go-gemini/tofu.go
2020-09-25 18:53:20 -04:00

71 lines
1.5 KiB
Go

package gemini
import (
"bufio"
"bytes"
"crypto/sha512"
"crypto/x509"
"errors"
"fmt"
"io"
"strconv"
"strings"
)
var (
ErrInvalidKnownHosts = errors.New("gemini: invalid known hosts")
)
// KnownHost represents a known host.
type KnownHost struct {
Hostname string // e.g. gemini.circumlunar.space
Algorithm string // fingerprint algorithm
Fingerprint string // fingerprint in hexadecimal, with ':' between each octet
NotAfter int64 // unix time of certificate notAfter date
}
// ParseKnownHosts parses and returns a list of known hosts from the provided io.Reader.
func ParseKnownHosts(r io.Reader) ([]KnownHost, error) {
hosts := []KnownHost{}
scanner := bufio.NewScanner(r)
for scanner.Scan() {
text := scanner.Text()
parts := strings.Split(text, " ")
if len(parts) < 4 {
return nil, ErrInvalidKnownHosts
}
hostname := parts[0]
algorithm := parts[1]
fingerprint := parts[2]
notAfter, err := strconv.ParseInt(parts[3], 10, 0)
if err != nil {
return nil, ErrInvalidKnownHosts
}
hosts = append(hosts, KnownHost{
Hostname: hostname,
Algorithm: algorithm,
Fingerprint: fingerprint,
NotAfter: notAfter,
})
}
return hosts, nil
}
// Fingerprint returns the SHA-512 fingerprint of the provided certificate.
func Fingerprint(cert *x509.Certificate) string {
sum512 := sha512.Sum512(cert.Raw)
var buf bytes.Buffer
for i, f := range sum512 {
if i > 0 {
fmt.Fprintf(&buf, ":")
}
fmt.Fprintf(&buf, "%02X", f)
}
return buf.String()
}