diff options
Diffstat (limited to 'src/lib.go')
| -rw-r--r-- | src/lib.go | 744 |
1 files changed, 423 insertions, 321 deletions
@@ -14,105 +14,18 @@ import ( "math/big" "math/bits" "os" + "reflect" "runtime/debug" + "strings" "sync" "syscall" + "testing" "time" ) -// FIXME: finish rewriting -// -// lastV7time is the last time we returned stored as: -// -// 52 bits of time in milliseconds since epoch -// 12 bits of (fractional nanoseconds) >> 8 -var lastV7Time int64 -var timeMu sync.Mutex -// getV7Time returns the time in milliseconds and nanoseconds / 256. -// The returned (milli << (12 + seq)) is guaranteed to be greater than -// (milli << (12 + seq)) returned by any previous call to getV7Time. -// `seq` Sequence number is between 0 and 3906 (nanoPerMilli >> 8) -func getV7Time(nano int64) (int64, int64) { - const nanoPerMilli = 1000 * 1000 - - milli := nano / nanoPerMilli - seq := (nano - (milli * nanoPerMilli)) >> 8 - now := milli << (12 + seq) - - timeMu.Lock() - defer timeMu.Unlock() - if now <= lastV7Time { - now = lastV7Time + 1 - milli = now >> 12 - seq = now & 0xfff - } - lastV7Time = now - return milli, seq -} - -const lengthUUID = 16 - -type UUID struct { - bytes [lengthUUID]byte -} - -func NewUUID() UUID { - var buf [lengthUUID]byte - _, err := io.ReadFull(rand.Reader, buf[7:]) - if err != nil { - panic(err) - } - - buf[6] = (buf[6] & 0x0f) | 0x40 // Version 4 - buf[8] = (buf[8] & 0x3f) | 0x80 // Variant is 10 - - t, s := getV7Time(time.Now().UnixNano()) - - buf[0] = byte(t >> 40) - buf[1] = byte(t >> 32) - buf[2] = byte(t >> 24) - buf[3] = byte(t >> 16) - buf[4] = byte(t >> 8) - buf[5] = byte(t >> 0) - - buf[6] = 0x70 | (0x0f & byte(s >> 8)) - buf[7] = byte(s) - return UUID { bytes: buf } -} - -func (uuid UUID) ToString() string { - const dashCount = 4 - const encodedLength = (lengthUUID * 2) + dashCount - dst := [encodedLength]byte { - 0, 0, 0, 0, - 0, 0, 0, 0, - '-', - 0, 0, 0, 0, - '-', - 0, 0, 0, 0, - '-', - 0, 0, 0, 0, - '-', - 0, 0, 0, 0, - 0, 0, 0, 0, - 0, 0, 0, 0, - } - - hex.Encode(dst[ 0:8], uuid.bytes[0:4]) - hex.Encode(dst[ 9:13], uuid.bytes[4:6]) - hex.Encode(dst[14:18], uuid.bytes[6:8]) - hex.Encode(dst[19:23], uuid.bytes[8:10]) - hex.Encode(dst[24:36], uuid.bytes[10:]) - - return string(dst[:]) -} - - - type LogLevel int8 - const ( LevelNone LogLevel = 0 LevelError LogLevel = 1 @@ -121,100 +34,9 @@ const ( LevelDebug LogLevel = 4 ) -var Level LogLevel = LevelInfo - -var EmitMetric bool = true - - -func Debug(message string, type_ string, args ...any) { - if (Level < LevelDebug) { - return - } - - slog.Debug( - message, - append( - []any { - "id", NewUUID().ToString(), - "kind", "log", - "type", type_, - }, - args..., - )..., - ) -} - -func Info(message string, type_ string, args ...any) { - if (Level < LevelInfo) { - return - } - - slog.Info( - message, - append( - []any { - "id", NewUUID().ToString(), - "kind", "log", - "type", type_, - }, - args..., - )..., - ) -} - -func Warning(message string, type_ string, args ...any) { - if (Level < LevelWarning) { - return - } - - slog.Warn( - message, - append( - []any { - "id", NewUUID().ToString(), - "kind", "log", - "type", type_, - }, - args..., - )..., - ) -} - -func Error(message string, type_ string, args ...any) { - if (Level < LevelError) { - return - } - - slog.Error( - message, - append( - []any { - "id", NewUUID().ToString(), - "kind", "log", - "type", type_, - }, - args..., - )..., - ) -} - -func Metric(type_ string, label string, args ...any) { - if (!EmitMetric) { - return - } - - slog.Info( - "_", - append( - []any { - "id", NewUUID().ToString(), - "kind", "metric", - "type", type_, - "label", label, - }, - args..., - )..., - ) +const lengthUUID = 16 +type UUID struct { + bytes [lengthUUID]byte } type Gauge