mirror of https://github.com/oxen-io/lokinet
dont serialize ephemeral members of service identity (#1370)
* prepare for keytool script * dont serialize ephemeral members in service key file * regnerate ephemeral members in service identity on load * add keygen script * use nacl for generating keys * formatpull/1367/head
parent
15229ea7ff
commit
53598ec0e9
@ -0,0 +1 @@
|
|||||||
|
*.private
|
@ -0,0 +1,35 @@
|
|||||||
|
#!/usr/bin/env python3
|
||||||
|
"""
|
||||||
|
keygen tool for lokinet
|
||||||
|
"""
|
||||||
|
|
||||||
|
from argparse import ArgumentParser as AP
|
||||||
|
from base64 import b32encode
|
||||||
|
|
||||||
|
from nacl.signing import SigningKey
|
||||||
|
|
||||||
|
def base32z(data):
|
||||||
|
""" base32 z encode """
|
||||||
|
return b32encode(data).translate(
|
||||||
|
bytes.maketrans(
|
||||||
|
b'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567',
|
||||||
|
b'ybndrfg8ejkmcpqxot1uwisza345h769')).decode().rstrip('=')
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
"""
|
||||||
|
main function for keygen
|
||||||
|
"""
|
||||||
|
argparser = AP()
|
||||||
|
argparser.add_argument('--keyfile', type=str, required=True, help='place to put generated keys')
|
||||||
|
args = argparser.parse_args()
|
||||||
|
secret = SigningKey.generate()
|
||||||
|
with open(args.keyfile, 'wb') as wfile:
|
||||||
|
wfile.write(b'd1:s64:')
|
||||||
|
wfile.write(secret.encode())
|
||||||
|
wfile.write(secret.verify_key.encode())
|
||||||
|
wfile.write(b'e')
|
||||||
|
print("{}.loki".format(base32z(secret.verify_key.encode())))
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
@ -0,0 +1,14 @@
|
|||||||
|
# lokinet key generator
|
||||||
|
|
||||||
|
requires:
|
||||||
|
|
||||||
|
* python3.7 or higher
|
||||||
|
* pynacl
|
||||||
|
|
||||||
|
usage:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
./keygen.py --keyfile somekeyfile.private
|
||||||
|
```
|
||||||
|
|
||||||
|
this will overwrite the keyfile with new keys
|
Loading…
Reference in New Issue