alrm/api/command.go

81 lines
1.4 KiB
Go

package api
import (
"crypto/hmac"
"crypto/sha256"
"encoding/json"
"fmt"
"time"
)
type Command struct {
Expires time.Time `json:"exp"`
Command string `json:"cmd"`
Scheme string `json:"sch"`
Signature []byte `json:"sig,omitempty"`
}
func NewCommand(cm string) *Command {
return &Command{
Expires: time.Now().Add(time.Second * 5),
Command: cm,
Scheme: "hmac-sha256",
}
}
func ParseCommand(jsn []byte) (*Command, error) {
cmd := &Command{}
err := json.Unmarshal(jsn, cmd)
if err != nil {
return nil, err
}
return cmd, nil
}
func (c *Command) JSON() ([]byte, error) {
return json.Marshal(c)
}
func (c *Command) Sign(key []byte) error {
switch c.Scheme {
case "hmac-sha256":
j, err := c.JSON()
if err != nil {
return fmt.Errorf("json encoding error")
}
mac := hmac.New(sha256.New, key)
mac.Write(j)
c.Signature = mac.Sum(nil)
case "":
return fmt.Errorf("scheme may not be empty")
default:
return fmt.Errorf("unsupported scheme: %s", c.Scheme)
}
return nil
}
func (c *Command) Validate(key []byte) error {
cpy := &Command{
Expires: c.Expires,
Command: c.Command,
Scheme: c.Scheme,
}
err := cpy.Sign(key)
if err != nil {
return err
}
if !hmac.Equal(cpy.Signature, c.Signature) {
return fmt.Errorf("invalid signature")
}
if time.Now().After(c.Expires) {
return fmt.Errorf("command expired")
}
return nil
}