diff options
Diffstat (limited to 'vendor/github.com/Shopify/ejson')
18 files changed, 0 insertions, 1164 deletions
diff --git a/vendor/github.com/Shopify/ejson/.gitignore b/vendor/github.com/Shopify/ejson/.gitignore deleted file mode 100644 index 85436574..00000000 --- a/vendor/github.com/Shopify/ejson/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -/ejson -/tags -/build/ -/pkg/ -/rubygem/pkg/ -/rubygem/build/ -/rubygem/man/ -/rubygem/LICENSE.txt -/rubygem/lib/ejson/version.rb -.bundle diff --git a/vendor/github.com/Shopify/ejson/.travis.yml b/vendor/github.com/Shopify/ejson/.travis.yml deleted file mode 100644 index 186cd237..00000000 --- a/vendor/github.com/Shopify/ejson/.travis.yml +++ /dev/null @@ -1,11 +0,0 @@ -language: go - -go: - - 1.10.x - - 1.11.x - -script: - - go test -race -coverprofile=coverage.txt -covermode=atomic - -after_success: - - bash <(curl -s https://codecov.io/bash) diff --git a/vendor/github.com/Shopify/ejson/CHANGELOG.md b/vendor/github.com/Shopify/ejson/CHANGELOG.md deleted file mode 100644 index 0077bc70..00000000 --- a/vendor/github.com/Shopify/ejson/CHANGELOG.md +++ /dev/null @@ -1,4 +0,0 @@ -# 1.1.0 - -* Add `--key-from-stdin` flag, where a private key, assumed to match the file's public key, is read - directly from stdin instead of looking up a match in the keydir. diff --git a/vendor/github.com/Shopify/ejson/Gemfile b/vendor/github.com/Shopify/ejson/Gemfile deleted file mode 100644 index f860fe50..00000000 --- a/vendor/github.com/Shopify/ejson/Gemfile +++ /dev/null @@ -1,4 +0,0 @@ -source 'https://rubygems.org' - -gem 'fpm' -gem 'ronn' diff --git a/vendor/github.com/Shopify/ejson/Gemfile.lock b/vendor/github.com/Shopify/ejson/Gemfile.lock deleted file mode 100644 index b5556285..00000000 --- a/vendor/github.com/Shopify/ejson/Gemfile.lock +++ /dev/null @@ -1,54 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - arr-pm (0.0.10) - cabin (> 0) - backports (3.8.0) - cabin (0.9.0) - childprocess (0.7.1) - ffi (~> 1.0, >= 1.0.11) - clamp (1.0.1) - dotenv (2.2.1) - ffi (1.9.18) - fpm (1.9.2) - arr-pm (~> 0.0.10) - backports (>= 2.6.2) - cabin (>= 0.6.0) - childprocess - clamp (~> 1.0.0) - ffi - json (>= 1.7.7, < 2.0) - pleaserun (~> 0.0.29) - ruby-xz - stud - hpricot (0.8.6) - insist (1.0.0) - io-like (0.3.0) - json (1.8.6) - mustache (0.99.8) - pleaserun (0.0.30) - cabin (> 0) - clamp - dotenv - insist - mustache (= 0.99.8) - stud - rdiscount (2.2.0.1) - ronn (0.7.3) - hpricot (>= 0.8.2) - mustache (>= 0.7.0) - rdiscount (>= 1.5.8) - ruby-xz (0.2.3) - ffi (~> 1.9) - io-like (~> 0.3) - stud (0.0.23) - -PLATFORMS - ruby - -DEPENDENCIES - fpm - ronn - -BUNDLED WITH - 1.16.6 diff --git a/vendor/github.com/Shopify/ejson/Gopkg.lock b/vendor/github.com/Shopify/ejson/Gopkg.lock deleted file mode 100644 index 4ca51259..00000000 --- a/vendor/github.com/Shopify/ejson/Gopkg.lock +++ /dev/null @@ -1,47 +0,0 @@ -# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. - - -[[projects]] - name = "github.com/codegangsta/cli" - packages = ["."] - revision = "9908e96513e5a94de37004098a3974a567f18111" - -[[projects]] - name = "github.com/dustin/gojson" - packages = ["."] - revision = "057ac0edc14e44d03df3bb03449e666ff50884c1" - -[[projects]] - name = "github.com/smartystreets/goconvey" - packages = [ - "convey", - "convey/assertions", - "convey/assertions/oglematchers", - "convey/gotest", - "convey/reporting" - ] - revision = "90f2eae17a8bdcbe3f6f654fc76af7f39e97d7b9" - -[[projects]] - name = "github.com/urfave/cli" - packages = ["."] - revision = "cfb38830724cc34fedffe9a2a29fb54fa9169cd1" - version = "v1.20.0" - -[[projects]] - name = "golang.org/x/crypto" - packages = [ - "curve25519", - "nacl/box", - "nacl/secretbox", - "poly1305", - "salsa20/salsa" - ] - revision = "ca7e7f10cb9fd9c1a6ff7f60436c086d73714180" - -[solve-meta] - analyzer-name = "dep" - analyzer-version = 1 - inputs-digest = "6fc4cc71e752df858dcb46d81802024e8077d9c8d9b51c4c252d1aa00bc3ad49" - solver-name = "gps-cdcl" - solver-version = 1 diff --git a/vendor/github.com/Shopify/ejson/Gopkg.toml b/vendor/github.com/Shopify/ejson/Gopkg.toml deleted file mode 100644 index 34c2c900..00000000 --- a/vendor/github.com/Shopify/ejson/Gopkg.toml +++ /dev/null @@ -1,34 +0,0 @@ -# Gopkg.toml example -# -# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md -# for detailed Gopkg.toml documentation. -# -# required = ["github.com/user/thing/cmd/thing"] -# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] -# -# [[constraint]] -# name = "github.com/user/project" -# version = "1.0.0" -# -# [[constraint]] -# name = "github.com/user/project2" -# branch = "dev" -# source = "github.com/myfork/project2" -# -# [[override]] -# name = "github.com/x/y" -# version = "2.4.0" -# -# [prune] -# non-go = false -# go-tests = true -# unused-packages = true - - -[[constraint]] - name = "github.com/urfave/cli" - version = "1.20.0" - -[prune] - go-tests = true - unused-packages = true diff --git a/vendor/github.com/Shopify/ejson/LICENSE.txt b/vendor/github.com/Shopify/ejson/LICENSE.txt deleted file mode 100644 index c7a793ba..00000000 --- a/vendor/github.com/Shopify/ejson/LICENSE.txt +++ /dev/null @@ -1,22 +0,0 @@ -Copyright (c) 2014 Shopify - -MIT License - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/vendor/github.com/Shopify/ejson/Makefile b/vendor/github.com/Shopify/ejson/Makefile deleted file mode 100644 index 90a9ad60..00000000 --- a/vendor/github.com/Shopify/ejson/Makefile +++ /dev/null @@ -1,87 +0,0 @@ -NAME=ejson -RUBY_MODULE=EJSON -PACKAGE=github.com/Shopify/ejson -VERSION=$(shell cat VERSION) -GEM=pkg/$(NAME)-$(VERSION).gem -DEB=pkg/$(NAME)_$(VERSION)_amd64.deb - -GOFILES=$(shell find . -type f -name '*.go') -MANFILES=$(shell find man -name '*.ronn' -exec echo build/{} \; | sed 's/\.ronn/\.gz/') - -GODEP_PATH=$(shell pwd)/Godeps/_workspace - -BUNDLE_EXEC=bundle exec - -.PHONY: default all binaries gem man clean dev_bootstrap - -default: all -all: gem deb -binaries: build/bin/linux-amd64 build/bin/darwin-amd64 -gem: $(GEM) -deb: $(DEB) -man: $(MANFILES) - -build/man/%.gz: man/%.ronn - mkdir -p "$(@D)" - set -euo pipefail ; $(BUNDLE_EXEC) ronn -r --pipe "$<" | gzip > "$@" || (rm -f "$<" ; false) - -build/bin/linux-amd64: $(GOFILES) cmd/$(NAME)/version.go - GOOS=linux GOARCH=amd64 go build -o "$@" "$(PACKAGE)/cmd/$(NAME)" -build/bin/darwin-amd64: $(GOFILES) cmd/$(NAME)/version.go - GOOS=darwin GOARCH=amd64 go build -o "$@" "$(PACKAGE)/cmd/$(NAME)" - -$(GEM): rubygem/$(NAME)-$(VERSION).gem - mkdir -p $(@D) - mv "$<" "$@" - -rubygem/$(NAME)-$(VERSION).gem: \ - rubygem/lib/$(NAME)/version.rb \ - rubygem/build/linux-amd64/ejson \ - rubygem/LICENSE.txt \ - rubygem/build/darwin-amd64/ejson \ - rubygem/man - cd rubygem && gem build ejson.gemspec - -rubygem/LICENSE.txt: LICENSE.txt - cp "$<" "$@" - -rubygem/man: man - cp -a build/man $@ - -rubygem/build/darwin-amd64/ejson: build/bin/darwin-amd64 - mkdir -p $(@D) - cp -a "$<" "$@" - -rubygem/build/linux-amd64/ejson: build/bin/linux-amd64 - mkdir -p $(@D) - cp -a "$<" "$@" - -cmd/$(NAME)/version.go: VERSION - echo 'package main\n\nconst VERSION string = "$(VERSION)"' > $@ - -rubygem/lib/$(NAME)/version.rb: VERSION - mkdir -p $(@D) - echo 'module $(RUBY_MODULE)\n VERSION = "$(VERSION)"\nend' > $@ - -$(DEB): build/bin/linux-amd64 man - mkdir -p $(@D) - rm -f "$@" - $(BUNDLE_EXEC) fpm \ - -t deb \ - -s dir \ - --name="$(NAME)" \ - --version="$(VERSION)" \ - --package="$@" \ - --license=MIT \ - --category=admin \ - --no-depends \ - --no-auto-depends \ - --architecture=amd64 \ - --maintainer="Shopify <admins@shopify.com>" \ - --description="utility for managing a collection of secrets in source control. Secrets are encrypted using public key, elliptic curve cryptography." \ - --url="https://github.com/Shopify/ejson" \ - ./build/man/=/usr/share/man/ \ - ./$<=/usr/bin/$(NAME) - -clean: - rm -rf build pkg rubygem/{LICENSE.txt,lib/ejson/version.rb,build,*.gem} diff --git a/vendor/github.com/Shopify/ejson/README.md b/vendor/github.com/Shopify/ejson/README.md deleted file mode 100644 index b1d714b1..00000000 --- a/vendor/github.com/Shopify/ejson/README.md +++ /dev/null @@ -1,145 +0,0 @@ -# ejson - -`ejson` is a utility for managing a collection of secrets in source control. The -secrets are encrypted using [public -key](http://en.wikipedia.org/wiki/Public-key_cryptography), [elliptic -curve](http://en.wikipedia.org/wiki/Elliptic_curve_cryptography) cryptography -([NaCl](http://nacl.cr.yp.to/) [Box](http://nacl.cr.yp.to/box.html): -[Curve25519](http://en.wikipedia.org/wiki/Curve25519) + -[Salsa20](http://en.wikipedia.org/wiki/Salsa20) + -[Poly1305-AES](http://en.wikipedia.org/wiki/Poly1305-AES)). Secrets are -collected in a JSON file, in which all the string values are encrypted. Public -keys are embedded in the file, and the decrypter looks up the corresponding -private key from its local filesystem. - - - -The