mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-09-19 01:29:57 +00:00
961c878e0d
Switch to using Go modules. This migrates our vendor.json to use Go 1.11's modules system, and replaces the vendor folder with the output of go mod vendor. The vendored code should remain basically the same; I believe some tree shaking of packages and support scripts/licenses/READMEs/etc. happened. This also fixes Travis and our Makefile to no longer use govendor.
558 lines
14 KiB
Go
558 lines
14 KiB
Go
// Copyright 2011 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package packet
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/cipher"
|
|
"crypto/dsa"
|
|
"crypto/ecdsa"
|
|
"crypto/sha1"
|
|
"fmt"
|
|
"io"
|
|
"io/ioutil"
|
|
"math/big"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/keybase/go-crypto/ed25519"
|
|
"github.com/keybase/go-crypto/openpgp/ecdh"
|
|
"github.com/keybase/go-crypto/openpgp/elgamal"
|
|
"github.com/keybase/go-crypto/openpgp/errors"
|
|
"github.com/keybase/go-crypto/openpgp/s2k"
|
|
"github.com/keybase/go-crypto/rsa"
|
|
)
|
|
|
|
// PrivateKey represents a possibly encrypted private key. See RFC 4880,
|
|
// section 5.5.3.
|
|
type PrivateKey struct {
|
|
PublicKey
|
|
Encrypted bool // if true then the private key is unavailable until Decrypt has been called.
|
|
encryptedData []byte
|
|
cipher CipherFunction
|
|
s2k func(out, in []byte)
|
|
PrivateKey interface{} // An *rsa.PrivateKey or *dsa.PrivateKey.
|
|
sha1Checksum bool
|
|
iv []byte
|
|
s2kHeader []byte
|
|
}
|
|
|
|
type EdDSAPrivateKey struct {
|
|
PrivateKey
|
|
seed parsedMPI
|
|
}
|
|
|
|
func (e *EdDSAPrivateKey) Sign(digest []byte) (R, S []byte, err error) {
|
|
r := bytes.NewReader(e.seed.bytes)
|
|
publicKey, privateKey, err := ed25519.GenerateKey(r)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if !bytes.Equal(publicKey, e.PublicKey.edk.p.bytes[1:]) { // [1:] because [0] is 0x40 mpi header
|
|
return nil, nil, errors.UnsupportedError("EdDSA: Private key does not match public key.")
|
|
}
|
|
|
|
sig := ed25519.Sign(privateKey, digest)
|
|
|
|
sigLen := ed25519.SignatureSize / 2
|
|
return sig[:sigLen], sig[sigLen:], nil
|
|
}
|
|
|
|
func NewRSAPrivateKey(currentTime time.Time, priv *rsa.PrivateKey) *PrivateKey {
|
|
pk := new(PrivateKey)
|
|
pk.PublicKey = *NewRSAPublicKey(currentTime, &priv.PublicKey)
|
|
pk.PrivateKey = priv
|
|
return pk
|
|
}
|
|
|
|
func NewDSAPrivateKey(currentTime time.Time, priv *dsa.PrivateKey) *PrivateKey {
|
|
pk := new(PrivateKey)
|
|
pk.PublicKey = *NewDSAPublicKey(currentTime, &priv.PublicKey)
|
|
pk.PrivateKey = priv
|
|
return pk
|
|
}
|
|
|
|
func NewElGamalPrivateKey(currentTime time.Time, priv *elgamal.PrivateKey) *PrivateKey {
|
|
pk := new(PrivateKey)
|
|
pk.PublicKey = *NewElGamalPublicKey(currentTime, &priv.PublicKey)
|
|
pk.PrivateKey = priv
|
|
return pk
|
|
}
|
|
|
|
func NewECDSAPrivateKey(currentTime time.Time, priv *ecdsa.PrivateKey) *PrivateKey {
|
|
pk := new(PrivateKey)
|
|
pk.PublicKey = *NewECDSAPublicKey(currentTime, &priv.PublicKey)
|
|
pk.PrivateKey = priv
|
|
return pk
|
|
}
|
|
|
|
func NewECDHPrivateKey(currentTime time.Time, priv *ecdh.PrivateKey) *PrivateKey {
|
|
pk := new(PrivateKey)
|
|
pk.PublicKey = *NewECDHPublicKey(currentTime, &priv.PublicKey)
