1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
//
// nghttp2 - HTTP/2 C Library
//
// Copyright (c) 2015 Tatsuhiro Tsujikawa
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
package main
import (
"bytes"
"crypto/rand"
"encoding/binary"
"flag"
"fmt"
"log"
"time"
"github.com/bradfitz/gomemcache/memcache"
)
func makeKey(len int) []byte {
b := make([]byte, len)
if _, err := rand.Read(b); err != nil {
log.Fatalf("rand.Read: %v", err)
}
return b
}
func main() {
var host = flag.String("host", "127.0.0.1", "memcached host")
var port = flag.Int("port", 11211, "memcached port")
var cipher = flag.String("cipher", "aes-128-cbc", "cipher for TLS ticket encryption")
var interval = flag.Int("interval", 3600, "interval to update TLS ticket keys")
flag.Parse()
var keylen int
switch *cipher {
case "aes-128-cbc":
keylen = 48
case "aes-256-cbc":
keylen = 80
default:
log.Fatalf("cipher: unknown cipher %v", cipher)
}
mc := memcache.New(fmt.Sprintf("%v:%v", *host, *port))
keys := [][]byte{
makeKey(keylen), // current encryption key
makeKey(keylen), // next encryption key; now decryption only
}
for {
buf := new(bytes.Buffer)
if err := binary.Write(buf, binary.BigEndian, uint32(1)); err != nil {
log.Fatalf("failed to write version: %v", err)
}
for _, key := range keys {
if err := binary.Write(buf, binary.BigEndian, uint16(keylen)); err != nil {
log.Fatalf("failed to write length: %v", err)
}
if _, err := buf.Write(key); err != nil {
log.Fatalf("buf.Write: %v", err)
}
}
mc.Set(&memcache.Item{
Key: "nghttpx:tls-ticket-key",
Value: buf.Bytes(),
Expiration: int32((*interval) + 300),
})
<-time.After(time.Duration(*interval) * time.Second)
// rotate keys. the last key is now encryption key.
// generate new key and append it to the last, so that
// we can at least decrypt TLS ticket encrypted by new
// key on the host which does not get new key yet.
// keep at most past 11 keys as decryption only key
n := len(keys) + 1
if n > 13 {
n = 13
}
newKeys := make([][]byte, n)
newKeys[0] = keys[len(keys)-1]
copy(newKeys[1:], keys[0:n-2])
newKeys[n-1] = makeKey(keylen)
keys = newKeys
}
}
|