forked from companyzero/zkc
/
tools.go
97 lines (80 loc) · 2.05 KB
/
tools.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
// Copyright (c) 2016 Company 0, LLC.
// Use of this source code is governed by an ISC
// license that can be found in the LICENSE file.
package tools
import (
"crypto/rand"
"crypto/sha1"
"crypto/tls"
"encoding/base64"
"encoding/binary"
"encoding/hex"
"fmt"
"io"
"github.com/companyzero/zkc/zkidentity"
)
const (
ZKSIdentityFilename = "zkserver.id"
ZKSCertFilename = "zkserver.crt"
ZKSKeyFilename = "zkserver.key"
ZKSHome = "home"
ZKCServerFilename = "myserver/myserver.ini"
)
type ServerRecord struct {
PublicIdentity zkidentity.PublicIdentity
Certificate []byte
IPandPort []byte
Directory bool
}
type ClientRecord struct {
PublicIdentity zkidentity.PublicIdentity
}
// randomUint64 returns a cryptographically random uint64 value. This
// unexported version takes a reader primarily to ensure the error paths
// can be properly tested by passing a fake reader in the tests.
func randomUint64(r io.Reader) (uint64, error) {
var b [8]byte
_, err := io.ReadFull(r, b[:])
if err != nil {
return 0, err
}
return binary.BigEndian.Uint64(b[:]), nil
}
// RandomUint64 returns a cryptographically random uint64 value.
func RandomUint64() (uint64, error) {
return randomUint64(rand.Reader)
}
// ValidateIdentity verfies that a string contains a valid identity and returns
// its []byte representation.
func ValidateIdentity(id string) ([]byte, error) {
b, err := hex.DecodeString(id)
if err != nil {
return nil, err
}
if len(b) != zkidentity.IdentitySize {
return nil, fmt.Errorf("invalid size")
}
return b, err
}
func Fingerprint(blob []byte) string {
d := sha1.New()
d.Write(blob)
digest := d.Sum(nil)
return base64.StdEncoding.EncodeToString(digest[:])
}
func FingerprintDER(c tls.Certificate) string {
if len(c.Certificate) != 1 {
return "unexpected chained certificate"
}
return Fingerprint(c.Certificate[0])
}
func InFours(x string) (string, error) {
if len(x) != 16 {
return "", fmt.Errorf("too small")
}
return fmt.Sprintf("%4v %4v %4v %4v",
x[0:4],
x[4:8],
x[8:12],
x[12:16]), nil
}