mirror of
https://github.com/AlexxIT/go2rtc.git
synced 2025-09-26 20:31:11 +08:00
73 lines
1.3 KiB
Go
73 lines
1.3 KiB
Go
package webtorrent
|
|
|
|
import (
|
|
"crypto/aes"
|
|
"crypto/cipher"
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"strconv"
|
|
"time"
|
|
)
|
|
|
|
type Cipher struct {
|
|
gcm cipher.AEAD
|
|
iv []byte
|
|
nonce []byte
|
|
}
|
|
|
|
func NewCipher(share, pwd, nonce string) (*Cipher, error) {
|
|
timestamp, err := strconv.ParseInt(nonce, 36, 64)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
delta := time.Duration(time.Now().UnixNano() - timestamp)
|
|
if delta < 0 {
|
|
delta = -delta
|
|
}
|
|
|
|
// protect from replay attack, but respect wrong timezone on server
|
|
if delta > 12*time.Hour {
|
|
return nil, fmt.Errorf("wrong timedelta %s", delta)
|
|
}
|
|
|
|
c := &Cipher{}
|
|
|
|
hash := sha256.New()
|
|
hash.Write([]byte(nonce + ":" + pwd))
|
|
key := hash.Sum(nil)
|
|
|
|
hash.Reset()
|
|
hash.Write([]byte(share + ":" + nonce))
|
|
c.iv = hash.Sum(nil)[:12]
|
|
|
|
block, err := aes.NewCipher(key)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
c.gcm, err = cipher.NewGCM(block)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
c.nonce = []byte(nonce)
|
|
|
|
return c, nil
|
|
}
|
|
|
|
func (c *Cipher) Decrypt(ciphertext []byte) ([]byte, error) {
|
|
return c.gcm.Open(nil, c.iv, ciphertext, c.nonce)
|
|
}
|
|
|
|
func (c *Cipher) Encrypt(plaintext []byte) []byte {
|
|
return c.gcm.Seal(nil, c.iv, plaintext, c.nonce)
|
|
}
|
|
|
|
func InfoHash(share string) string {
|
|
hash := sha256.New()
|
|
hash.Write([]byte(share))
|
|
sum := hash.Sum(nil)
|
|
return base64.StdEncoding.EncodeToString(sum)
|
|
}
|