mirror of https://github.com/oxen-io/lokinet
dont serialize ephemeral members of service identity (#1370)
* prepare for keytool script * dont serialize ephemeral members in service key file * regnerate ephemeral members in service identity on load * add keygen script * use nacl for generating keys * formatpull/1367/head
parent
15229ea7ff
commit
53598ec0e9
@ -0,0 +1 @@
|
||||
*.private
|
@ -0,0 +1,35 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
keygen tool for lokinet
|
||||
"""
|
||||
|
||||
from argparse import ArgumentParser as AP
|
||||
from base64 import b32encode
|
||||
|
||||
from nacl.signing import SigningKey
|
||||
|
||||
def base32z(data):
|
||||
""" base32 z encode """
|
||||
return b32encode(data).translate(
|
||||
bytes.maketrans(
|
||||
b'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567',
|
||||
b'ybndrfg8ejkmcpqxot1uwisza345h769')).decode().rstrip('=')
|
||||
|
||||
|
||||
def main():
|
||||
"""
|
||||
main function for keygen
|
||||
"""
|
||||
argparser = AP()
|
||||
argparser.add_argument('--keyfile', type=str, required=True, help='place to put generated keys')
|
||||
args = argparser.parse_args()
|
||||
secret = SigningKey.generate()
|
||||
with open(args.keyfile, 'wb') as wfile:
|
||||
wfile.write(b'd1:s64:')
|
||||
wfile.write(secret.encode())
|
||||
wfile.write(secret.verify_key.encode())
|
||||
wfile.write(b'e')
|
||||
print("{}.loki".format(base32z(secret.verify_key.encode())))
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
@ -0,0 +1,14 @@
|
||||
# lokinet key generator
|
||||
|
||||
requires:
|
||||
|
||||
* python3.7 or higher
|
||||
* pynacl
|
||||
|
||||
usage:
|
||||
|
||||
```bash
|
||||
./keygen.py --keyfile somekeyfile.private
|
||||
```
|
||||
|
||||
this will overwrite the keyfile with new keys
|
Loading…
Reference in New Issue