main benefits provided by `ejson` are: - -* Secrets can be safely stored in a git repo. -* Changes to secrets are auditable on a line-by-line basis with `git blame`. -* Anyone with git commit access has access to write new secrets. -* Decryption access can easily be locked down to production servers only. -* Secrets change synchronously with application source (as opposed to secrets - provisioned by Configuration Management). -* Simple, well-tested, easily-auditable source. - -See [the manpages](https://shopify.github.io/ejson) for more technical documentation. - -See [ejson2env](https://github.com/Shopify/ejson2env) for a useful tool to help with exporting -a portion of secrets as environment variables for environments/tools that require this pattern. - -## Installation - -You can download the `.deb` package from [Github Releases](https://github.com/Shopify/ejson/releases). - -On development machines (64-bit linux or OS X), the recommended installation -method is via rubygems: - -``` -gem install ejson -``` - -## Workflow - -### 1: Create the Keydir - -By default, EJSON looks for keys in `/opt/ejson/keys`. You can change this by -setting `EJSON_KEYDIR` or passing the `-keydir` option. - -``` -$ mkdir -p /opt/ejson/keys -``` - -### 2: Generate a keypair - -When called with `-w`, `ejson keygen` will write the keypair into the `keydir` -and print the public key. Without `-w`, it will print both keys to stdout. This -is useful if you have to distribute the key to multiple servers via -configuration management, etc. - -``` -$ ejson keygen -Public Key: -63ccf05a9492e68e12eeb1c705888aebdcc0080af7e594fc402beb24cce9d14f -Private Key: -75b80b4a693156eb435f4ed2fe397e583f461f09fd99ec2bd1bdef0a56cf6e64 -``` - -``` -$ ./ejson keygen -w -53393332c6c7c474af603c078f5696c8fe16677a09a711bba299a6c1c1676a59 -$ cat /opt/ejson/keys/5339* -888a4291bef9135729357b8c70e5a62b0bbe104a679d829cdbe56d46a4481aaf -``` - -### 3: Create an `ejson` file - -The format is described in more detail [later on](#format). For now, create a -file that looks something like this. Fill in the `<key>` with whatever you got -back in step 2. - -Create this file as `test.ejson`: - -```json -{ - "_public_key": "<key>", - "database_password": "1234password" -} -``` - -### 4: Encrypt the file - -Running `ejson encrypt test.ejson` will encrypt any new plaintext keys in the -file, and leave any existing encrypted keys untouched: - -```json -{ - "_public_key": "63ccf05a9492e68e12eeb1c705888aebdcc0080af7e594fc402beb24cce9d14f", - "database_password": "EJ[1:WGj2t4znULHT1IRveMEdvvNXqZzNBNMsJ5iZVy6Dvxs=:kA6ekF8ViYR5ZLeSmMXWsdLfWr7wn9qS:fcHQtdt6nqcNOXa97/M278RX6w==]" -} -``` - -Try adding another plaintext secret to the file and run `ejson encrypt -test.ejson` again. The `database_password` field will not be changed, but the -new secret will be encrypted. - -### 5: Decrypt the file - -To decrypt the file, you must have a file present in the `keydir` whose name is -the 64-byte hex-encoded public key exactly as embedded in the `ejson` document. -The contents of that file must be the similarly-encoded private key. If you used -`ejson keygen -w`, you've already got this covered. - -Unlike `ejson encrypt`, which overwrites the specified files, `ejson decrypt` -only takes one file parameter, and prints the output to `stdout`: - -``` -$ ejson decrypt foo.ejson -{ - "_public_key": "63ccf05a9492e68e12eeb1c705888aebdcc0080af7e594fc402beb24cce9d14f", - "database_password": "1234password" -} -``` - -## Format - -The `ejson` document format is simple, but there are a few points to be aware -of: - -1. It's just JSON. -2. There *must* be a key at the top level named `_public_key`, whose value is a - 32-byte hex-encoded (i.e. 64 ASCII byte) public key as generated by `ejson - keygen`. -3. Any string literal that isn't an object key will be encrypted by default (ie. - in `{"a": "b"}`, `"b"` will be encrypted, but `"a"` will not. -4. Numbers, booleans, and nulls aren't encrypted. -5. If a key begins with an underscore, its corresponding value will not be - encrypted. This is used to prevent the `_public_key` field from being - encrypted, and is useful for implementing metadata schemes. -6. Underscores do not propagate downward. For example, in `{"_a": {"b": "c"}}`, - `"c"` will be encrypted. - -## See also - -* If you use Capistrano for deployment you can use [capistrano-ejson](https://github.com/Shopify/capistrano-ejson) to