mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-10 18:13:41 +00:00
71029cea2d
This updates all source files to use a new standard header for copyright and license declaration. Notably, copyright no longer includes a date, and we now use the standard SPDX-License-Identifier header. This commit was done almost entirely mechanically with perl, and then some minimal manual fixes. Updates #6865 Signed-off-by: Will Norris <will@tailscale.com>
43 lines
1.2 KiB
Go
43 lines
1.2 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
package controlclient
|
|
|
|
import (
|
|
"crypto"
|
|
"errors"
|
|
"fmt"
|
|
"time"
|
|
|
|
"tailscale.com/tailcfg"
|
|
"tailscale.com/types/key"
|
|
)
|
|
|
|
var (
|
|
errNoCertStore = errors.New("no certificate store")
|
|
errCertificateNotConfigured = errors.New("no certificate subject configured")
|
|
errUnsupportedSignatureVersion = errors.New("unsupported signature version")
|
|
)
|
|
|
|
// HashRegisterRequest generates the hash required sign or verify a
|
|
// tailcfg.RegisterRequest.
|
|
func HashRegisterRequest(
|
|
version tailcfg.SignatureType, ts time.Time, serverURL string, deviceCert []byte,
|
|
serverPubKey, machinePubKey key.MachinePublic) ([]byte, error) {
|
|
h := crypto.SHA256.New()
|
|
|
|
// hash.Hash.Write never returns an error, so we don't check for one here.
|
|
switch version {
|
|
case tailcfg.SignatureV1:
|
|
fmt.Fprintf(h, "%s%s%s%s%s",
|
|
ts.UTC().Format(time.RFC3339), serverURL, deviceCert, serverPubKey.ShortString(), machinePubKey.ShortString())
|
|
case tailcfg.SignatureV2:
|
|
fmt.Fprintf(h, "%s%s%s%s%s",
|
|
ts.UTC().Format(time.RFC3339), serverURL, deviceCert, serverPubKey, machinePubKey)
|
|
default:
|
|
return nil, errUnsupportedSignatureVersion
|
|
}
|
|
|
|
return h.Sum(nil), nil
|
|
}
|