenerate [<identity.secret>] [<identity.public>]" << std::endl;
 	std::cout << "\tvalidate <identity.secret/public>" << std::endl;
 	std::cout << "\tgetpublic <identity.secret>" << std::endl;
 	std::cout << "\tsign <identity.secret> <file>" << std::endl;
@@ -80,6 +80,13 @@ int main(int argc,char **argv)
 				std::cerr << "Error writing to " << argv[2] << std::endl;
 				return -1;
 			} else std::cout << argv[2] << " written" << std::endl;
+			if (argc >= 4) {
+				idser = id.toString(false);
+				if (!Utils::writeFile(argv[3],idser)) {
+					std::cerr << "Error writing to " << argv[3] << std::endl;
+					return -1;
+				} else std::cout << argv[3] << " written" << std::endl;
+			}
 		} else std::cout << idser;
 	} else if (!strcmp(argv[1],"validate")) {
 		if (argc < 3) {

node/Defaults.cpp

@@ -53,27 +53,25 @@ static inline std::map< Identity,std::vector<InetAddress> > _mkSupernodeMap()
 	// designated as such and trusted to provide WHOIS lookup.
 
 	// cthulhu.zerotier.com - New York, New York, USA
-#if 0
 	addrs.clear();
-	if (!id.fromString("a0fa79d81c:2:0bb348bb38883a29054659a37c204f2c0b082985cb51b36fad31366dfedd616c20aacc5e33ceee2b054670639563238c4fe50bb8716c1ac7996762c0eaefbb23:b7e91f4c77815327c59ff0979f33861e665d002a357448572954c85919be61f768ee6a4d4e42318ffd9cfcc08cadedcd0277a33a950e316a1d7b5bf082919400c44cad1e725fc2035e2d7087d0c8bf51adc5875b643d759a475f899cfbf3e1a4"))
+	if (!id.fromString("31a633d7fd:0:1f9d24ac00dd6b21c711304f6034001d25678e1a0eb260ed1996dd881c73143af1ff1b84457e013467eb8b780c0ee4a5fdd037ac07f91eb427051b8cbe110446"))
 		throw std::runtime_error("invalid identity in Defaults");
 	addrs.push_back(InetAddress("198.199.73.93",ZT_DEFAULT_UDP_PORT));
 	sn[id] = addrs;
 
 	// nyarlathotep.zerotier.com - San Francisco, California, USA
 	addrs.clear();
-	if (!id.fromString("1521e171ab:2:43bcdc31f2d75667163f3384bc8866e95ce39b4735999e7760494f6480e0fb70f45675f887f8fdfe50e47b082f3fcfc589381f78b3d3bd1dcbf888ccf14d7935:5026836a5732ed890e778f46ded38410dda51c448f82ab76dd0d2c0152bddd5f05fee2fedf8c9f4ccf1f6181f2cdc1f723c59a143a9928c560b2da652f656507f490acfe70e8f5b2a2bba0eca4ea85b03ce00480afd00d49fc756a03bb740592"))
+	if (!id.fromString("aaf5e8b5eb:0:9aa129e78c564313b07b1d9f739683d6b109a3c83fb7294ef16c221e2f4f5050682febe9715069ba1013542236635a543ed2f44c20d8a01bbb14d5900e4572ae"))
 		throw std::runtime_error("invalid identity in Defaults");
 	addrs.push_back(InetAddress("198.199.97.220",ZT_DEFAULT_UDP_PORT));
 	sn[id] = addrs;
 
 	// shub-niggurath.zerotier.com - Amsterdam, Netherlands
 	addrs.clear();
-	if (!id.fromString("11c3bddb9a:2:27e1c10a937dde0d6013e7a93755040ff93a98f5bcad809722a6dcde0b255f07da523f9eae818079be0deccbd4572d2e746fe7b8ba8ae6a7a15bdf0456062c37:5f0a7ea9615388a5532c8ce58f9352ba8950c8b3db261d60c02e1ed5a1a42a5e79bc757b38d8a94d00d8e738a6a33cd9b1586022bdff77c9c49ae16609cf5d03f0f60e36a67467c01870ccf26f61793853b93fb6eab53f65f20f623898e9d28d"))
+	if (!id.fromString("c6524a2797:0:f656ead7c1e88ac3255a36ec2919343fbef8876300015a6f0aceccd6af808f5180eda4b4015e2cc27225233873466e89808b3e50b3b0a5a95a6f7bd3fef7eba8"))
 		throw std::runtime_error("invalid identity in Defaults");
 	addrs.push_back(InetAddress("198.211.127.172",ZT_DEFAULT_UDP_PORT));
 	sn[id] = addrs;
-#endif
 
 	return sn;
 }

selftest-crypto-vectors.hpp

@@ -3,6 +3,9 @@
 #ifndef _ZT_SELFTEST_CRYPTO_VECTORS_H
 #define _ZT_SELFTEST_CRYPTO_VECTORS_H
 
