k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

vendor: revendor

Browse Source
This commit is contained in:
Eric Chiang
2016-12-22 11:39:28 -08:00
parent d87a4c35b9
commit 1451213dd7
268 changed files with 484 additions and 59530 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
vendor/github.com/gtank/cryptopasta/README generated vendored
View File

@@ -1,121 +0,0 @@
TL;DR- Copy & paste your crypto code from here instead of Stack Overflow.
This library demonstrates a suite of basic cryptography from the Go standard
library. To the extent possible, it tries to hide complexity and help you avoid
common mistakes. The recommendations were chosen as a compromise between
cryptographic qualities, the Go standard lib, and my existing use cases.
Some particular design choices I've made:
1. SHA-512/256 has been chosen as the default hash for the examples. It's
faster on 64-bit machines and immune to length extension. If it doesn't work
in your case, replace instances of it with ordinary SHA-256.
2. The specific ECDSA parameters were chosen to be compatible with RFC7518[1]
while using the best implementation of ECDSA available. Go's P-256 is
constant-time (which prevents certain types of attacks) while its P-384 and
P-521 are not.
3. Key parameters are arrays rather than slices so the compiler can help you
avoid mixing up the arguments. The signing and marshaling functions use the
crypto/ecdsa key types directly for the same reason.
4. Public/private keypairs for signing are marshaled into and out of PEM
format, making them relatively portable to other crypto software you're
likely to use (openssl, cfssl, etc).
5. Key generation functions will panic if they can't read enough random bytes
to generate the key. Key generation is critical, and if crypto/rand fails at
that stage then you should stop doing cryptography on that machine immediately.
6. The license is a CC0 public domain dedication, with the intent that you can
just copy bits of this directly into your code and never be required to
acknowledge my copyright, provide source code, or do anything else commonly
associated with open licenses.
The specific recommendations are:
Encryption - 256-bit AES-GCM with random 96-bit nonces
Using AES-GCM (instead of AES-CBC, AES-CFB, or AES-CTR, all of which Go also
offers) provides authentication in addition to confidentiality. This means that
the content of your data is hidden and that any modification of the encrypted
data will result in a failure to decrypt. This rules out entire classes of
possible attacks. Randomized nonces remove the choices around nonce generation
and management, which are another common source of error in crypto
implementations.
The interfaces in this library allow only the use of 256-bit keys.
Hashing - HMAC-SHA512/256
Using hash functions directly is fraught with various perils it's common for
developers to accidentally write code that is subject to easy collision or
length extension attacks. HMAC is a function built on top of hashes and it
doesn't have those problems. Using SHA-512/256 as the underlying hash function
means the process will be faster on 64-bit machines, but the output will be the
same length as the more familiar SHA-256.
This interface encourages you to scope your hashes with an English-language
string (a "tag") that describes the purpose of the hash. Tagged hashes are a
common "security hygiene" measure to ensure that hashing the same data for
different purposes will produce different outputs.
Password hashing - bcrypt with work factor 14
Use this to store users' passwords and check them for login (e.g. in a web
backend). While they both have "hashing" in the name, password hashing is an
entirely different situation from ordinary hashing and requires its own
specialized algorithm. bcrypt is a hash function designed for password storage.
It can be made selectively slower (based on a "work factor") to increase the
difficulty of brute-force password cracking attempts.
As of 2016, a work factor of 14 should be well on the side of future-proofing
over performance. If it turns out to be too slow for your needs, you can try
using 13 or even 12. You should not go below work factor 12.
Symmetric Signatures / Message Authentication - HMAC-SHA512/256
When two parties share a secret key, they can use message authentication to
make sure that a piece of data hasn't been altered. You can think of it as a
"symmetric signature" - it proves both that the data is unchanged and that
someone who knows the shared secret key generated it. Anyone who does not know
the secret key can neither validate the data nor make valid alterations.
This comes up most often in the context of web stuff, such as:
1. Authenticating requests to your API. The most widely known example is
probably the Amazon AWS API, which requires you to sign requests with
HMAC-SHA256. In this type of use, the "secret key" is a token that the API
provider issues to authorized API users.
2. Validating authenticated tokens (cookies, JWTs, etc) that are issued by a
service but are stored by a user. In this case, the service wants to ensure
that a user doesn't modify the data contained in the token.
As with encryption, you should always use a 256-bit random key to
authenticate messages.
Asymmetric Signatures - ECDSA on P-256 with SHA-256 message digests
These are the classic public/private keypair signatures that you probably think
of when you hear the word "signature". The holder of a private key can sign
data that anyone who has the corresponding public key can verify.
Go takes very good care of us here. In particular, the Go implementation of
P-256 is constant time to protect against side-channel attacks, and the Go
implementation of ECDSA generates safe nonces to protect against the type of
repeated-nonce attack that broke the PS3.
In terms of JWTs, this algorithm is called "ES256". The functions
"EncodeSignatureJWT" and "DecodeSignatureJWT" will convert the basic signature
format to and from the encoding specified by RFC7515[2]
[1] https://tools.ietf.org/html/rfc7518#section-3.1
[2] https://tools.ietf.org/html/rfc7515#appendix-A.3

