feat(cmd): parse public and private ed256 keys env variables
This commit is contained in:
@@ -3,3 +3,7 @@ AWS_SECRET_ACCESS_KEY=**********************************************************
|
|||||||
AWS_DEFAULT_REGION=******
|
AWS_DEFAULT_REGION=******
|
||||||
AWS_ENDPOINT_URL=http://localhost:3900
|
AWS_ENDPOINT_URL=http://localhost:3900
|
||||||
DATABASE_URL=file:./libsql.db
|
DATABASE_URL=file:./libsql.db
|
||||||
|
S3_BUCKET="comicverse-pre-alpha"
|
||||||
|
# Keys should be encoded in base64url
|
||||||
|
PRIVATE_KEY=*******************************
|
||||||
|
PUBLIC_KEY=*******************************
|
||||||
|
|||||||
41
cmd/cmd.go
41
cmd/cmd.go
@@ -2,7 +2,9 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/ed25519"
|
||||||
"database/sql"
|
"database/sql"
|
||||||
|
"encoding/base64"
|
||||||
"errors"
|
"errors"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
@@ -38,6 +40,9 @@ var (
|
|||||||
awsDefaultRegion = os.Getenv("AWS_DEFAULT_REGION")
|
awsDefaultRegion = os.Getenv("AWS_DEFAULT_REGION")
|
||||||
awsEndpointURL = os.Getenv("AWS_ENDPOINT_URL")
|
awsEndpointURL = os.Getenv("AWS_ENDPOINT_URL")
|
||||||
s3Bucket = os.Getenv("S3_BUCKET")
|
s3Bucket = os.Getenv("S3_BUCKET")
|
||||||
|
|
||||||
|
privateKeyEnv = os.Getenv("PRIVATE_KEY")
|
||||||
|
publicKeyEnv = os.Getenv("PUBLIC_KEY")
|
||||||
)
|
)
|
||||||
|
|
||||||
func getEnv(key string, d string) string {
|
func getEnv(key string, d string) string {
|
||||||
@@ -62,6 +67,10 @@ func init() {
|
|||||||
log.Fatal("AWS_ENDPOINT_URL should not be a empty value")
|
log.Fatal("AWS_ENDPOINT_URL should not be a empty value")
|
||||||
case s3Bucket == "":
|
case s3Bucket == "":
|
||||||
log.Fatal("S3_BUCKET should not be a empty value")
|
log.Fatal("S3_BUCKET should not be a empty value")
|
||||||
|
case privateKeyEnv == "":
|
||||||
|
log.Fatal("PRIVATE_KEY not be a empty value")
|
||||||
|
case publicKeyEnv == "":
|
||||||
|
log.Fatal("PUBLIC_KEY not be a empty value")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -120,6 +129,38 @@ func main() {
|
|||||||
opts = append(opts, comicverse.WithDevelopmentMode())
|
opts = append(opts, comicverse.WithDevelopmentMode())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: Move this to dedicated function
|
||||||
|
privateKeyStr, err := base64.URLEncoding.DecodeString(privateKeyEnv)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("Failed to decode PRIVATE_KEY from base64", slog.String("error", err.Error()))
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
publicKeyStr, err := base64.URLEncoding.DecodeString(publicKeyEnv)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("Failed to decode PUBLIC_KEY from base64", slog.String("error", err.Error()))
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
edPrivKey := ed25519.PrivateKey(privateKeyStr)
|
||||||
|
edPubKey := ed25519.PublicKey(publicKeyStr)
|
||||||
|
|
||||||
|
if len(edPrivKey) != ed25519.PrivateKeySize {
|
||||||
|
log.Error("PRIVATE_KEY is not of valid size", slog.Int("size", len(edPrivKey)))
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
if len(edPubKey) != ed25519.PublicKeySize {
|
||||||
|
log.Error("PUBLIC_KEY is not of valid size", slog.Int("size", len(edPubKey)))
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
if !edPubKey.Equal(edPrivKey.Public()) {
|
||||||
|
log.Error("PUBLIC_KEY is not equal from extracted public key",
|
||||||
|
slog.String("extracted", fmt.Sprintf("%x", edPrivKey.Public())),
|
||||||
|
slog.String("key", fmt.Sprintf("%x", edPubKey)),
|
||||||
|
)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
app, err := comicverse.New(comicverse.Config{
|
app, err := comicverse.New(comicverse.Config{
|
||||||
DB: db,
|
DB: db,
|
||||||
S3: storage,
|
S3: storage,
|
||||||
|
|||||||
Reference in New Issue
Block a user