depot/packages/networking/ipfs-cluster/config/identity.go

193 lines
4.3 KiB
Go

package config
import (
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"os"
crypto "github.com/libp2p/go-libp2p/core/crypto"
peer "github.com/libp2p/go-libp2p/core/peer"
"github.com/kelseyhightower/envconfig"
)
const configKey = "cluster"
// Identity defaults
const (
DefaultConfigCrypto = crypto.Ed25519
DefaultConfigKeyLength = -1
)
// Identity represents identity of a cluster peer for communication,
// including the Consensus component.
type Identity struct {
ID peer.ID
PrivateKey crypto.PrivKey
}
// identityJSON represents a Cluster peer identity as it will look when it is
// saved using JSON.
type identityJSON struct {
ID string `json:"id"`
PrivateKey string `json:"private_key"`
}
// NewIdentity returns a new random identity.
func NewIdentity() (*Identity, error) {
ident := &Identity{}
err := ident.Default()
return ident, err
}
// Default generates a random keypair for this identity.
func (ident *Identity) Default() error {
// pid and private key generation
priv, pub, err := crypto.GenerateKeyPair(
DefaultConfigCrypto,
DefaultConfigKeyLength,
)
if err != nil {
return err
}
pid, err := peer.IDFromPublicKey(pub)
if err != nil {
return err
}
ident.ID = pid
ident.PrivateKey = priv
return nil
}
// ConfigKey returns a human-readable string to identify
// a cluster Identity.
func (ident *Identity) ConfigKey() string {
return configKey
}
// SaveJSON saves the JSON representation of the Identity to
// the given path.
func (ident *Identity) SaveJSON(path string) error {
logger.Info("Saving identity")
bs, err := ident.ToJSON()
if err != nil {
return err
}
return os.WriteFile(path, bs, 0600)
}
// ToJSON generates a human-friendly version of Identity.
func (ident *Identity) ToJSON() (raw []byte, err error) {
jID, err := ident.toIdentityJSON()
if err != nil {
return
}
raw, err = json.MarshalIndent(jID, "", " ")
return
}
func (ident *Identity) toIdentityJSON() (jID *identityJSON, err error) {
jID = &identityJSON{}
// Private Key
pkeyBytes, err := crypto.MarshalPrivateKey(ident.PrivateKey)
if err != nil {
return
}
pKey := base64.StdEncoding.EncodeToString(pkeyBytes)
// Set all identity fields
jID.ID = ident.ID.Pretty()
jID.PrivateKey = pKey
return
}
// LoadJSON receives a raw json-formatted identity and
// sets the Config fields from it. Note that it should be JSON
// as generated by ToJSON().
func (ident *Identity) LoadJSON(raw []byte) error {
jID := &identityJSON{}
err := json.Unmarshal(raw, jID)
if err != nil {
logger.Error("Error unmarshaling cluster config")
return err
}
return ident.applyIdentityJSON(jID)
}
func (ident *Identity) applyIdentityJSON(jID *identityJSON) error {
pid, err := peer.Decode(jID.ID)
if err != nil {
err = fmt.Errorf("error decoding cluster ID: %s", err)
return err
}
ident.ID = pid
pkb, err := base64.StdEncoding.DecodeString(jID.PrivateKey)
if err != nil {
err = fmt.Errorf("error decoding private_key: %s", err)
return err
}
pKey, err := crypto.UnmarshalPrivateKey(pkb)
if err != nil {
err = fmt.Errorf("error parsing private_key ID: %s", err)
return err
}
ident.PrivateKey = pKey
return ident.Validate()
}
// Validate will check that the values of this identity
// seem to be working ones.
func (ident *Identity) Validate() error {
if ident.ID == "" {
return errors.New("identity ID not set")
}
if ident.PrivateKey == nil {
return errors.New("no identity private_key set")
}
if !ident.ID.MatchesPrivateKey(ident.PrivateKey) {
return errors.New("identity ID does not match the private_key")
}
return nil
}
// LoadJSONFromFile reads an Identity file from disk and parses
// it and return Identity.
func (ident *Identity) LoadJSONFromFile(path string) error {
file, err := os.ReadFile(path)
if err != nil {
logger.Error("error reading the configuration file: ", err)
return err
}
return ident.LoadJSON(file)
}
// ApplyEnvVars fills in any Config fields found
// as environment variables.
func (ident *Identity) ApplyEnvVars() error {
jID, err := ident.toIdentityJSON()
if err != nil {
return err
}
err = envconfig.Process(ident.ConfigKey(), jID)
if err != nil {
return err
}
return ident.applyIdentityJSON(jID)
}
// Equals returns true if equal to provided identity.
func (ident *Identity) Equals(i *Identity) bool {
return ident.ID == i.ID && ident.PrivateKey.Equals(i.PrivateKey)
}