automatically decrypt the secrets on deploy. diff --git a/vendor/github.com/Shopify/ejson/VERSION b/vendor/github.com/Shopify/ejson/VERSION deleted file mode 100644 index 6085e946..00000000 --- a/vendor/github.com/Shopify/ejson/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.2.1 diff --git a/vendor/github.com/Shopify/ejson/crypto/boxed_message.go b/vendor/github.com/Shopify/ejson/crypto/boxed_message.go deleted file mode 100644 index 5dc86980..00000000 --- a/vendor/github.com/Shopify/ejson/crypto/boxed_message.go +++ /dev/null @@ -1,104 +0,0 @@ -package crypto - -import ( - "encoding/base64" - "fmt" - "regexp" - "strconv" -) - -var messageParser = regexp.MustCompile("\\AEJ\\[(\\d):([A-Za-z0-9+=/]{44}):([A-Za-z0-9+=/]{32}):(.+)\\]\\z") - -// boxedMessage dumps and loads the wire format for encrypted messages. The -// schema is fairly simple: -// -// "EJ[" -// SchemaVersion ( "1" ) -// ":" -// EncrypterPublic :: base64-encoded 32-byte key -// ":" -// Nonce :: base64-encoded 24-byte nonce -// ":" -// Box :: base64-encoded encrypted message -// "]" -type boxedMessage struct { - SchemaVersion int - EncrypterPublic [32]byte - Nonce [24]byte - Box []byte -} - -// IsBoxedMessage tests whether a value is formatted using the boxedMessage -// format. This can be used to determine whether a string value requires -// encryption or is already encrypted. -func IsBoxedMessage(data []byte) bool { - return messageParser.Find(data) != nil -} - -// Dump dumps to the wire format -func (b *boxedMessage) Dump() []byte { - pub := base64.StdEncoding.EncodeToString(b.EncrypterPublic[:]) - nonce := base64.StdEncoding.EncodeToString(b.Nonce[:]) - box := base64.StdEncoding.EncodeToString(b.Box) - - str := fmt.Sprintf("EJ[%d:%s:%s:%s]", - b.SchemaVersion, pub, nonce, box) - return []byte(str) -} - -// Load restores from the wire format. -func (b *boxedMessage) Load(from []byte) error { - var ssver, spub, snonce, sbox string - var err error - - allMatches := messageParser.FindAllStringSubmatch(string(from), -1) // -> [][][]byte - if len(allMatches) != 1 { - return fmt.Errorf("invalid message format") - } - matches := allMatches[0] - if len(matches) != 5 { - return fmt.Errorf("invalid message format") - } - - ssver = matches[1] - spub = matches[2] - snonce = matches[3] - sbox = matches[4] - - b.SchemaVersion, err = strconv.Atoi(ssver) - if err != nil { - return err - } - - pub, err := base64.StdEncoding.DecodeString(spub) - if err != nil { - return err - } - pubBytes := []byte(pub) - if len(pubBytes) != 32 { - return fmt.Errorf("public key invalid") - } - var public [32]byte - copy(public[:], pubBytes[0:32]) - b.EncrypterPublic = public - - nnc, err := base64.StdEncoding.DecodeString(snonce) - if err != nil { - return err - } - nonceBytes := []byte(nnc) - if len(nonceBytes) != 24 { - return fmt.Errorf("nonce invalid") - } - var nonce [24]byte - copy(nonce[:], nonceBytes[0:24]) - b.Nonce = nonce - - box, err := base64.StdEncoding.DecodeString(sbox) - if err != nil { - return err - } - b.Box = []byte(box) - - return nil -} diff --git a/vendor/github.com/Shopify/ejson/crypto/crypto.go b/vendor/github.com/Shopify/ejson/crypto/crypto.go deleted file mode 100644 index 63de1c6a..00000000 --- a/vendor/github.com/Shopify/ejson/crypto/crypto.go +++ /dev/null @@ -1,160 +0,0 @@ -// Package crypto implements a simple convenience wrapper around -// golang.org/x/crypto/nacl/box. It ultimately models a situation where you -// don't care about authenticating the encryptor, so the nonce and encryption -// public key are prepended to the encrypted message. -// -// Shared key precomputation is used when encrypting but not when decrypting. -// This is not an inherent limitation, but it would complicate the -// implementation a little bit to do precomputation during decryption also. -// If performance becomes an issue (highly unlikely), it's completely feasible -// to add. -package crypto - -import ( - "crypto/rand" - "errors" - "fmt" - - "golang.org/x/crypto/nacl/box" -) - -// Keypair models a Curve25519 keypair. To generate a new Keypair, declare an -// empty one and call Generate() on it. -type Keypair struct { - Public [32]byte - Private [32]byte -} - -// Encrypter is generated from a keypair (typically a newly-generated ephemeral -// keypair, used only for this session) with the public key of an authorized -// decrypter. It is then capable of encrypting messages to that decrypter's -// private key. An