From 8badf54cb2b4ae822911b347fe3937caf8ce86a7 Mon Sep 17 00:00:00 2001
From: l0go <logo4poop@protonmail.com>
Date: Tue, 23 Jul 2024 23:33:15 -0400
Subject: [PATCH] Add keygen

---
 .github/workflows/release.yml | 14 +++++++---
 .gitignore                    |  2 ++
 Containerfile                 |  2 +-
 tools/keygen/.containerignore |  2 ++
 tools/keygen/Containerfile    | 10 +++++++
 tools/keygen/build.zig        | 27 +++++++++++++++++++
 tools/keygen/build.zig.zon    | 18 +++++++++++++
 tools/keygen/src/main.zig     | 50 +++++++++++++++++++++++++++++++++++
 8 files changed, 121 insertions(+), 4 deletions(-)
 create mode 100644 tools/keygen/.containerignore
 create mode 100644 tools/keygen/Containerfile
 create mode 100644 tools/keygen/build.zig
 create mode 100644 tools/keygen/build.zig.zon
 create mode 100644 tools/keygen/src/main.zig

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 52424ac..80aec75 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,11 +17,14 @@ jobs:
         working-directory: .
         run: |
           sudo apt install -y podman
-      - name: Build container
+      - name: Build HaxeSandbox container
         working-directory: .
         run: |
-          podman manifest create haxesandbox
-          podman build --platform linux/amd64 --manifest haxesandbox .
+          podman build --platform linux/amd64 -t=haxesandbox .
+      - name: Build keygen container
+        working-directory: ./tools/keygen/
+        run: |
+          podman build --platform linux/amd64 -t=haxesandbox-keygen .
       - name: Log in to Github Packages
         uses: redhat-actions/podman-login@v1
         with:
@@ -33,3 +36,8 @@ jobs:
         with:
           image: haxesandbox
           registry: ghcr.io/l0go
+      - name: Push keygen to Github Packages
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: haxesandbox-keygen
+          registry: ghcr.io/l0go
diff --git a/.gitignore b/.gitignore
index 9f96217..371a30f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
 bin/
 .env
+.zig-cache/
+zig-out/
diff --git a/Containerfile b/Containerfile
index a96de56..0b58cad 100644
--- a/Containerfile
+++ b/Containerfile
@@ -3,7 +3,7 @@ RUN microdnf install -y haxe
 WORKDIR /app/src
 COPY src ./src/
 COPY vendor ./vendor/
-copy build.hxml ./
+COPY build.hxml ./
 RUN haxe build.hxml -w -WDeprecated
 
