fix: fill read ssh host key pub keys

Fixes #404 Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
opiproject · Jun 19, 2024 · 2f9af8f · 2f9af8f
1 parent 4071520
commit 2f9af8f
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 9 deletions.
diff --git a/sztp-agent/pkg/secureagent/daemon.go b/sztp-agent/pkg/secureagent/daemon.go
@@ -100,17 +100,17 @@ func (a *Agent) doReportProgress(s ProgressType) error {
 	p.IetfSztpBootstrapServerInput.ProgressType = s.String()
 	p.IetfSztpBootstrapServerInput.Message = "message sent via JSON"
 	if s == ProgressTypeBootstrapComplete {
-		// TODO: generate real key here
+		// TODO: use/generate real TA cert here
 		encodedKey := base64.StdEncoding.EncodeToString([]byte("mysshpass"))
 		p.IetfSztpBootstrapServerInput.TrustAnchorCerts.TrustAnchorCert = []string{encodedKey}
-		p.IetfSztpBootstrapServerInput.SSHHostKeys.SSHHostKey = []struct {
-			Algorithm string `json:"algorithm"`
-			KeyData   string `json:"key-data"`
-		}{
-			{
-				Algorithm: "ssh-rsa",
-				KeyData:   encodedKey,
-			},
+		for _, key := range readSSHHostKeyPublicFiles() {
+			p.IetfSztpBootstrapServerInput.SSHHostKeys.SSHHostKey = append(p.IetfSztpBootstrapServerInput.SSHHostKeys.SSHHostKey, struct {
+				Algorithm string `json:"algorithm"`
+				KeyData   string `json:"key-data"`
+			}{
+				Algorithm: key.Algorithm,
+				KeyData:   key.KeyData,
+			})
 		}
 	}
 	a.SetProgressJSON(p)

diff --git a/sztp-agent/pkg/secureagent/utils.go b/sztp-agent/pkg/secureagent/utils.go
@@ -156,6 +156,32 @@ func generateInputJSONContent() string {
 	return string(inputJSON)
 }
 
+type PublicKey struct {
+	Algorithm string
+	KeyData   string
+	Comment   string
+}
+
+func readSSHHostKeyPublicFiles() []PublicKey {
+	var results []PublicKey
+	files, err := filepath.Glob("/etc/ssh/ssh_host_*key.pub")
+	if err != nil {
+		fmt.Println("Error:", err)
+		return results
+	}
+	for _, f := range files {
+		data, _ := os.ReadFile(f)
+		parts := strings.Fields(string(data))
+		// [type-name] [base64-encoded-ssh-public-key] [comment]
+		if len(parts) < 2 {
+			fmt.Println("Error parsing pub key, should contain at least 2 parts with spaces", f)
+			continue
+		}
+		results = append(results, PublicKey{Algorithm: parts[0], KeyData: parts[1]})
+	}
+	return results
+}
+
 func replaceQuotes(input string) string {
 	return strings.ReplaceAll(input, "\"", "")
 }