diff --git a/go.mod b/go.mod index 0f293208b17..c3e1c8fa3f2 100644 --- a/go.mod +++ b/go.mod @@ -436,7 +436,7 @@ replace ( gopkg.in/inf.v0 => gopkg.in/inf.v0 v0.9.0 gopkg.in/mcuadros/go-syslog.v2 => gopkg.in/mcuadros/go-syslog.v2 v2.2.1 gopkg.in/natefinch/lumberjack.v2 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 gopkg.in/yaml.v1 => gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 diff --git a/go.sum b/go.sum index 80193a5bb3b..afa989127ea 100644 --- a/go.sum +++ b/go.sum @@ -456,8 +456,8 @@ gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/mcuadros/go-syslog.v2 v2.2.1/go.mod h1:l5LPIyOOyIdQquNg+oU6Z3524YwrcqEm0aKH+5zpt2U= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 h1:ELQJ5WuT+ydETLCpWvAuw8iGBQRGoJq+A3RAbbAcZUY= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= diff --git a/staging/src/k8s.io/apiextensions-apiserver/go.mod b/staging/src/k8s.io/apiextensions-apiserver/go.mod index 2045c207f60..61823bcfd83 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/go.mod +++ b/staging/src/k8s.io/apiextensions-apiserver/go.mod @@ -49,7 +49,6 @@ replace ( golang.org/x/sys => golang.org/x/sys v0.0.0-20190209173611-3b5209105503 golang.org/x/tools => golang.org/x/tools v0.0.0-20190313210603-aa82965741a9 gopkg.in/natefinch/lumberjack.v2 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.1 k8s.io/api => ../api k8s.io/apiextensions-apiserver => ../apiextensions-apiserver diff --git a/staging/src/k8s.io/apiextensions-apiserver/go.sum b/staging/src/k8s.io/apiextensions-apiserver/go.sum index 0c02bd3ecba..f020533c3b8 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/go.sum +++ b/staging/src/k8s.io/apiextensions-apiserver/go.sum @@ -238,7 +238,7 @@ gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= diff --git a/staging/src/k8s.io/apiserver/go.mod b/staging/src/k8s.io/apiserver/go.mod index b34a04fb060..8192f409513 100644 --- a/staging/src/k8s.io/apiserver/go.mod +++ b/staging/src/k8s.io/apiserver/go.mod @@ -78,7 +78,6 @@ replace ( golang.org/x/sys => golang.org/x/sys v0.0.0-20190209173611-3b5209105503 golang.org/x/tools => golang.org/x/tools v0.0.0-20190313210603-aa82965741a9 gopkg.in/natefinch/lumberjack.v2 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.1 k8s.io/api => ../api k8s.io/apimachinery => ../apimachinery diff --git a/staging/src/k8s.io/apiserver/go.sum b/staging/src/k8s.io/apiserver/go.sum index 987fa7844ec..2d397e768e0 100644 --- a/staging/src/k8s.io/apiserver/go.sum +++ b/staging/src/k8s.io/apiserver/go.sum @@ -182,8 +182,8 @@ gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 h1:ELQJ5WuT+ydETLCpWvAuw8iGBQRGoJq+A3RAbbAcZUY= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= diff --git a/staging/src/k8s.io/kube-aggregator/go.mod b/staging/src/k8s.io/kube-aggregator/go.mod index fc835184809..9a247a290dd 100644 --- a/staging/src/k8s.io/kube-aggregator/go.mod +++ b/staging/src/k8s.io/kube-aggregator/go.mod @@ -37,7 +37,6 @@ replace ( golang.org/x/sys => golang.org/x/sys v0.0.0-20190209173611-3b5209105503 golang.org/x/tools => golang.org/x/tools v0.0.0-20190313210603-aa82965741a9 gopkg.in/natefinch/lumberjack.v2 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.1 k8s.io/api => ../api k8s.io/apimachinery => ../apimachinery diff --git a/staging/src/k8s.io/kube-aggregator/go.sum b/staging/src/k8s.io/kube-aggregator/go.sum index d28067e9d67..c237b712f1b 100644 --- a/staging/src/k8s.io/kube-aggregator/go.sum +++ b/staging/src/k8s.io/kube-aggregator/go.sum @@ -215,7 +215,7 @@ gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= diff --git a/staging/src/k8s.io/sample-apiserver/go.mod b/staging/src/k8s.io/sample-apiserver/go.mod index 7d9257f1171..a3411c1fbe5 100644 --- a/staging/src/k8s.io/sample-apiserver/go.mod +++ b/staging/src/k8s.io/sample-apiserver/go.mod @@ -27,7 +27,6 @@ replace ( golang.org/x/sys => golang.org/x/sys v0.0.0-20190209173611-3b5209105503 golang.org/x/tools => golang.org/x/tools v0.0.0-20190313210603-aa82965741a9 gopkg.in/natefinch/lumberjack.v2 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.1 k8s.io/api => ../api k8s.io/apimachinery => ../apimachinery diff --git a/staging/src/k8s.io/sample-apiserver/go.sum b/staging/src/k8s.io/sample-apiserver/go.sum index daad7a10b31..c25b86461e3 100644 --- a/staging/src/k8s.io/sample-apiserver/go.sum +++ b/staging/src/k8s.io/sample-apiserver/go.sum @@ -212,7 +212,7 @@ gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8= gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= diff --git a/vendor/BUILD b/vendor/BUILD index 4d6c16c75a6..34cf03adce0 100644 --- a/vendor/BUILD +++ b/vendor/BUILD @@ -361,6 +361,7 @@ filegroup( "//vendor/golang.org/x/crypto/internal/subtle:all-srcs", "//vendor/golang.org/x/crypto/nacl/secretbox:all-srcs", "//vendor/golang.org/x/crypto/ocsp:all-srcs", + "//vendor/golang.org/x/crypto/pbkdf2:all-srcs", "//vendor/golang.org/x/crypto/pkcs12:all-srcs", "//vendor/golang.org/x/crypto/poly1305:all-srcs", "//vendor/golang.org/x/crypto/salsa20/salsa:all-srcs", diff --git a/vendor/golang.org/x/crypto/pbkdf2/BUILD b/vendor/golang.org/x/crypto/pbkdf2/BUILD new file mode 100644 index 00000000000..565fe0b251a --- /dev/null +++ b/vendor/golang.org/x/crypto/pbkdf2/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["pbkdf2.go"], + importmap = "k8s.io/kubernetes/vendor/golang.org/x/crypto/pbkdf2", + importpath = "golang.org/x/crypto/pbkdf2", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go new file mode 100644 index 00000000000..593f6530084 --- /dev/null +++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go @@ -0,0 +1,77 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC +2898 / PKCS #5 v2.0. + +A key derivation function is useful when encrypting data based on a password +or any other not-fully-random data. It uses a pseudorandom function to derive +a secure encryption key based on the password. + +While v2.0 of the standard defines only one pseudorandom function to use, +HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved +Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To +choose, you can pass the `New` functions from the different SHA packages to +pbkdf2.Key. +*/ +package pbkdf2 // import "golang.org/x/crypto/pbkdf2" + +import ( + "crypto/hmac" + "hash" +) + +// Key derives a key from the password, salt and iteration count, returning a +// []byte of length keylen that can be used as cryptographic key. The key is +// derived based on the method described as PBKDF2 with the HMAC variant using +// the supplied hash function. +// +// For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you +// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by +// doing: +// +// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New) +// +// Remember to get a good random salt. At least 8 bytes is recommended by the +// RFC. +// +// Using a higher iteration count will increase the cost of an exhaustive +// search but will also make derivation proportionally slower. +func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { + prf := hmac.New(h, password) + hashLen := prf.Size() + numBlocks := (keyLen + hashLen - 1) / hashLen + + var buf [4]byte + dk := make([]byte, 0, numBlocks*hashLen) + U := make([]byte, hashLen) + for block := 1; block <= numBlocks; block++ { + // N.B.: || means concatenation, ^ means XOR + // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter + // U_1 = PRF(password, salt || uint(i)) + prf.Reset() + prf.Write(salt) + buf[0] = byte(block >> 24) + buf[1] = byte(block >> 16) + buf[2] = byte(block >> 8) + buf[3] = byte(block) + prf.Write(buf[:4]) + dk = prf.Sum(dk) + T := dk[len(dk)-hashLen:] + copy(U, T) + + // U_n = PRF(password, U_(n-1)) + for n := 2; n <= iter; n++ { + prf.Reset() + prf.Write(U) + U = U[:0] + U = prf.Sum(U) + for x := range U { + T[x] ^= U[x] + } + } + } + return dk[:keyLen] +} diff --git a/vendor/gopkg.in/square/go-jose.v2/.travis.yml b/vendor/gopkg.in/square/go-jose.v2/.travis.yml index 50fb8dd3cfa..a84e99f7da0 100644 --- a/vendor/gopkg.in/square/go-jose.v2/.travis.yml +++ b/vendor/gopkg.in/square/go-jose.v2/.travis.yml @@ -14,7 +14,6 @@ go: - '1.8.x' - '1.9.x' - '1.10.x' -- tip go_import_path: gopkg.in/square/go-jose.v2 diff --git a/vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md b/vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md index 97e61dbb68b..3305db0f653 100644 --- a/vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md +++ b/vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md @@ -6,5 +6,5 @@ can make. We therefore encourage reporting security issues with the code contained in this repository. If you believe you have discovered a security vulnerability, please follow the -guidelines at . +guidelines at . diff --git a/vendor/gopkg.in/square/go-jose.v2/BUILD b/vendor/gopkg.in/square/go-jose.v2/BUILD index 24459ee8d72..c40ade04d8e 100644 --- a/vendor/gopkg.in/square/go-jose.v2/BUILD +++ b/vendor/gopkg.in/square/go-jose.v2/BUILD @@ -20,6 +20,7 @@ go_library( visibility = ["//visibility:public"], deps = [ "//vendor/golang.org/x/crypto/ed25519:go_default_library", + "//vendor/golang.org/x/crypto/pbkdf2:go_default_library", "//vendor/gopkg.in/square/go-jose.v2/cipher:go_default_library", "//vendor/gopkg.in/square/go-jose.v2/json:go_default_library", ], diff --git