104
vendor/github.com/gtank/cryptopasta/encrypt_test.go generated vendored
View File

@@ -1,104 +0,0 @@
// cryptopasta - basic cryptography examples
//
// Written in 2015 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
package cryptopasta
import (
"bytes"
"crypto/rand"
"io"
"io/ioutil"
"testing"
"golang.org/x/crypto/nacl/secretbox"
)
func TestEncryptDecryptGCM(t *testing.T) {
randomKey := &[32]byte{}
_, err := io.ReadFull(rand.Reader, randomKey[:])
if err != nil {
t.Fatal(err)
}
gcmTests := []struct {
plaintext []byte
key *[32]byte
}{
{
plaintext: []byte("Hello, world!"),
key: randomKey,
},
}
for _, tt := range gcmTests {
ciphertext, err := Encrypt(tt.plaintext, tt.key)
if err != nil {
t.Fatal(err)
}
plaintext, err := Decrypt(ciphertext, tt.key)
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(plaintext, tt.plaintext) {
t.Errorf("plaintexts don't match")
}
ciphertext[0] ^= 0xff
plaintext, err = Decrypt(ciphertext, tt.key)
if err == nil {
t.Errorf("gcmOpen should not have worked, but did")
}
}
}
func BenchmarkAESGCM(b *testing.B) {
randomKey := &[32]byte{}
_, err := io.ReadFull(rand.Reader, randomKey[:])
if err != nil {
b.Fatal(err)
}
data, err := ioutil.ReadFile("testdata/big")
if err != nil {
b.Fatal(err)
}
b.SetBytes(int64(len(data)))
for i := 0; i < b.N; i++ {
Encrypt(data, randomKey)
}
}
func BenchmarkSecretbox(b *testing.B) {
randomKey := &[32]byte{}
_, err := io.ReadFull(rand.Reader, randomKey[:])
if err != nil {
b.Fatal(err)
}
nonce := &[24]byte{}
_, err = io.ReadFull(rand.Reader, nonce[:])
if err != nil {
b.Fatal(err)
}
data, err := ioutil.ReadFile("testdata/big")
if err != nil {
b.Fatal(err)
}
b.SetBytes(int64(len(data)))
for i := 0; i < b.N; i++ {
secretbox.Seal(nil, data, nonce, randomKey)
}
}

91
vendor/github.com/gtank/cryptopasta/hash_test.go generated vendored
View File

@@ -1,91 +0,0 @@
// cryptopasta - basic cryptography examples
//
// Written in 2015 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
package cryptopasta
import (
"crypto/sha256"
"crypto/sha512"
"encoding/hex"
"fmt"
"io/ioutil"
"os"
"testing"
)
func TestPasswordHashing(t *testing.T) {
bcryptTests := []struct {
plaintext []byte
hash []byte
}{
{
plaintext: []byte("password"),
hash: []byte("$2a$14$uALAQb/Lwl59oHVbuUa5m.xEFmQBc9ME/IiSgJK/VHtNJJXASCDoS"),
},
}
for _, tt := range bcryptTests {
hashed, err := HashPassword(tt.plaintext)
if err != nil {
t.Error(err)
}
if err = CheckPasswordHash(hashed, tt.plaintext); err != nil {
t.Error(err)
}
}
}
// Benchmarks SHA256 on 16K of random data.
func BenchmarkSHA256(b *testing.B) {
data, err := ioutil.ReadFile("testdata/random")
if err != nil {
b.Fatal(err)
}
b.SetBytes(int64(len(data)))
for i := 0; i < b.N; i++ {
_ = sha256.Sum256(data)
}
}
// Benchmarks SHA512/256 on 16K of random data.
func BenchmarkSHA512_256(b *testing.B) {
data, err := ioutil.ReadFile("testdata/random")
if err != nil {
b.Fatal(err)
}
b.SetBytes(int64(len(data)))
for i := 0; i < b.N; i++ {
_ = sha512.Sum512_256(data)
}
}
func BenchmarkBcrypt(b *testing.B) {
for i := 0; i < b.N; i++ {
_, err := HashPassword([]byte("thisisareallybadpassword"))
if err != nil {
b.Error(err)
break
}
}
}
func ExampleHash() {
tag := "hashing file for lookup key"
contents, err := ioutil.ReadFile("testdata/random")
if err != nil {
fmt.Printf("could not read file: %v\n", err)
os.Exit(1)
}
digest := Hash(tag, contents)
fmt.Println(hex.EncodeToString(digest))
// Output: 9f4c795d8ae5c207f19184ccebee6a606c1fdfe509c793614066d613580f03e1
}

