diff options
Diffstat (limited to 'bridge/core/auth/credential_base.go')
-rw-r--r-- | bridge/core/auth/credential_base.go | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/bridge/core/auth/credential_base.go b/bridge/core/auth/credential_base.go index 488c223c..f9d1bf67 100644 --- a/bridge/core/auth/credential_base.go +++ b/bridge/core/auth/credential_base.go @@ -1,7 +1,10 @@ package auth import ( + "crypto/rand" + "encoding/base64" "fmt" + "strings" "time" "github.com/MichaelMure/git-bug/bridge/core" @@ -23,13 +26,22 @@ func newCredentialBase(target string) *credentialBase { } } -func newCredentialBaseFromConfig(conf map[string]string) (*credentialBase, error) { +func makeSalt() []byte { + result := make([]byte, 16) + _, err := rand.Read(result) + if err != nil { + panic(err) + } + return result +} + +func newCredentialBaseFromData(data map[string]string) (*credentialBase, error) { base := &credentialBase{ - target: conf[configKeyTarget], - meta: metaFromConfig(conf), + target: data[keyringKeyTarget], + meta: metaFromData(data), } - if createTime, ok := conf[configKeyCreateTime]; ok { + if createTime, ok := data[keyringKeyCreateTime]; ok { t, err := repository.ParseTimestamp(createTime) if err != nil { return nil, err @@ -39,7 +51,7 @@ func newCredentialBaseFromConfig(conf map[string]string) (*credentialBase, error return nil, fmt.Errorf("missing create time") } - salt, err := saltFromConfig(conf) + salt, err := saltFromData(data) if err != nil { return nil, err } @@ -48,6 +60,28 @@ func newCredentialBaseFromConfig(conf map[string]string) (*credentialBase, error return base, nil } +func metaFromData(data map[string]string) map[string]string { + result := make(map[string]string) + for key, val := range data { + if strings.HasPrefix(key, keyringKeyPrefixMeta) { + key = strings.TrimPrefix(key, keyringKeyPrefixMeta) + result[key] = val + } + } + if len(result) == 0 { + return nil + } + return result +} + +func saltFromData(data map[string]string) ([]byte, error) { + val, ok := data[keyringKeySalt] + if !ok { + return nil, fmt.Errorf("no credential salt found") + } + return base64.StdEncoding.DecodeString(val) +} + func (cb *credentialBase) Target() string { return cb.target } |