// loadToken loads a private and public RSA keys from the filesystem
// in order to be used for the JWT signature
func loadToken(a structs.Auth) (*rsa.PrivateKey, *rsa.PublicKey, error) {
logger.Debug("Attempting to load the RSA keys from the filesystem")
if a.PrivateKey == "" || a.PublicKey == "" {
return nil, nil, errors.New("The paths to the private and public RSA keys were not provided")
}
// Read the files from the filesystem
prv, err := ioutil.ReadFile(a.PrivateKey)
if err != nil {
logger.Fatalf("Unable to open the private key file: %v", err)
}
pub, err := ioutil.ReadFile(a.PublicKey)
if err != nil {
logger.Fatalf("Unable to open the public key file: %v", err)
}
// Parse the RSA keys
privateKey, err := jwt.ParseRSAPrivateKeyFromPEM(prv)
if err != nil {
logger.Fatalf("Unable to parse the private key: %v", err)
}
publicKey, err := jwt.ParseRSAPublicKeyFromPEM(pub)
if err != nil {
logger.Fatalf("Unable to parse the public key: %v", err)
}
logger.Info("Provided RSA keys successfully loaded")
return privateKey, publicKey, nil
}
func (c *Config) initSensu() {
for i, api := range c.Sensu {
prot := "http"
if api.Name == "" {
logger.Warningf("Sensu API %s has no name property. Generating random one...", api.URL)
c.Sensu[i].Name = fmt.Sprintf("sensu-%v", rand.Intn(100))
}
// escape special characters in DC name
r := strings.NewReplacer(":", "", "/", "", ";", "", "?", "")
c.Sensu[i].Name = r.Replace(api.Name)
if api.Host == "" {
logger.Fatalf("Sensu API %q Host is missing", api.Name)
}
if api.Timeout == 0 {
c.Sensu[i].Timeout = 10
} else if api.Timeout >= 1000 { // backward compatibility with < 0.3.0 version
c.Sensu[i].Timeout = api.Timeout / 1000
}
if api.Port == 0 {
c.Sensu[i].Port = 4567
}
if api.Ssl {
prot += "s"
}
c.Sensu[i].URL = fmt.Sprintf("%s://%s:%d%s", prot, api.Host, c.Sensu[i].Port, api.Path)
}
}
func initSensu(apis []SensuConfig) []SensuConfig {
for i, api := range apis {
// Set a datacenter name if missing
if api.Name == "" {
logger.Warningf("Sensu API %s has no name property, make sure to set it in your configuration. Generating a temporary one...", api.URL)
apis[i].Name = fmt.Sprintf("sensu-%v", rand.Intn(100))
}
// Escape special characters in DC name
r := strings.NewReplacer(":", "", "/", "", ";", "", "?", "")
apis[i].Name = r.Replace(apis[i].Name)
// Make sure the host is not empty
if api.Host == "" {
logger.Fatalf("Sensu API %q Host is missing", api.Name)
}
// Determine the protocol to use
prot := "http"
if api.Ssl {
prot += "s"
}
// Set the API URL
apis[i].URL = fmt.Sprintf("%s://%s:%d%s", prot, api.Host, api.Port, api.Path)
}
return apis
}
// generateKeyPair generates an RSA keypair of 2048 bits using a random rand.Reader
func generateKeyPair() *rsa.PrivateKey {
keypair, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
logger.Fatalf("Could not generate an RSA keypair: %s", err)
}
return keypair
}
func initToken() {
keyPair, err := rsa.GenerateKey(rand.Reader, 1024)
if err != nil {
logger.Fatalf("Could not generate the private key: %s", err)
}
keyPEM = pem.EncodeToMemory(&pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(keyPair),
})
pubKeyANS1, err := x509.MarshalPKIXPublicKey(&keyPair.PublicKey)
if err != nil {
logger.Fatalf("Could not generate the public key: %s", err)
}
pubKeyPEM = pem.EncodeToMemory(&pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: pubKeyANS1,
})
}
