From cfb10566fdb3093363fc39d21a8c5aa5c4deeeeb Mon Sep 17 00:00:00 2001 From: Rutger Broekhoff Date: Fri, 21 May 2021 00:16:17 +0200 Subject: Initial commit --- src/base32.zig | 120 +++++++++++++ src/crc16.zig | 57 +++++++ src/nkeys.zig | 518 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/znk.zig | 462 ++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 1157 insertions(+) create mode 100644 src/base32.zig create mode 100644 src/crc16.zig create mode 100644 src/nkeys.zig create mode 100644 src/znk.zig (limited to 'src') diff --git a/src/base32.zig b/src/base32.zig new file mode 100644 index 0000000..b1400a5 --- /dev/null +++ b/src/base32.zig @@ -0,0 +1,120 @@ +const std = @import("std"); + +// TODO(rutgerbrf): simplify the code of the encoder & decoder? + +pub const Encoder = struct { + const Self = @This(); + + out_off: u4 = 0, + buf: u5 = 0, + + pub fn write(self: *Self, b: u8, out: []u8) usize { + var i: usize = 0; + var bits_left: u4 = 8; + while (bits_left > 0) { + var space_avail = @truncate(u3, 5 - self.out_off); + var write_bits: u3 = if (bits_left < space_avail) @truncate(u3, bits_left) else space_avail; + bits_left -= write_bits; + var mask: u8 = (@as(u8, 0x01) << write_bits) - 1; + var want: u8 = (b >> @truncate(u3, bits_left)) & mask; + self.buf |= @truncate(u5, want << (space_avail - write_bits)); + self.out_off += write_bits; + if (self.out_off == 5) { + if (i >= out.len) break; + out[i] = self.char(); + i += 1; + self.out_off = 0; + self.buf = 0; + } + } + return i; + } + + fn char(self: *const Self) u8 { + return self.buf + (if (self.buf < 26) @as(u8, 'A') else '2' - 26); + } +}; + +pub const DecodeError = error{CorruptInputError}; + +pub const Decoder = struct { + const Self = @This(); + + out_off: u4 = 0, + buf: u8 = 0, + + pub fn read(self: *Self, c: u8) DecodeError!?u8 { + var ret: ?u8 = null; + var decoded_c = try decodeChar(c); + var bits_left: u3 = 5; + while (bits_left > 0) { + var space_avail: u4 = 8 - self.out_off; + var write_bits: u3 = if (bits_left < space_avail) bits_left else @truncate(u3, space_avail); + bits_left -= write_bits; + var mask: u8 = (@as(u8, 0x01) << write_bits) - 1; + var want: u8 = (decoded_c >> bits_left) & mask; + self.buf |= want << @truncate(u3, space_avail - write_bits); + self.out_off += write_bits; + if (self.out_off == 8) { + ret = self.buf; + self.out_off = 0; + self.buf = 0; + } + } + return ret; + } + + fn decodeChar(p: u8) DecodeError!u5 { + var value: u5 = 0; + if (p >= 'A' and p <= 'Z') { + value = @truncate(u5, p - @as(u8, 'A')); + } else if (p >= '2' and p <= '9') { + // '2' -> 26 + value = @truncate(u5, p - @as(u8, '2') + 26); + } else { + return error.CorruptInputError; + } + return value; + } +}; + +pub fn encodedLen(src_len: usize) usize { + const src_len_bits = src_len * 8; + return src_len_bits / 5 + (if (src_len_bits % 5 > 0) @as(usize, 1) else 0); +} + +pub fn decodedLen(enc_len: usize) usize { + const enc_len_bits = enc_len * 5; + return enc_len_bits / 8; +} + +pub fn encode(bs: []const u8, out: []u8) usize { + var e = Encoder{}; + var i: usize = 0; + for (bs) |b| { + if (i >= out.len) break; + i += e.write(b, out[i..]); + } + if (e.out_off != 0 and i < out.len) { + out[i] = e.char(); + i += 1; + } + return i; // amount of bytes processed +} + +pub fn decode(ps: []const u8, out: []u8) DecodeError!usize { + var d = Decoder{}; + var i: usize = 0; + for (ps) |p| { + if (i >= out.len) break; + if (try d.read(p)) |b| { + out[i] = b; + i += 1; + } + } + if (d.out_off != 0 and i < out.len) { + out[i] = d.buf; + i += 1; + } + return i; // amount of bytes processed +} diff --git a/src/crc16.zig b/src/crc16.zig new file mode 100644 index 0000000..3b66d99 --- /dev/null +++ b/src/crc16.zig @@ -0,0 +1,57 @@ +const Error = error{InvalidChecksum}; + +// TODO(rutgerbrf): generate this table at compile time? +const crc16tab = [256]u16{ + 0x0000, 0x1021, 0x2042, 0x3063, 0x4084, 0x50a5, 0x60c6, 0x70e7, + 0x8108, 0x9129, 0xa14a, 0xb16b, 0xc18c, 0xd1ad, 0xe1ce, 0xf1ef, + 0x1231, 0x0210, 0x3273, 0x2252, 0x52b5, 0x4294, 0x72f7, 0x62d6, + 0x9339, 0x8318, 0xb37b, 0xa35a, 0xd3bd, 0xc39c, 0xf3ff, 0xe3de, + 0x2462, 0x3443, 0x0420, 0x1401, 0x64e6, 0x74c7, 0x44a4, 0x5485, + 0xa56a, 0xb54b, 0x8528, 0x9509, 0xe5ee, 0xf5cf, 0xc5ac, 0xd58d, + 0x3653, 0x2672, 0x1611, 0x0630, 0x76d7, 0x66f6, 0x5695, 0x46b4, + 0xb75b, 0xa77a, 0x9719, 0x8738, 0xf7df, 0xe7fe, 0xd79d, 0xc7bc, + 