Verified Commit 7ff2f39a authored by Katharina Fey's avatar Katharina Fey 🏴
Browse files

No longer base64 encoding all hashes

parent ec5e7df0
# forge
# forge
A small toolkit for managing and rebuilding [NixOS] servers.
......@@ -13,7 +13,7 @@ and uses the configuration in your repository to run deployments.
One is required to make the daemon run and react to update events,
the second is repository specific configuration and deploy secrets.
When running `forge` manually you need to provide a trusted token
When running `forge` manually you need to provide a verification token
either via environment variable (`FORGE_TOKEN`) or a CLI argument.
Alternatively you can configure `forge` via the [`nixos`] module.
......@@ -71,7 +71,7 @@ Now generate a verification token from the secret token.
You can embed this into your forge configuration.
```
echo $FORGE_TOKEN | forgectl hash
echo $FORGE_TOKEN | forgectl hash --salt $FORGE_SALT
aloocai3Woophae7aeng0Ochou1irahsh6Aibahsuph3eiyu
```
......
use clap::ArgMatches;
use std::io::{stdin, Read};
use crate::PrettyHash;
mod utils {
pub use crate::*;
......@@ -22,12 +23,10 @@ pub fn run(args: &ArgMatches<'_>) {
// Hash token twice with random salt
let hash = utils::blake2(string.as_str(), salt);
let hash_enc = utils::base64_encode(&hash.0.iter().map(|i| *i).collect());
let token = utils::blake2(hash_enc.as_str(), hash.1);
// Turn token to string that includes the salt
let token_str = format!("{}", token);
let token = utils::blake2(hash_enc.as_str(), hash.1);
let token_enc = utils::base64_encode(&token.0.iter().map(|i| *i).collect());
// Base64 encode and print
let encoded = utils::base64_encode(&token_str.into_bytes());
println!("{}", encoded);
let pretty = (token_enc, hash.1).to_string();
println!("{}", pretty);
}
......@@ -12,17 +12,19 @@ use base64;
use serde::{Deserialize, Serialize};
use serde_yaml;
use std::fmt::{self, Display, Formatter};
const BLAKE_16_LENGTH: usize = 16;
const SALT_DIVIDER: &'static str = "=0w0=";
/// A blake16 hash, consisting of a byte array and salt
pub struct Hash<'salt>([u8; BLAKE_16_LENGTH], &'salt str);
impl<'salt> Display for Hash<'salt> {
fn fmt(&self, f: &mut Formatter) -> fmt::Result {
write!(f, "{:?}{}{}", self.0, SALT_DIVIDER, self.1)
pub(crate) trait PrettyHash {
fn to_string(self) -> String;
}
impl PrettyHash for (String, &str) {
fn to_string(self) -> String {
format!("{}{}{}", self.0, SALT_DIVIDER, self.1)
}
}
......
......@@ -4,5 +4,6 @@ use clap::ArgMatches;
pub const VERSION: &'static str = "0.1.0";
pub fn run(args: &ArgMatches<'_>) {
let _: String = args.value_of("FILE").unwrap().into();
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment