Skip to content

Commit acc9e2e

Browse files
f0sself0ssel
committed
pr comments
1 parent 41b1ce1 commit acc9e2e

File tree

8 files changed

+39
-43
lines changed

8 files changed

+39
-43
lines changed

coderd/coderd.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ type Options struct {
3232
GoogleTokenValidator *idtoken.Validator
3333

3434
SecureAuthCookie bool
35-
SSHKeygenAlgorithm gitsshkey.SSHKeygenAlgorithm
35+
SSHKeygenAlgorithm gitsshkey.Algorithm
3636
}
3737

3838
// New constructs the Coder API into an HTTP handler.
@@ -139,7 +139,7 @@ func New(options *Options) (http.Handler, func()) {
139139
r.Get("/", api.workspacesByUser)
140140
r.Get("/{workspacename}", api.workspaceByUserAndName)
141141
})
142-
r.Get("/gitsshkey", api.getGitSSHKey)
142+
r.Get("/gitsshkey", api.gitSSHKey)
143143
r.Post("/gitsshkey", api.regenerateGitSSHKey)
144144
})
145145
})

coderd/coderdtest/coderdtest.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ import (
3838
"github.com/coder/coder/coderd/database"
3939
"github.com/coder/coder/coderd/database/databasefake"
4040
"github.com/coder/coder/coderd/database/postgres"
41+
"github.com/coder/coder/coderd/gitsshkey"
4142
"github.com/coder/coder/codersdk"
4243
"github.com/coder/coder/cryptorand"
4344
"github.com/coder/coder/provisioner/echo"
@@ -108,6 +109,7 @@ func New(t *testing.T, options *Options) *codersdk.Client {
108109

109110
AWSCertificates: options.AWSInstanceIdentity,
110111
GoogleTokenValidator: options.GoogleInstanceIdentity,
112+
SSHKeygenAlgorithm: gitsshkey.AlgorithmEd25519,
111113
})
112114
t.Cleanup(func() {
113115
srv.Close()

coderd/database/dump.sql

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000005_gitsshkey.up.sql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
CREATE TABLE IF NOT EXISTS git_ssh_keys (
2-
user_id text PRIMARY KEY NOT NULL,
2+
user_id uuid PRIMARY KEY NOT NULL REFERENCES users (id),
33
created_at timestamptz NOT NULL,
44
updated_at timestamptz NOT NULL,
5-
private_key bytea NOT NULL,
6-
public_key bytea NOT NULL
5+
private_key text NOT NULL,
6+
public_key text NOT NULL
77
);

coderd/database/models.go

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/query.sql.go

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/gitsshkey.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ func (api *api) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
4343
})
4444
}
4545

46-
func (api *api) getGitSSHKey(rw http.ResponseWriter, r *http.Request) {
46+
func (api *api) gitSSHKey(rw http.ResponseWriter, r *http.Request) {
4747
var (
4848
user = httpmw.UserParam(r)
4949
)
@@ -66,6 +66,6 @@ func (api *api) getGitSSHKey(rw http.ResponseWriter, r *http.Request) {
6666
})
6767
}
6868

69-
func (api *api) getPrivateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
69+
func (api *api) privateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
7070
// connect agent to workspace to user to gitsshkey
7171
}

coderd/gitsshkey/gitsshkey.go

Lines changed: 22 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -13,35 +13,33 @@ import (
1313
"golang.org/x/xerrors"
1414
)
1515

16-
type SSHKeygenAlgorithm string
16+
type Algorithm string
1717

1818
const (
19-
// SSHKeygenAlgorithmEd25519 is the Edwards-curve Digital Signature Algorithm using Curve25519
20-
SSHKeygenAlgorithmEd25519 SSHKeygenAlgorithm = "ed25519"
21-
// SSHKeygenAlgorithmECDSA is the Digital Signature Algorithm (DSA) using NIST Elliptic Curve
22-
SSHKeygenAlgorithmECDSA SSHKeygenAlgorithm = "ecdsa"
23-
// SSHKeygenAlgorithmRSA4096 is the venerable Rivest-Shamir-Adleman algorithm
19+
// AlgorithmEd25519 is the Edwards-curve Digital Signature Algorithm using Curve25519
20+
AlgorithmEd25519 Algorithm = "ed25519"
21+
// AlgorithmECDSA is the Digital Signature Algorithm (DSA) using NIST Elliptic Curve
22+
AlgorithmECDSA Algorithm = "ecdsa"
23+
// AlgorithmRSA4096 is the venerable Rivest-Shamir-Adleman algorithm
2424
// and creates a key with a fixed size of 4096-bit.
25-
SSHKeygenAlgorithmRSA4096 SSHKeygenAlgorithm = "rsa4096"
25+
AlgorithmRSA4096 Algorithm = "rsa4096"
2626
)
2727

