-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapiutil.go
More file actions
94 lines (74 loc) · 2.63 KB
/
apiutil.go
File metadata and controls
94 lines (74 loc) · 2.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package dnapi
import (
"fmt"
"gopkg.in/yaml.v2"
)
// InsertConfigPrivateKey takes a Nebula YAML and a Nebula PEM-formatted private key, and inserts the private key into
// the config, overwriting any previous value stored in the config.
func InsertConfigPrivateKey(config []byte, privkey []byte) ([]byte, error) {
var y map[interface{}]interface{}
if err := yaml.Unmarshal(config, &y); err != nil {
return nil, fmt.Errorf("failed to unmarshal config: %s", err)
}
_, ok := y["pki"]
if !ok {
return nil, fmt.Errorf("config is missing expected pki section")
}
_, ok = y["pki"].(map[interface{}]interface{})
if !ok {
return nil, fmt.Errorf("config has unexpected value for pki section")
}
y["pki"].(map[interface{}]interface{})["key"] = string(privkey)
return yaml.Marshal(y)
}
// InsertConfigCert takes a Nebula YAML and a Nebula PEM-formatted host certifiate, and inserts the certificate into
// the config, overwriting any previous value stored.
func InsertConfigCert(config []byte, cert []byte) ([]byte, error) {
var y map[any]any
if err := yaml.Unmarshal(config, &y); err != nil {
return nil, fmt.Errorf("failed to unmarshal config: %s", err)
}
_, ok := y["pki"]
if !ok {
return nil, fmt.Errorf("config is missing expected pki section")
}
_, ok = y["pki"].(map[any]any)
if !ok {
return nil, fmt.Errorf("config has unexpected value for pki section")
}
y["pki"].(map[any]any)["cert"] = string(cert)
return yaml.Marshal(y)
}
// FetchConfigPrivateKeyAndCert takes a Nebula YAML, finds and returns its contained Nebula PEM-formatted private key,
// the Nebula PEM-formatted host cert, or an error.
func FetchConfigPrivateKeyAndCert(config []byte) ([]byte, []byte, error) {
var y map[any]any
if err := yaml.Unmarshal(config, &y); err != nil {
return nil, nil, fmt.Errorf("failed to unmarshal config: %s", err)
}
_, ok := y["pki"]
if !ok {
return nil, nil, fmt.Errorf("config is missing expected pki section")
}
pki, ok := y["pki"].(map[any]any)
if !ok {
return nil, nil, fmt.Errorf("config has unexpected value for pki section")
}
configKey, ok := pki["key"]
if !ok {
return nil, nil, fmt.Errorf("(%s) config is missing section 'key'", config)
}
existingKey, ok := configKey.(string)
if !ok {
return nil, nil, fmt.Errorf("config section 'key' found but has unexpected type: %T", configKey)
}
configCert, ok := pki["cert"]
if !ok {
return nil, nil, fmt.Errorf("config is missing 'cert' section")
}
existingCert, ok := configCert.(string)
if !ok {
return nil, nil, fmt.Errorf("config section 'cert' found but has unexpected type: %T", configCert)
}
return []byte(existingKey), []byte(existingCert), nil
}