|
|
pk.PrivateKey = priv
|
|
return pk
|
|
}
|
|
|
|
func (pk *PrivateKey) parse(r io.Reader) (err error) {
|
|
err = (&pk.PublicKey).parse(r)
|
|
if err != nil {
|
|
return
|
|
}
|
|
var buf [1]byte
|
|
_, err = readFull(r, buf[:])
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
s2kType := buf[0]
|
|
|
|
switch s2kType {
|
|
case 0:
|
|
pk.s2k = nil
|
|
pk.Encrypted = false
|
|
case 254, 255:
|
|
_, err = readFull(r, buf[:])
|
|
if err != nil {
|
|
return
|
|
}
|
|
pk.cipher = CipherFunction(buf[0])
|
|
pk.Encrypted = true
|
|
pk.s2k, err = s2k.Parse(r)
|
|
if err != nil {
|
|
return
|
|
}
|
|
if s2kType == 254 {
|
|
pk.sha1Checksum = true
|
|
}
|
|
// S2K == nil implies that we got a "GNU Dummy" S2K. For instance,
|
|
// because our master secret key is on a USB key in a vault somewhere.
|
|
// In that case, there is no further data to consume here.
|
|
if pk.s2k == nil {
|
|
pk.Encrypted = false
|
|
return
|
|
}
|
|
default:
|
|
return errors.UnsupportedError("deprecated s2k function in private key")
|
|
}
|
|
if pk.Encrypted {
|
|
blockSize := pk.cipher.blockSize()
|
|
if blockSize == 0 {
|
|
return errors.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher)))
|
|
}
|
|
pk.iv = make([]byte, blockSize)
|
|
_, err = readFull(r, pk.iv)
|
|
if err != nil {
|
|
return
|
|
}
|
|
}
|
|
|
|
pk.encryptedData, err = ioutil.ReadAll(r)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
if !pk.Encrypted {
|
|
return pk.parsePrivateKey(pk.encryptedData)
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func mod64kHash(d []byte) uint16 {
|
|
var h uint16
|
|
for _, b := range d {
|
|
h += uint16(b)
|
|
}
|
|
return h
|
|
}
|
|
|
|
// Encrypt is the counterpart to the Decrypt() method below. It encrypts
|
|
// the private key with the provided passphrase. If config is nil, then
|
|
// the standard, and sensible, defaults apply.
|
|
//
|
|
// A key will be derived from the given passphrase using S2K Specifier
|
|
// Type 3 (Iterated + Salted, see RFC-4880 Sec. 3.7.1.3). This choice
|
|
// is hardcoded in s2k.Serialize(). S2KCount is hardcoded to 0, which is
|
|
// equivalent to 65536. And the hash algorithm for key-derivation can be
|
|
// set with config. The encrypted PrivateKey, using the algorithm specified
|
|
// in config (if provided), is written out to the encryptedData member.
|
|
// When Serialize() is called, this encryptedData member will be
|
|
// serialized, using S2K Usage value of 254, and thus SHA1 checksum.
|
|
func (pk *PrivateKey) Encrypt(passphrase []byte, config *Config) (err error) {
|
|
if pk.PrivateKey == nil {
|
|
return errors.InvalidArgumentError("there is no private key to encrypt")
|
|
}
|
|
|
|
pk.sha1Checksum = true
|
|
pk.cipher = config.Cipher()
|
|
s2kConfig := s2k.Config{
|
|
Hash: config.Hash(),
|
|
S2KCount: 0,
|
|
}
|
|
s2kBuf := bytes.NewBuffer(nil)
|
|
derivedKey := make([]byte, pk.cipher.KeySize())
|
|
err = s2k.Serialize(s2kBuf, derivedKey, config.Random(), passphrase, &s2kConfig)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
pk.s2kHeader = s2kBuf.Bytes()
|
|
// No good way to set pk.s2k but to call s2k.Parse(),
|
|
// even though we have all the information here, but
|
|
// most of the functions needed are private to s2k.