a/vendor/gopkg.in/square/go-jose.v2/README.md b/vendor/gopkg.in/square/go-jose.v2/README.md index d2e989e12d9..1791bfa8f67 100644 --- a/vendor/gopkg.in/square/go-jose.v2/README.md +++ b/vendor/gopkg.in/square/go-jose.v2/README.md @@ -3,8 +3,8 @@ [![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1) [![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v2) [![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://raw.githubusercontent.com/square/go-jose/master/LICENSE) -[![build](https://travis-ci.org/square/go-jose.svg?branch=master)](https://travis-ci.org/square/go-jose) -[![coverage](https://coveralls.io/repos/github/square/go-jose/badge.svg?branch=master)](https://coveralls.io/r/square/go-jose) +[![build](https://travis-ci.org/square/go-jose.svg?branch=v2)](https://travis-ci.org/square/go-jose) +[![coverage](https://coveralls.io/repos/github/square/go-jose/badge.svg?branch=v2)](https://coveralls.io/r/square/go-jose) Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, @@ -40,24 +40,17 @@ libraries in other languages. We use [gopkg.in](https://gopkg.in) for versioning. -[Version 1](https://gopkg.in/square/go-jose.v1) is the old stable version: - - import "gopkg.in/square/go-jose.v1" - -[Version 2](https://gopkg.in/square/go-jose.v2) is for new development: +[Version 2](https://gopkg.in/square/go-jose.v2) +([branch](https://github.com/square/go-jose/tree/v2), +[doc](https://godoc.org/gopkg.in/square/go-jose.v2)) is the current version: import "gopkg.in/square/go-jose.v2" -The interface for [go-jose.v1](https://gopkg.in/square/go-jose.v1) will remain -backwards compatible. No new feature development will take place on the `v1` branch, -however bug fixes and security fixes will be backported. - -The interface for [go-jose.v2](https://gopkg.in/square/go-jose.v2) is mostly -stable, but we suggest pinning to a particular revision for now as we still reserve -the right to make changes. New feature development happens on this branch. - -New in [go-jose.v2](https://gopkg.in/square/go-jose.v2) is a -[jwt](https://godoc.org/gopkg.in/square/go-jose.v2/jwt) sub-package +The old `v1` branch ([go-jose.v1](https://gopkg.in/square/go-jose.v1)) will +still receive backported bug fixes and security fixes, but otherwise +development is frozen. All new feature development takes place on the `v2` +branch. Version 2 also contains additional sub-packages such as the +[jwt](https://godoc.org/gopkg.in/square/go-jose.v2/jwt) implementation contributed by [@shaxbee](https://github.com/shaxbee). ### Supported algorithms @@ -84,7 +77,9 @@ standard where possible. The Godoc reference has a list of constants. RSASSA-PSS | PS256, PS384, PS512 HMAC | HS256, HS384, HS512 ECDSA | ES256, ES384, ES512 - Ed25519 | EdDSA + Ed25519 | EdDSA2 + +2. Only available in version 2 of the package Content encryption | Algorithm identifier(s) :------------------------- | :------------------------------ @@ -106,8 +101,11 @@ allows attaching a key id. :------------------------- | ------------------------------- RSA | *[rsa.PublicKey](http://golang.org/pkg/crypto/rsa/#PublicKey), *[rsa.PrivateKey](http://golang.org/pkg/crypto/rsa/#PrivateKey) ECDH, ECDSA | *[ecdsa.PublicKey](http://golang.org/pkg/crypto/ecdsa/#PublicKey), *[ecdsa.PrivateKey](http://golang.org/pkg/crypto/ecdsa/#PrivateKey) + EdDSA1 | [ed25519.PublicKey](https://godoc.org/golang.org/x/crypto/ed25519#PublicKey), [ed25519.PrivateKey](https://godoc.org/golang.org/x/crypto/ed25519#PrivateKey) AES, HMAC | []byte +1. Only available in version 2 of the package + ## Examples [![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1) diff --git a/vendor/gopkg.in/square/go-jose.v2/asymmetric.go b/vendor/gopkg.in/square/go-jose.v2/asymmetric.go index 5272648faa9..67935561bc5 100644 --- a/vendor/gopkg.in/square/go-jose.v2/asymmetric.go +++ b/vendor/gopkg.in/square/go-jose.v2/asymmetric.go @@ -195,11 +195,11 @@ func (ctx rsaEncrypterVerifier) encryptKey(cek []byte, alg KeyAlgorithm) (recipi func (ctx rsaEncrypterVerifier) encrypt(cek []byte, alg KeyAlgorithm) ([]byte, error) { switch alg { case RSA1_5: - return rsa.EncryptPKCS1v15(randReader, ctx.publicKey, cek) + return rsa.EncryptPKCS1v15(RandReader, ctx.publicKey, cek) case RSA_OAEP: - return rsa.EncryptOAEP(sha1.New(), randReader, ctx.publicKey, cek, []byte{}) + return rsa.EncryptOAEP(sha1.New(), RandReader, ctx.publicKey, cek, []byte{}) case RSA_OAEP_256: - return rsa.EncryptOAEP(sha256.New(), randReader, ctx.publicKey, cek, []byte{}) + return rsa.EncryptOAEP(sha256.New(), RandReader, ctx.publicKey, cek, []byte{}) } return nil, ErrUnsupportedAlgorithm @@ -285,9 +285,9 @@ func (ctx rsaDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm switch alg { case RS256, RS384, RS512: - out, err = rsa.SignPKCS1v15(randReader, ctx.privateKey, hash, hashed) + out, err = rsa.SignPKCS1v15(RandReader, ctx.privateKey, hash, hashed) case PS256, PS384, PS512: - out, err = rsa.SignPSS(randReader, ctx.privateKey, hash, hashed, &rsa.PSSOptions{ + out, err = rsa.SignPSS(RandReader, ctx.privateKey, hash, hashed, &rsa.PSSOptions{ SaltLength: rsa.PSSSaltLengthAuto, }) } @@ -388,7 +388,7 @@ func (ctx ecKeyGenerator) keySize() int { // Get a content encryption key for ECDH-ES func (ctx ecKeyGenerator) genKey() ([]byte, rawHeader, error) { - priv, err := ecdsa.GenerateKey(ctx.publicKey.Curve, randReader) + priv, err := ecdsa.GenerateKey(ctx.publicKey.Curve, RandReader) if err != nil { return nil, rawHeader{}, err } @@ -472,7 +472,7 @@ func (ctx edDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm) return Signature{}, ErrUnsupportedAlgorithm } - sig, err := ctx.privateKey.Sign(randReader, payload, crypto.Hash(0)) + sig, err := ctx.privateKey.Sign(RandReader, payload, crypto.Hash(0)) if err != nil { return Signature{}, err } @@ -522,7 +522,7 @@ func (ctx ecDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm) _, _ = hasher.Write(payload) hashed := hasher.Sum(nil) - r, s, err := ecdsa.Sign(randReader, ctx.privateKey, hashed) + r, s, err := ecdsa.Sign(RandReader, ctx.privateKey, hashed) if err != nil { return Signature{}, err } diff --git a/vendor/gopkg.in/square/go-jose.v2/crypter.go b/vendor/gopkg.in/square/go-jose.v2/crypter.go index 0681c81192d..c45c71206ba 100644 --- a/vendor/gopkg.in/square/go-jose.v2/crypter.go +++ b/vendor/gopkg.in/square/go-jose.v2/crypter.go @@ -104,10 +104,18 @@ func (eo *EncrypterOptions) WithType(typ ContentType) *EncrypterOptions { } // Recipient represents an algorithm/key to encrypt messages to. +// +// PBES2Count and PBES2Salt correspond with the "p2c" and "p2s" headers used +// on the password-based encryption algorithms PBES2-HS256+A128KW, +// PBES2-HS384+A192KW, and PBES2-HS512+A256KW. If they are not provided a safe +// default of 100000 will be used for the count and a 128-bit random salt will +// be generated. type Recipient struct { - Algorithm KeyAlgorithm - Key interface{} - KeyID string + Algorithm KeyAlgorithm + Key interface{} + KeyID string + PBES2Count int + PBES2Salt []byte } // NewEncrypter creates an appropriate encrypter based on the key type @@ -143,6 +151,9 @@ func NewEncrypter(enc ContentEncryption, rcpt Recipient, opts *EncrypterOptions) if reflect.TypeOf(rawKey) != reflect.TypeOf([]byte{}) { return nil, ErrUnsupportedKeyType } + if encrypter.cipher.keySize() != len(rawKey.([]byte)) { + return nil, ErrInvalidKeySize + } encrypter.keyGenerator = staticKeyGenerator{ key: rawKey.([]byte), } @@ -228,6 +239,14 @@ func (ctx *genericEncrypter) addRecipient(recipient Recipient) (err error) { recipientInfo.keyID = recipient.KeyID } + switch recipient.Algorithm { + case PBES2_HS256_A128KW, PBES2_HS384_A192KW, PBES2_HS512_A256KW: + if sr, ok := recipientInfo.keyEncrypter.(*symmetricKeyCipher); ok { + sr.p2c = recipient.PBES2Count + sr.p2s = recipient.PBES2Salt + } + } + if err == nil { ctx.recipients = append(ctx.recipients, recipientInfo) } @@ -242,6 +261,8 @@ func makeJWERecipient(alg KeyAlgorithm, encryptionKey interface{}) (recipientKey return newECDHRecipient(alg, encryptionKey) case []byte: return newSymmetricRecipient(alg, encryptionKey) + case string: + return newSymmetricRecipient(alg, []byte(encryptionKey)) case *JSONWebKey: recipient, err := makeJWERecipient(alg, encryptionKey.Key) recipient.keyID = encryptionKey.KeyID @@ -266,6 +287,10 @@ func newDecrypter(decryptionKey interface{}) (keyDecrypter, error) { return &symmetricKeyCipher{ key: decryptionKey, }, nil + case string: + return &symmetricKeyCipher{ + key: []byte(decryptionKey), + }, nil case JSONWebKey: return newDecrypter(decryptionKey.Key) case *JSONWebKey: diff --git a/vendor/gopkg.in/square/go-jose.v2/encoding.go b/vendor/gopkg.in/square/go-jose.v2/encoding.go index 9f37ef46509..b9687c647d7 100644 --- a/vendor/gopkg.in/square/go-jose.v2/encoding.go +++ b/vendor/gopkg.in/square/go-jose.v2/encoding.go @@ -21,10 +21,11 @@ import ( "compress/flate" "encoding/base64" "encoding/binary" - "encoding/json" "io" "math/big" "regexp" + + "gopkg.in/square/go-jose.v2/json" ) var stripWhitespaceRegex = regexp.MustCompile("\\s") diff --git a/vendor/gopkg.in/square/go-jose.v2/jwe.go b/vendor/gopkg.in/square/go-jose.v2/jwe.go index f2176cfb0b9..b5a6dcdf4db 100644 --- a/vendor/gopkg.in/square/go-jose.v2/jwe.go +++ b/vendor/gopkg.in/square/go-jose.v2/jwe.go @@ -18,9 +18,10 @@ package jose import ( "encoding/base64" - "encoding/json" "fmt" "strings" + + "gopkg.in/square/go-jose.v2/json" ) // rawJSONWebEncryption represents a raw JWE JSON object. Used for parsing/serializing. @@ -85,10 +86,12 @@ func (obj JSONWebEncryption) mergedHeaders(recipient *recipientInfo) rawHeader { func (obj JSONWebEncryption) computeAuthData() []byte { var protected string - if obj.original != nil { + if obj.original != nil && obj.original.Protected != nil { protected = obj.original.Protected.base64() - } else { + } else if obj.protected != nil { protected = base64.RawURLEncoding.EncodeToString(mustSerializeJSON((obj.protected))) + } else { + protected = "" } output := []byte(protected) diff --git a/vendor/gopkg.in/square/go-jose.v2/jwk.go b/vendor/gopkg.in/square/go-jose.v2/jwk.go index d89046a001a..fb585b11514 100644 --- a/vendor/gopkg.in/square/go-jose.v2/jwk.go +++ b/vendor/gopkg.in/square/go-jose.v2/jwk.go @@ -189,6 +189,10 @@ func ecThumbprintInput(curve elliptic.Curve, x, y *big.Int) (string, error) { return "", err } + if len(x.Bytes()) > coordLength || len(y.Bytes()) > coordLength { + return "", errors.New("square/go-jose: invalid elliptic key (too large)") + } + return fmt.Sprintf(ecThumbprintTemplate, crv, newFixedSizeBuffer(x.Bytes(), coordLength).base64(), newFixedSizeBuffer(y.Bytes(), coordLength).base64()), nil @@ -202,6 +206,9 @@ func rsaThumbprintInput(n *big.Int, e int) (string, error) { func edThumbprintInput(ed ed25519.PublicKey) (string, error) { crv := "Ed25519" + if len(ed) > 32 { + return "", errors.New("square/go-jose: invalid elliptic key (too large)") + } return fmt.Sprintf(edThumbprintTemplate, crv, newFixedSizeBuffer(ed, 32).base64()), nil } @@ -346,6 +353,17 @@ func (key rawJSONWebKey) ecPublicKey() (*ecdsa.PublicKey, error) { return nil, errors.New("square/go-jose: invalid EC key, missing x/y values") } + // The length of this octet string MUST be the full size of a coordinate for + // the curve specified in the "crv" parameter. + // https://tools.ietf.org/html/rfc7518#section-6.2.1.2 + if curveSize(curve) != len(key.X.data) { + return nil, fmt.Errorf("square/go-jose: invalid EC private key, wrong length for x") + } + + if curveSize(curve) != len(key.Y.data) { + return nil, fmt.Errorf("square/go-jose: invalid EC private key, wrong length for y") + } + x := key.X.bigInt() y := key.Y.bigInt() @@ -482,6 +500,16 @@ func fromRsaPrivateKey(rsa *rsa.PrivateKey) (*rawJSONWebKey, error) { raw.P = newBuffer(rsa.Primes[0].Bytes()) raw.Q = newBuffer(rsa.Primes[1].Bytes()) + if rsa.Precomputed.Dp != nil { + raw.Dp = newBuffer(rsa.Precomputed.Dp.Bytes()) + } + if rsa.Precomputed.Dq != nil { + raw.Dq = newBuffer(rsa.Precomputed.Dq.Bytes()) + } + if rsa.Precomputed.Qinv != nil { + raw.Qi = newBuffer(rsa.Precomputed.Qinv.Bytes()) + } + return raw, nil } @@ -502,6 +530,22 @@ func (key rawJSONWebKey) ecPrivateKey() (*ecdsa.PrivateKey, error) { return nil, fmt.Errorf("square/go-jose: invalid EC private key, missing x/y/d values") } + // The length of this octet string MUST be the full size of a coordinate for + // the curve specified in the "crv" parameter. + // https://tools.ietf.org/html/rfc7518#section-6.2.1.2 + if curveSize(curve) != len(key.X.data) { + return nil, fmt.Errorf("square/go-jose: invalid EC private key, wrong length for x") + } + + if curveSize(curve) != len(key.Y.data) { + return nil, fmt.Errorf("square/go-jose: invalid EC private key, wrong length for y") + } + + // https://tools.ietf.org/html/rfc7518#section-6.2.2.1 + if dSize(curve) != len(key.D.data) { + return nil, fmt.Errorf("square/go-jose: invalid EC private key, wrong length for d") + } + x := key.X.bigInt() y := key.Y.bigInt() @@ -529,11 +573,26 @@ func fromEcPrivateKey(ec *ecdsa.PrivateKey) (*rawJSONWebKey, error) { return nil, fmt.Errorf("square/go-jose: invalid EC private key") } - raw.D = newBuffer(ec.D.Bytes()) + raw.D = newFixedSizeBuffer(ec.D.Bytes(), dSize(ec.PublicKey.Curve)) return raw, nil } +// dSize returns the size in octets for the "d" member of an elliptic curve +// private key. +// The length of this octet string MUST be ceiling(log-base-2(n)/8) +// octets (where n is the order of the curve). +// https://tools.ietf.org/html/rfc7518#section-6.2.2.1 +func dSize(curve elliptic.Curve) int { + order := curve.Params().P + bitLen := order.BitLen() + size := bitLen / 8 + if bitLen%8 != 0 { + size = size + 1 + } + return size +} + func fromSymmetricKey(key []byte) (*rawJSONWebKey, error) { return &rawJSONWebKey{ Kty: "oct", diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go b/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go