cpp
/
ZeroTierOne
zrkadlo https://github.com/zerotier/ZeroTierOne


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147
							/*
 * Copyright (c)2019 ZeroTier, Inc.
 *
 * Use of this software is governed by the Business Source License included
 * in the LICENSE.TXT file in the project's root directory.
 *
 * Change Date: 2023-01-01
 *
 * On the date above, in accordance with the Business Source License, use
 * of this software will be governed by version 2.0 of the Apache License.
 */
/****/

package cli

import (
	"encoding/hex"
	"fmt"
	"io/ioutil"
	"os"
	"strings"

	"zerotier/pkg/zerotier"
)

/*
  identity <command> [args]            Identity management commands
    new                                Create new identity (including secret)
    getpublic <identity>               Extract only public part of identity
    validate <identity>                Locally validate an identity
    sign <identity> <file>             Sign a file with an identity's key
    verify <identity> <file> <sig>     Verify a signature
*/

// Identity command
func Identity(args []string) {
	if len(args) > 0 {
		switch args[0] {

		case "new":
			idType := zerotier.IdentityTypeC25519
			if len(args) > 1 {
				if len(args) > 2 {
					Help()
					os.Exit(1)
				}
				switch args[1] {
				case "c25519":
				case "p384":
					idType = zerotier.IdentityTypeP384
				default:
					Help()
					os.Exit(1)
				}
			}
			id, err := zerotier.NewIdentity(idType)
			if err != nil {
				fmt.Printf("ERROR: internal error generating identity: %s\n", err.Error())
				os.Exit(1)
			}
			fmt.Println(id.PrivateKeyString())
			os.Exit(0)

		case "getpublic":
			if len(args) == 2 {
				idData, err := ioutil.ReadFile(args[1])
				if err != nil {
					fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
					os.Exit(1)
				}
				id, err := zerotier.NewIdentityFromString(string(idData))
				if err != nil {
					fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
					os.Exit(1)
				}
				fmt.Println(id.String())
				os.Exit(0)
			}

		case "validate":
			if len(args) == 2 {
				idData, err := ioutil.ReadFile(args[1])
				if err != nil {
					fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
					os.Exit(1)
				}
				id, err := zerotier.NewIdentityFromString(string(idData))
				if err != nil {
					fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
					os.Exit(1)
				}
				if id.LocallyValidate() {
					fmt.Println("OK")
					os.Exit(0)
				}
				fmt.Println("FAILED")
				os.Exit(1)
			}

		case "sign", "verify":
			if len(args) > 2 {
				idData, err := ioutil.ReadFile(args[1])
				if err != nil {
					fmt.Printf("ERROR: unable to read identity: %s\n", err.Error())
					os.Exit(1)
				}
				id, err := zerotier.NewIdentityFromString(string(idData))
				if err != nil {
					fmt.Printf("ERROR: identity in file '%s' invalid: %s\n", args[1], err.Error())
					os.Exit(1)
				}
				msg, err := ioutil.ReadFile(args[2])
				if err != nil {
					fmt.Printf("ERROR: unable to read input file: %s\n", err.Error())
					os.Exit(1)
				}

				if args[0] == "verify" {
					if len(args) == 4 {
						sig, err := hex.DecodeString(strings.TrimSpace(args[3]))
						if err != nil {
							fmt.Println("FAILED")
							os.Exit(1)
						}
						if id.Verify(msg, sig) {
							fmt.Println("OK")
							os.Exit(0)
						}
					}
					fmt.Println("FAILED")
					os.Exit(1)
				} else {
					sig, err := id.Sign(msg)
					if err != nil {
						fmt.Printf("ERROR: internal error signing message: %s\n", err.Error())
						os.Exit(1)
					}
					fmt.Println(hex.EncodeToString(sig))
					os.Exit(0)
				}
			}

		}
	}
	Help()
	os.Exit(1)
}