From 321e26fae746e661d713cedfb6642609e680cafe Mon Sep 17 00:00:00 2001
From: fuero <fuero@users.noreply.github.com>
Date: Mon, 5 Jun 2017 23:28:13 +0200
Subject: Saving private keys (#61)

* enables saving private keys

* renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes
---
 client/client.go | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'client/client.go')

diff --git a/client/client.go b/client/client.go
index 305d0d2..8ebe29a 100644
--- a/client/client.go
+++ b/client/client.go
@@ -5,6 +5,7 @@ import (
 	"crypto/tls"
 	"encoding/base64"
 	"encoding/json"
+	"encoding/pem"
 	"fmt"
 	"io/ioutil"
 	"net/http"
@@ -33,14 +34,30 @@ func SavePublicFiles(prefix string, cert *ssh.Certificate, pub ssh.PublicKey) er
 	pubTxt := ssh.MarshalAuthorizedKey(pub)
 	certPubTxt := []byte(cert.Type() + " " + base64.StdEncoding.EncodeToString(cert.Marshal()))
 
-	if err := ioutil.WriteFile(prefix+".pub", pubTxt, 0644); err != nil {
+	_prefix := prefix + "/id_" + cert.KeyId
+
+	if err := ioutil.WriteFile(_prefix+".pub", pubTxt, 0644); err != nil {
 		return err
 	}
-	err := ioutil.WriteFile(prefix+"-cert.pub", certPubTxt, 0644)
+	err := ioutil.WriteFile(_prefix+"-cert.pub", certPubTxt, 0644)
 
 	return err
 }
 
+// SavePrivateFiles installs the private part of the key.
+func SavePrivateFiles(prefix string, cert *ssh.Certificate, key Key) error {
+	if prefix == "" {
+		return nil
+	}
+	_prefix := prefix + "/id_" + cert.KeyId
+	pemBlock, err := pemBlockForKey(key);
+	if err != nil {
+		return err
+	}
+	err = ioutil.WriteFile(_prefix, pem.EncodeToMemory(pemBlock), 0600)
+	return err
+}
+
 // InstallCert adds the private key and signed certificate to the ssh agent.
 func InstallCert(a agent.Agent, cert *ssh.Certificate, key Key) error {
 	t := time.Unix(int64(cert.ValidBefore), 0)
-- 
cgit v1.2.3