133
vendor/github.com/gtank/cryptopasta/marshal_test.go generated vendored
View File

@@ -1,133 +0,0 @@
// cryptopasta - basic cryptography examples
//
// Written in 2015 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
package cryptopasta
import (
"bytes"
"strings"
"testing"
)
// A keypair for NIST P-256 / secp256r1
// Generated using:
// openssl ecparam -genkey -name prime256v1 -outform PEM
var pemECPrivateKeyP256 = `-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIOI+EZsjyN3jvWJI/KDihFmqTuDpUe/if6f/pgGTBta/oAoGCCqGSM49
AwEHoUQDQgAEhhObKJ1r1PcUw+3REd/TbmSZnDvXnFUSTwqQFo5gbfIlP+gvEYba
+Rxj2hhqjfzqxIleRK40IRyEi3fJM/8Qhg==
-----END EC PRIVATE KEY-----
`
var pemECPublicKeyP256 = `-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhhObKJ1r1PcUw+3REd/TbmSZnDvX
nFUSTwqQFo5gbfIlP+gvEYba+Rxj2hhqjfzqxIleRK40IRyEi3fJM/8Qhg==
-----END PUBLIC KEY-----
`
// A keypair for NIST P-384 / secp384r1
// Generated using:
// openssl ecparam -genkey -name secp384r1 -outform PEM
var pemECPrivateKeyP384 = `-----BEGIN EC PARAMETERS-----
BgUrgQQAIg==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDAhA0YPVL1kimIy+FAqzUAtmR3It2Yjv2I++YpcC4oX7wGuEWcWKBYE
oOjj7wG/memgBwYFK4EEACKhZANiAAQub8xaaCTTW5rCHJCqUddIXpvq/TxdwViH
+tPEQQlJAJciXStM/aNLYA7Q1K1zMjYyzKSWz5kAh/+x4rXQ9Hlm3VAwCQDVVSjP
bfiNOXKOWfmyrGyQ7fQfs+ro1lmjLjs=
-----END EC PRIVATE KEY-----
`
var pemECPublicKeyP384 = `-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAELm/MWmgk01uawhyQqlHXSF6b6v08XcFY
h/rTxEEJSQCXIl0rTP2jS2AO0NStczI2Msykls+ZAIf/seK10PR5Zt1QMAkA1VUo
z234jTlyjln5sqxskO30H7Pq6NZZoy47
-----END PUBLIC KEY-----
`
var garbagePEM = `-----BEGIN GARBAGE-----
TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQ=
-----END GARBAGE-----
`
func TestPublicKeyMarshaling(t *testing.T) {
ecKey, err := DecodePublicKey([]byte(pemECPublicKeyP256))
if err != nil {
t.Fatal(err)
}
pemBytes, _ := EncodePublicKey(ecKey)
if !bytes.Equal(pemBytes, []byte(pemECPublicKeyP256)) {
t.Fatal("public key encoding did not match")
}
}
func TestPrivateKeyBadDecode(t *testing.T) {
_, err := DecodePrivateKey([]byte(garbagePEM))
if err == nil {
t.Fatal("decoded garbage data without complaint")
}
}
func TestPrivateKeyMarshaling(t *testing.T) {
ecKey, err := DecodePrivateKey([]byte(pemECPrivateKeyP256))
if err != nil {
t.Fatal(err)
}
pemBytes, _ := EncodePrivateKey(ecKey)
if !strings.HasSuffix(pemECPrivateKeyP256, string(pemBytes)) {
t.Fatal("private key encoding did not match")
}
}
// Test vector from https://tools.ietf.org/html/rfc7515#appendix-A.3.1
var jwtTest = []struct {
sigBytes []byte
b64sig string
}{
{
sigBytes: []byte{14, 209, 33, 83, 121, 99, 108, 72, 60, 47, 127, 21,
88, 7, 212, 2, 163, 178, 40, 3, 58, 249, 124, 126, 23, 129, 154, 195, 22, 158,
166, 101, 197, 10, 7, 211, 140, 60, 112, 229, 216, 241, 45, 175,
8, 74, 84, 128, 166, 101, 144, 197, 242, 147, 80, 154, 143, 63, 127, 138, 131,
163, 84, 213},
b64sig: "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q",
},
}
func TestJWTEncoding(t *testing.T) {
for _, tt := range jwtTest {
result := EncodeSignatureJWT(tt.sigBytes)
if strings.Compare(result, tt.b64sig) != 0 {
t.Fatalf("expected %s, got %s\n", tt.b64sig, result)
}
}
}
func TestJWTDecoding(t *testing.T) {
for _, tt := range jwtTest {
resultSig, err := DecodeSignatureJWT(tt.b64sig)
if err != nil {
t.Error(err)
}
if !bytes.Equal(resultSig, tt.sigBytes) {
t.Fatalf("decoded signature was incorrect")
}
}
}

