jarno
/
hydroxide-push
1
0
Fork 0
Code Issues Pull Requests Wiki Activity

auth: add more context to errors

This commit is contained in:
Simon Ser 2022-09-10 21:49:33 +02:00
parent 4c32801c34
commit 0bbe26f26a
1 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
auth/auth.go
View File

@ -32,39 +32,49 @@ type CachedAuth struct {
func readCachedAuths() (map[string]string, error) { func readCachedAuths() (map[string]string, error) {
p, err := authFilePath() p, err := authFilePath()
if err != nil { if err != nil {
return nil, err return nil, fmt.Errorf("failed to get auth file path: %v", err)
} }
f, err := os.Open(p) f, err := os.Open(p)
if os.IsNotExist(err) { if os.IsNotExist(err) {
return nil, nil return nil, nil
} else if err != nil { } else if err != nil {
return nil, err return nil, fmt.Errorf("failed to open cached auth file: %v", err)
} }
defer f.Close() defer f.Close()
auths := make(map[string]string) auths := make(map[string]string)
err = json.NewDecoder(f).Decode(&auths) if err := json.NewDecoder(f).Decode(&auths); err != nil {
return auths, err return nil, fmt.Errorf("failed to read cached auth file: %v", err)
}
return auths, nil
} }
func saveAuths(auths map[string]string) error { func saveAuths(auths map[string]string) error {
p, err := authFilePath() p, err := authFilePath()
if err != nil { if err != nil {
return err return fmt.Errorf("failed to get auth file path: %v", err)
} }
f, err := os.Create(p) f, err := os.Create(p)
if err != nil { if err != nil {
return err return fmt.Errorf("failed to create cached auth file: %v", err)
} }
defer f.Close() defer f.Close()
return json.NewEncoder(f).Encode(auths) if err := json.NewEncoder(f).Encode(auths); err != nil {
return fmt.Errorf("failed to write cached auth file: %v", err)
}
if err := f.Close(); err != nil {
return fmt.Errorf("failed to close cached auth file: %v", err)
}
return nil
} }
func encrypt(msg []byte, secretKey *[32]byte) (string, error) { func encrypt(msg []byte, secretKey *[32]byte) (string, error) {
var nonce [24]byte var nonce [24]byte
if _, err := io.ReadFull(rand.Reader, nonce[:]); err != nil { if _, err := io.ReadFull(rand.Reader, nonce[:]); err != nil {
return "", err return "", fmt.Errorf("failed to generate nonce: %v", err)
} }
encrypted := secretbox.Seal(nonce[:], msg, &nonce, secretKey) encrypted := secretbox.Seal(nonce[:], msg, &nonce, secretKey)
@ -74,7 +84,7 @@ func encrypt(msg []byte, secretKey *[32]byte) (string, error) {
func decrypt(encryptedString string, secretKey *[32]byte) ([]byte, error) { func decrypt(encryptedString string, secretKey *[32]byte) ([]byte, error) {
encrypted, err := base64.StdEncoding.DecodeString(encryptedString) encrypted, err := base64.StdEncoding.DecodeString(encryptedString)
if err != nil { if err != nil {
return nil, err return nil, fmt.Errorf("invalid encrypted string: %v", err)
} }
var nonce [24]byte var nonce [24]byte
@ -89,7 +99,7 @@ func decrypt(encryptedString string, secretKey *[32]byte) ([]byte, error) {
func EncryptAndSave(auth *CachedAuth, username string, secretKey *[32]byte) error { func EncryptAndSave(auth *CachedAuth, username string, secretKey *[32]byte) error {
cleartext, err := json.Marshal(auth) cleartext, err := json.Marshal(auth)
if err != nil { if err != nil {
return err return fmt.Errorf("failed to format cached auth: %v", err)
} }
encrypted, err := encrypt(cleartext, secretKey) encrypted, err := encrypt(cleartext, secretKey)
@ -151,11 +161,10 @@ func ListUsernames() ([]string, error) {
func GeneratePassword() (secretKey *[32]byte, password string, err error) { func GeneratePassword() (secretKey *[32]byte, password string, err error) {
var key [32]byte var key [32]byte
if _, err = io.ReadFull(rand.Reader, key[:]); err != nil { if _, err = io.ReadFull(rand.Reader, key[:]); err != nil {
return return nil, "", fmt.Errorf("failed to generate key: %v", err)
} }
secretKey = &key
password = base64.StdEncoding.EncodeToString(key[:]) password = base64.StdEncoding.EncodeToString(key[:])
return return &key, password, nil
} }
type session struct { type session struct {