index 60de940020b..31274b00603 100644 --- a/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go +++ b/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go @@ -18,9 +18,10 @@ package jwt import ( - "encoding/json" "strconv" "time" + + "gopkg.in/square/go-jose.v2/json" ) // Claims represents public claim values (as specified in RFC 7519). diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go index 2155b2d274d..4ce9779a707 100644 --- a/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go +++ b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go @@ -18,6 +18,7 @@ package jwt import ( + "fmt" "gopkg.in/square/go-jose.v2" "gopkg.in/square/go-jose.v2/json" "strings" @@ -25,8 +26,9 @@ import ( // JSONWebToken represents a JSON Web Token (as specified in RFC7519). type JSONWebToken struct { - payload func(k interface{}) ([]byte, error) - Headers []jose.Header + payload func(k interface{}) ([]byte, error) + unverifiedPayload func() []byte + Headers []jose.Header } type NestedJSONWebToken struct { @@ -50,6 +52,22 @@ func (t *JSONWebToken) Claims(key interface{}, dest ...interface{}) error { return nil } +// UnsafeClaimsWithoutVerification deserializes the claims of a +// JSONWebToken into the dests. For signed JWTs, the claims are not +// verified. This function won't work for encrypted JWTs. +func (t *JSONWebToken) UnsafeClaimsWithoutVerification(dest ...interface{}) error { + if t.unverifiedPayload == nil { + return fmt.Errorf("square/go-jose: Cannot get unverified claims") + } + claims := t.unverifiedPayload() + for _, d := range dest { + if err := json.Unmarshal(claims, d); err != nil { + return err + } + } + return nil +} + func (t *NestedJSONWebToken) Decrypt(decryptionKey interface{}) (*JSONWebToken, error) { b, err := t.enc.Decrypt(decryptionKey) if err != nil { @@ -76,8 +94,9 @@ func ParseSigned(s string) (*JSONWebToken, error) { } return &JSONWebToken{ - payload: sig.Verify, - Headers: headers, + payload: sig.Verify, + unverifiedPayload: sig.UnsafePayloadWithoutVerification, + Headers: headers, }, nil } diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go b/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go index fdcee371b1d..d638811d3d5 100644 --- a/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go +++ b/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go @@ -35,7 +35,7 @@ type Expected struct { Audience Audience // ID matches the "jti" claim exactly. ID string - // Time matches the "exp" and "ebf" claims with leeway. + // Time matches the "exp" and "nbf" claims with leeway. Time time.Time } @@ -47,6 +47,14 @@ func (e Expected) WithTime(t time.Time) Expected { // Validate checks claims in a token against expected values. // A default leeway value of one minute is used to compare time values. +// +// The default leeway will cause the token to be deemed valid until one +// minute after the expiration time. If you're a server application that +// wants to give an extra minute to client tokens, use this +// function. If you're a client application wondering if the server +// will accept your token, use ValidateWithLeeway with a leeway <=0, +// otherwise this function might make you think a token is valid when +// it is not. func (c Claims) Validate(e Expected) error { return c.ValidateWithLeeway(e, DefaultLeeway) } @@ -56,6 +64,15 @@ func (c Claims) Validate(e Expected) error { // zero value to check time values with no leeway, but you should not that // numeric date values are rounded to the nearest second and sub-second // precision is not supported. +// +// The leeway gives some extra time to the token from the server's +// point of view. That is, if the token is expired, ValidateWithLeeway +// will still accept the token for 'leeway' amount of time. This fails +// if you're using this function to check if a server will accept your +// token, because it will think the token is valid even after it +// expires. So if you're a client validating if the token is valid to +// be submitted to a server, use leeway <=0, if you're a server +// validation a token, use leeway >=0. func (c Claims) ValidateWithLeeway(e Expected, leeway time.Duration) error { if e.Issuer != "" && e.Issuer != c.Issuer { return ErrInvalidIssuer diff --git a/vendor/gopkg.in/square/go-jose.v2/shared.go b/vendor/gopkg.in/square/go-jose.v2/shared.go index e6ab91da10b..b0a6255ecaa 100644 --- a/vendor/gopkg.in/square/go-jose.v2/shared.go +++ b/vendor/gopkg.in/square/go-jose.v2/shared.go @@ -58,6 +58,11 @@ var ( // an RSA private key with more than two primes. ErrUnsupportedKeyType = errors.New("square/go-jose: unsupported key