cmd/tailscale,ipn: minor fixes to tailscale lock commands

* Fix broken add/remove key commands * Make lock status display whether the node is signed Signed-off-by: Tom DNetto <tom@tailscale.com>
2025-12-01 09:32:08 +00:00 · 2022-11-03 10:25:20 -07:00
parent c60e444696
commit 4c31183781
6 changed files with 116 additions and 7 deletions
--- a/tka/key.go
+++ b/tka/key.go
@@ -85,6 +85,17 @@ func (k Key) ID() tkatype.KeyID {
 	}
 }

+// Ed25519 returns the ed25519 public key encoded by Key. An error is
+// returned for keys which do not represent ed25519 public keys.
+func (k Key) Ed25519() (ed25519.PublicKey, error) {
+	switch k.Kind {
+	case Key25519:
+		return ed25519.PublicKey(k.Public), nil
+	default:
+		return nil, fmt.Errorf("key is of type %v, not ed25519", k.Kind)
+	}
+}
+
 const maxMetaBytes = 512

 func (k Key) StaticValidate() error {
--- a/tka/tka.go
+++ b/tka/tka.go
@@ -705,3 +705,12 @@ func (a *Authority) KeyTrusted(keyID tkatype.KeyID) bool {
 	_, err := a.state.GetKey(keyID)
 	return err == nil
 }
+
+// Keys returns the set of keys trusted by the tailnet key authority.
+func (a *Authority) Keys() []Key {
+	out := make([]Key, len(a.state.Keys))
+	for i := range a.state.Keys {
+		out[i] = a.state.Keys[i].Clone()
+	}
+	return out
+}