ei
/
mtg
mirror of https://github.com/9seconds/mtg
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 48 Wiki Activity
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
628 Commits
4 Branches
Tree: 04b88cc864
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '04b88cc864'
${ noResults }
mtg/mtglib/secret.go

secret.go 2.0KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 
  1. package mtglib

  2. 

  3. import (

  4. 	"crypto/rand"

  5. 	"encoding/base64"

  6. 	"encoding/hex"

  7. 	"fmt"

  8. )

  9. 

  10. const (

  11. 	SecretKeyLength = 16

  12. 

  13. 	secretFakeTLSFirstByte byte = 0xee

  14. )

  15. 

  16. var secretEmptyKey [SecretKeyLength]byte

  17. 

  18. type Secret struct {

  19. 	Key  [SecretKeyLength]byte

  20. 	Host string

  21. }

  22. 

  23. func (s Secret) MarshalText() ([]byte, error) {

  24. 	if s.Valid() {

  25. 		return []byte(s.String()), nil

  26. 	}

  27. 

  28. 	return nil, nil

  29. }

  30. 

  31. func (s *Secret) UnmarshalText(data []byte) error {

  32. 	text := string(data)

  33. 	if text == "" {

  34. 		return ErrSecretEmpty

  35. 	}

  36. 

  37. 	decoded, err := hex.DecodeString(text)

  38. 	if err != nil {

  39. 		decoded, err = base64.RawURLEncoding.DecodeString(text)

  40. 	}

  41. 

  42. 	if err != nil {

  43. 		return fmt.Errorf("incorrect secret format: %w", err)

  44. 	}

  45. 

  46. 	if len(decoded) < 2 { // nolint: gomnd // we need at least 1 byte here

  47. 		return fmt.Errorf("secret is truncated, length=%d", len(decoded))

  48. 	}

  49. 

  50. 	if decoded[0] != secretFakeTLSFirstByte {

  51. 		return fmt.Errorf("incorrect first byte of secret: %#x", decoded[0])

  52. 	}

  53. 

  54. 	decoded = decoded[1:]

  55. 	if len(decoded) < SecretKeyLength {

  56. 		return fmt.Errorf("secret has incorrect length %d", len(decoded))

  57. 	}

  58. 

  59. 	copy(s.Key[:], decoded[:SecretKeyLength])

  60. 	s.Host = string(decoded[SecretKeyLength:])

  61. 

  62. 	if s.Host == "" {

  63. 		return fmt.Errorf("hostname cannot be empty: %s", text)

  64. 	}

  65. 

  66. 	return nil

  67. }

  68. 

  69. func (s Secret) Valid() bool {

  70. 	return s.Key != secretEmptyKey && s.Host != ""

  71. }

  72. 

  73. func (s Secret) String() string {

  74. 	return s.Base64()

  75. }

  76. 

  77. func (s Secret) Base64() string {

  78. 	return base64.RawURLEncoding.EncodeToString(s.makeBytes())

  79. }

  80. 

  81. func (s Secret) Hex() string {

  82. 	return hex.EncodeToString(s.makeBytes())

  83. }

  84. 

  85. func (s *Secret) makeBytes() []byte {

  86. 	data := append([]byte{secretFakeTLSFirstByte}, s.Key[:]...)

  87. 	data = append(data, s.Host...)

  88. 

  89. 	return data

  90. }

  91. 

  92. func GenerateSecret(hostname string) Secret {

  93. 	s := Secret{

  94. 		Host: hostname,

  95. 	}

  96. 

  97. 	if _, err := rand.Read(s.Key[:]); err != nil {

  98. 		panic(err)

  99. 	}

  100. 

  101. 	return s

  102. }

  103. 

  104. func ParseSecret(secret string) (Secret, error) {

  105. 	s := Secret{}

  106. 

  107. 	return s, s.UnmarshalText([]byte(secret))

  108. }