Beispiel #1
0
func initSecurity(private_key_path string, server_key_path string, sock *zmq.Socket) {
	zmq.AuthStart()
	private_key, public_key, err := keyloader.InitKeys(private_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
	zmq.AuthCurveAdd("scrabble", public_key)

	err = keyloader.CheckPermissions(server_key_path)
	condlog.Fatal(err, "Untrustworthy key file")
	server_key_buf, err := ioutil.ReadFile(server_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to load public server key '%v'", server_key_path))
	server_key := string(server_key_buf)
	sock.ClientAuthCurve(server_key, public_key, private_key)
}
Beispiel #2
0
func initSecurity(client_key_path string, private_key_path string, sock *zmq.Socket) {
	zmq.AuthStart()
	private_key, _, err := keyloader.InitKeys(private_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
	sock.ServerAuthCurve("scrabble", private_key)

	// Add all the public keys in the client key directory
	files, err := ioutil.ReadDir(client_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to enumerate client keys in '%v'", client_key_path))
	for _, f := range files {
		if !f.IsDir() && strings.HasSuffix(f.Name(), ".public") {
			fullpath := path.Join(client_key_path, f.Name())
			err = keyloader.CheckPermissions(fullpath)
			condlog.Fatal(err, "Untrustworthy key file")
			buf, err := ioutil.ReadFile(fullpath)
			condlog.Fatal(err, fmt.Sprintf("Unable to load public client key '%v'", fullpath))
			zmq.AuthCurveAdd("scrabble", string(buf))
		}
	}
}