+#define KNOWN_GOOD_IDENTITY "d7d86de2d8:0:942f03033c0351fdf600301d846c8a1e35b7e03e8f59b91b460a7d411920374f0f5781287ccf90dc50819f91a91434848da76bb8651f97ae65bbacf9da1ca840:6617efdc863fbb009672745b116d5c84ab1ea15744d850b41ddeedf92c4215dc4c149e476aead1a7d40643f8c440ffcd084d8738f405a50309064c296c5dec9b"
+#define KNOWN_BAD_IDENTITY "e7d86de2d8:0:942f03033c0351fdf600301d846c8a1e35b7e03e8f59b91b460a7d411920374f0f5781287ccf90dc50819f91a91434848da76bb8651f97ae65bbacf9da1ca840:6617efdc863fbb009672745b116d5c84ab1ea15744d850b41ddeedf92c4215dc4c149e476aead1a7d40643f8c440ffcd084d8738f405a50309064c296c5dec9b"
+
 static const unsigned char s20TV0Key[32] = { 0x0f,0x62,0xb5,0x08,0x5b,0xae,0x01,0x54,0xa7,0xfa,0x4d,0xa0,0xf3,0x46,0x99,0xec,0x3f,0x92,0xe5,0x38,0x8b,0xde,0x31,0x84,0xd7,0x2a,0x7d,0xd0,0x23,0x76,0xc9,0x1c };
 static const unsigned char s20TV0Iv[8] = { 0x28,0x8f,0xf6,0x5d,0xc4,0x2b,0x92,0xf9 };
 static const unsigned char s20TV0Ks[64] = { 0x5e,0x5e,0x71,0xf9,0x01,0x99,0x34,0x03,0x04,0xab,0xb2,0x2a,0x37,0xb6,0x62,0x5b,0xf8,0x83,0xfb,0x89,0xce,0x3b,0x21,0xf5,0x4a,0x10,0xb8,0x10,0x66,0xef,0x87,0xda,0x30,0xb7,0x76,0x99,0xaa,0x73,0x79,0xda,0x59,0x5c,0x77,0xdd,0x59,0x54,0x2d,0xa2,0x08,0xe5,0x95,0x4f,0x89,0xe4,0x0e,0xb7,0xaa,0x80,0xa8,0x4a,0x61,0x76,0x66,0x3f };

selftest.cpp

@@ -207,9 +207,8 @@ static int testIdentity()
 	Identity id;
 	Buffer<512> buf;
 
-#if 0
 	std::cout << "[identity] Validate known-good identity... "; std::cout.flush();
-	if (!id.fromString("0614d4a18e:0:ad2020bb575ace4397c490c9143718b43c9e78d3be72e1793a7380e45491d45ab7180443cca8f4f08ba5ea7e3466e76751039cb2554c19cf6540df7babed4037:6dcd4d5edf3b00659baea6ac75fabc9f82ada9a4e8d5618e663505ef16a301b3d0ff4cf6c663bbd0989dac42dcf2df29862fc83ee1d1a032d723d777bb78d08b")) {
+	if (!id.fromString(KNOWN_GOOD_IDENTITY)) {
 		std::cout << "FAIL (1)" << std::endl;
 		return -1;
 	}
@@ -218,10 +217,9 @@ static int testIdentity()
 		return -1;
 	}
 	std::cout << "PASS" << std::endl;
-#endif
 
 	std::cout << "[identity] Validate known-bad identity... "; std::cout.flush();
-	if (!id.fromString("0615d4a18e:0:ad2020bb575ace4397c490c9143718b43c9e78d3be72e1793a7380e45491d45ab7180443cca8f4f08ba5ea7e3466e76751039cb2554c19cf6540df7babed4037:6dcd4d5edf3b00659baea6ac75fabc9f82ada9a4e8d5618e663505ef16a301b3d0ff4cf6c663bbd0989dac42dcf2df29862fc83ee1d1a032d723d777bb78d08b")) {
+	if (!id.fromString(KNOWN_BAD_IDENTITY)) {
 		std::cout << "FAIL (1)" << std::endl;
 		return -1;
 	}