instance should normally be obtained only by calling -// Encrypter() on a Keypair instance. -type Encrypter struct { - Keypair *Keypair - PeerPublic [32]byte - SharedKey [32]byte -} - -// Decrypter is generated from a keypair (a fixed keypair, generally, whose -// private key is stored in configuration management or otherwise), and used to -// decrypt messages. It should normally be obtained by calling Decrypter() on a -// Keypair instance. -type Decrypter struct { - Keypair *Keypair -} - -// ErrDecryptionFailed means the decryption didn't work. This normally -// indicates that the message was corrupted or the wrong keypair was used. -var ErrDecryptionFailed = errors.New("couldn't decrypt message") - -// Generate generates a new Curve25519 keypair into a (presumably) empty Keypair -// structure. -func (k *Keypair) Generate() (err error) { - var pub, priv *[32]byte - pub, priv, err = box.GenerateKey(rand.Reader) - if err != nil { - return - } - k.Public = *pub - k.Private = *priv - return -} - -// PublicString returns the public key in the canonical hex-encoded printable form. -func (k *Keypair) PublicString() string { - return fmt.Sprintf("%x", k.Public) -} - -// PrivateString returns the private key in the canonical hex-encoded printable form. -func (k *Keypair) PrivateString() string { - return fmt.Sprintf("%x", k.Private) -} - -// Encrypter returns an Encrypter instance, given a public key, to encrypt -// messages to the paired, unknown, private key. -func (k *Keypair) Encrypter(peerPublic [32]byte) *Encrypter { - return NewEncrypter(k, peerPublic) -} - -// Decrypter returns a Decrypter instance, used to decrypt properly formatted -// messages from arbitrary encrypters. -func (k *Keypair) Decrypter() *Decrypter { - return &Decrypter{Keypair: k} -} - -// NewEncrypter instantiates an Encrypter after pre-computing the shared key for -// the owned keypair and the given decrypter public key. -func NewEncrypter(kp *Keypair, peerPublic [32]byte) *Encrypter { - var shared [32]byte - box.Precompute(&shared, &peerPublic, &kp.Private) - return &Encrypter{ - Keypair: kp, - PeerPublic: peerPublic, - SharedKey: shared, - } -} - -func (e *Encrypter) encrypt(message []byte) (*boxedMessage, error) { - nonce, err := genNonce() - if err != nil { - return nil, err - } - - out := box.SealAfterPrecomputation(nil, []byte(message), &nonce, &e.SharedKey) - - return &boxedMessage{ - SchemaVersion: 1, - EncrypterPublic: e.Keypair.Public, - Nonce: nonce, - Box: out, - }, nil -} - -// Encrypt takes a plaintext message and returns an encrypted message. Unlike -// raw nacl/box encryption, this message is decryptable without passing the -// nonce or public key out-of-band, as it includes both. This is not less -// secure, it just doesn't allow for authorizing the encryptor. That's fine, -// since authorization isn't a desired property of this particular cryptosystem. -func (e *Encrypter) Encrypt(message []byte) ([]byte, error) { - if IsBoxedMessage(message) { - return message, nil - } - boxedMessage, err := e.encrypt(message) - if err != nil { - return nil, err - } - return boxedMessage.Dump(), nil -} - -// Decrypt is passed an encrypted message or a particular format (the format -// generated by (*Encrypter)Encrypt(), which includes the nonce and public key -// used to create the ciphertext. It returns the decrypted string. Note that, -// unlike with encryption, Shared-key-precomputation is not used for decryption. -func (d *Decrypter) Decrypt(message []byte) ([]byte, error) { - var bm boxedMessage - if err := bm.Load(message); err != nil { - return nil, err - } - return d.decrypt(&bm) -} - -func (d *Decrypter) decrypt(bm *boxedMessage) ([]byte, error) { - plaintext, ok := box.Open(nil, bm.Box, &bm.Nonce, &bm.EncrypterPublic, &d.Keypair.Private) - if !ok { - return nil, ErrDecryptionFailed - } - return plaintext, nil -} - -func genNonce() (nonce [24]byte, err error) { - var n int - n, err = rand.Read(nonce[0:24]) - if err != nil { - return - } - if n != 24 { - err = fmt.Errorf("not enough bytes returned from rand.Reader") - } - return -} diff --git a/vendor/github.com/Shopify/ejson/dev.yml b/vendor/github.com/Shopify/ejson/dev.yml deleted file mode 100644 index ca552fc6..00000000 --- a/vendor/github.com/Shopify/ejson/dev.