0x48c4, 0x58e5, 0x6886, 0x78a7, 0x0840, 0x1861, 0x2802, 0x3823, + 0xc9cc, 0xd9ed, 0xe98e, 0xf9af, 0x8948, 0x9969, 0xa90a, 0xb92b, + 0x5af5, 0x4ad4, 0x7ab7, 0x6a96, 0x1a71, 0x0a50, 0x3a33, 0x2a12, + 0xdbfd, 0xcbdc, 0xfbbf, 0xeb9e, 0x9b79, 0x8b58, 0xbb3b, 0xab1a, + 0x6ca6, 0x7c87, 0x4ce4, 0x5cc5, 0x2c22, 0x3c03, 0x0c60, 0x1c41, + 0xedae, 0xfd8f, 0xcdec, 0xddcd, 0xad2a, 0xbd0b, 0x8d68, 0x9d49, + 0x7e97, 0x6eb6, 0x5ed5, 0x4ef4, 0x3e13, 0x2e32, 0x1e51, 0x0e70, + 0xff9f, 0xefbe, 0xdfdd, 0xcffc, 0xbf1b, 0xaf3a, 0x9f59, 0x8f78, + 0x9188, 0x81a9, 0xb1ca, 0xa1eb, 0xd10c, 0xc12d, 0xf14e, 0xe16f, + 0x1080, 0x00a1, 0x30c2, 0x20e3, 0x5004, 0x4025, 0x7046, 0x6067, + 0x83b9, 0x9398, 0xa3fb, 0xb3da, 0xc33d, 0xd31c, 0xe37f, 0xf35e, + 0x02b1, 0x1290, 0x22f3, 0x32d2, 0x4235, 0x5214, 0x6277, 0x7256, + 0xb5ea, 0xa5cb, 0x95a8, 0x8589, 0xf56e, 0xe54f, 0xd52c, 0xc50d, + 0x34e2, 0x24c3, 0x14a0, 0x0481, 0x7466, 0x6447, 0x5424, 0x4405, + 0xa7db, 0xb7fa, 0x8799, 0x97b8, 0xe75f, 0xf77e, 0xc71d, 0xd73c, + 0x26d3, 0x36f2, 0x0691, 0x16b0, 0x6657, 0x7676, 0x4615, 0x5634, + 0xd94c, 0xc96d, 0xf90e, 0xe92f, 0x99c8, 0x89e9, 0xb98a, 0xa9ab, + 0x5844, 0x4865, 0x7806, 0x6827, 0x18c0, 0x08e1, 0x3882, 0x28a3, + 0xcb7d, 0xdb5c, 0xeb3f, 0xfb1e, 0x8bf9, 0x9bd8, 0xabbb, 0xbb9a, + 0x4a75, 0x5a54, 0x6a37, 0x7a16, 0x0af1, 0x1ad0, 0x2ab3, 0x3a92, + 0xfd2e, 0xed0f, 0xdd6c, 0xcd4d, 0xbdaa, 0xad8b, 0x9de8, 0x8dc9, + 0x7c26, 0x6c07, 0x5c64, 0x4c45, 0x3ca2, 0x2c83, 0x1ce0, 0x0cc1, + 0xef1f, 0xff3e, 0xcf5d, 0xdf7c, 0xaf9b, 0xbfba, 0x8fd9, 0x9ff8, + 0x6e17, 0x7e36, 0x4e55, 0x5e74, 0x2e93, 0x3eb2, 0x0ed1, 0x1ef0, +}; + +pub fn update(crc: u16, with_data: []const u8) u16 { + var new_crc = crc; + for (with_data) |b| { + new_crc = ((new_crc << 8) & 0xffff) ^ crc16tab[((new_crc >> 8) ^ @as(u16, b)) & 0x00ff]; + } + return new_crc; +} + +// make returns the CRC16 checksum for the data provided. +pub fn make(data: []const u8) u16 { + return update(0, data); +} + +// validate will check the calculated CRC16 checksum for data against the expected. +pub fn validate(data: []const u8, expected: u16) !void { + if (make(data) != expected) { + return error.InvalidChecksum; + } +} diff --git a/src/nkeys.zig b/src/nkeys.zig new file mode 100644 index 0000000..7ce44f9 --- /dev/null +++ b/src/nkeys.zig @@ -0,0 +1,518 @@ +const std = @import("std"); +const ascii = std.ascii; +const base32 = @import("base32.zig"); +const crc16 = @import("crc16.zig"); +const crypto = std.crypto; +const Ed25519 = crypto.sign.Ed25519; +const mem = std.mem; +const testing = std.testing; + +const Error = error{ + InvalidPrefixByte, + InvalidEncoding, + InvalidSeed, + NoNKeySeedFound, + NoNKeyUserSeedFound, +}; + +pub fn fromText(text: []const u8) !Key { + if (!isValidEncoding(text)) return error.InvalidEncoding; + switch (text[0]) { + 'S' => { + // It's a seed. + if (text.len != text_seed_len) return error.InvalidSeed; + return Key{ .seed_key_pair = try fromSeed(text[0..text_seed_len]) }; + }, + 'P' => return error.InvalidEncoding, // unsupported for now + else => { + if (text.len != text_public_len) return error.InvalidEncoding; + return Key{ .public_key = try fromPublicKey(text[0..text_public_len]) }; + }, + } +} + +pub const Key = union(enum) { + seed_key_pair: SeedKeyPair, + public_key: PublicKey, + + const Self = @This(); + + pub fn publicKey(self: *const Self) !text_public { + return switch (self.*) { + .seed_key_pair => |*kp| try kp.publicKey(), + .public_key => |*pk| try pk.publicKey(), + }; + } + + pub fn intoPublicKey(self: *const Self) !PublicKey { + return switch (self.*) { + .seed_key_pair => |*kp| try kp.intoPublicKey(), + .public_key => |pk| pk, + }; + } + + pub fn verify( + self: *const Self, + msg: []const u8, + sig: [Ed25519.signature_length]u8, + ) !void { + return switch (self.*) { + .seed_key_pair => |*kp| try kp.verify(msg, sig), + .public_key => |*pk| try pk.verify(msg, sig), + }; + } + + pub fn wipe(self: *Self) void { + return switch (self.