|
|
pk.s2k, err = s2k.Parse(s2kBuf)
|
|
pk.iv = make([]byte, pk.cipher.blockSize())
|
|
if _, err = config.Random().Read(pk.iv); err != nil {
|
|
return err
|
|
}
|
|
|
|
privateKeyBuf := bytes.NewBuffer(nil)
|
|
if err = pk.serializePrivateKey(privateKeyBuf); err != nil {
|
|
return err
|
|
}
|
|
|
|
checksum := sha1.Sum(privateKeyBuf.Bytes())
|
|
if _, err = privateKeyBuf.Write(checksum[:]); err != nil {
|
|
return err
|
|
}
|
|
|
|
pkData := privateKeyBuf.Bytes()
|
|
block := pk.cipher.new(derivedKey)
|
|
pk.encryptedData = make([]byte, len(pkData))
|
|
cfb := cipher.NewCFBEncrypter(block, pk.iv)
|
|
cfb.XORKeyStream(pk.encryptedData, pkData)
|
|
pk.Encrypted = true
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) Serialize(w io.Writer) (err error) {
|
|
buf := bytes.NewBuffer(nil)
|
|
err = pk.PublicKey.serializeWithoutHeaders(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
privateKeyBuf := bytes.NewBuffer(nil)
|
|
|
|
if pk.PrivateKey == nil {
|
|
_, err = buf.Write([]byte{
|
|
254, // SHA-1 Convention
|
|
9, // Encryption scheme (AES256)
|
|
101, // GNU Extensions
|
|
2, // Hash value (SHA1)
|
|
'G', 'N', 'U', // "GNU" as a string
|
|
1, // Extension type 1001 (minus 1000)
|
|
})
|
|
} else if pk.Encrypted {
|
|
_, err = buf.Write([]byte{
|
|
254, // SHA-1 Convention
|
|
byte(pk.cipher), // Encryption scheme
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if _, err = buf.Write(pk.s2kHeader); err != nil {
|
|
return err
|
|
}
|
|
if _, err = buf.Write(pk.iv); err != nil {
|
|
return err
|
|
}
|
|
if _, err = privateKeyBuf.Write(pk.encryptedData); err != nil {
|
|
return err
|
|
}
|
|
} else {
|
|
buf.WriteByte(0 /* no encryption */)
|
|
if err = pk.serializePrivateKey(privateKeyBuf); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
ptype := packetTypePrivateKey
|
|
contents := buf.Bytes()
|
|
privateKeyBytes := privateKeyBuf.Bytes()
|
|
if pk.IsSubkey {
|
|
ptype = packetTypePrivateSubkey
|
|
}
|
|
totalLen := len(contents) + len(privateKeyBytes)
|
|
if !pk.Encrypted {
|
|
totalLen += 2
|
|
}
|
|
err = serializeHeader(w, ptype, totalLen)
|
|
if err != nil {
|
|
return
|
|
}
|
|
_, err = w.Write(contents)
|
|
if err != nil {
|
|
return
|
|
}
|
|
_, err = w.Write(privateKeyBytes)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
if len(privateKeyBytes) > 0 && !pk.Encrypted {
|
|
checksum := mod64kHash(privateKeyBytes)
|
|
var checksumBytes [2]byte
|
|
checksumBytes[0] = byte(checksum >> 8)
|
|
checksumBytes[1] = byte(checksum)
|
|
_, err = w.Write(checksumBytes[:])
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func (pk *PrivateKey) serializePrivateKey(w io.Writer) (err error) {
|
|
switch priv := pk.PrivateKey.(type) {
|
|
case *rsa.PrivateKey:
|
|
err = serializeRSAPrivateKey(w, priv)
|
|
case *dsa.PrivateKey:
|
|
err = serializeDSAPrivateKey(w, priv)
|
|
case *elgamal.PrivateKey:
|
|
err = serializeElGamalPrivateKey(w, priv)
|
|
case *ecdsa.PrivateKey:
|
|
err = serializeECDSAPrivateKey(w, priv)
|
|
case *ecdh.PrivateKey:
|
|
err = serializeECDHPrivateKey(w, priv)
