| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 package types | 5 package types |
| 6 | 6 |
| 7 import ( | 7 import ( |
| 8 "crypto/rand" | 8 "crypto/rand" |
| 9 "fmt" | 9 "fmt" |
| 10 ) | 10 ) |
| 11 | 11 |
| 12 const ( | 12 const ( |
| 13 // PrefixSecretLength is the size, in bytes, of the stream secret. | 13 // PrefixSecretLength is the size, in bytes, of the stream secret. |
| 14 // | 14 // |
| 15 // This value was chosen such that it is: | 15 // This value was chosen such that it is: |
| 16 // - Sufficiently large to avoid collisions. | 16 // - Sufficiently large to avoid collisions. |
| 17 // - Can be expressed as a Base64 string without ugly padding. | 17 // - Can be expressed as a Base64 string without ugly padding. |
| 18 PrefixSecretLength = 36 | 18 PrefixSecretLength = 36 |
| 19 ) | 19 ) |
| 20 | 20 |
| 21 // PrefixSecret is the stream secret value. This is a Base64-encoded secret | 21 // PrefixSecret is the prefix secret value. It is used to assert ownership of |
| 22 // value. | 22 // a prefix space. |
| 23 // |
| 24 // The Prefix secret is generated by the Coordinator at prefix registration, |
| 25 // and is included by the Butler to prove that it is the entity that registered |
| 26 // the stream. The secret is asserted by microservices and the Coordinator |
| 27 // during Butler-initiated stream operations. |
| 23 type PrefixSecret []byte | 28 type PrefixSecret []byte |
| 24 | 29 |
| 25 // NewPrefixSecret generates a new, default-length secret parameter. | 30 // NewPrefixSecret generates a new, default-length secret parameter. |
| 26 func NewPrefixSecret() (PrefixSecret, error) { | 31 func NewPrefixSecret() (PrefixSecret, error) { |
| 27 buf := make([]byte, PrefixSecretLength) | 32 buf := make([]byte, PrefixSecretLength) |
| 28 if _, err := rand.Read(buf); err != nil { | 33 if _, err := rand.Read(buf); err != nil { |
| 29 return nil, err | 34 return nil, err |
| 30 } | 35 } |
| 31 | 36 |
| 32 value := PrefixSecret(buf) | 37 value := PrefixSecret(buf) |
| 33 if err := value.Validate(); err != nil { | 38 if err := value.Validate(); err != nil { |
| 34 panic(err) | 39 panic(err) |
| 35 } | 40 } |
| 36 return value, nil | 41 return value, nil |
| 37 } | 42 } |
| 38 | 43 |
| 39 // Validate confirms that this prefix secret is conformant. | 44 // Validate confirms that this prefix secret is conformant. |
| 40 // | 45 // |
| 41 // Note that this does not scan the byte contents of the secret for any | 46 // Note that this does not scan the byte contents of the secret for any |
| 42 // security-related parameters. | 47 // security-related parameters. |
| 43 func (s PrefixSecret) Validate() error { | 48 func (s PrefixSecret) Validate() error { |
| 44 if len(s) != PrefixSecretLength { | 49 if len(s) != PrefixSecretLength { |
| 45 return fmt.Errorf("invalid prefix secret length (%d != %d)", len
(s), PrefixSecretLength) | 50 return fmt.Errorf("invalid prefix secret length (%d != %d)", len
(s), PrefixSecretLength) |
| 46 } | 51 } |
| 47 return nil | 52 return nil |
| 48 } | 53 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1967273002:
LogDog: Implement RegisterPrefix RPC. (Closed)
Base URL: https://github.com/luci/luci-go@logdog-butler-register-coordinator-endpoint