*) { + .seed_key_pair => |*kp| kp.wipe(), + .public_key => |*pk| pk.wipe(), + }; + } +}; + +pub const KeyTypePrefixByte = enum(u8) { + seed = 18 << 3, // S + private = 15 << 3, // P + unknown = 23 << 3, // U +}; + +pub const PublicPrefixByte = enum(u8) { + account = 0, // A + cluster = 2 << 3, // C + operator = 14 << 3, // O + server = 13 << 3, // N + user = 20 << 3, // U + + fn fromU8(b: u8) !PublicPrefixByte { + return switch (b) { + @enumToInt(PublicPrefixByte.server) => .server, + @enumToInt(PublicPrefixByte.cluster) => .cluster, + @enumToInt(PublicPrefixByte.operator) => .operator, + @enumToInt(PublicPrefixByte.account) => .account, + @enumToInt(PublicPrefixByte.user) => .user, + else => error.InvalidPrefixByte, + }; + } +}; + +pub const SeedKeyPair = struct { + const Self = @This(); + + seed: text_seed, + + pub fn init(prefix: PublicPrefixByte) !Self { + var raw_seed: [Ed25519.seed_length]u8 = undefined; + crypto.random.bytes(&raw_seed); + defer wipeBytes(&raw_seed); + + var seed = try encodeSeed(prefix, &raw_seed); + return Self{ .seed = seed }; + } + + pub fn initFromSeed(seed: *const text_seed) !Self { + var decoded = try decodeSeed(seed); + defer decoded.wipe(); + + return Self{ .seed = seed.* }; + } + + fn rawSeed(self: *const Self) ![Ed25519.seed_length]u8 { + return (try decodeSeed(&self.seed)).seed; + } + + fn keys(self: *const Self) !Ed25519.KeyPair { + return Ed25519.KeyPair.create(try rawSeed(self)); + } + + pub fn privateKey(self: *const Self) !text_private { + var kp = try self.keys(); + defer wipeKeyPair(&kp); + return try encodePrivate(&kp.secret_key); + } + + pub fn publicKey(self: *const Self) !text_public { + var decoded = try decodeSeed(&self.seed); + defer decoded.wipe(); + var kp = try Ed25519.KeyPair.create(decoded.seed); + defer wipeKeyPair(&kp); + return try encodePublic(decoded.prefix, &kp.public_key); + } + + pub fn intoPublicKey(self: *const Self) !PublicKey { + var decoded = try decodeSeed(&self.seed); + var kp = try Ed25519.KeyPair.create(decoded.seed); + defer wipeKeyPair(&kp); + return PublicKey{ + .prefix = decoded.prefix, + .key = kp.public_key, + }; + } + + pub fn sign( + self: *const Self, + msg: []const u8, + ) ![Ed25519.signature_length]u8 { + var kp = try self.keys(); + defer wipeKeyPair(&kp); + return try Ed25519.sign(msg, kp, null); + } + + pub fn verify( + self: *const Self, + msg: []const u8, + sig: [Ed25519.signature_length]u8, + ) !void { + var kp = try self.keys(); + defer wipeKeyPair(&kp); + try Ed25519.verify(sig, msg, kp.public_key); + } + + pub fn wipe(self: *Self) void { + wipeBytes(&self.seed); + } + + fn wipeKeyPair(kp: *Ed25519.KeyPair) void { + wipeBytes(&kp.secret_key); + } +}; + +fn wipeBytes(bs: []u8) void { + for (bs) |*b| b.* = 0; +} + +pub const PublicKey = struct { + const Self = @This(); + + prefix: PublicPrefixByte, + key: [Ed25519.public_length]u8, + + pub fn publicKey(self: *const Self) !text_public { + return try encodePublic(self.prefix, &self.key); + } + + pub fn verify( + self: *const Self, + msg: []const u8, + sig: [Ed25519.signature_length]u8, + ) !void { + try Ed25519.verify(sig, msg, self.key); + } + + pub fn wipe(self: *Self) void { + self.prefix = .user; + std.crypto.random.bytes(&self.key); + } +}; + +// One prefix byte, two CRC bytes +const binary_private_size = 1 + Ed25519.secret_length + 2; +// One prefix byte, two CRC bytes +const binary_public_size = 1 + Ed25519.public_length + 2; +// Two prefix bytes, two CRC bytes +const binary_seed_size = 2 + Ed25519.seed_length + 2; + +pub const text_private_len = base32.encodedLen(binary_private_size); +pub const text_public_len = base32.encodedLen(binary_public_size); +pub const text_seed_len = base32.encodedLen(binary_seed_size); + +pub const text_private = [text_private_len]u8; +pub const text_public = [text_public_len]u8; +pub const text_seed = [text_seed_len]u8; + +pub fn encodePublic(prefix: PublicPrefixByte, key: *const [Ed25519.public_length]u8) !text_public { + return encode(1, key.len, &[_]u8{@enumToInt(prefix)}, key); +} + +pub fn encodePrivate(key: *const [Ed25519.secret_length]u8) !text_private { + return encode(1, key.len, &[_]u8{@enumToInt(KeyTypePrefixByte.private)}, key); +} + +fn EncodedKey(comptime prefix_len: usize, comptime data_len: usize) type { + return [base32.encodedLen(prefix_len + data_len + 2)]u8; +} + +fn encode( + comptime prefix_len: usize, + comptime data_len: usize, + prefix: *const [prefix_len]u8, + data: *const [data_len]u8, +) !EncodedKey(prefix_len, data_len) { + var buf: [prefix_len + data_len + 2]u8 = undefined; + defer wipeBytes(&buf); + + mem.copy(u8, &buf, prefix[0..]); + mem.copy(u8, buf[prefix_len..], data[0..]); + var off = prefix_len + data_len; + var checksum = crc16.make(buf[0..off]); + mem.writeIntLittle(u16, buf[buf.len - 2 .. buf.len], checksum); + + var text: EncodedKey(prefix_len, data_len) = undefined; + std.debug.assert(base32.encode(&buf, &text) == text.len); + + return text; +} + +pub fn encodeSeed(prefix: PublicPrefixByte, src: *const [Ed25519.seed_length]u8) !text_seed { + var full_prefix = [_]u8{ + @enumToInt(KeyTypePrefixByte.seed) | (@enumToInt(prefix) >> 5), + (@enumToInt(prefix) & 0b00011111) << 3, + }; + return encode(full_prefix.len, src.len, &full_prefix, src); +} + +pub fn decodePrivate(text: *const text_private) ![Ed25519.secret_length]u8 { + var decoded = try decode(1, Ed25519.secret_length, text); + defer wipeBytes(&decoded.data); + if (decoded.prefix[0] != @enumToInt(KeyTypePrefixByte.private)) + return error.InvalidPrefixByte; + return decoded.data; +} + +pub fn decodePublic(prefix: PublicPrefixByte, text: *const text_public) ![Ed25519.public_length]u8 { + var decoded = try decode(1, Ed25519.public_length, text); + if (decoded.data[0] != @enumToInt(prefix)) + return error.InvalidPrefixByte; + return decoded.data; +} + +fn DecodedNKey(comptime prefix_len: usize, comptime data_len: usize) type { + return struct { + prefix: [prefix_len]u8, + data: [data_len]u8, + }; +} + +fn decode( + comptime prefix_len: usize, + comptime data_len: usize, + text: *const [base32.encodedLen(prefix_len + data_len + 2)]u8, +) !DecodedNKey(prefix_len, data_len) { + var raw: [prefix_len + data_len + 2]u8 = undefined; + defer wipeBytes(&raw); + std.debug.assert((try base32.decode(text[0..], &raw)) == raw.len); + + var checksum = mem.readIntLittle(u16, raw[raw.len - 2 .. raw.len]); + try crc16.validate(raw[0 .. raw.len - 2], checksum); + + return DecodedNKey(prefix_len, data_len){ + .prefix = raw[0..prefix_len].*, + .data = raw[prefix_len .. raw.len - 2].*, + }; +} + +pub const DecodedSeed = struct { + const Self = @This(); + + prefix: PublicPrefixByte, + seed: [Ed25519.seed_length]u8, + + pub fn wipe(self: *Self) void { + self.prefix = .account; + wipeBytes(&self.seed); + } +}; + +pub fn decodeSeed(text: *const text_seed) !DecodedSeed { + var decoded = try decode(2, Ed25519.seed_length, text); + defer wipeBytes(&decoded.data); // gets copied + + var key_ty_prefix = decoded.prefix[0] & 0b11111000; + var entity_ty_prefix = (decoded.prefix[0] & 0b00000111) << 5 | ((decoded.prefix[1] & 0b11111000) >> 3); + + if (key_ty_prefix != @enumToInt(KeyTypePrefixByte.seed)) + return error.InvalidSeed; + + return DecodedSeed{ + .prefix = try PublicPrefixByte.fromU8(entity_ty_prefix), + .seed = decoded.data, + }; +} + +pub fn fromPublicKey(text: *const text_public) !PublicKey { + var decoded = try decode(1, Ed25519.public_length, text); + defer wipeBytes(&decoded.data); // gets copied + + return PublicKey{ + .prefix = try PublicPrefixByte.fromU8(decoded.prefix[0]), + .key = decoded.data, + }; +} + +pub fn fromSeed(text: *const text_seed) !SeedKeyPair { + var res = try decodeSeed(text); + wipeBytes(&res.seed); + return SeedKeyPair{ .seed = text.* }; +} + +pub fn isValidEncoding(text: []const u8) bool { + if (text.len < 4) return false; + var made_crc: u16 = 0; + var dec = base32.Decoder{}; + var crc_buf: [2]u8 = undefined; + var crc_buf_len: u8 = 0; + var expect_len: usize = base32.decodedLen(text.len); + var wrote_n_total: usize = 0; + for (text) |c, i| { + var b = (dec.read(c) catch return false) orelse continue; + wrote_n_total += 1; + if (crc_buf_len == 2) made_crc = crc16.update(made_crc, &.{crc_buf[0]}); + crc_buf[0] = crc_buf[1]; + crc_buf[1] = b; + if (crc_buf_len != 2) crc_buf_len += 1; + } + if (dec.out_off != 0 and wrote_n_total < expect_len) { + if (crc_buf_len == 2) made_crc = crc16.update(made_crc, &.{crc_buf[0]}); + crc_buf[0] = crc_buf[1]; + crc_buf[1] = dec.buf; + if (crc_buf_len != 2) crc_buf_len += 1; + } + if (crc_buf_len != 2) unreachable; + var got_crc = mem.readIntLittle(u16, &crc_buf); + return made_crc == got_crc; +} + +pub fn isValidSeed(text: *const text_seed) bool { + var res = decodeSeed(text) catch return false; + wipeBytes(&res.seed); + return true; +} + +pub fn isValidPublicKey(text: *const text_public, with_type: ?PublicPrefixByte) bool { + var res = decode(1, Ed25519.public_length, text) catch return false; + var public = PublicPrefixByte.fromU8(res.data[0]) catch return false; + return if (with_type) |ty| public == ty else true; +} + +pub fn fromRawSeed(prefix: PublicPrefixByte, raw_seed: *const [Ed25519.seed_length]u8) !SeedKeyPair { + return SeedKeyPair{ .seed = try encodeSeed(prefix, raw_seed) }; +} + +pub fn getNextLine(text: []const u8, off: *usize) ?