107
vendor/github.com/gtank/cryptopasta/sign_test.go generated vendored
View File

@@ -1,107 +0,0 @@
// cryptopasta - basic cryptography examples
//
// Written in 2015 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
package cryptopasta
import (
"bytes"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"encoding/hex"
"testing"
)
// https://groups.google.com/d/msg/sci.crypt/OolWgsgQD-8/jHciyWkaL0gJ
var hmacTests = []struct {
key string
data string
digest string
}{
{
key: "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
data: "4869205468657265", // "Hi There"
digest: "9f9126c3d9c3c330d760425ca8a217e31feae31bfe70196ff81642b868402eab",
},
{
key: "4a656665", // "Jefe"
data: "7768617420646f2079612077616e7420666f72206e6f7468696e673f", // "what do ya want for nothing?"
digest: "6df7b24630d5ccb2ee335407081a87188c221489768fa2020513b2d593359456",
},
}
func TestHMAC(t *testing.T) {
for idx, tt := range hmacTests {
keySlice, _ := hex.DecodeString(tt.key)
dataBytes, _ := hex.DecodeString(tt.data)
expectedDigest, _ := hex.DecodeString(tt.digest)
keyBytes := &[32]byte{}
copy(keyBytes[:], keySlice)
macDigest := GenerateHMAC(dataBytes, keyBytes)
if !bytes.Equal(macDigest, expectedDigest) {
t.Errorf("test %d generated unexpected mac", idx)
}
}
}
func TestSign(t *testing.T) {
message := []byte("Hello, world!")
key, err := NewSigningKey()
if err != nil {
t.Error(err)
return
}
signature, err := Sign(message, key)
if err != nil {
t.Error(err)
return
}
if !Verify(message, signature, &key.PublicKey) {
t.Error("signature was not correct")
return
}
message[0] ^= 0xff
if Verify(message, signature, &key.PublicKey) {
t.Error("signature was good for altered message")
}
}
func TestSignWithP384(t *testing.T) {
message := []byte("Hello, world!")
key, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
if err != nil {
t.Error(err)
return
}
signature, err := Sign(message, key)
if err != nil {
t.Error(err)
return
}
if !Verify(message, signature, &key.PublicKey) {
t.Error("signature was not correct")
return
}
message[0] ^= 0xff
if Verify(message, signature, &key.PublicKey) {
t.Error("signature was good for altered message")
}
}

38
vendor/github.com/gtank/cryptopasta/tls_test.go generated vendored
View File

@@ -1,38 +0,0 @@
// cryptopasta - basic cryptography examples
//
// Written in 2016 by George Tankersley <george.tankersley@gmail.com>
//
// To the extent possible under law, the author(s) have dedicated all copyright
// and related and neighboring rights to this software to the public domain
// worldwide. This software is distributed without any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication along
// with this software. If not, see // <http://creativecommons.org/publicdomain/zero/1.0/>.
// Provides a recommended TLS configuration.
package cryptopasta
import (
"log"
"net/http"
)
func ExampleTLSServer() {
// Get recommended basic configuration
config := DefaultTLSConfig()
// Serve up some HTTP
http.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
rw.Write([]byte("Hello, world\n"))
})
server := &http.Server{
Addr: ":8080",
TLSConfig: config,
}
err := server.ListenAndServeTLS("cert.pem", "key.pem")
if err != nil {
log.Fatal(err)
}
}