Check if cert and private key match

merge-requests/2/merge
Bsian 2020-01-01 12:50:52 +00:00
parent da29adac49
commit 817ac0aa97
No known key found for this signature in database
GPG Key ID: 097FB9A291026091
1 changed files with 18 additions and 3 deletions

View File

@ -1,4 +1,4 @@
import { writeFile } from 'fs-extra'; import { writeFile, unlink } from 'fs-extra';
import axios from 'axios'; import axios from 'axios';
import { Message } from 'eris'; import { Message } from 'eris';
import { Command } from '../class'; import { Command } from '../class';
@ -20,7 +20,7 @@ export default class CWG_UpdateCert extends Command {
if (!args[2]) return this.client.commands.get('help').run(message, ['cwg', this.name]); if (!args[2]) return this.client.commands.get('help').run(message, ['cwg', this.name]);
const dom = await this.client.db.Domain.findOne({ $or: [{ domain: args[0] }, { port: Number(args[0]) || '' }] }); const dom = await this.client.db.Domain.findOne({ $or: [{ domain: args[0] }, { port: Number(args[0]) || '' }] });
if (!dom) return message.channel.createMessage(`***${this.client.stores.emojis.error} The domain or port you provided could not be found.***`); if (!dom) return message.channel.createMessage(`***${this.client.stores.emojis.error} The domain or port you provided could not be found.***`);
const { domain, port, x509 } = dom; const { domain, port, x509, account } = dom;
const { cert, key } = x509; const { cert, key } = x509;
const urls = args.slice(1, 3); // eslint-disable-line const urls = args.slice(1, 3); // eslint-disable-line
@ -32,7 +32,16 @@ export default class CWG_UpdateCert extends Command {
if (!this.isValidCertificateChain(certAndPrivateKey[0])) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Invalid Certificate Chain***`); if (!this.isValidCertificateChain(certAndPrivateKey[0])) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Invalid Certificate Chain***`);
if (!this.isValidPrivateKey(certAndPrivateKey[1])) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Invalid Private Key***`); if (!this.isValidPrivateKey(certAndPrivateKey[1])) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Invalid Private Key***`);
const writeTasks = [writeFile(cert, certAndPrivateKey[0], { encoding: 'utf8' }), writeFile(key, certAndPrivateKey[1], { encoding: 'utf8' })]; const path = `/var/CloudServices/temp/${account.id}`;
const temp = [writeFile(`${path}.chain.crt`, certAndPrivateKey[0]), writeFile(`${path}.key.pem`, certAndPrivateKey[1])];
const removeFiles = [unlink(`${path}.chain.crt`), unlink(`${path}.key.pem`)];
await Promise.all(temp);
if (!this.isMatchingPair(`${path}.chain.crt`, `${path}.key.pem`)) {
await Promise.all(removeFiles);
return message.channel.createMessage(`${this.client.stores.emojis.error} ***Certificate and private key do not match***`);
}
const writeTasks = [writeFile(cert, certAndPrivateKey[0], { encoding: 'utf8' }), writeFile(key, certAndPrivateKey[1], { encoding: 'utf8' }), ...removeFiles];
await Promise.all(writeTasks); await Promise.all(writeTasks);
return message.channel.createMessage(`${this.client.stores.emojis.success} ***Updated certificate for ${domain} on port ${port}***`); return message.channel.createMessage(`${this.client.stores.emojis.success} ***Updated certificate for ${domain} on port ${port}***`);
@ -60,4 +69,10 @@ export default class CWG_UpdateCert extends Command {
if (this.checkOccurance(key.replace(/^\s+|\s+$/g, ''), '-----END PRIVATE KEY-----') !== 1) return false; if (this.checkOccurance(key.replace(/^\s+|\s+$/g, ''), '-----END PRIVATE KEY-----') !== 1) return false;
return true; return true;
} }
public async isMatchingPair(cert: string, privateKey: string) {
const result: string = await this.client.util.exec(`${__dirname}/../bin/checkCertSignatures ${cert} ${privateKey}`);
const { ok }: { ok: boolean } = JSON.parse(result);
return ok;
}
} }