updated vendor files and paths

2025-10-22 02:19:25 +00:00 · 2015-09-29 18:21:17 -07:00
parent 155576fb03
commit dfea14c7e5
719 changed files with 128749 additions and 34774 deletions
--- a/shared/crypto/crypto.go
+++ b/shared/crypto/crypto.go
@@ -0,0 +1,118 @@
+package crypto
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"io"
+
+	"code.google.com/p/go.crypto/ssh"
+	"github.com/square/go-jose"
+)
+
+const (
+	RSA_BITS     = 2048 // Default number of bits in an RSA key
+	RSA_BITS_MIN = 768  // Minimum number of bits in an RSA key
+)
+
+// standard characters allowed in token string.
+var chars = []byte("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
+
+// default token length
+var length = 32
+
+// Rand generates a 32-bit random string.
+func Rand() string {
+	b := make([]byte, length)
+	r := make([]byte, length+(length/4)) // storage for random bytes.
+	clen := byte(len(chars))
+	maxrb := byte(256 - (256 % len(chars)))
+	i := 0
+	for {
+		io.ReadFull(rand.Reader, r)
+		for _, c := range r {
+			if c >= maxrb {
+				// Skip this number to avoid modulo bias.
+				continue
+			}
+			b[i] = chars[c%clen]
+			i++
+			if i == length {
+				return string(b)
+			}
+		}
+	}
+}
+
+// helper function to generate an RSA Private Key.
+func GeneratePrivateKey() (*rsa.PrivateKey, error) {
+	return rsa.GenerateKey(rand.Reader, RSA_BITS)
+}
+
+// helper function that marshalls an RSA Public Key to an SSH
+// .authorized_keys format
+func MarshalPublicKey(public *rsa.PublicKey) []byte {
+	private, err := ssh.NewPublicKey(public)
+	if err != nil {
+		return []byte{}
+	}
+
+	return ssh.MarshalAuthorizedKey(private)
+}
+
+// helper function that marshalls an RSA Private Key to
+// a PEM encoded file.
+func MarshalPrivateKey(private *rsa.PrivateKey) []byte {
+	marshaled := x509.MarshalPKCS1PrivateKey(private)
+	encoded := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Headers: nil, Bytes: marshaled})
+	return encoded
+}
+
+// UnmarshalPrivateKey is a helper function that unmarshals a PEM
+// bytes to an RSA Private Key
+func UnmarshalPrivateKey(private []byte) *rsa.PrivateKey {
+	decoded, _ := pem.Decode(private)
+	parsed, err := x509.ParsePKCS1PrivateKey(decoded.Bytes)
+	if err != nil {
+		return nil
+	}
+	return parsed
+}
+
+// Encrypt encrypts a secret string.
+func Encrypt(in, privKey string) (string, error) {
+	rsaPrivKey, err := decodePrivateKey(privKey)
+	if err != nil {
+		return "", err
+	}
+
+	return encrypt(in, &rsaPrivKey.PublicKey)
+}
+
+// decodePrivateKey is a helper function that unmarshals a PEM
+// bytes to an RSA Private Key
+func decodePrivateKey(privateKey string) (*rsa.PrivateKey, error) {
+	derBlock, _ := pem.Decode([]byte(privateKey))
+	return x509.ParsePKCS1PrivateKey(derBlock.Bytes)
+}
+
+// encrypt encrypts a plaintext variable using JOSE with
+// RSA_OAEP and A128GCM algorithms.
+func encrypt(text string, pubKey *rsa.PublicKey) (string, error) {
+	var encrypted string
+	var plaintext = []byte(text)
+
+	// Creates a new encrypter using defaults
+	encrypter, err := jose.NewEncrypter(jose.RSA_OAEP, jose.A128GCM, pubKey)
+	if err != nil {
+		return encrypted, err
+	}
+	// Encrypts the plaintext value and serializes
+	// as a JOSE string.
