custom tai64dec

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-12-11 12:04:03 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-12-11 12:04:03 +0100
commit: c5041c5894f559b42e2ae26c09ad793a925168fc (patch)
tree: efd5e1ed3fb4b64e945fd3637c5e0833b1d986e3
parent: 5c48b7e2f3dc8c2afe49cb6e8eeeca0def4d6f59 (diff)
download: nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar
nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.gz
nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.bz2
nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.xz
nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.zip
4 files changed, 76 insertions, 1 deletions
diff --git a/system-profiles/openssh/known-hosts/ca-sign.gup b/system-profiles/openssh/known-hosts/ca-sign.gup
index f9aa3793..527a9763 100644
--- a/system-profiles/openssh/known-hosts/ca-sign.gup
+++ b/system-profiles/openssh/known-hosts/ca-sign.gup
@@ -8,4 +8,5 @@ principalsFile=${keyFile:h}/host-principals
 gup -u ${keyFile} ${principalsFile}
 gup -u expiration
-ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile}
-\ No newline at end of file
+ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec --no-ns) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile}
+sleep 1
diff --git a/tools/tai64dec/default.nix b/tools/tai64dec/default.nix
new file mode 100644
index 00000000..380c22bf
--- /dev/null
+++ b/tools/tai64dec/default.nix
@@ -0,0 +1,18 @@
+{ system, self, mach-nix, leapseconds, ... }:
+let
+  pkgs = self.legacyPackages.${system};
+in mach-nix.lib.${system}.buildPythonPackage {
+  pname = "tai64dec";
+  src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^tai64dec(/[^/]+.*)?$"];
+  version = "0.0.0";
+  ignoreDataOutdated = true;
+  requirements = ''
+    leapseconddata
+  '';
+  postInstall = ''
+    wrapProgram $out/bin/tai64dec \
+      --set-default LEAPSECONDS_FILE ${leapseconds}
+  '';
+}
diff --git a/tools/tai64dec/setup.py b/tools/tai64dec/setup.py
new file mode 100644
index 00000000..d936796b
--- /dev/null
+++ b/tools/tai64dec/setup.py
@@ -0,0 +1,10 @@
+from setuptools import setup
+setup(name='tai64dec',
+      packages=['tai64dec'],
+      entry_points={
+          'console_scripts': [
+              'tai64dec=tai64dec.__main__:main'
+          ],
+      },
+)
diff --git a/tools/tai64dec/tai64dec/__main__.py b/tools/tai64dec/tai64dec/__main__.py
new file mode 100644
index 00000000..a8854523
--- /dev/null
+++ b/tools/tai64dec/tai64dec/__main__.py
@@ -0,0 +1,46 @@
+import sys, os
+import argparse
+from leapseconddata import LeapSecondData
+from math import ldexp
+from pathlib import Path
+from datetime import datetime, timezone
+import secrets
+class BooleanAction(argparse.Action):
+    def __init__(self, option_strings, dest, nargs=None, **kwargs):
+        super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs)
+    def __call__(self, parser, namespace, values, option_string=None):
+        setattr(namespace, self.dest, False if option_string.startswith('--no') else True)
+def main():
+    parser = argparse.ArgumentParser(prog='tai64dec', formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+    parser.add_argument('--random', '--no-random', action=BooleanAction, default=False)
+    parser.add_argument('--ns', '--no-ns', action=BooleanAction, default=True)
+    args = parser.parse_args()
+    leapsecond_data = LeapSecondData.from_file(Path(os.getenv('LEAPSECONDS_FILE')))
+    now = datetime.now(tz=timezone.utc)
+    tai_dt = leapsecond_data.to_tai(now)
+    seconds = int(tai_dt.timestamp())
+    seconds += int(ldexp(1, 62))
+    out = seconds
+    if args.ns:
+        nanoseconds = int((tai_dt.timestamp() - seconds) / 1e-9)
+        out = out << 32 | nanoseconds
+    if args.random:
+        out = out << 24 | int.from_bytes(secrets.token_bytes(3), byteorder='little', signed=False)
+    print('{:d}'.format(out), file=sys.stdout)
+if __name__ == '__main__':
+    sys.exit(main())
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-12-11 12:04:03 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-12-11 12:04:03 +0100
commit	c5041c5894f559b42e2ae26c09ad793a925168fc (patch)
tree	efd5e1ed3fb4b64e945fd3637c5e0833b1d986e3
parent	5c48b7e2f3dc8c2afe49cb6e8eeeca0def4d6f59 (diff)
download	nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.gz nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.bz2 nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.tar.xz nixos-c5041c5894f559b42e2ae26c09ad793a925168fc.zip

