File: cosign.go

package info (click to toggle)
golang-github-smallstep-crypto 0.63.0-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 3,800 kB
  • sloc: sh: 66; makefile: 50
file content (79 lines) | stat: -rw-r--r-- 2,039 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
package pemutil

import (
	"crypto"
	"crypto/x509"
	"encoding/json"

	"github.com/pkg/errors"
	"golang.org/x/crypto/nacl/secretbox"
	"golang.org/x/crypto/scrypt"
)

type cosignEnvelope struct {
	KDF        cosignKDF    `json:"kdf"`
	Cipher     cosignCipher `json:"cipher"`
	Ciphertext []byte       `json:"ciphertext"`
}

type cosignKDF struct {
	Name   string             `json:"name"`
	Params cosignScryptParams `json:"params"`
	Salt   []byte             `json:"salt"`
}

type cosignScryptParams struct {
	N int `json:"N"`
	R int `json:"r"`
	P int `json:"p"`
}

type cosignCipher struct {
	Name  string `json:"name"`
	Nonce []byte `json:"nonce"`
}

// ParseCosignPrivateKey returns the private key encoded using cosign envelope.
// If an incorrect password is detected an x509.IncorrectPasswordError is
// returned.
//
// Cosign keys are encrypted under a password using scrypt as a KDF and
// nacl/secretbox for encryption.
func ParseCosignPrivateKey(data, password []byte) (crypto.PrivateKey, error) {
	var env cosignEnvelope
	if err := json.Unmarshal(data, &env); err != nil {
		return nil, errors.Wrap(err, "error unmarshaling key")
	}
	if env.KDF.Name != "scrypt" {
		return nil, errors.Errorf("error parsing key: unsupported kdf %s", env.KDF.Name)
	}
	if env.Cipher.Name != "nacl/secretbox" {
		return nil, errors.Errorf("error parsing key: unsupported cipher %s", env.Cipher.Name)
	}
	if len(env.Cipher.Nonce) != 24 {
		return nil, errors.New("error parsing key: nonce must be 24 bytes long")
	}

	params := env.KDF.Params
	k, err := scrypt.Key(password, env.KDF.Salt, params.N, params.R, params.P, 32)
	if err != nil {
		return nil, errors.Wrap(err, "error generating key")
	}

	var nonce [24]byte
	var key [32]byte
	copy(nonce[:], env.Cipher.Nonce)
	copy(key[:], k)

	out, ok := secretbox.Open(nil, env.Ciphertext, &nonce, &key)
	if !ok {
		return nil, x509.IncorrectPasswordError
	}

	priv, err := x509.ParsePKCS8PrivateKey(out)
	if err != nil {
		return nil, errors.Wrap(err, "error parsing pkcs8 key")
	}

	return priv, nil
}