struct { @@ -222,119 +44,44 @@ type Gauge struct { Dec func(...any) } -var zero = big.NewInt(0) -var one = big.NewInt(1) -func MakeGauge(label string, staticArgs ...any) Gauge { - count := big.NewInt(0) - emitGauge := func(dynamicArgs ...any) { - if count.Cmp(zero) == -1 { - Error( - "Gauge went negative", - "process-metric", - append( - []any { "value", count }, - append( - staticArgs, - dynamicArgs..., - )..., - )..., - ) - return // avoid wrong metrics being emitted - } - Metric( - "gauge", label, - // TODO: we'll have slices.Concat on Go 1.22 - append( - []any { "value", count }, - append( - staticArgs, - dynamicArgs..., - )..., - )..., - ) - } - return Gauge { - Inc: func(dynamicArgs ...any) { - count.Add(count, one) - emitGauge(dynamicArgs...) - }, - Dec: func(dynamicArgs ...any) { - count.Sub(count, one) - emitGauge(dynamicArgs...) - }, - } -} - -func MakeCounter(label string) func(...any) { - return func(args ...any) { - Metric( - "counter", label, - append([]any { "value", 1 }, args...)..., - ) - } -} - -func SetLoggerOutput(w io.Writer) { - slog.SetDefault(slog.New(slog.NewJSONHandler(w, &slog.HandlerOptions { - AddSource: true, - })).With( - slog.Group( - "info", - "pid", os.Getpid(), - "ppid", os.Getppid(), - "puuid", NewUUID().ToString(), - ), - )) -} - -func SetTraceback() { - if os.Getenv("GOTRACEBACK") == "" { - debug.SetTraceback("crash") - } -} -func Init() { - SetLoggerOutput(os.Stdout) - SetTraceback() -} -func Fatal(err error) { - Error( - "Fatal error", "fatal-error", - "error", err, - "stack", string(debug.Stack()), - ) - syscall.Kill(os.Getpid(), syscall.SIGABRT) - os.Exit(3) -} +const MaxInt = int((^uint(0)) >> 1) -func FatalIf(err error) { - if err != nil { - Fatal(err) - } -} -func Main() { - fmt.Println(NewUUID().ToString()) -} +// Private variables +// lastV7time is the last time we returned stored as: +// +// 52 bits of time in milliseconds since epoch +// 12 bits of (fractional nanoseconds) >> 8 +var lastV7Time int64 +var timeMu sync.Mutex -/* -Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC -2898 / PKCS #5 v2.0. +// Global variables +var ( + Level LogLevel = LevelInfo + EmitMetric bool = true + Hostname string +) -A key derivation function is useful when encrypting data based on a password -or any other not-fully-random data. It uses a pseudorandom function to derive -a secure encryption key based on the password. -While v2.0 of the standard defines only one pseudorandom function to use, -HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved -Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To -choose, you can pass the `New` functions from the different SHA packages to -pbkdf2.Key. -*/ +// Package pbkdf2 implements the key derivation function PBKDF2 as defined in +// RFC 2898 / PKCS #5 v2.0. +// +// A key derivation function is useful when encrypting data based on a password +// or any other not-fully-random data. It uses a pseudorandom function to derive +// a secure encryption key based on the password. +// +// While v2.0 of the standard defines only one pseudorandom function to use, +// HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS +// Approved Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for +// HMAC. To choose, you can pass the `New` functions from the different SHA +// packages to pbkdf2.Key. +// +// // Key derives a key from the password, salt and iteration count, returning a // []byte of length keylen that can be used as cryptographic key. The key is // derived based on the method described as PBKDF2 with the HMAC variant using @@ -351,7 +98,13 @@ pbkdf2.Key. // // Using a higher iteration count will increase the cost of an exhaustive // search but will also make derivation proportionally slower. -func