VPN: Add method to retrieve wireguard private key

Signed-off-by: Malte Poll <mp@edgeless.systems>
This commit is contained in:
Malte Poll 2022-04-13 09:17:05 +02:00 committed by Malte Poll
parent e10a47f255
commit 0501d07f4a
3 changed files with 20 additions and 0 deletions

View File

@ -322,6 +322,10 @@ func (*fakeVPN) Setup(privKey []byte) ([]byte, error) {
return nil, nil return nil, nil
} }
func (*fakeVPN) GetPrivateKey() ([]byte, error) {
return nil, nil
}
func (*fakeVPN) GetPublicKey(privKey []byte) ([]byte, error) { func (*fakeVPN) GetPublicKey(privKey []byte) ([]byte, error) {
return nil, nil return nil, nil
} }

View File

@ -10,6 +10,7 @@ import (
type VPN interface { type VPN interface {
Setup(privKey []byte) ([]byte, error) Setup(privKey []byte) ([]byte, error)
GetPrivateKey() ([]byte, error)
GetPublicKey(privKey []byte) ([]byte, error) GetPublicKey(privKey []byte) ([]byte, error)
GetInterfaceIP() (string, error) GetInterfaceIP() (string, error)
SetInterfaceIP(ip string) error SetInterfaceIP(ip string) error
@ -21,15 +22,21 @@ type VPN interface {
type stubVPN struct { type stubVPN struct {
peers []stubVPNPeer peers []stubVPNPeer
interfaceIP string interfaceIP string
privateKey []byte
addPeerErr error addPeerErr error
removePeerErr error removePeerErr error
getInterfaceIPErr error getInterfaceIPErr error
getPrivateKeyErr error
} }
func (*stubVPN) Setup(privKey []byte) ([]byte, error) { func (*stubVPN) Setup(privKey []byte) ([]byte, error) {
return []byte{2, 3, 4}, nil return []byte{2, 3, 4}, nil
} }
func (v *stubVPN) GetPrivateKey() ([]byte, error) {
return v.privateKey, v.getPrivateKeyErr
}
func (*stubVPN) GetPublicKey(privKey []byte) ([]byte, error) { func (*stubVPN) GetPublicKey(privKey []byte) ([]byte, error) {
if bytes.Equal(privKey, []byte{2, 3, 4}) { if bytes.Equal(privKey, []byte{2, 3, 4}) {
return []byte{3, 4, 5}, nil return []byte{3, 4, 5}, nil

View File

@ -54,6 +54,15 @@ func (w *Wireguard) Setup(privKey []byte) ([]byte, error) {
return key[:], nil return key[:], nil
} }
// GetPrivateKey returns the private key of the wireguard interface.
func (w *Wireguard) GetPrivateKey() ([]byte, error) {
device, err := w.client.Device(netInterface)
if err != nil {
return nil, fmt.Errorf("unable to retrieve wireguard private key from device %v: %w", netInterface, err)
}
return device.PrivateKey[:], nil
}
func (w *Wireguard) GetPublicKey(privKey []byte) ([]byte, error) { func (w *Wireguard) GetPublicKey(privKey []byte) ([]byte, error) {
key, err := wgtypes.NewKey(privKey) key, err := wgtypes.NewKey(privKey)
if err != nil { if err != nil {