|
|
case *EdDSAPrivateKey:
|
|
err = serializeEdDSAPrivateKey(w, priv)
|
|
default:
|
|
err = errors.InvalidArgumentError("unknown private key type")
|
|
}
|
|
|
|
return err
|
|
}
|
|
|
|
func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) error {
|
|
err := writeBig(w, priv.D)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = writeBig(w, priv.Primes[1])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = writeBig(w, priv.Primes[0])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return writeBig(w, priv.Precomputed.Qinv)
|
|
}
|
|
|
|
func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
|
|
return writeBig(w, priv.X)
|
|
}
|
|
|
|
func serializeElGamalPrivateKey(w io.Writer, priv *elgamal.PrivateKey) error {
|
|
return writeBig(w, priv.X)
|
|
}
|
|
|
|
func serializeECDSAPrivateKey(w io.Writer, priv *ecdsa.PrivateKey) error {
|
|
return writeBig(w, priv.D)
|
|
}
|
|
|
|
func serializeECDHPrivateKey(w io.Writer, priv *ecdh.PrivateKey) error {
|
|
return writeBig(w, priv.X)
|
|
}
|
|
|
|
func serializeEdDSAPrivateKey(w io.Writer, priv *EdDSAPrivateKey) error {
|
|
return writeMPI(w, priv.seed.bitLength, priv.seed.bytes)
|
|
}
|
|
|
|
// Decrypt decrypts an encrypted private key using a passphrase.
|
|
func (pk *PrivateKey) Decrypt(passphrase []byte) error {
|
|
if !pk.Encrypted {
|
|
return nil
|
|
}
|
|
// For GNU Dummy S2K, there's no key here, so don't do anything.
|
|
if pk.s2k == nil {
|
|
return nil
|
|
}
|
|
|
|
key := make([]byte, pk.cipher.KeySize())
|
|
pk.s2k(key, passphrase)
|
|
block := pk.cipher.new(key)
|
|
cfb := cipher.NewCFBDecrypter(block, pk.iv)
|
|
|
|
data := make([]byte, len(pk.encryptedData))
|
|
cfb.XORKeyStream(data, pk.encryptedData)
|
|
|
|
if pk.sha1Checksum {
|
|
if len(data) < sha1.Size {
|
|
return errors.StructuralError("truncated private key data")
|
|
}
|
|
h := sha1.New()
|
|
h.Write(data[:len(data)-sha1.Size])
|
|
sum := h.Sum(nil)
|
|
if !bytes.Equal(sum, data[len(data)-sha1.Size:]) {
|
|
return errors.StructuralError("private key checksum failure")
|
|
}
|
|
data = data[:len(data)-sha1.Size]
|
|
} else {
|
|
if len(data) < 2 {
|
|
return errors.StructuralError("truncated private key data")
|
|
}
|
|
var sum uint16
|
|
for i := 0; i < len(data)-2; i++ {
|
|
sum += uint16(data[i])
|
|
}
|
|
if data[len(data)-2] != uint8(sum>>8) ||
|
|
data[len(data)-1] != uint8(sum) {
|
|
return errors.StructuralError("private key checksum failure")
|
|
}
|
|
data = data[:len(data)-2]
|
|
}
|
|
|
|
return pk.parsePrivateKey(data)
|
|
}
|
|
|
|
func (pk *PrivateKey) parsePrivateKey(data []byte) (err error) {
|
|
switch pk.PublicKey.PubKeyAlgo {
|
|
case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoRSAEncryptOnly:
|
|
return pk.parseRSAPrivateKey(data)
|
|
case PubKeyAlgoDSA:
|
|
return pk.parseDSAPrivateKey(data)
|
|
case PubKeyAlgoElGamal:
|
|
return pk.parseElGamalPrivateKey(data)
|
|
case PubKeyAlgoECDSA:
|
|
return pk.parseECDSAPrivateKey(data)
|
|
case PubKeyAlgoECDH:
|
|
return pk.parseECDHPrivateKey(data)
|