diff --git a/system-profiles/openssh/known-hosts/ca-sign.gup b/system-profiles/openssh/known-hosts/ca-sign.gup index f9aa3793..527a9763 100644 --- a/system-profiles/openssh/known-hosts/ca-sign.gup +++ b/system-profiles/openssh/known-hosts/ca-sign.gup
@@ -8,4 +8,5 @@ principalsFile=${keyFile:h}/host-principals
8	gup -u ${keyFile} ${principalsFile}	8	gup -u ${keyFile} ${principalsFile}
9	gup -u expiration	9	gup -u expiration
10		10
11	ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile} \ No newline at end of file	11	ssh-keygen -h -Us ../ca/ca.pub -I $(uuidgen) -z $(tai64dec --no-ns) -V "-1d:$(cat expiration)" -n $(cat ${principalsFile}) -f $1 ${keyFile}
		12	sleep 1


diff --git a/tools/tai64dec/default.nix b/tools/tai64dec/default.nix new file mode 100644 index 00000000..380c22bf --- /dev/null +++ b/tools/tai64dec/default.nix
@@ -0,0 +1,18 @@
		1	{ system, self, mach-nix, leapseconds, ... }:
		2	let
		3	pkgs = self.legacyPackages.${system};
		4	in mach-nix.lib.${system}.buildPythonPackage {
		5	pname = "tai64dec";
		6	src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^tai64dec(/[^/]+.*)?$"];
		7	version = "0.0.0";
		8	ignoreDataOutdated = true;
		9
		10	requirements = ''
		11	leapseconddata
		12	'';
		13
		14	postInstall = ''
		15	wrapProgram $out/bin/tai64dec \
		16	--set-default LEAPSECONDS_FILE ${leapseconds}
		17	'';
		18	}


diff --git a/tools/tai64dec/setup.py b/tools/tai64dec/setup.py new file mode 100644 index 00000000..d936796b --- /dev/null +++ b/tools/tai64dec/setup.py
@@ -0,0 +1,10 @@
		1	from setuptools import setup
		2
		3	setup(name='tai64dec',
		4	packages=['tai64dec'],
		5	entry_points={
		6	'console_scripts': [
		7	'tai64dec=tai64dec.__main__:main'
		8	],
		9	},
		10	)


diff --git a/tools/tai64dec/tai64dec/__main__.py b/tools/tai64dec/tai64dec/__main__.py new file mode 100644 index 00000000..a8854523 --- /dev/null +++ b/tools/tai64dec/tai64dec/__main__.py
@@ -0,0 +1,46 @@
		1	import sys, os
		2
		3	import argparse
		4
		5	from leapseconddata import LeapSecondData
		6	from math import ldexp
		7	from pathlib import Path
		8	from datetime import datetime, timezone
		9	import secrets
		10
		11
		12	class BooleanAction(argparse.Action):
		13	def __init__(self, option_strings, dest, nargs=None, **kwargs):
		14	super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs)
		15
		16	def __call__(self, parser, namespace, values, option_string=None):
		17	setattr(namespace, self.dest, False if option_string.startswith('--no') else True)
		18
		19
		20	def main():
		21	parser = argparse.ArgumentParser(prog='tai64dec', formatter_class=argparse.ArgumentDefaultsHelpFormatter)
		22	parser.add_argument('--random', '--no-random', action=BooleanAction, default=False)
		23	parser.add_argument('--ns', '--no-ns', action=BooleanAction, default=True)
		24	args = parser.parse_args()
		25
		26
		27	leapsecond_data = LeapSecondData.from_file(Path(os.getenv('LEAPSECONDS_FILE')))
		28
		29	now = datetime.now(tz=timezone.utc)
		30
		31	tai_dt = leapsecond_data.to_tai(now)
		32	seconds = int(tai_dt.timestamp())
		33	seconds += int(ldexp(1, 62))
		34	out = seconds
		35
		36	if args.ns:
		37	nanoseconds = int((tai_dt.timestamp() - seconds) / 1e-9)
		38	out = out << 32 \| nanoseconds
		39
		40	if args.random:
		41	out = out << 24 \| int.from_bytes(secrets.token_bytes(3), byteorder='little', signed=False)
		42
		43	print('{:d}'.format(out), file=sys.stdout)
		44
		45	if __name__ == '__main__':
		46	sys.exit(main())