Chromium Code Reviews Chromium Code Reviews
Issue 1910923002:
LogDog: Add project namespace to service endpoint. (Closed)
Base URL: https://github.com/luci/luci-go@logdog-project-coordinator-backend| Index: common/logdog/types/streamsecret.go |
| diff --git a/common/logdog/types/streamsecret.go b/common/logdog/types/streamsecret.go |
| index 0b2fad2b9606edcfc2fb80eba1c29f908d4d2774..3b7187c4f7ded46bd4f61abf1327bd4bcfa8ddda 100644 |
| --- a/common/logdog/types/streamsecret.go |
| +++ b/common/logdog/types/streamsecret.go |
| @@ -7,30 +7,42 @@ package types |
| import ( |
| "crypto/rand" |
| "errors" |
| + "fmt" |
| ) |
| const ( |
| - // StreamSecretLength is the size, in bytes, of the stream secret. |
| + // PrefixSecretLength is the size, in bytes, of the stream secret. |
| // |
| // This value was chosen such that it is: |
| // - Sufficiently large to avoid collisions. |
| // - Can be expressed as a Base64 string without ugly padding. |
| - StreamSecretLength = 36 |
| + PrefixSecretLength = 36 |
| ) |
| -// StreamSecret is the stream secret value. This is a Base64-encoded secret |
| +// PrefixSecret is the stream secret value. This is a Base64-encoded secret |
| // value. |
| -type StreamSecret []byte |
| +type PrefixSecret []byte |
| -// NewStreamSecret generates a new, default-length secret parameter. |
| -func NewStreamSecret() (StreamSecret, error) { |
| - buf := make([]byte, StreamSecretLength) |
| +// NewPrefixSecret generates a new, default-length secret parameter. |
| +func NewPrefixSecret() (PrefixSecret, error) { |
| + buf := make([]byte, PrefixSecretLength) |
| count, err := rand.Read(buf) |
| if err != nil { |
| return nil, err |
| } |
| if count != len(buf) { |
|
Ryan Tseng
2016/04/28 20:52:04
Or just use validate() now that you have one?
dnj
2016/04/30 02:51:35
Done.
|
| - return nil, errors.New("streamsecret: Generated secret with invalid size") |
| + return nil, errors.New("generated secret with invalid size") |
| } |
| - return StreamSecret(buf), nil |
| + return PrefixSecret(buf), nil |
| +} |
| + |
| +// Validate confirms that this prefix secret is conformant. |
| +// |
| +// Note that this does not scan the byte contents of the secret for any |
| +// security-related parameters. |
| +func (s PrefixSecret) Validate() error { |
| + if len(s) != PrefixSecretLength { |
| + return fmt.Errorf("invalid prefix secret length (%d != %d)", len(s), PrefixSecretLength) |
| + } |
| + return nil |
| } |
