davidmz · November 20, 2016 19:33 · davidmz · Nov 4, 2016
diff --git a/log-crypt.go b/log-crypt.go
 package main

 import (
 	"bufio"
 	"crypto/hmac"
 	"crypto/sha1"
 	"encoding/hex"
 	"flag"
 	"fmt"
 	"os"
 	"regexp"
 	"strings"
 )

 var pathTemplates = makeRegexps([]string{
 	`^/v1/users/whoami`,
 	`^/v1/users/(?:accept|reject)Request/([^/]+)`,
 	`^/v1/users/([^/]+)`,
 	`^/v1/timelines/(?:home|filter/)`,
 	`^/v1/timelines/([^/]+)`,
 	`^/v1/groups/([^/]+)/subscribers/([^/]+)`,
 	`^/v1/groups/([^/]+)`,
 	`^/v2/requests/([^/]+)`,
 })

 var pathTokenTemplates = makeRegexps([]string{
 	`token=([^&]+)`,
 })

 var refererTemplates = makeRegexps([]string{
 	`^https://(?:(?:gamma\.|m\.|)freefeed\.net|myfeed\.rocks)/(?:about|dev|signin|signup|restore|reset|settings|filter|search|groups|friends)`,
 	`^https://(?:m\.freefeed\.net|myfeed\.rocks)/as/(?:FreeFeed|Mokum)/([^/]+)`,
 	`^https://(?:(?:gamma\.|m\.|)freefeed\.net|myfeed\.rocks)/([^/]+)`,
 })

 var uuidTemplates = makeRegexps([]string{
 	`([a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[8|9|a|b][a-f0-9]{3}-[a-f0-9]{12})`,
 })

 var logFormatRe = regexp.MustCompile(`^` +
 	`(?P<proxy_protocol_addr>[^ ]+) - ` +
 	`(?P<remote_user>[^ ]+) ` +
 	`\[(?P<time_local>[^\]]+)\] ` +
 	`"(?P<request>[^"]+)" ` +
 	`(?P<status>[^ ]+) ` +
 	`(?P<body_bytes_sent>[^ ]+) ` +
 	`"(?P<http_referer>[^"]+)" ` +
 	`"(?P<http_user_agent>[^"]+)" ` +
 	`(?P<request_time>[^ ]+) ` +
 	`(?P<upstream_response_time>[^ ]+) ` +
 	`(?P<pipe>[^ ]+)` +
 	`$`)

 var logVarNames = logFormatRe.SubexpNames()

 var secret string

 func main() {
 	flag.StringVar(&secret, "secret", "", "a secret string for username encoding")
 	flag.Parse()

 	if secret == "" {
 		fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
 		flag.PrintDefaults()
 		os.Exit(1)
 	}

 	scanner := bufio.NewScanner(os.Stdin)
 	for scanner.Scan() {
 		matches := logFormatRe.FindStringSubmatch(scanner.Text())
 		if matches == nil {
 			continue
 		}
 		matches[4] = encryptRequest(matches[4]) // request
 		matches[7] = encryptReferer(matches[7]) // referer
 		fmt.Printf("%s - %s [%s] \"%s\" %s %s \"%s\" \"%s\" %s %s %s\n", untypeArray(matches[1:])...)
 	}
 }

 func encryptRequest(text string) string {
 	parts := strings.Split(text, " ")
 	parts[1] = encryptText(parts[1], pathTemplates, encryptUsername)
 	parts[1] = encryptText(parts[1], pathTokenTemplates, encryptToken)
 	parts[1] = encryptText(parts[1], uuidTemplates, encryptUUID)
 	return strings.Join(parts, " ")
 }

 func encryptReferer(text string) string {
 	text = encryptText(text, refererTemplates, encryptUsername)
 	text = encryptText(text, uuidTemplates, encryptUUID)
 	return text
 }

