47 lines
1007 B
Go
Raw Permalink Normal View History

2024-09-22 15:16:25 +02:00
package signer
import (
"context"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"errors"
"log/slog"
"github.com/spf13/viper"
)
type Signer interface {
Sign(ctx context.Context, data []byte) ([]byte, error)
GetPublicKey(ctx context.Context, format string) ([]byte, error)
}
func NewWithConfig(config *viper.Viper) (Signer, error) {
var privateKey *rsa.PrivateKey
var err error
keyStr := config.GetString("signing.key")
if keyStr == "" {
privateKey, err = rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return nil, err
}
slog.Warn("A private signing key has been generated. To make it permanent, specify the valid RSA private key in the config parameter signing.key")
} else {
keyBytes := []byte(keyStr)
rawPem, _ := pem.Decode(keyBytes)
if rawPem == nil {
return nil, errors.New("unable to decode pem key")
}
privateKey, err = x509.ParsePKCS1PrivateKey(rawPem.Bytes)
if err != nil {
return nil, err
}
}
return NewLocal(privateKey), nil
}