28-
func GenerateKeyPair(algo SSHKeygenAlgorithm) ([]byte, []byte, error) {
28+
func GenerateKeyPair(algo Algorithm) ([]byte, []byte, error) {
2929
switch algo {
30-
case SSHKeygenAlgorithmEd25519:
30+
case AlgorithmEd25519:
3131
return ed25519KeyGen()
32-
case SSHKeygenAlgorithmECDSA:
32+
case AlgorithmECDSA:
3333
return ecdsaKeyGen()
34-
case SSHKeygenAlgorithmRSA4096:
34+
case AlgorithmRSA4096:
3535
return rsa4096KeyGen()
3636
default:
37-
return nil, nil, xerrors.Errorf("invalid SSHKeygenAlgorithm: %s", algo)
37+
return nil, nil, xerrors.Errorf("invalid algorithm: %s", algo)
3838
}
3939
}
4040

4141
// ed25519KeyGen returns an ED25519-based SSH private key.
4242
func ed25519KeyGen() ([]byte, []byte, error) {
43-
const blockType = "OPENSSH PRIVATE KEY"
44-
4543
publicKey, privateKeyRaw, err := ed25519.GenerateKey(rand.Reader)
4644
if err != nil {
4745
return nil, nil, xerrors.Errorf("generate ed25519 private key: %w", err)
@@ -56,7 +54,7 @@ func ed25519KeyGen() ([]byte, []byte, error) {
5654
}
5755

5856
pb := pem.Block{
59-
Type: blockType,
57+
Type: "OPENSSH PRIVATE KEY",
6058
Headers: nil,
6159
Bytes: byt,
6260
}
@@ -67,15 +65,13 @@ func ed25519KeyGen() ([]byte, []byte, error) {
6765

6866
// ecdsaKeyGen returns an ECDSA-based SSH private key.
6967
func ecdsaKeyGen() ([]byte, []byte, error) {
70-
const blockType = "EC PRIVATE KEY"
71-
7268
privateKeyRaw, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
7369
if err != nil {
7470
return nil, nil, xerrors.Errorf("generate ecdsa private key: %w", err)
7571
}
7672
publicKey, err := x509.MarshalPKIXPublicKey(privateKeyRaw.PublicKey)
7773
if err != nil {
78-
return nil, nil, xerrors.Errorf("generate RSA4096 public key: %w", err)
74+
return nil, nil, xerrors.Errorf("generate ecdsa public key: %w", err)
7975
}
8076

8177
byt, err := x509.MarshalECPrivateKey(privateKeyRaw)
@@ -84,7 +80,7 @@ func ecdsaKeyGen() ([]byte, []byte, error) {
8480
}
8581

8682
pb := pem.Block{
87-
Type: blockType,
83+
Type: "EC PRIVATE KEY",
8884
Headers: nil,
8985
Bytes: byt,
9086
}
@@ -97,8 +93,6 @@ func ecdsaKeyGen() ([]byte, []byte, error) {
9793
//
9894
// Administrators may configure this for SSH key compatibility with Azure DevOps.
9995
func rsa4096KeyGen() ([]byte, []byte, error) {
100-
const blockType = "RSA PRIVATE KEY"
101-
10296
privateKeyRaw, err := rsa.GenerateKey(rand.Reader, 4096)
10397
if err != nil {
10498
return nil, nil, xerrors.Errorf("generate RSA4096 private key: %w", err)
@@ -109,7 +103,7 @@ func rsa4096KeyGen() ([]byte, []byte, error) {
109103
}
110104

111105
pb := pem.Block{
112-
Type: blockType,
106+
Type: "RSA PRIVATE KEY",
113107
Bytes: x509.MarshalPKCS1PrivateKey(privateKeyRaw),
114108
}
115109
privateKey := pem.EncodeToMemory(&pb)
@@ -118,16 +112,16 @@ func rsa4096KeyGen() ([]byte, []byte, error) {
118112
}
119113

120114
// ParseSSHKeygenAlgorithm returns a valid SSHKeygenAlgorithm or error if input is not a valid.
121-
func ParseSSHKeygenAlgorithm(t string) (SSHKeygenAlgorithm, error) {
115+
func ParseSSHKeygenAlgorithm(t string) (Algorithm, error) {
122116
ok := []string{
123-
string(SSHKeygenAlgorithmEd25519),
124-
string(SSHKeygenAlgorithmECDSA),
125-
string(SSHKeygenAlgorithmRSA4096),
117+
string(AlgorithmEd25519),
118+
string(AlgorithmECDSA),
119+
string(AlgorithmRSA4096),
126120
}
127121

128122
for _, a := range ok {
129-
if string(t) == a {
130-
return SSHKeygenAlgorithm(a), nil
123+
if t == a {
124+
return Algorithm(a), nil
131125
}
132126
}
133127

0 commit comments

Comments
 (0)