server: WIP implementation of server key from rng seed

2023-04-12 14:25:13 +00:00 · 2023-04-12 14:29:34 +02:00 · 2023-04-12 14:29:34 +02:00 · be1a33c896
commit be1a33c896
parent dcca768b6c
3 changed files with 14 additions and 0 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2383,6 +2383,7 @@ dependencies = [
 "opaque-ke",
 "orion",
 "rand 0.8.5",
+ "rand_chacha 0.3.1",
 "reqwest",
 "rustls",
 "rustls-pemfile",
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@ -31,6 +31,7 @@ lber = "0.4.1"
 ldap3_proto = ">=0.3.1"
 log = "*"
 orion = "0.17"
+rand_chacha = "0.3"
 rustls-pemfile = "1"
 serde = "*"
 serde_bytes = "0.11"
--- a/server/src/infra/configuration.rs
+++ b/server/src/infra/configuration.rs
@ -157,6 +157,18 @@ fn write_to_readonly_file(path: &std::path::Path, buffer: &[u8]) -> Result<()> {
 fn get_server_setup(file_path: &str) -> Result<ServerSetup> {
    use std::fs::read;
    let path = std::path::Path::new(file_path);
+    {
+        let hash = |val: &[u8]| -> [u8; 32] {
+            use sha2::{Digest, Sha256};
+            let mut seed_hasher = Sha256::new();
+            seed_hasher.update(val);
+            seed_hasher.finalize().into()
+        };
+        use rand::SeedableRng;
+        let mut rng = rand_chacha::ChaCha20Rng::from_seed(hash(b"random seed"));
+        let setup = bincode::serialize(&ServerSetup::new(&mut rng)).unwrap();
+        dbg!(hash(&setup));
+    }
    if path.exists() {
        let bytes = read(file_path).context(format!("Could not read key file `{}`", file_path))?;
        Ok(ServerSetup::deserialize(&bytes)?)