type/format") + // ErrInvalidKeySize indicates that the given key is not the correct size + // for the selected algorithm. This can occur, for example, when trying to + // encrypt with AES-256 but passing only a 128-bit key as input. + ErrInvalidKeySize = errors.New("square/go-jose: invalid key size for algorithm") + // ErrNotSupported serialization of object is not supported. This occurs when // trying to compact-serialize an object which can't be represented in // compact form. @@ -148,6 +153,10 @@ const ( headerJWK = "jwk" // *JSONWebKey headerKeyID = "kid" // string headerNonce = "nonce" // string + + headerP2C = "p2c" // *byteBuffer (int) + headerP2S = "p2s" // *byteBuffer ([]byte) + ) // rawHeader represents the JOSE header for JWE/JWS objects (used for parsing). @@ -206,7 +215,7 @@ func (parsed rawHeader) set(k HeaderKey, v interface{}) error { // getString gets a string from the raw JSON, defaulting to "". func (parsed rawHeader) getString(k HeaderKey) string { v, ok := parsed[k] - if !ok { + if !ok || v == nil { return "" } var s string @@ -320,6 +329,26 @@ func (parsed rawHeader) getCritical() ([]string, error) { return q, nil } +// getS2C extracts parsed "p2c" from the raw JSON. +func (parsed rawHeader) getP2C() (int, error) { + v := parsed[headerP2C] + if v == nil { + return 0, nil + } + + var p2c int + err := json.Unmarshal(*v, &p2c) + if err != nil { + return 0, err + } + return p2c, nil +} + +// getS2S extracts parsed "p2s" from the raw JSON. +func (parsed rawHeader) getP2S() (*byteBuffer, error) { + return parsed.getByteBuffer(headerP2S) +} + // sanitized produces a cleaned-up header object from the raw JSON. func (parsed rawHeader) sanitized() (h Header, err error) { for k, v := range parsed { diff --git a/vendor/gopkg.in/square/go-jose.v2/signing.go b/vendor/gopkg.in/square/go-jose.v2/signing.go index 1acc6356fa4..be6cf04815b 100644 --- a/vendor/gopkg.in/square/go-jose.v2/signing.go +++ b/vendor/gopkg.in/square/go-jose.v2/signing.go @@ -297,6 +297,13 @@ func (obj JSONWebSignature) Verify(verificationKey interface{}) ([]byte, error) return obj.payload, nil } +// UnsafePayloadWithoutVerification returns the payload without +// verifying it. The content returned from this function cannot be +// trusted. +func (obj JSONWebSignature) UnsafePayloadWithoutVerification() []byte { + return obj.payload +} + // DetachedVerify validates a detached signature on the given payload. In // most cases, you will probably want to use Verify instead. DetachedVerify // is only useful if you have a payload and signature that are separated from diff --git a/vendor/gopkg.in/square/go-jose.v2/symmetric.go b/vendor/gopkg.in/square/go-jose.v2/symmetric.go index 5be00f925a9..264a0fe37ca 100644 --- a/vendor/gopkg.in/square/go-jose.v2/symmetric.go +++ b/vendor/gopkg.in/square/go-jose.v2/symmetric.go @@ -17,6 +17,7 @@ package jose import ( + "bytes" "crypto/aes" "crypto/cipher" "crypto/hmac" @@ -29,15 +30,30 @@ import ( "hash" "io" + "golang.org/x/crypto/pbkdf2" "gopkg.in/square/go-jose.v2/cipher" ) // Random reader (stubbed out in tests) -var randReader = rand.Reader +var RandReader = rand.Reader + +const ( + // RFC7518 recommends a minimum of 1,000 iterations: + // https://tools.ietf.org/html/rfc7518#section-4.8.1.2 + // NIST recommends a minimum of 10,000: + // https://pages.nist.gov/800-63-3/sp800-63b.html + // 1Password uses 100,000: + // https://support.1password.com/pbkdf2/ + defaultP2C = 100000 + // Default salt size: 128 bits + defaultP2SSize = 16 +) // Dummy key cipher for shared symmetric key mode type symmetricKeyCipher struct { key []byte // Pre-shared content-encryption key + p2c int // PBES2 Count + p2s []byte // PBES2 Salt Input } // Signer/verifier for MAC modes @@ -87,7 +103,7 @@ func newAESGCM(keySize int) contentCipher { func newAESCBC(keySize int) contentCipher { return &aeadContentCipher{ keyBytes: keySize * 2, - authtagBytes: 16, + authtagBytes: keySize, getAead: func(key []byte) (cipher.AEAD, error) { return josecipher.NewCBCHMAC(key, aes.NewCipher) }, @@ -114,10 +130,37 @@ func getContentCipher(alg ContentEncryption) contentCipher { } } +// getPbkdf2Params returns the key length and hash function used in +// pbkdf2.Key. +func getPbkdf2Params(alg KeyAlgorithm) (int, func() hash.Hash) { + switch alg { + case PBES2_HS256_A128KW: + return 16, sha256.New + case PBES2_HS384_A192KW: + return 24, sha512.New384 + case PBES2_HS512_A256KW: + return 32, sha512.New + default: + panic("invalid algorithm") + } +} + +// getRandomSalt generates a new salt of the given size. +func getRandomSalt(size int) ([]byte, error) { + salt := make([]byte, size) + _, err := io.ReadFull(RandReader, salt) + if err != nil { + return nil, err + } + + return salt, nil +} + // newSymmetricRecipient creates a JWE encrypter based on AES-GCM key wrap. func newSymmetricRecipient(keyAlg KeyAlgorithm, key []byte) (recipientKeyInfo, error) { switch keyAlg { case DIRECT, A128GCMKW, A192GCMKW, A256GCMKW, A128KW, A192KW, A256KW: + case PBES2_HS256_A128KW, PBES2_HS384_A192KW, PBES2_HS512_A256KW: default: return recipientKeyInfo{}, ErrUnsupportedAlgorithm } @@ -150,7 +193,7 @@ func newSymmetricSigner(sigAlg SignatureAlgorithm, key []byte) (recipientSigInfo // Generate a random key for the given content cipher func (ctx randomKeyGenerator) genKey() ([]byte, rawHeader, error) { key := make([]byte, ctx.size) - _, err := io.ReadFull(randReader, key) + _, err := io.ReadFull(RandReader, key) if err != nil { return nil, rawHeader{}, err } @@ -190,7 +233,7 @@ func (ctx aeadContentCipher) encrypt(key, aad, pt []byte) (*aeadParts, error) { // Initialize a new nonce iv := make([]byte, aead.NonceSize()) - _, err = io.ReadFull(randReader, iv) + _, err = io.ReadFull(RandReader, iv) if err != nil { return nil, err } @@ -212,6 +255,10 @@ func (ctx aeadContentCipher) decrypt(key, aad []byte, parts *aeadParts) ([]byte, return nil, err } + if len(parts.iv) != aead.NonceSize() || len(parts.tag) < ctx.authtagBytes { + return nil, ErrCryptoFailure + } + return aead.Open(nil, parts.iv, append(parts.ciphertext, parts.tag...), aad) } @@ -253,6 +300,45 @@ func (ctx *symmetricKeyCipher) encryptKey(cek []byte, alg KeyAlgorithm) (recipie encryptedKey: jek, header: &rawHeader{}, }, nil + case PBES2_HS256_A128KW, PBES2_HS384_A192KW, PBES2_HS512_A256KW: + if len(ctx.p2s) == 0 { + salt, err := getRandomSalt(defaultP2SSize) + if err != nil { + return recipientInfo{}, err + } + ctx.p2s = salt + } + + if ctx.p2c <= 0 { + ctx.p2c = defaultP2C + } + + // salt is UTF8(Alg) || 0x00 || Salt Input + salt := bytes.Join([][]byte{[]byte(alg), ctx.p2s}, []byte{0x00}) + + // derive key + keyLen, h := getPbkdf2Params(alg) + key := pbkdf2.Key(ctx.key, salt, ctx.p2c, keyLen, h) + + // use AES cipher with derived key + block, err := aes.NewCipher(key) + if err != nil { + return recipientInfo{}, err + } + + jek, err := josecipher.KeyWrap(block, cek) + if err != nil { + return recipientInfo{}, err + } + + header := &rawHeader{} + header.set(headerP2C, ctx.p2c) + header.set(headerP2S, newBuffer(ctx.p2s)) + + return recipientInfo{ + encryptedKey: jek, + header: header, + }, nil } return recipientInfo{}, ErrUnsupportedAlgorithm @@ -295,6 +381,42 @@ func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipien return nil, err } + cek, err := josecipher.KeyUnwrap(block, recipient.encryptedKey) + if err != nil { + return nil, err + } + return cek, nil + case PBES2_HS256_A128KW, PBES2_HS384_A192KW, PBES2_HS512_A256KW: + p2s, err := headers.getP2S() + if err != nil { + return nil, fmt.Errorf("square/go-jose: invalid P2S: %v", err) + } + if p2s == nil || len(p2s.data) == 0 { + return nil, fmt.Errorf("square/go-jose: invalid P2S: must be present") + } + + p2c, err := headers.getP2C() + if err != nil { + return nil, fmt.Errorf("square/go-jose: invalid P2C: %v", err) + } + if p2c <= 0 { + return nil, fmt.Errorf("square/go-jose: invalid P2C: must be a positive integer") + } + + // salt is UTF8(Alg) || 0x00 || Salt Input + alg := headers.getAlgorithm() + salt := bytes.Join([][]byte{[]byte(alg), p2s.bytes()}, []byte{0x00}) + + // derive key + keyLen, h := getPbkdf2Params(alg) + key := pbkdf2.Key(ctx.key, salt, p2c, keyLen, h) + + // use AES cipher with derived key + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + cek, err := josecipher.KeyUnwrap(block, recipient.encryptedKey) if err != nil { return nil, err diff --git a/vendor/modules.txt b/vendor/modules.txt index 47c7e3f37bc..ecfb92b7726 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -828,6 +828,7 @@ golang.org/x/crypto/internal/chacha20 golang.org/x/crypto/internal/subtle golang.org/x/crypto/nacl/secretbox golang.org/x/crypto/ocsp +golang.org/x/crypto/pbkdf2 golang.org/x/crypto/pkcs12 golang.org/x/crypto/pkcs12/internal/rc2 golang.org/x/crypto/poly1305 @@ -1001,7 +1002,7 @@ gopkg.in/gcfg.v1/types gopkg.in/inf.v0 # gopkg.in/natefinch/lumberjack.v2 v2.0.0 => gopkg.in/natefinch/lumberjack.v2 v2.0.0-20150622162204-20b71e5b60d7 gopkg.in/natefinch/lumberjack.v2 -# gopkg.in/square/go-jose.v2 v2.2.2 => gopkg.in/square/go-jose.v2 v2.0.0-20180411045311-89060dee6a84 +# gopkg.in/square/go-jose.v2 v2.2.2 => gopkg.in/square/go-jose.v2 v2.2.2 gopkg.in/square/go-jose.v2 gopkg.in/square/go-jose.v2/cipher gopkg.in/square/go-jose.v2/json