PBKDF2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { +func PBKDF2Key( + password []byte, + salt []byte, + iter int, + keyLen int, + h func() hash.Hash, +) []byte { prf := hmac.New(h, password) hashLen := prf.Size() numBlocks := (keyLen + hashLen - 1) / hashLen @@ -371,10 +124,10 @@ func PBKDF2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []by buf[3] = byte(block) prf.Write(buf[:4]) dk = prf.Sum(dk) - T := dk[len(dk)-hashLen:] + T := dk[len(dk) - hashLen:] copy(U, T) - // U_n = PRF(password, U_(n-1)) + // U_n = PRF(password, U_(n - 1)) for n := 2; n <= iter; n++ { prf.Reset() prf.Write(U) @@ -388,19 +141,13 @@ func PBKDF2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []by return dk[:keyLen] } -// Package scrypt implements the scrypt key derivation function as defined in -// Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard -// Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf). - -const maxInt = int(^uint(0) >> 1) - // blockCopy copies n numbers from src into dst. -func blockCopy(dst, src []uint32, n int) { +func blockCopy(dst []uint32, src []uint32, n int) { copy(dst, src[:n]) } // blockXOR XORs numbers from dst with n numbers from src. -func blockXOR(dst, src []uint32, n int) { +func blockXOR(dst []uint32, src []uint32, n int) { for i, v := range src[:n] { dst[i] ^= v } @@ -408,7 +155,7 @@ func blockXOR(dst, src []uint32, n int) { // salsaXOR applies Salsa20/8 to the XOR of 16 numbers from tmp and in, // and puts the result into both tmp and out. -func salsaXOR(tmp *[16]uint32, in, out []uint32) { +func salsaXOR(tmp *[16]uint32, in []uint32, out []uint32) { w0 := tmp[0] ^ in[0] w1 := tmp[1] ^ in[1] w2 := tmp[2] ^ in[2] @@ -520,20 +267,20 @@ func salsaXOR(tmp *[16]uint32, in, out []uint32) { out[15], tmp[15] = x15, x15 } -func blockMix(tmp *[16]uint32, in, out []uint32, r int) { - blockCopy(tmp[:], in[(2*r-1)*16:], 16) - for i := 0; i < 2*r; i += 2 { - salsaXOR(tmp, in[i*16:], out[i*8:]) - salsaXOR(tmp, in[i*16+16:], out[i*8+r*16:]) +func blockMix(tmp *[16]uint32, in []uint32, out []uint32, r int) { + blockCopy(tmp[:], in[(2 * r - 1) * 16:], 16) + for i := 0; i < 2 * r; i += 2 { + salsaXOR(tmp, in[i * 16:], out[i * 8:]) + salsaXOR(tmp, in[i * 16 + 16:], out[i * 8 + r * 16:]) } } func integer(b []uint32, r int) uint64 { - j := (2*r - 1) * 16 - return uint64(b[j]) | uint64(b[j+1])<<32 + j := (2 * r - 1) * 16 + return uint64(b[j]) | (uint64(b[j + 1]) << 32) } -func smix(b []byte, r, N int, v, xy []uint32) { +func smix(b []byte, r int, N int, v []uint32, xy []uint32) { var tmp [16]uint32 R := 32 * r x := xy @@ -545,19 +292,19 @@ func smix(b []byte, r, N int, v, xy []uint32) { j += 4 } for i := 0; i < N; i += 2 { - blockCopy(v[i*R:], x, R) + blockCopy(v[i * R:], x, R) blockMix(&tmp, x, y, r) - blockCopy(v[(i+1)*R:], y, R) + blockCopy(v[(i + 1) * R:], y, R) blockMix(&tmp, y, x, r) } for i := 0; i < N; i += 2 { - j := int(integer(x, r) & uint64(N-1)) - blockXOR(x, v[j*R:], R) + j := int(integer(x, r) & uint64(N - 1)) + blockXOR(x, v[j * R:], R) blockMix(&tmp, x, y, r) - j = int(integer(y, r) & uint64(N-1)) - blockXOR(y, v[j*R:], R) + j = int(integer(y, r) & uint64(N - 1)) + blockXOR(y, v[j * R:], R) blockMix(&tmp, y, x, r) } j = 0 @@ -567,10 +314,15 @@ func smix(b []byte, r, N int, v, xy []uint32) { } } +// Package scrypt implements the scrypt key derivation function as defined in +// Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard +// Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf). +// +// // Key derives a key from the password, salt, and cost parameters, returning // a byte slice of length keyLen that can be used as cryptographic key. // -// N is a CPU/memory cost parameter, which must be a power of two greater than 1. +// N is a CPU/memory cost parameter, which must be