server: WIP implementation of server key from rng seed

This commit is contained in:
Valentin Tolmer 2023-04-12 14:29:34 +02:00
parent dcca768b6c
commit be1a33c896
3 changed files with 14 additions and 0 deletions

1
Cargo.lock generated
View File

@ -2383,6 +2383,7 @@ dependencies = [
"opaque-ke", "opaque-ke",
"orion", "orion",
"rand 0.8.5", "rand 0.8.5",
"rand_chacha 0.3.1",
"reqwest", "reqwest",
"rustls", "rustls",
"rustls-pemfile", "rustls-pemfile",

View File

@ -31,6 +31,7 @@ lber = "0.4.1"
ldap3_proto = ">=0.3.1" ldap3_proto = ">=0.3.1"
log = "*" log = "*"
orion = "0.17" orion = "0.17"
rand_chacha = "0.3"
rustls-pemfile = "1" rustls-pemfile = "1"
serde = "*" serde = "*"
serde_bytes = "0.11" serde_bytes = "0.11"

View File

@ -157,6 +157,18 @@ fn write_to_readonly_file(path: &std::path::Path, buffer: &[u8]) -> Result<()> {
fn get_server_setup(file_path: &str) -> Result<ServerSetup> { fn get_server_setup(file_path: &str) -> Result<ServerSetup> {
use std::fs::read; use std::fs::read;
let path = std::path::Path::new(file_path); let path = std::path::Path::new(file_path);
{
let hash = |val: &[u8]| -> [u8; 32] {
use sha2::{Digest, Sha256};
let mut seed_hasher = Sha256::new();
seed_hasher.update(val);
seed_hasher.finalize().into()
};
use rand::SeedableRng;
let mut rng = rand_chacha::ChaCha20Rng::from_seed(hash(b"random seed"));
let setup = bincode::serialize(&ServerSetup::new(&mut rng)).unwrap();
dbg!(hash(&setup));
}
if path.exists() { if path.exists() {
let bytes = read(file_path).context(format!("Could not read key file `{}`", file_path))?; let bytes = read(file_path).context(format!("Could not read key file `{}`", file_path))?;
Ok(ServerSetup::deserialize(&bytes)?) Ok(ServerSetup::deserialize(&bytes)?)