+	object, err := encrypter.Encrypt(plaintext)
+	if err != nil {
+		return encrypted, err
+	}
+	return object.CompactSerialize()
+}
--- a/shared/crypto/crypto_test.go
+++ b/shared/crypto/crypto_test.go
@@ -0,0 +1,68 @@
+package crypto
+
+import (
+	"testing"
+
+	"github.com/franela/goblin"
+	"github.com/square/go-jose"
+)
+
+func TestKeys(t *testing.T) {
+
+	g := goblin.Goblin(t)
+	g.Describe("Generate Key", func() {
+
+		g.It("Generates a private key", func() {
+			_, err := GeneratePrivateKey()
+			g.Assert(err == nil).IsTrue()
+		})
+	})
+}
+
+func Test_Encrypt(t *testing.T) {
+
+	g := goblin.Goblin(t)
+	g.Describe("Secure", func() {
+
+		g.It("Should encrypt a string", func() {
+			ciphertext, err := Encrypt("top_secret", fakePriv)
+			g.Assert(err == nil).IsTrue()
+
+			object, _ := jose.ParseEncrypted(ciphertext)
+			privKey, _ := decodePrivateKey(fakePriv)
+			plaintext, _ := object.Decrypt(privKey)
+			g.Assert(string(plaintext)).Equal("top_secret")
+		})
+
+	})
+}
+
+var fakePriv = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA71FaA+otDak2rXF/4h69Tz+OxS6NOWaOc/n7dinHXnlo3Toy
+ZzvwweJGQKIOfPNBMncz+8h6oLOByFvb95Z1UEM0d+KCFCCutOeN9NNMw4fkUtSZ
+7sm6T35wQUkDOiO1YAGy27hQfT7iryhPwA8KmgZmt7toNNf+WymPR8DMwAAYeqHA
+5DIEWWsg+RLohOJ0itIk9q6Us9WYhng0sZ9+U+C87FospjKRMyAinSvKx0Uan4ap
+YGbLjDQHimWtimfT4XWCGTO1cWno378Vm/newUN6WVaeZ2CSHcWgD2fWcjFixX2A
+SvcvfuCo7yZPUPWeiYKrc5d1CC3ncocu43LhSQIDAQABAoIBAQDIbYKM+sfmxAwF
+8KOg1gvIXjuNCrK+GxU9LmSajtzpU5cuiHoEGaBGUOJzaQXnQbcds9W2ji2dfxk3
+my87SShRIyfDK9GzV7fZzIAIRhrpO1tOv713zj0aLJOJKcPpIlTZ5jJMcC4A5vTk
+q0c3W6GOY8QNJohckXT2FnVoK6GPPiaZnavkwH33cJk0j1vMsbADdKF7Jdfq9FBF
+Lx+Za7wo79MQIr68KEqsqMpmrawIf1T3TqOCNbkPCL2tu5EfoyGIItrH33SBOV/B
+HbIfe4nJYZMWXhe3kZ/xCFqiRx6/wlc5pGCwCicgHJJe/l8Y9OticDCCyJDQtD8I
+6927/j2NAoGBAPNRRY8r5ES5f8ftEktcLwh2zw08PNkcolTeqsEMbWAQspV/v+Ay
+4niEXIN3ix2yTnMgrtxRGO7zdPnMaTN8E88FsSDKQ97lm7m3jo7lZtDMz16UxGmd
+AOOuXwUtpngz7OrQ25NXhvFYLTgLoPsv3PbFbF1pwbhZqPTttTdg5so3AoGBAPvK
+ta/n7DMZd/HptrkdkxxHaGN19ZjBVIqyeORhIDznEYjv9Z90JvzRxCmUriD4fyJC
+/XSTytORa34UgmOk1XFtxWusXhnYqCTIHG/MKCy9D4ifzFzii9y/M+EnQIMb658l
+edLyrGFla+t5NS1XAqDYjfqpUFbMvU1kVoDJ/B/AoGBANBQe3o5PMSuAD19tdT5
+Rnc7qMcPFJVZE44P2SdQaW/+u7aM2gyr5AMEZ2RS+7LgDpQ4nhyX/f3OSA75t/PR
+PfBXUi/dm8AA2pNlGNM0ihMn1j6GpaY6OiG0DzwSulxdMHBVgjgijrCgKo66Pgfw
+EYDgw4cyXR1k/ec8gJK6Dr1/AoGBANvmSY77Kdnm4E4yIxbAsX39DznuBzQFhGQt
+Qk+SU6lc1H+Xshg0ROh/+qWl5/17iOzPPLPXb0getJZEKywDBTYu/D/xJa3E/fRB
+oDQzRNLtuudDSCPG5wc/JXv53+mhNMKlU/+gvcEUPYpUgIkUavHzlI/pKbJOh86H
+ng3Su8rZAn9w/zkoJu+n7sHta/Hp6zPTbvjZ1EijZp0+RygBgiv9UjDZ6D9EGcjR
+ZiFwuc8I0g7+GRkgG2NbfqX5Cewb/nbJQpHPO31bqJrcLzU0KurYAwQVx6WGW0He
+ERIlTeOMxVo6M0OpI+rH5bOLdLLEVhNtM/4HUFi1Qy6CCMbN2t3H
+-----END RSA PRIVATE KEY-----
+`
--- a/shared/crypto/sshutil/sshutil.go
+++ b/shared/crypto/sshutil/sshutil.go
@@ -1,72 +0,0 @@
-package sshutil
-
-import (
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/x509"
-	"encoding/base64"
-	"encoding/pem"
-	"hash"
-
-	"github.com/drone/drone/Godeps/_workspace/src/code.google.com/p/go.crypto/ssh"
-)
-
-const (
-	RSA_BITS     = 2048 // Default number of bits in an RSA key
-	RSA_BITS_MIN = 768  // Minimum number of bits in an RSA key
-)
-
-// helper function to generate an RSA Private Key.