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: ejson - -up: - - homebrew: - - glide - - ruby: 2.3.3 - - go: 1.8.3 - - bundler - - custom: - name: Install vendored dependencies - met?: test -e vendor - meet: glide install - -commands: - build: make - test: go test $(glide nv) diff --git a/vendor/github.com/Shopify/ejson/ejson.go b/vendor/github.com/Shopify/ejson/ejson.go deleted file mode 100644 index b30bca37..00000000 --- a/vendor/github.com/Shopify/ejson/ejson.go +++ /dev/null @@ -1,197 +0,0 @@ -// Package ejson implements the primary interface to interact with ejson -// documents and keypairs. The CLI implemented by cmd/ejson is a fairly thin -// wrapper around this package. -package ejson - -import ( - "bytes" - "encoding/hex" - "fmt" - "io" - "io/ioutil" - "os" - "strings" - - "github.com/Shopify/ejson/crypto" - "github.com/Shopify/ejson/json" -) - -// GenerateKeypair is used to create a new ejson keypair. It returns the keys as -// hex-encoded strings, suitable for printing to the screen. hex.DecodeString -// can be used to load the true representation if necessary. -func GenerateKeypair() (pub string, priv string, err error) { - var kp crypto.Keypair - if err := kp.Generate(); err != nil { - return "", "", err - } - return kp.PublicString(), kp.PrivateString(), nil -} - -// Encrypt reads all contents from 'in', extracts the pubkey -// and performs the requested encryption operation, writing -// the resulting data to 'out'. -// Returns the number of bytes written and any error that might have -// occurred. -func Encrypt(in io.Reader, out io.Writer) (int, error) { - data, err := ioutil.ReadAll(in) - if err != nil { - return -1, err - } - - var myKP crypto.Keypair - if err = myKP.Generate(); err != nil { - return -1, err - } - - pubkey, err := json.ExtractPublicKey(data) - if err != nil { - return -1, err - } - - encrypter := myKP.Encrypter(pubkey) - walker := json.Walker{ - Action: encrypter.Encrypt, - } - - newdata, err := walker.Walk(data) - if err != nil { - return -1, err - } - - return out.Write(newdata) -} - -// EncryptFileInPlace takes a path to a file on disk, which must be a valid EJSON file -// (see README.md for more on what constitutes a valid EJSON file). Any -// encryptable-but-unencrypted fields in the file will be encrypted using the -// public key embdded in the file, and the resulting text will be written over -// the file present on disk. -func EncryptFileInPlace(filePath string) (int, error) { - var fileMode os.FileMode - if stat, err := os.Stat(filePath); err == nil { - fileMode = stat.Mode() - } else { - return -1, err - } - - file, err := os.Open(filePath) - if err != nil { - return -1, err - } - - var outBuffer bytes.Buffer - - written, err := Encrypt(file, &outBuffer) - if err != nil { - return -1, err - } - - if err = file.Close(); err != nil { - return -1, err - } - - if err := ioutil.WriteFile(filePath, outBuffer.Bytes(), fileMode); err != nil { - return -1, err - } - - return written, nil -} - -// Decrypt reads an ejson stream from 'in' and writes the decrypted data to 'out'. -// The private key is expected to be under 'keydir'. -// Returns error upon failure, or nil on success. -func Decrypt(in io.Reader, out io.Writer, keydir string, userSuppliedPrivateKey string) error { - data, err := ioutil.ReadAll(in) - if err != nil { - return err - } - - pubkey, err := json.ExtractPublicKey(data) - if err != nil { - return err - } - - privkey, err := findPrivateKey(pubkey, keydir, userSuppliedPrivateKey) - if err != nil { - return err - } - - myKP := crypto.Keypair{ - Public: pubkey, - Private: privkey, - } - - decrypter := myKP.Decrypter() - walker := json.Walker{ - Action: decrypter.Decrypt, - } - - newdata, err := walker.Walk(data) - if err != nil { - return err - } - - _, err = out.Write(newdata) - - return err -} - -// DecryptFile takes a path to an encrypted EJSON file and returns the data -// decrypted. The public key used to encrypt the values is embedded in the -// referenced document, and the matching private key is searched for in keydir. -// There must exist a file in keydir whose name is the public key from the -// EJSON document, and whose contents are the corresponding private key. See -// README.md for more details on this. -func DecryptFile(filePath, keydir string, userSuppliedPrivateKey string) ([]byte, error) { - if _, err := os.Stat(filePath); err != nil { - return nil, err - } - - file, err := os.Open(filePath) - if err != nil { - return nil, err - } - defer file.Close() - - var outBuffer bytes.Buffer - - err = Decrypt(file, &outBuffer, keydir, userSuppliedPrivateKey) - - return