 func encryptText(text string, regexps []*regexp.Regexp, crypter func(string) string) (newText string) {
 	newText = text
 	for _, re := range regexps {
 		m := re.FindStringSubmatchIndex(text)
 		if m != nil {
 			lastIndex := 0
 			newText = ""
 			for i := 0; i < len(m)/2-1; i++ {
 				uname := crypter(text[m[2*i+2]:m[2*i+3]])
 				newText += text[lastIndex:m[2*i+2]] + uname
 				lastIndex = m[2*i+3]
 			}
 			newText += text[lastIndex:]
 			break
 		}
 	}
 	return
 }

 func encryptUsername(username string) string {
 	const chars = "abcdefghijklmnopqrstuvwxyz"
 	mac := hmac.New(sha1.New, []byte(secret))
 	mac.Write([]byte(username))
 	umac := mac.Sum(nil)
 	length := 5 + int(umac[0]%5)
 	result := ""
 	for i := 0; i < length; i++ {
 		p := int(umac[i+1]) % len(chars)
 		result += chars[p : p+1]
 	}
 	return result
 }

 func encryptToken(token string) string {
 	mac := hmac.New(sha1.New, []byte(secret))
 	mac.Write([]byte(token))
 	return fmt.Sprintf("%X", mac.Sum(nil))
 }

 func encryptUUID(token string) string {
 	mac := hmac.New(sha1.New, []byte(secret))
 	mac.Write([]byte(token))
 	umac := mac.Sum(nil)[:16]
 	umac[6] = (umac[6] & 0x0f) | (4 << 4) // UUID v4
 	umac[8] = (umac[8] | 0x40) & 0x7F
 	return uuidString(umac)
 }

 func makeRegexps(patterns []string) (result []*regexp.Regexp) {
 	for _, p := range patterns {
 		result = append(result, regexp.MustCompile(p))
 	}
 	return
 }

 func untypeArray(a []string) (b []interface{}) {
 	for _, x := range a {
 		b = append(b, interface{}(x))
 	}
 	return
 }

 func uuidString(u []byte) string {
 	const dash byte = '-'

 	buf := make([]byte, 36)

 	hex.Encode(buf[0:8], u[0:4])
 	buf[8] = dash
 	hex.Encode(buf[9:13], u[4:6])
 	buf[13] = dash
 	hex.Encode(buf[14:18], u[6:8])
 	buf[18] = dash
 	hex.Encode(buf[19:23], u[8:10])
 	buf[23] = dash
 	hex.Encode(buf[24:], u[10:])

 	return string(buf)
 }
	package main

	import (
	"bufio"
	"crypto/hmac"
	"crypto/sha1"
	"encoding/hex"
	"flag"
	"fmt"
	"os"
	"regexp"
	"strings"
	)

	var pathTemplates = makeRegexps([]string{
	`^/v1/users/whoami`,
	`^/v1/users/(?:accept\|reject)Request/([^/]+)`,
	`^/v1/users/([^/]+)`,
	`^/v1/timelines/(?:home\|filter/)`,
	`^/v1/timelines/([^/]+)`,
	`^/v1/groups/([^/]+)/subscribers/([^/]+)`,
	`^/v1/groups/([^/]+)`,
	`^/v2/requests/([^/]+)`,
	})

	var pathTokenTemplates = makeRegexps([]string{
	`token=([^&]+)`,
	})

	var refererTemplates = makeRegexps([]string{
	`^https://(?:(?:gamma\.\|m\.\|)freefeed\.net\|myfeed\.rocks)/(?:about\|dev\|signin\|signup\|restore\|reset\|settings\|filter\|search\|groups\|friends)`,
	`^https://(?:m\.freefeed\.net\|myfeed\.rocks)/as/(?:FreeFeed\|Mokum)/([^/]+)`,
	`^https://(?:(?:gamma\.\|m\.\|)freefeed\.net\|myfeed\.rocks)/([^/]+)`,
	})

	var uuidTemplates = makeRegexps([]string{
	`([a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[8\|9\|a\|b][a-f0-9]{3}-[a-f0-9]{12})`,
	})