-func GeneratePrivateKey() (*rsa.PrivateKey, error) {
-	return rsa.GenerateKey(rand.Reader, RSA_BITS)
-}
-
-// helper function that marshalls an RSA Public Key to an SSH
-// .authorized_keys format
-func MarshalPublicKey(pubkey *rsa.PublicKey) []byte {
-	pk, err := ssh.NewPublicKey(pubkey)
-	if err != nil {
-		return []byte{}
-	}
-
-	return ssh.MarshalAuthorizedKey(pk)
-}
-
-// helper function that marshalls an RSA Private Key to
-// a PEM encoded file.
-func MarshalPrivateKey(privkey *rsa.PrivateKey) []byte {
-	privateKeyMarshaled := x509.MarshalPKCS1PrivateKey(privkey)
-	privateKeyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Headers: nil, Bytes: privateKeyMarshaled})
-	return privateKeyPEM
-}
-
-// UnMarshalPrivateKey is a helper function that unmarshals a PEM
-// bytes to an RSA Private Key
-func UnMarshalPrivateKey(privateKeyPEM []byte) *rsa.PrivateKey {
-	derBlock, _ := pem.Decode(privateKeyPEM)
-	privateKey, err := x509.ParsePKCS1PrivateKey(derBlock.Bytes)
-
-	if err != nil {
-		return nil
-	}
-	return privateKey
-}
-
-// Encrypt is helper function to encrypt a plain-text string using
-// an RSA public key.
-func Encrypt(hash hash.Hash, pubkey *rsa.PublicKey, msg string) (string, error) {
-	src, err := rsa.EncryptOAEP(hash, rand.Reader, pubkey, []byte(msg), nil)
-	return base64.RawURLEncoding.EncodeToString(src), err
-}
-
-// Decrypt is helper function to encrypt a plain-text string using
-// an RSA public key.
-func Decrypt(hash hash.Hash, privkey *rsa.PrivateKey, secret string) (string, error) {
-	decoded, err := base64.RawURLEncoding.DecodeString(secret)
-	if err != nil {
-		return "", err
-	}
-
-	out, err := rsa.DecryptOAEP(hash, rand.Reader, privkey, decoded, nil)
-	return string(out), err
-}
--- a/shared/crypto/sshutil/sshutil_test.go
+++ b/shared/crypto/sshutil/sshutil_test.go
@@ -1,40 +0,0 @@
-package sshutil
-
-import (
-	"crypto/sha256"
-	"testing"
-
-	"github.com/drone/drone/Godeps/_workspace/src/github.com/franela/goblin"
-)
-
-func TestSSHUtil(t *testing.T) {
-
-	g := goblin.Goblin(t)
-	g.Describe("sshutil", func() {
-		var encrypted, testMsg string
-
-		privkey, err := GeneratePrivateKey()
-		g.Assert(err == nil).IsTrue()
-		pubkey := privkey.PublicKey
-		sha256 := sha256.New()
-		testMsg = "foo=bar"
-
-		g.Before(func() {
-			encrypted, err = Encrypt(sha256, &pubkey, testMsg)
-			g.Assert(err == nil).IsTrue()
-		})
-
-		g.It("Can decrypt encrypted msg", func() {
-			decrypted, err := Decrypt(sha256, privkey, encrypted)
-			g.Assert(err == nil).IsTrue()
-			g.Assert(decrypted == testMsg).IsTrue()
-		})
-
-		g.It("Unmarshals private key from PEM block", func() {
-			privateKeyPEM := MarshalPrivateKey(privkey)
-			privateKey := UnMarshalPrivateKey(privateKeyPEM)
-
-			g.Assert(privateKey.PublicKey.E == pubkey.E).IsTrue()
-		})
-	})
-}