a power of 2 greater than 1. // r and p must satisfy r * p < 2³⁰. If the parameters do not satisfy the // limits, the function returns a nil byte slice and an error. // @@ -583,21 +335,371 @@ func smix(b []byte, r, N int, v, xy []uint32) { // and p=1. The parameters N, r, and p should be increased as memory latency and // CPU parallelism increases; consider setting N to the highest power of 2 you // can derive within 100 milliseconds. Remember to get a good random salt. -func Scrypt(password, salt []byte, N, r, p, keyLen int) ([]byte, error) { - if N <= 1 || N&(N-1) != 0 { +func Scrypt( + password []byte, + salt []byte, + N int, + r int, + p int, + keyLen int, +) ([]byte, error) { + if N <= 1 || N & (N - 1) != 0 { return nil, errors.New("scrypt: N must be > 1 and a power of 2") } - if uint64(r)*uint64(p) >= 1<<30 || r > maxInt/128/p || r > maxInt/256 || N > maxInt/128/r { + if ((uint64(r) * uint64(p)) >= (1 << 30)) || + r > MaxInt / 128 / p || + r > MaxInt / 256 || + N > MaxInt / 128 / r { return nil, errors.New("scrypt: parameters are too large") } - xy := make([]uint32, 64*r) - v := make([]uint32, 32*N*r) - b := PBKDF2Key(password, salt, 1, p*128*r, sha256.New) + xy := make([]uint32, 64 * r) + v := make([]uint32, 32 * N * r) + b := PBKDF2Key(password, salt, 1, p * 128 * r, sha256.New) for i := 0; i < p; i++ { - smix(b[i*128*r:], r, N, v, xy) + smix(b[i * 128 * r:], r, N, v, xy) } return PBKDF2Key(password, b, 1, keyLen, sha256.New), nil } + +// FIXME: finish rewriting +// +// getV7Time returns the time in milliseconds and nanoseconds / 256. +// The returned (milli << (12 + seq)) is guaranteed to be greater than +// (milli << (12 + seq)) returned by any previous call to getV7Time. +// `seq` Sequence number is between 0 and 3906 (nanoPerMilli >> 8) +func getV7Time(nano int64) (int64, int64) { + const nanoPerMilli = 1000 * 1000 + + milli := nano / nanoPerMilli + seq := (nano - (milli * nanoPerMilli)) >> 8 + now := milli << (12 + seq) + + timeMu.Lock() + defer timeMu.Unlock() + if now <= lastV7Time { + now = lastV7Time + 1 + milli = now >> 12 + seq = now & 0xfff + } + lastV7Time = now + return milli, seq +} + +func NewUUID() UUID { + var buf [lengthUUID]byte + _, err := io.ReadFull(rand.Reader, buf[7:]) + if err != nil { + panic(err) + } + + buf[6] = (buf[6] & 0x0f) | 0x40 // Version 4 + buf[8] = (buf[8] & 0x3f) | 0x80 // Variant is 10 + + t, s := getV7Time(time.Now().UnixNano()) + + buf[0] = byte(t >> 40) + buf[1] = byte(t >> 32) + buf[2] = byte(t >> 24) + buf[3] = byte(t >> 16) + buf[4] = byte(t >> 8) + buf[5] = byte(t >> 0) + + buf[6] = 0x70 | (0x0f & byte(s >> 8)) + buf[7] = byte(s) + return UUID { bytes: buf } +} + +func (uuid UUID) ToString() string { + const dashCount = 4 + const encodedLength = (lengthUUID * 2) + dashCount + dst := [encodedLength]byte { + 0, 0, 0, 0, + 0, 0, 0, 0, + '-', + 0, 0, 0, 0, + '-', + 0, 0, 0, 0, + '-', + 0, 0, 0, 0, + '-', + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0, + } + + hex.Encode(dst[ 0:8], uuid.bytes[0:4]) + hex.Encode(dst[ 9:13], uuid.bytes[4:6]) + hex.Encode(dst[14:18], uuid.bytes[6:8]) + hex.Encode(dst[19:23], uuid.bytes[8:10]) + hex.Encode(dst[24:36], uuid.bytes[10:]) + + return string(dst[:]) +} + +func Debug(message string, type_ string, args ...any) { + if Level < LevelDebug { + return + } + + slog.Debug( + message, + append( + []any { + "id", NewUUID().ToString(), + "kind", "log", + "type", type_, + }, + args..., + )..., + ) +} + +func Info(message string, type_ string, args ...any) { + if Level < LevelInfo { + return + } + + slog.Info( + message, + append( + []any { + "id", NewUUID().ToString(), + "kind", "log", + "type", type_, + }, + args..., + )..., + ) +} + +func Warning(message string, type_ string, args ...any) { + if Level < LevelWarning { + return + } + + slog.Warn( + message, + append( + []any { + "id", NewUUID().ToString(), + "kind", "log", + "type", type_, + }, + args..., + )..., + ) +} + +func Error(message string, type_ string, args ...any) { + if Level < LevelError { + return + } + + slog.Error( + message, + append( + []any { + "id", NewUUID().ToString(), + "kind", "log", + "type", type_, + }, + args..., + )..., + ) +} + +func Metric(type_ string, label string, args ...any) { + if !EmitMetric { + return + } + + slog.Info( + "_", + append( + []any { + "id", NewUUID().ToString(), + "kind", "metric", + "type", type_, + "label", label, + }, + args..., + )..., + ) +} + +func MakeGauge(label string, staticArgs ...any) Gauge { + var zero = big.NewInt(0) + var one = big.NewInt(1) + count := big.NewInt(0) + emitGauge := func(dynamicArgs ...any) { + if count.Cmp(zero) == -1 { + Error( + "Gauge went negative", + "process-metric", + append( + []any { "value", count }, + append( + staticArgs, + dynamicArgs..., + )..., + )..., + ) + return // avoid wrong metrics being emitted + } + Metric( + "gauge", label, + // TODO: we'll have slices.Concat on Go 1.22 + append( + []any { "value", count }, + append( + staticArgs, + dynamicArgs..., + )..., + )..., + ) + } + return Gauge { + Inc: func(dynamicArgs ...any) { + count.Add(count, one) + emitGauge(dynamicArgs...) + }, + Dec: func(dynamicArgs ...any) { + count.Sub(count, one) + emitGauge(dynamicArgs...) + }, + } +} + +func MakeCounter(label string) func(...any) { + return func(args ...any) { + Metric( + "counter", label, + append([]any { "value", 1 }, args...)..., + ) + } +} + +func ErrorIf(t *testing.T, err error) { + if err != nil { + t.Errorf("Unexpected error: %#v\n", err) + } +} + +func ErrorNil(t *testing.T, err error) { + if err == nil { + t.Errorf("Expected error, got nil\n") + } +} + +func AssertEqual(t *testing.T, given any, expected any) { + if !reflect.DeepEqual(given, expected) { + t.Errorf("given != expected\n") + t.Errorf("given: %#v\n", given) + t.Errorf("expected: %#v\n", expected) + } +} + +func AssertEqualI(t *testing.T, i int, given any, expected any) { + if !reflect.DeepEqual(given, expected) { + t.Errorf("given != expected (i = %d)\n", i) + t.Errorf("given: %#v\n", given) + t.Errorf("expected: %#v\n", expected) + } +} + +func SetLoggerOutput(w io.Writer) { + slog.SetDefault(slog.New(slog.NewJSONHandler(w, &slog.HandlerOptions { + AddSource: true, + })).With( + slog.Group( + "info", + "pid", os.Getpid(), + "ppid", os.Getppid(), + "puuid", NewUUID().ToString(), + ), + )) +} + +func LevelFromString(name string) (bool, LogLevel) { + level := strings.ToUpper(name) + + if level == "NONE" { + return true, LevelNone + } + + if level == "ERROR" { + return true, LevelError + } + + if level == "WARNING" { + return true, LevelWarning + } + + if level == "INFO" { + return true, LevelInfo + } + + if level == "DEBUG" { + return true, LevelDebug + } + + return false, Level +} + +func SetLogLevel() { + ok, level := LevelFromString(os.Getenv("LOG_LEVEL")) + + if ok { + Level = level + } +} + +func SetMetric() { + if os.Getenv("NO_METRIC") != "" { + EmitMetric = false + } +} + +func SetTraceback() { + if os.Getenv("GOTRACEBACK") == "" { + debug.SetTraceback("crash") + } +} + +func Fatal(err error) { + Error( + "Fatal error", "fatal-error", + "error", err, + "stack", string(debug.Stack()), + ) + syscall.Kill(os.Getpid(), syscall.SIGABRT) + os.Exit(3) +} + +func FatalIf(err error) { + if err != nil { + Fatal(err) + } +} + +func SetHostname() { + var err error + Hostname, err = os.Hostname() + FatalIf(err) +} + +func Init() { + SetLoggerOutput(os.Stdout) + SetLogLevel() + SetMetric() + SetTraceback() + SetHostname() +} + + +func Main() { + fmt.Println(NewUUID().ToString()) +} |