-
Notifications
You must be signed in to change notification settings - Fork 37
/
encoder.go
152 lines (114 loc) · 3.57 KB
/
encoder.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
package keystore
import (
"fmt"
"hash"
"io"
"math"
)
type encoder struct {
w io.Writer
h hash.Hash
}
func (e encoder) writeUint16(value uint16) error {
var b [2]byte
byteOrder.PutUint16(b[:], value)
return e.writeBytes(b[:])
}
func (e encoder) writeUint32(value uint32) error {
var b [4]byte
byteOrder.PutUint32(b[:], value)
return e.writeBytes(b[:])
}
func (e encoder) writeUint64(value uint64) error {
var b [8]byte
byteOrder.PutUint64(b[:], value)
return e.writeBytes(b[:])
}
func (e encoder) writeBytes(value []byte) error {
if _, err := e.w.Write(value); err != nil {
return fmt.Errorf("write %d bytes: %w", len(value), err)
}
if _, err := e.h.Write(value); err != nil {
return fmt.Errorf("update digest: %w", err)
}
return nil
}
func (e encoder) writeString(value string) error {
strLen := len(value)
if strLen > math.MaxUint16 {
return fmt.Errorf("got string %d bytes long, max length is %d", strLen, math.MaxUint16)
}
if err := e.writeUint16(uint16(strLen)); err != nil {
return fmt.Errorf("write length: %w", err)
}
if err := e.writeBytes([]byte(value)); err != nil {
return fmt.Errorf("write body: %w", err)
}
return nil
}
func (e encoder) writeCertificate(cert Certificate) error {
if err := e.writeString(cert.Type); err != nil {
return fmt.Errorf("write type: %w", err)
}
certLen := uint64(len(cert.Content))
if certLen > math.MaxUint32 {
return fmt.Errorf("got certificate %d bytes long, max length is %d", certLen, uint64(math.MaxUint32))
}
if err := e.writeUint32(uint32(certLen)); err != nil {
return fmt.Errorf("write length: %w", err)
}
if err := e.writeBytes(cert.Content); err != nil {
return fmt.Errorf("write content: %w", err)
}
return nil
}
func (e encoder) writePrivateKeyEntry(alias string, pke PrivateKeyEntry) error {
if err := e.writeUint32(privateKeyTag); err != nil {
return fmt.Errorf("write tag: %w", err)
}
if err := e.writeString(alias); err != nil {
return fmt.Errorf("write alias: %w", err)
}
if err := e.writeUint64(uint64(pke.CreationTime.UnixMilli())); err != nil { //nolint:gosec
return fmt.Errorf("write creation timestamp: %w", err)
}
length := uint64(len(pke.PrivateKey))
if length > math.MaxUint32 {
return fmt.Errorf("got encrypted content %d bytes long, max length is %d", length, uint64(math.MaxUint32))
}
if err := e.writeUint32(uint32(length)); err != nil {
return fmt.Errorf("filed to write length: %w", err)
}
if err := e.writeBytes(pke.PrivateKey); err != nil {
return fmt.Errorf("write content: %w", err)
}
certNum := uint64(len(pke.CertificateChain))
if certNum > math.MaxUint32 {
return fmt.Errorf("got certificate chain %d entries long, max number of entries is %d",
certNum, uint64(math.MaxUint32))
}
if err := e.writeUint32(uint32(certNum)); err != nil {
return fmt.Errorf("write number of certificates: %w", err)
}
for i, cert := range pke.CertificateChain {
if err := e.writeCertificate(cert); err != nil {
return fmt.Errorf("write %d certificate: %w", i, err)
}
}
return nil
}
func (e encoder) writeTrustedCertificateEntry(alias string, tce TrustedCertificateEntry) error {
if err := e.writeUint32(trustedCertificateTag); err != nil {
return fmt.Errorf("write tag: %w", err)
}
if err := e.writeString(alias); err != nil {
return fmt.Errorf("write alias: %w", err)
}
if err := e.writeUint64(uint64(tce.CreationTime.UnixMilli())); err != nil { //nolint:gosec
return fmt.Errorf("write creation timestamp: %w", err)
}
if err := e.writeCertificate(tce.Certificate); err != nil {
return fmt.Errorf("write certificate: %w", err)
}
return nil
}