[]const u8 { + if (off.* <= text.len) return null; + var newline_pos = mem.indexOfPos(u8, text, off.*, "\n") orelse return null; + var start = off.*; + var end = newline_pos; + if (newline_pos > 0 and text[newline_pos - 1] == '\r') end -= 1; + off.* = newline_pos + 1; + return text[start..end]; +} + +// `line` must not contain CR or LF characters. +pub fn isKeySectionBarrier(line: []const u8) bool { + return line.len >= 6 and mem.startsWith(u8, line, "---") and mem.endsWith(u8, line, "---"); +} + +pub fn areKeySectionContentsValid(contents: []const u8) bool { + const allowed_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-.="; + + for (contents) |c| { + var is_c_allowed = false; + for (allowed_chars) |allowed_c| { + if (c == allowed_c) { + is_c_allowed = true; + break; + } + } + if (!is_c_allowed) return false; + } + + return true; +} + +pub fn findKeySection(text: []const u8, off: *usize) ?[]const u8 { + // Skip all space + // Lines end with \n, but \r\n is also fine + // Contents of the key may consist of abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-.= + // However, if a line seems to be in the form of ---stuff---, the section is ended. + // A newline must be present at the end of the key footer + // See https://regex101.com/r/pEaqcJ/1 for a weird edge case in the github.com/nats-io/nkeys library + // Another weird edge case: https://regex101.com/r/Xmqj1h/1 + while (true) { + var opening_line = getNextLine(text, off) orelse return null; + if (!isKeySectionBarrier(opening_line)) continue; + + var contents_line = getNextLine(text, off) orelse return null; + if (!areKeySectionContentsValid(contents_line)) continue; + + var closing_line = getNextLine(text, off) orelse return null; + if (!isKeySectionBarrier(closing_line)) continue; + + return contents_line; + } +} + +pub fn parseDecoratedJwt(contents: []const u8) ![]const u8 { + var current_off: usize = 0; + return findKeySection(contents, ¤t_off) orelse return contents; +} + +fn validNKey(text: []const u8) bool { + var valid_prefix = + mem.startsWith(u8, text, "SO") or + mem.startsWith(u8, text, "SA") or + mem.startsWith(u8, text, "SU"); + var valid_len = text.len >= text_seed_len; + return valid_prefix and valid_len; +} + +fn findNKey(text: []const u8) ?[]const u8 { + var current_off: usize = 0; + while (true) { + var line = getNextLine(text, ¤t_off) orelse return null; + for (line) |c, i| { + if (!ascii.isSpace(c)) { + if (validNKey(line[i..])) return line[i..]; + break; + } + } + } +} + +pub fn parseDecoratedNKey(contents: []const u8) !SeedKeyPair { + var current_off: usize = 0; + + var seed: ?[]const u8 = null; + if (findKeySection(contents, ¤t_off) != null) + seed = findKeySection(contents, ¤t_off); + if (seed != null) + seed = findNKey(contents) orelse return error.NoNKeySeedFound; + if (!validNKey(seed.?)) + return error.NoNKeySeedFound; + return fromSeed(contents[0..text_seed_len]); +} + +pub fn parseDecoratedUserNKey(contents: []const u8) !SeedKeyPair { + var key = try parseDecoratedNKey(contents); + if (!mem.startsWith(u8, &key.seed, "SU")) return error.NoNKeyUserSeedFound; + defer key.wipe(); + return key; +} + +test { + testing.refAllDecls(@This()); + testing.refAllDecls(Key); + testing.refAllDecls(SeedKeyPair); + testing.refAllDecls(PublicKey); +} + +test { + var key_pair = try SeedKeyPair.init(PublicPrefixByte.server); + defer key_pair.wipe(); + + var decoded_seed = try decodeSeed(&key_pair.seed); + var encoded_second_time = try encodeSeed(decoded_seed.prefix, &decoded_seed.seed); + try testing.expectEqualSlices(u8, &key_pair.seed, &encoded_second_time); + try testing.expect(isValidEncoding(&key_pair.seed)); + + var pub_key_str_a = try key_pair.publicKey(); + var priv_key_str = try key_pair.privateKey(); + try testing.expect(pub_key_str_a.len != 0); + try testing.expect(priv_key_str.len != 0); + try testing.expect(isValidEncoding(&pub_key_str_a)); + try testing.expect(isValidEncoding(&priv_key_str)); + wipeBytes(&priv_key_str); + + var pub_key = try key_pair.intoPublicKey(); + var pub_key_str_b = try pub_key.publicKey(); + try testing.expectEqualSlices(u8, &pub_key_str_a, &pub_key_str_b); +} diff --git a/src/znk.zig b/src/znk.zig new file mode 100644 index 0000000..ab36c96 --- /dev/null +++ b/src/znk.zig @@ -0,0 +1,462 @@ +const std = @import("std"); +const Allocator = mem.Allocator; +const ascii = std.ascii; +const build_options = @import("build_options"); +const builtin = std.builtin; +const fs = std.fs; +const io = std.io; +const mem = std.mem; +const nkeys = @import("nkeys.zig"); +const process = std.process; +const testing = std.testing; + +pub fn fatal(comptime format: []const u8, args: anytype) noreturn { + std.debug.print("error: " ++ format ++ "\n", args); + process.exit(1); +} + +pub fn info(comptime format: []const u8, args: anytype) void { + std.debug.print(format ++ "\n", args); +} + +const usage = + \\Usage: znk [command] [options] + \\ + \\Commands: + \\ + \\ gen Generate a new key pair + \\ help Print this help and exit + \\ sign Sign a file + \\ verify Verify a file with a signature + \\ version Print version number and exit + \\ + \\General Options: + \\ + \\ -h, --help Print this help and exit + \\ +; + +var general_purpose_allocator = std.heap.GeneralPurposeAllocator(.{}){}; + +pub fn main() anyerror!void { + // Stolen from the Zig compiler + var gpa_need_deinit = false; + const gpa = gpa: { + if (!std.builtin.link_libc) { + gpa_need_deinit = true; + break :gpa &general_purpose_allocator.allocator; + } + // We would prefer to use raw libc allocator here, but cannot + // use it if it won't support the alignment we need. + if (@alignOf(std.c.max_align_t) < @alignOf(i128)) { + break :gpa std.heap.c_allocator; + } + break :gpa std.heap.raw_c_allocator; + }; + defer if (gpa_need_deinit) { + std.debug.assert(!general_purpose_allocator.deinit()); + }; + var arena_instance = std.heap.ArenaAllocator.init(gpa); + defer arena_instance.deinit(); + const arena = &arena_instance.allocator; + + const args = try process.argsAlloc(arena); + return mainArgs(gpa, arena, args); +} + +pub fn mainArgs(gpa: *Allocator, arena: *Allocator, args: []const []const u8) !void { + if (args.len <= 1) { + info("{s}", .{usage}); + fatal("expected command argument", .{}); + } + + const cmd = args[1]; + const cmd_args = args[2..]; + if (mem.eql(u8, cmd, "gen")) { + return cmdGen(gpa, arena, cmd_args); + } else if (mem.eql(u8, cmd, "sign")) { + return cmdSign(gpa, arena, cmd_args); + } else if (mem.eql(u8, cmd, "verify")) { + return cmdVerify(gpa, arena, cmd_args); + } else if (mem.eql(u8, cmd, "version")) { + return io.getStdOut().writeAll(build_options.version ++ "\n"); + } else if (mem.eql(u8, cmd, "help") or mem.eql(u8, cmd, "-h") or mem.eql(u8, cmd, "--help")) { + return io.getStdOut().writeAll(usage); + } else { + info("{s}", .{usage}); + fatal("unknown command: {s}", .{cmd}); + } +} + +const usage_gen = + \\Usage: znk gen [options] + \\ + \\Supported Types: + \\ + \\ account + \\ cluster + \\ operator + \\ server + \\ user + \\ + \\General Options: + \\ + \\ -h, --help Print this help and exit + \\ + \\Generate Options: + \\ + \\ -o, --pub-out Print the public key to stdout + \\ -p, --prefix Vanity public key prefix, turns -o on + \\ +; + +pub fn cmdGen(gpa: *Allocator, arena: *Allocator, args: []const []const u8) !void { + const stdout = io.getStdOut(); + + var ty: ?nkeys.PublicPrefixByte = null; + var pub_out: bool = false; + var prefix: ?[]const u8 = null; + + var i: usize = 0; + while (i < args.len) : (i += 1) { + const arg = args[i]; + if (mem.startsWith(u8, arg, "-")) { + if (mem.eql(u8, arg, "-h") or mem.eql(u8, arg, "--help")) { + return stdout.writeAll(usage_gen); + } else if (mem.eql(u8, arg, "-o") or mem.eql(u8, arg, "--pub-out")) { + pub_out = true; + } else if (mem.eql(u8, arg, "-p") or mem.eql(u8, arg, "--prefix")) { + if (i + 1 >= args.len) + fatal("expected argument after '{s}'", .{arg}); + i += 1; + if (args[i].len > nkeys.text_public_len - 1) + fatal("public key prefix '{s}' is too long", .{arg}); + prefix = args[i]; + } else { + fatal("unrecognized parameter: '{s}'", .{arg}); + } + } else if (ty != null) { + fatal("more than one type to generate provided", .{}); + } else if (mem.eql(u8, arg, "account")) { + ty = .account; + } else if (mem.eql(u8, arg, "cluster")) { + ty = .cluster; + } else if (mem.eql(u8, arg, "operator")) { + ty = .operator; + } else if (mem.eql(u8, arg, "server")) { + ty = .server; + } else if (mem.eql(u8, arg, "user")) { + ty = .user; + } else { + fatal("unrecognized extra parameter: '{s}'", .{arg}); + } + } + + if (ty == null) { + info("{s}", .{usage_gen}); + fatal("no type to generate seed for provided", .{}); + } + + if (prefix != null) { + const capitalized_prefix = try toUpper(arena, prefix.?); + + try PrefixKeyGenerator.init(arena, ty.?, capitalized_prefix).generate(); + } else { + var kp = nkeys.SeedKeyPair.init(ty.?) catch |e| fatal("could not generate key pair: {e}", .{e}); + defer kp.wipe(); + try stdout.writeAll(&kp.seed); + try stdout.writeAll("\n"); + + var public_key = kp.publicKey() catch |e| fatal("could not generate public key: {e}", .{e}); + if (pub_out) { + try stdout.writeAll(&public_key); + try stdout.writeAll("\n"); + } + } +} + +const usage_sign = + \\Usage: znk sign -k [options] + \\ + \\General Options: + \\ + \\ -h, --help Print this help and exit + \\ + \\Sign Options: + \\ + \\ -k, --key Path of private key/seed to sign with + \\ +; + +pub fn cmdSign(gpa: *Allocator, arena: *Allocator, args: []const []const u8) !void { + // TODO(rutgerbrf): support setting a custom entropy file? + const stdin = io.getStdIn(); + const stdout = io.getStdOut(); + + var file_stdin = false; + var key_stdin = false; + var file: ?fs.File = null; + var key: ?fs.File = null; + defer if (!key_stdin) if (file) |f| f.close(); + defer if (!file_stdin) if (key) |f| f.close(); + + var i: usize = 0; + while (i < args.len) : (i += 1) { + const arg = args[i]; + if (mem.startsWith(u8, arg, "-") and arg.len > 1) { + if (mem.eql(u8, arg, "-h") or mem.eql(u8, arg, "--help")) { + return stdout.writeAll(usage_sign); + } else if (mem.eql(u8, arg, "-k") or mem.eql(u8, arg, "--key")) { + if (i + 1 >= args.len) fatal("expected argument after '{s}'", .{arg}); + i += 1; + if (key != null) fatal("parameter '{s}' provided more than once", .{arg}); + if (std.mem.eql(u8, args[i], "-")) { + key = stdin; + key_stdin = true; + } else { + key = try fs.cwd().openFile(args[i], .{}); + } + } else { + fatal("unrecognized parameter: '{s}'", .{arg}); + } + } else if (file != null) { + fatal("more than one file to generate a signature for provided", .{}); + } else if (mem.eql(u8, args[i], "-")) { + file = stdin; + file_stdin = true; + } else { + file = try fs.cwd().openFile(args[i], .{}); + } + } + + if (file == null) { + info("{s}", .{usage_sign}); + fatal("no file to generate a signature for provided", .{}); + } + + if (key == null) { + info("{s}", .{usage_sign}); + fatal("no key to sign with provided", .{}); + } + + if (file_stdin and key_stdin) { + fatal("can't use stdin for reading multiple files", .{}); + } + + const content = file.?.readToEndAlloc(arena, std.math.maxInt(usize)) catch { + fatal("could not read file to generate signature for", .{}); + }; + var kp = switch (readKeyFile(arena, key.?)) { + .seed_key_pair => |kp| kp, + else => |*k| { + k.wipe(); + fatal("key was provided but is not a seed", .{}); + }, + }; + defer kp.wipe(); + + const sig = kp.sign(content) catch fatal("could not generate signature", .{}); + var encoded_sig = try arena.alloc(u8, std.base64.standard.Encoder.calcSize(sig.len)); + _ = std.base64.standard.Encoder.encode(encoded_sig, &sig); + try stdout.writeAll(encoded_sig); + try stdout.writeAll("\n"); +} + +const usage_verify = + \\Usage: znk verify [options] + \\ + \\General Options: + \\ + \\ -h, --help Print this help and exit + \\ + \\Verify Options: + \\ + \\ -k, --key Path of key to verify with + \\ -s, --sig Path of signature to verify + \\ +; + +pub fn cmdVerify(gpa: *Allocator, arena: *Allocator, args: []const []const u8) !void { + const stdin = io.getStdIn(); + const stdout = io.getStdOut(); + + var file_stdin = false; + var key_stdin = false; + var sig_stdin = false; + var key: ?fs.File = null; + var file: ?fs.File = null; + var sig: ?fs.File = null; + defer if (!file_stdin) if (file) |f| f.close(); + defer if (!key_stdin) if (key) |f| f.close(); + defer if (!sig_stdin) if (sig) |f| f.close(); + + var i: usize = 0; + while (i < args.len) : (i += 1) { + const arg = args[i]; + if (mem.startsWith(u8, arg, "-") and arg.len > 1) { + if (mem.eql(u8, arg, "-h") or mem.eql(u8, arg, "--help")) { + return stdout.writeAll(usage_verify); + } else if (mem.eql(u8, arg, "-k") or mem.eql(u8, arg, "--key")) { + if (i + 1 >= args.len) fatal("expected argument after '{s}'", .{arg}); + i += 1; + if (key != null) fatal("parameter '{s}' provided more than once", .{arg}); + if (std.mem.eql(u8, args[i], "-")) { + key = stdin; + key_stdin = true; + } else { + key = try fs.cwd().openFile(args[i], .{}); + } + } else if (mem.eql(u8, arg, "-s") or mem.eql(u8, arg, "--sig")) { + if (i + 1 >= args.len) fatal("expected argument after '{s}'", .{arg}); + i += 1; + if (sig != null) fatal("parameter '{s}' provided more than once", .{arg}); + if (std.mem.eql(u8, args[i], "-")) { + sig = stdin; + sig_stdin = true; + } else { + sig = try fs.cwd().openFile(args[i], .{}); + } + } else { + fatal("unrecognized parameter: '{s}'", .{arg}); + } + } else if (file != null) { + fatal("more than one file to verify signature of provided", .{}); + } else if (mem.eql(u8, args[i], "-")) { + file = stdin; + file_stdin = true; + } else { + file = try fs.cwd().openFile(args[i], .{}); + } + } + + if (file == null) { + info("{s}", .{usage_verify}); + fatal("no file to verify signature of provided", .{}); + } + + if (key == null) { + info("{s}", .{usage_verify}); + fatal("no key to verify signature with provided", .{}); + } + + if (sig == null) { + info("{s}", .{usage_verify}); + fatal("no file to generate a signature for provided", .{}); + } + + if (two(&.{ file_stdin, key_stdin, sig_stdin })) { + fatal("can't use stdin for reading multiple files", .{}); + } + + const content = file.?.readToEndAlloc(arena, std.math.maxInt(usize)) catch { + fatal("could not read file to generate signature for", .{}); + }; + const signature_b64 = sig.?.readToEndAlloc(arena, std.math.maxInt(usize)) catch { + fatal("could not read signature", .{}); + }; + var k = readKeyFile(arena, key.?); + defer k.wipe(); + + const trimmed_signature_b64 = mem.trim(u8, signature_b64, " \n\t\r"); + const decoded_len = std.base64.standard.Decoder.calcSizeForSlice(trimmed_signature_b64) catch { + fatal("invalid signature encoding", .{}); + }; + if (decoded_len != std.crypto.sign.Ed25519.signature_length) + fatal("invalid signature length", .{}); + const signature = try arena.alloc(u8, decoded_len); + + _ = std.base64.standard.Decoder.decode(signature, trimmed_signature_b64) catch { + fatal("invalid signature encoding", .{}); + }; + k.verify(content, signature[0..std.crypto.sign.Ed25519.signature_length].*) catch { + fatal("bad signature", .{}); + }; + + try stdout.writeAll("good signature\n"); +} + +const PrefixKeyGenerator = struct { + ty: nkeys.PublicPrefixByte, + prefix: []const u8, + allocator: *Allocator, + done: std.atomic.Bool, + + const Self = @This(); + + pub fn init(allocator: *Allocator, ty: nkeys.PublicPrefixByte, prefix: []const u8) Self { + return .{ + .ty = ty, + .prefix = prefix, + .allocator = allocator, + .done = std.atomic.Bool.init(false), + }; + } + + fn generatePrivate(self: *Self) void { + while (true) { + if (self.done.load(.SeqCst)) return; + + var kp = nkeys.SeedKeyPair.init(self.ty) catch |e| fatal("could not generate key pair: {e}", .{e}); + defer kp.wipe(); + var public_key = kp.publicKey() catch |e| fatal("could not generate public key: {e}", .{e}); + if (!mem.startsWith(u8, public_key[1..], self.prefix)) continue; + + if (self.done.xchg(true, .SeqCst)) return; // another thread is already done + + info("{s}", .{kp.seed}); + info("{s}", .{public_key}); + + return; + } + } + + pub usingnamespace if (builtin.single_threaded) struct { + pub fn generate(self: *Self) !void { + return self.generatePrivate(); + } + } else struct { + pub fn generate(self: *Self) !void { + var cpu_count = try std.Thread.cpuCount(); + var threads = try self.allocator.alloc(*std.Thread, cpu_count); + defer self.allocator.free(threads); + for (threads) |*thread| thread.* = try std.Thread.spawn(Self.generatePrivate, self); + for (threads) |thread| thread.wait(); + } + }; +}; + +pub fn readKeyFile(allocator: *Allocator, file: fs.File) nkeys.Key { + var bytes = file.readToEndAlloc(allocator, std.math.maxInt(usize)) catch fatal("could not read key file", .{}); + + var iterator = mem.split(bytes, "\n"); + while (iterator.next()) |line| { + if (nkeys.isValidEncoding(line) and line.len == nkeys.text_seed_len) { + var k = nkeys.fromText(line) catch continue; + defer k.wipe(); + allocator.free(bytes); + return k; + } + } + + fatal("could not find a valid key", .{}); +} + +fn two(slice: []const bool) bool { + var one = false; + for (slice) |x| if (x and one) { + return true; + } else { + one = true; + }; + return false; +} + +fn toUpper(allocator: *Allocator, slice: []const u8) ![]u8 { + const result = try allocator.alloc(u8, slice.len); + for (slice) |c, i| result[i] = ascii.toUpper(c); + return result; +} + +test { + testing.refAllDecls(@This()); +} -- cgit v1.2.3