outBuffer.Bytes(), err -} - -func readPrivateKeyFromDisk(pubkey [32]byte, keydir string) (privkey string, err error) { - keyFile := fmt.Sprintf("%s/%x", keydir, pubkey) - var fileContents []byte - fileContents, err = ioutil.ReadFile(keyFile) - if err != nil { - err = fmt.Errorf("couldn't read key file (%s)", err.Error()) - return - } - privkey = string(fileContents) - return -} - -func findPrivateKey(pubkey [32]byte, keydir string, userSuppliedPrivateKey string) (privkey [32]byte, err error) { - var privkeyString string - if userSuppliedPrivateKey != "" { - privkeyString = userSuppliedPrivateKey - } else { - privkeyString, err = readPrivateKeyFromDisk(pubkey, keydir) - if err != nil { - return privkey, err - } - } - - privkeyBytes, err := hex.DecodeString(strings.TrimSpace(privkeyString)) - if err != nil { - return - } - - if len(privkeyBytes) != 32 { - err = fmt.Errorf("invalid private key") - return - } - copy(privkey[:], privkeyBytes) - return -} diff --git a/vendor/github.com/Shopify/ejson/json/key.go b/vendor/github.com/Shopify/ejson/json/key.go deleted file mode 100644 index 66177c88..00000000 --- a/vendor/github.com/Shopify/ejson/json/key.go +++ /dev/null @@ -1,62 +0,0 @@ -package json - -import ( - "encoding/hex" - "encoding/json" - "errors" -) - -const ( - // PublicKeyField is the key name at which the public key should be - // stored in an EJSON document. - PublicKeyField = "_public_key" -) - -// ErrPublicKeyMissing indicates that the PublicKeyField key was not found -// at the top level of the JSON document provided. -var ErrPublicKeyMissing = errors.New("public key not present in EJSON file") - -// ErrPublicKeyInvalid means that the PublicKeyField key was found, but the -// value could not be parsed into a valid key. -var ErrPublicKeyInvalid = errors.New("public key has invalid format") - -// ExtractPublicKey finds the _public_key value in an EJSON document and -// parses it into a key usable with the crypto library. -func ExtractPublicKey(data []byte) (key [32]byte, err error) { - var ( - obj map[string]interface{} - ks string - ok bool - bs []byte - ) - err = json.Unmarshal(data, &obj) - if err != nil { - return - } - k, ok := obj[PublicKeyField] - if !ok { - goto missing - } - ks, ok = k.(string) - if !ok { - goto invalid - } - if len(ks) != 64 { - goto invalid - } - bs, err = hex.DecodeString(ks) - if err != nil { - goto invalid - } - if len(bs) != 32 { - goto invalid - } - copy(key[:], bs) - return -missing: - err = ErrPublicKeyMissing - return -invalid: - err = ErrPublicKeyInvalid - return -} diff --git a/vendor/github.com/Shopify/ejson/json/pipeline.go b/vendor/github.com/Shopify/ejson/json/pipeline.go deleted file mode 100644 index 4527a18d..00000000 --- a/vendor/github.com/Shopify/ejson/json/pipeline.go +++ /dev/null @@ -1,73 +0,0 @@ -package json - -type pipeline struct { - final []byte - err error - pendingBytes []byte - queue chan queueItem - done chan struct{} -} - -type queueItem struct { - pr <-chan promiseResult - bs []byte - term bool -} - -type promiseResult struct { - bytes []byte - err error -} - -func newPipeline() *pipeline { - pl := &pipeline{ - queue: make(chan queueItem, 512), - done: make(chan struct{}), - } - go pl.run() - return pl -} - -func (p *pipeline) run() { - for qi := range p.queue { - if qi.term { - close(p.done) - } else if qi.pr != nil { - res := <-qi.pr - if res.err != nil { - p.err = res.err - } - p.final = append(p.final, res.bytes...) - } else { - p.final = append(p.final, qi.bs...) - } - } -} - -func (p *pipeline) appendBytes(bs []byte) { - p.pendingBytes = append(p.pendingBytes, bs...) -} - -func (p *pipeline) appendByte(b byte) { - p.pendingBytes = append(p.pendingBytes, b) -} - -func (p *pipeline) appendPromise(ch <-chan promiseResult) { - p.flushPendingBytes() - p.queue <- queueItem{pr: ch} -} - -func (p *pipeline) flush() ([]byte, error) { - p.flushPendingBytes() - p.queue <- queueItem{term: true} - <-p.done - close(p.queue) - return p.final, p.err -} - -func (p *pipeline) flushPendingBytes() { - if len(p.pendingBytes) > 0 { - p.queue <- queueItem{bs: p.pendingBytes} - p.pendingBytes = nil - } -} diff --git a/vendor/github.com/Shopify/ejson/json/walker.go b/vendor/github.com/Shopify/ejson/json/walker.go deleted file mode 100644 index b377f67e..00000000 --- a/vendor/github.com/Shopify/ejson/json/walker.go +++ /dev/null @@ -1,133 +0,0 @@ -// Package json implements functions