mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-28 00:38:51 +00:00
132 lines
3.3 KiB
Go
132 lines
3.3 KiB
Go
/*
|
|
* Copyright (c)2019 ZeroTier, Inc.
|
|
*
|
|
* Use of this software is governed by the Business Source License included
|
|
* in the LICENSE.TXT file in the project's root directory.
|
|
*
|
|
* Change Date: 2023-01-01
|
|
*
|
|
* On the date above, in accordance with the Business Source License, use
|
|
* of this software will be governed by version 2.0 of the Apache License.
|
|
*/
|
|
/****/
|
|
|
|
package zerotier
|
|
|
|
import (
|
|
"encoding/base32"
|
|
"encoding/hex"
|
|
"fmt"
|
|
"strings"
|
|
)
|
|
|
|
// IdentityTypeC25519 is a classic Curve25519/Ed25519 identity
|
|
const IdentityTypeC25519 = 0
|
|
|
|
// IdentityTypeP384 is an identity containing both NIST P-384 and Curve25519/Ed25519 key types and leveraging both when possible
|
|
const IdentityTypeP384 = 1
|
|
|
|
// Sizes of components of different identity types
|
|
const (
|
|
IdentityTypeC25519PublicKeySize = 64 // C25519/Ed25519 keys
|
|
IdentityTypeC25519PrivateKeySize = 64 // C25519/Ed25519 private keys
|
|
IdentityTypeP384PublicKeySize = 209 // C25519/Ed25519, P-384 point-compressed public, P-384 self-signature
|
|
IdentityTypeP384PrivateKeySize = 112 // C25519/Ed25519 and P-384 private keys
|
|
)
|
|
|
|
// Identity is precisely what it sounds like: the address and associated keys for a ZeroTier node
|
|
type Identity struct {
|
|
// Address is this identity's 40-bit short address
|
|
Address Address
|
|
|
|
// Type is either IdentityTypeC25519 or IdentityTypeP384
|
|
Type int
|
|
|
|
// PublicKey is this identity's public key bytes
|
|
PublicKey Blob
|
|
|
|
privateKey []byte
|
|
}
|
|
|
|
// NewIdentityFromString generates a new identity from its string representation.
|
|
// The private key is imported as well if it is present.
|
|
func NewIdentityFromString(s string) (*Identity, error) {
|
|
ss := strings.Split(s, ":")
|
|
if len(ss) < 3 {
|
|
return nil, ErrInvalidParameter
|
|
}
|
|
|
|
var err error
|
|
var id Identity
|
|
id.Address, err = NewAddressFromString(ss[0])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if ss[1] == "0" {
|
|
id.Type = 0
|
|
} else if ss[1] == "1" {
|
|
id.Type = 1
|
|
} else {
|
|
return nil, ErrUncrecognizedIdentityType
|
|
}
|
|
|
|
switch id.Type {
|
|
|
|
case 0:
|
|
id.PublicKey, err = hex.DecodeString(ss[2])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(ss) >= 4 {
|
|
id.privateKey, err = hex.DecodeString(ss[3])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
case 1:
|
|
id.PublicKey, err = base32.StdEncoding.DecodeString(ss[2])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(id.PublicKey) != IdentityTypeP384PublicKeySize {
|
|
return nil, ErrInvalidKey
|
|
}
|
|
if len(ss) >= 4 {
|
|
id.privateKey, err = base32.StdEncoding.DecodeString(ss[3])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(id.privateKey) != IdentityTypeP384PrivateKeySize {
|
|
return nil, ErrInvalidKey
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
return &id, nil
|
|
}
|
|
|
|
// HasPrivate returns true if this identity has its own private portion.
|
|
func (id *Identity) HasPrivate() bool { return len(id.privateKey) > 0 }
|
|
|
|
// PrivateKeyString returns the full identity.secret if the private key is set, or an empty string if no private key is set.
|
|
func (id *Identity) PrivateKeyString() string {
|
|
if len(id.privateKey) == 64 {
|
|
s := fmt.Sprintf("%.10x:0:%x:%x", id.Address, id.PublicKey, id.privateKey)
|
|
return s
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// PublicKeyString returns the address and public key (identity.public contents).
|
|
// An empty string is returned if this identity is invalid or not initialized.
|
|
func (id *Identity) String() string {
|
|
if len(id.PublicKey) == 64 {
|
|
s := fmt.Sprintf("%.10x:0:%x", id.Address, id.PublicKey)
|
|
return s
|
|
}
|
|
return ""
|
|
}
|