From be1a33c8967fbc6cfabc28409d4193eb36ba6edf Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Wed, 12 Apr 2023 14:29:34 +0200 Subject: [PATCH] server: WIP implementation of server key from rng seed --- Cargo.lock | 1 + server/Cargo.toml | 1 + server/src/infra/configuration.rs | 12 ++++++++++++ 3 files changed, 14 insertions(+) diff --git a/Cargo.lock b/Cargo.lock index c10735c..75ea69a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2383,6 +2383,7 @@ dependencies = [ "opaque-ke", "orion", "rand 0.8.5", + "rand_chacha 0.3.1", "reqwest", "rustls", "rustls-pemfile", diff --git a/server/Cargo.toml b/server/Cargo.toml index 8e0a65f..68780ab 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -31,6 +31,7 @@ lber = "0.4.1" ldap3_proto = ">=0.3.1" log = "*" orion = "0.17" +rand_chacha = "0.3" rustls-pemfile = "1" serde = "*" serde_bytes = "0.11" diff --git a/server/src/infra/configuration.rs b/server/src/infra/configuration.rs index b483a57..1bd0c52 100644 --- a/server/src/infra/configuration.rs +++ b/server/src/infra/configuration.rs @@ -157,6 +157,18 @@ fn write_to_readonly_file(path: &std::path::Path, buffer: &[u8]) -> Result<()> { fn get_server_setup(file_path: &str) -> Result { use std::fs::read; let path = std::path::Path::new(file_path); + { + let hash = |val: &[u8]| -> [u8; 32] { + use sha2::{Digest, Sha256}; + let mut seed_hasher = Sha256::new(); + seed_hasher.update(val); + seed_hasher.finalize().into() + }; + use rand::SeedableRng; + let mut rng = rand_chacha::ChaCha20Rng::from_seed(hash(b"random seed")); + let setup = bincode::serialize(&ServerSetup::new(&mut rng)).unwrap(); + dbg!(hash(&setup)); + } if path.exists() { let bytes = read(file_path).context(format!("Could not read key file `{}`", file_path))?; Ok(ServerSetup::deserialize(&bytes)?)