to load the Public key data from an EJSON -// file, and to walk that data file, encrypting or decrypting any keys which, -// according to the specification, are marked as encryptable (see README.md for -// details). -// -// It may be non-obvious why this is implemented using a scanner and not by -// loading the structure, manipulating it, then dumping it. Since Go's maps are -// explicitly randomized, that would cause the entire structure to be randomized -// each time the file was written, rendering diffs over time essentially -// useless. -package json - -import ( - "bytes" - "fmt" - - "github.com/dustin/gojson" -) - -// Walker takes an Action, which will run on fields selected by EJSON for -// encryption, and provides a Walk method, which iterates on all the fields in -// a JSON text, running the Action on all selected fields. Fields are selected -// if they are a Value (not a Key) of type string, and their referencing Key did -// *not* begin with an Underscore. Note that this -// underscore-to-disable-encryption syntax does not propagate down the hierarchy -// to children. -// That is: -// * In {"_a": "b"}, Action will not be run at all. -// * In {"a": "b"}, Action will be run with "b", and the return value will -// replace "b". -// * In {"k": {"a": ["b"]}, Action will run on "b". -// * In {"_k": {"a": ["b"]}, Action run on "b". -// * In {"k": {"_a": ["b"]}, Action will not run. -type Walker struct { - Action func([]byte) ([]byte, error) -} - -// Walk walks an entire JSON structure, running the ejsonWalker.Action on each -// actionable node. A node is actionable if it's a string *value*, and its -// referencing key doesn't begin with an underscore. For each actionable node, -// the contents are replaced with the result of Action. Everything else is -// unchanged. -func (ew *Walker) Walk(data []byte) ([]byte, error) { - var ( - inLiteral bool - literalStart int - isComment bool - scanner json.Scanner - ) - scanner.Reset() - pline := newPipeline() - for i, c := range data { - switch v := scanner.Step(&scanner, int(c)); v { - case json.ScanContinue, json.ScanSkipSpace: - // Uninteresting byte. Just advance to next. - case json.ScanBeginLiteral: - inLiteral = true - literalStart = i - case json.ScanObjectKey: - // The literal we just finished reading was a Key. Decide whether it was a - // encryptable by checking whether the first byte after the '"' was an - // underscore, then append it verbatim to the output buffer. - inLiteral = false - isComment = data[literalStart+1] == '_' - pline.appendBytes(data[literalStart:i]) - case json.ScanError: - // Some error happened; just bail. - pline.flush() - return nil, fmt.Errorf("invalid json") - case json.ScanEnd: - // We successfully hit the end of input. - pline.appendByte(c) - return pline.flush() - default: - if inLiteral { - inLiteral = false - // We finished reading some literal, and it wasn't a Key, meaning it's - // potentially encryptable. If it was a string, and the most recent Key - // encountered didn't begin with a '_', we are to encrypt it. In any - // other case, we append it verbatim to the output buffer. - if isComment || data[literalStart] != '"' { - pline.appendBytes(data[literalStart:i]) - } else { - res := make(chan promiseResult) - go func(subData []byte) { - actioned, err := ew.runAction(subData) - res <- promiseResult{actioned, err} - close(res) - }(data[literalStart:i]) - pline.appendPromise(res) - } - } - } - if !inLiteral { - // If we're in a literal, we save up bytes because we may have to encrypt - // them. Outside of a literal, we simply append each byte as we read it. - pline.appendByte(c) - } - } - if scanner.EOF() == json.ScanError { - // Unexpected EOF => malformed JSON - pline.flush() - return nil, fmt.Errorf("invalid json") - } - return pline.flush() -} - -func (ew *Walker) runAction(data []byte) ([]byte, error) { - trimmed := bytes.TrimSpace(data) - unquoted, ok := json.UnquoteBytes(trimmed) - if !ok { - return nil, fmt.Errorf("invalid json") - } - done, err := ew.Action(unquoted) - if err != nil { - return nil, err - } - quoted, err := quoteBytes(done) - if err != nil { - return nil, err - } - return append(quoted, data[len(trimmed):]...), nil -} - -// probably a better way to do this, but... -func quoteBytes(in []byte) ([]byte, error) { - data := []string{string(in)} - out, err := json.Marshal(data) - if err != nil { - return nil, err - } - return out[1 : len(out)-1], nil -} |