|
case PubKeyAlgoEdDSA:
|
|
return pk.parseEdDSAPrivateKey(data)
|
|
}
|
|
panic("impossible")
|
|
}
|
|
|
|
func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
|
|
rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
|
|
rsaPriv := new(rsa.PrivateKey)
|
|
rsaPriv.PublicKey = *rsaPub
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
d, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
p, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
q, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
rsaPriv.D = new(big.Int).SetBytes(d)
|
|
rsaPriv.Primes = make([]*big.Int, 2)
|
|
rsaPriv.Primes[0] = new(big.Int).SetBytes(p)
|
|
rsaPriv.Primes[1] = new(big.Int).SetBytes(q)
|
|
if err := rsaPriv.Validate(); err != nil {
|
|
return err
|
|
}
|
|
rsaPriv.Precompute()
|
|
pk.PrivateKey = rsaPriv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err error) {
|
|
dsaPub := pk.PublicKey.PublicKey.(*dsa.PublicKey)
|
|
dsaPriv := new(dsa.PrivateKey)
|
|
dsaPriv.PublicKey = *dsaPub
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
x, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
dsaPriv.X = new(big.Int).SetBytes(x)
|
|
pk.PrivateKey = dsaPriv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err error) {
|
|
pub := pk.PublicKey.PublicKey.(*elgamal.PublicKey)
|
|
priv := new(elgamal.PrivateKey)
|
|
priv.PublicKey = *pub
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
x, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
priv.X = new(big.Int).SetBytes(x)
|
|
pk.PrivateKey = priv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) parseECDHPrivateKey(data []byte) (err error) {
|
|
pub := pk.PublicKey.PublicKey.(*ecdh.PublicKey)
|
|
priv := new(ecdh.PrivateKey)
|
|
priv.PublicKey = *pub
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
d, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
priv.X = new(big.Int).SetBytes(d)
|
|
pk.PrivateKey = priv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) parseECDSAPrivateKey(data []byte) (err error) {
|
|
ecdsaPub := pk.PublicKey.PublicKey.(*ecdsa.PublicKey)
|
|
ecdsaPriv := new(ecdsa.PrivateKey)
|
|
ecdsaPriv.PublicKey = *ecdsaPub
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
d, _, err := readMPI(buf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
ecdsaPriv.D = new(big.Int).SetBytes(d)
|
|
pk.PrivateKey = ecdsaPriv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
|
|
return nil
|
|
}
|
|
|
|
func (pk *PrivateKey) parseEdDSAPrivateKey(data []byte) (err error) {
|
|
eddsaPriv := new(EdDSAPrivateKey)
|
|
eddsaPriv.PublicKey = pk.PublicKey
|
|
|
|
buf := bytes.NewBuffer(data)
|
|
eddsaPriv.seed.bytes, eddsaPriv.seed.bitLength, err = readMPI(buf)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if bLen := len(eddsaPriv.seed.bytes); bLen != 32 { // 32 bytes private part of ed25519 key.
|
|
return errors.UnsupportedError(fmt.Sprintf("Unexpected EdDSA private key length: %d", bLen))
|
|
}
|
|
|
|
pk.PrivateKey = eddsaPriv
|
|
pk.Encrypted = false
|
|
pk.encryptedData = nil
|
|
|
|
return nil
|
|
}
|