 FROM quay.io/fedora/fedora-minimal
diff --git a/tools/keygen/.containerignore b/tools/keygen/.containerignore
new file mode 100644
index 0000000..b1b4093
--- /dev/null
+++ b/tools/keygen/.containerignore
@@ -0,0 +1,2 @@
+Containerfile
+zig-out/
diff --git a/tools/keygen/Containerfile b/tools/keygen/Containerfile
new file mode 100644
index 0000000..a1e9444
--- /dev/null
+++ b/tools/keygen/Containerfile
@@ -0,0 +1,10 @@
+FROM quay.io/fedora/fedora-minimal AS build
+WORKDIR /app/src
+COPY . ./
+RUN microdnf install -y zig binutils
+RUN zig build -Doptimize=ReleaseSmall
+RUN strip ./zig-out/bin/haxesandbox-keygen
+
+FROM scratch
+COPY --from=build /app/src/zig-out/bin/haxesandbox-keygen /
+CMD ["/haxesandbox-keygen"]
diff --git a/tools/keygen/build.zig b/tools/keygen/build.zig
new file mode 100644
index 0000000..57b64d4
--- /dev/null
+++ b/tools/keygen/build.zig
@@ -0,0 +1,27 @@
+const std = @import("std");
+
+pub fn build(b: *std.Build) void {
+    const target = b.standardTargetOptions(.{});
+    const optimize = b.standardOptimizeOption(.{});
+
+    const chameleon = b.dependency("chameleon", .{}).module("chameleon");
+    const exe = b.addExecutable(.{
+        .name = "haxesandbox-keygen",
+        .root_source_file = b.path("src/main.zig"),
+        .target = target,
+        .optimize = optimize,
+    });
+    exe.root_module.addImport("chameleon", chameleon);
+
+    b.installArtifact(exe);
+
+    const run_cmd = b.addRunArtifact(exe);
+    run_cmd.step.dependOn(b.getInstallStep());
+
+    if (b.args) |args| {
+        run_cmd.addArgs(args);
+    }
+
+    const run_step = b.step("run", "Run the app");
+    run_step.dependOn(&run_cmd.step);
+}
diff --git a/tools/keygen/build.zig.zon b/tools/keygen/build.zig.zon
new file mode 100644
index 0000000..8b0e597
--- /dev/null
+++ b/tools/keygen/build.zig.zon
@@ -0,0 +1,18 @@
+.{
+    .name = "haxesandbox-keygen",
+    .version = "0.0.0",
+    .dependencies = .{
+        .chameleon = .{
+            .url = "https://github.com/tr1ckydev/chameleon/archive/e94bf213e542dbfa932469e921a4bd2b8f7bb8b1.zip",
+            .hash = "1220a497e4583061a32a500d6886bc440f34dc54ccd9c08b27769c583baff1c2954f",
+        },
+    },
+    .paths = .{
+        "build.zig",
+        "build.zig.zon",
+        "src",
+        // For example...
+        //"LICENSE",
+        //"README.md",
+    },
+}
diff --git a/tools/keygen/src/main.zig b/tools/keygen/src/main.zig
new file mode 100644
index 0000000..b2e89c7
--- /dev/null
+++ b/tools/keygen/src/main.zig
@@ -0,0 +1,50 @@
+const std = @import("std");
+const Chameleon = @import("chameleon").Chameleon;
+const base64 = std.base64.standard;
+const sha256 = std.crypto.hash.sha2.Sha256;
+
+const length = 24;
+
+pub fn main() !void {
+    // Create allocator
+    var ally = std.heap.ArenaAllocator.init(std.heap.page_allocator);
+    defer ally.deinit();
+
+    // Initialize stdout
+    const stdout_file = std.io.getStdOut().writer();
+    var bw = std.io.bufferedWriter(stdout_file);
+    const stdout = bw.writer();
+
+    // Generate some random bytes to generate the base64 from
+    var bytes: [length]u8 = undefined;
+    std.crypto.random.bytes(&bytes);
+
+    // Generate the base64
+    var b64 = try ally.allocator().alloc(u8, base64.Encoder.calcSize(length));
+    b64 = @constCast(base64.Encoder.encode(b64, &bytes));
+
+    // And the sha256 hash
+    var hash: [32]u8 = undefined;
+    sha256.hash(b64, &hash, .{});
+
+    // Now print everything to the user
+    comptime var cham = Chameleon.init(.Auto);
+    try stdout.print(cham.redBright().fmt(
+        \\
+        \\ _   _                     _____                    _  _                  
+        \\| | | |                   /  ___|                  | || |                 
+        \\| |_| |  __ _ __  __  ___ \ `--.   __ _  _ __    __| || |__    ___  __  __
+        \\|  _  | / _` |\ \/ / / _ \ `--. \ / _` || '_ \  / _` || '_ \  / _ \ \ \/ /
+        \\| | | || (_| | >  < |  __//\__/ /| (_| || | | || (_| || |_) || (_) | >  < 
+        \\\_| |_/ \__,_|/_/\_\ \___|\____/  \__,_||_| |_| \__,_||_.__/  \___/ /_/\_\
+        \\
+        \\
+        \\
+    ), .{});
+    try stdout.print(cham.yellow().fmt("Run this command to save the hashed key:\n"), .{});
+    try stdout.print(cham.grey().fmt("printf \"{s}\" | podman secret create --replace haxe_authkey -\n\n"), .{std.fmt.fmtSliceHexLower(&hash)});
+    try stdout.print(cham.yellow().fmt("The following is the base64 key you should provide to HaxeSandbox during requests. Keep this secret!\n"), .{});
+    try stdout.print(cham.grey().fmt("{s}\n"), .{b64});
+
+    try bw.flush();
+}