	var logFormatRe = regexp.MustCompile(`^` +
	`(?P<proxy_protocol_addr>[^ ]+) - ` +
	`(?P<remote_user>[^ ]+) ` +
	`\[(?P<time_local>[^\]]+)\] ` +
	`"(?P<request>[^"]+)" ` +
	`(?P<status>[^ ]+) ` +
	`(?P<body_bytes_sent>[^ ]+) ` +
	`"(?P<http_referer>[^"]+)" ` +
	`"(?P<http_user_agent>[^"]+)" ` +
	`(?P<request_time>[^ ]+) ` +
	`(?P<upstream_response_time>[^ ]+) ` +
	`(?P<pipe>[^ ]+)` +
	`$`)

	var logVarNames = logFormatRe.SubexpNames()

	var secret string

	func main() {
	flag.StringVar(&secret, "secret", "", "a secret string for username encoding")
	flag.Parse()

	if secret == "" {
	fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
	flag.PrintDefaults()
	os.Exit(1)
	}

	scanner := bufio.NewScanner(os.Stdin)
	for scanner.Scan() {
	matches := logFormatRe.FindStringSubmatch(scanner.Text())
	if matches == nil {
	continue
	}
	matches[4] = encryptRequest(matches[4]) // request
	matches[7] = encryptReferer(matches[7]) // referer
	fmt.Printf("%s - %s [%s] \"%s\" %s %s \"%s\" \"%s\" %s %s %s\n", untypeArray(matches[1:])...)
	}
	}

	func encryptRequest(text string) string {
	parts := strings.Split(text, " ")
	parts[1] = encryptText(parts[1], pathTemplates, encryptUsername)
	parts[1] = encryptText(parts[1], pathTokenTemplates, encryptToken)
	parts[1] = encryptText(parts[1], uuidTemplates, encryptUUID)
	return strings.Join(parts, " ")
	}

	func encryptReferer(text string) string {
	text = encryptText(text, refererTemplates, encryptUsername)
	text = encryptText(text, uuidTemplates, encryptUUID)
	return text
	}

	func encryptText(text string, regexps []*regexp.Regexp, crypter func(string) string) (newText string) {
	newText = text
	for _, re := range regexps {
	m := re.FindStringSubmatchIndex(text)
	if m != nil {
	lastIndex := 0
	newText = ""
	for i := 0; i < len(m)/2-1; i++ {
	uname := crypter(text[m[2i+2]:m[2i+3]])
	newText += text[lastIndex:m[2*i+2]] + uname
	lastIndex = m[2*i+3]
	}
	newText += text[lastIndex:]
	break
	}
	}
	return
	}

	func encryptUsername(username string) string {
	const chars = "abcdefghijklmnopqrstuvwxyz"
	mac := hmac.New(sha1.New, []byte(secret))
	mac.Write([]byte(username))
	umac := mac.Sum(nil)
	length := 5 + int(umac[0]%5)
	result := ""
	for i := 0; i < length; i++ {
	p := int(umac[i+1]) % len(chars)
	result += chars[p : p+1]
	}
	return result
	}

	func encryptToken(token string) string {
	mac := hmac.New(sha1.New, []byte(secret))
	mac.Write([]byte(token))
	return fmt.Sprintf("%X", mac.Sum(nil))
	}

	func encryptUUID(token string) string {
	mac := hmac.New(sha1.New, []byte(secret))
	mac.Write([]byte(token))
	umac := mac.Sum(nil)[:16]
	umac[6] = (umac[6] & 0x0f) \| (4 << 4) // UUID v4
	umac[8] = (umac[8] \| 0x40) & 0x7F
	return uuidString(umac)
	}

	func makeRegexps(patterns []string) (result []*regexp.Regexp) {
	for _, p := range patterns {
	result = append(result, regexp.MustCompile(p))
	}
	return
	}

	func untypeArray(a []string) (b []interface{}) {
	for _, x := range a {
	b = append(b, interface{}(x))
	}
	return
	}

	func uuidString(u []byte) string {
	const dash byte = '-'

	buf := make([]byte, 36)

	hex.Encode(buf[0:8], u[0:4])
	buf[8] = dash
	hex.Encode(buf[9:13], u[4:6])
	buf[13] = dash
	hex.Encode(buf[14:18], u[6:8])
	buf[18] = dash
	hex.Encode(buf[19:23], u[8:10])
	buf[23] = dash
	hex.Encode(buf[24:], u[10:])

	return string(buf)
	}