Archives
/
encrypted-dns-server
mirror of https://github.com/jedisct1/encrypted-dns-server
2
0
Fork 0
Code Issues Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/cargo/anyhow-1.0.86
dependabot/cargo/sieve-cache-0.2.0
dependabot/cargo/serde-1.0.202
dependabot/cargo/toml-0.8.13
dependabot/cargo/libsodium-sys-stable-1.20.7
master
sieve-cache
slab
tracing-locks
cart
packet-size
solofilter
ttl
0.9.15
0.9.14
0.9.13
0.9.12
0.9.11
0.9.10
0.9.9
0.9.8
0.9.7
0.9.6
0.9.5
0.9.4
0.9.3
0.9.2
0.9.1
0.9.0
0.3.23
0.3.22
0.3.21
0.3.20
0.3.17
0.3.14
0.3.12
0.3.11
0.3.10
0.3.8
0.3.7
0.3.6
0.3.5
0.3.3
0.3.2
0.3.1
0.3.0
0.2.10
0.2.9
0.2.8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8689469722'
${ noResults }
encrypted-dns-server/src/dnscrypt_certs.rs

78 lines
2.1 KiB
Rust
Raw Blame History

use crate::crypto::*;
use byteorder::{BigEndian, ByteOrder};
use std::mem;
use std::slice;
use std::time::SystemTime;
fn now() -> u32 {
SystemTime::now()
.duration_since(SystemTime::UNIX_EPOCH)
.unwrap()
.as_secs() as u32
}
#[derive(Debug, Default)]
#[repr(C, packed)]
pub struct DNSCryptCertInner {
resolver_pk: [u8; 32],
client_magic: [u8; 8],
serial: [u8; 4],
ts_start: [u8; 4],
ts_end: [u8; 4],
}
impl DNSCryptCertInner {
pub fn as_bytes(&self) -> &[u8] {
unsafe { slice::from_raw_parts(self as *const _ as *const u8, mem::size_of_val(self)) }
}
}
#[derive(Derivative)]
#[derivative(Debug, Default)]
#[repr(C, packed)]
pub struct DNSCryptCert {
cert_magic: [u8; 4],
es_version: [u8; 2],
minor_version: [u8; 2],
#[derivative(Debug = "ignore", Default(value = "[0u8; 64]"))]
signature: [u8; 64],
inner: DNSCryptCertInner,
}
impl DNSCryptCert {
pub fn new(resolver_kp: &SignKeyPair) -> Self {
let ts_start = now();
let ts_end = ts_start + 86400;
let mut dnscrypt_cert = DNSCryptCert::default();
let dnscrypt_cert_inner = &mut dnscrypt_cert.inner;
dnscrypt_cert_inner
.resolver_pk
.copy_from_slice(resolver_kp.pk.as_bytes());
dnscrypt_cert_inner
.client_magic
.copy_from_slice(&dnscrypt_cert_inner.resolver_pk[..8]);
BigEndian::write_u32(&mut dnscrypt_cert_inner.serial, 1);
BigEndian::write_u32(&mut dnscrypt_cert_inner.ts_start, ts_start);
BigEndian::write_u32(&mut dnscrypt_cert_inner.ts_end, ts_end);
BigEndian::write_u32(&mut dnscrypt_cert.cert_magic, 0x44_4e_53_43);
BigEndian::write_u16(&mut dnscrypt_cert.es_version, 2);
BigEndian::write_u16(&mut dnscrypt_cert.minor_version, 0);
dnscrypt_cert.signature.copy_from_slice(
resolver_kp
.sk
.sign(dnscrypt_cert_inner.as_bytes())
.as_bytes(),
);
dnscrypt_cert
}
pub fn as_bytes(&self) -> &[u8] {
unsafe { slice::from_raw_parts(self as *const _ as *const u8, mem::size_of_val(self)) }
}
}
Reference in New Issue View Git Blame Copy Permalink