mirror of
https://github.com/fnproject/fn.git
synced 2022-10-28 21:29:17 +03:00
51ff7caeb2
* add DateTime sans mgo * change all uses of strfmt.DateTime to common.DateTime, remove test strfmt usage * remove api tests, system-test dep on api test multiple reasons to remove the api tests: * awkward dependency with fn_go meant generating bindings on a branched fn to vendor those to test new stuff. this is at a minimum not at all intuitive, worth it, nor a fun way to spend the finite amount of time we have to live. * api tests only tested a subset of functionality that the server/ api tests already test, and we risk having tests where one tests some thing and the other doesn't. let's not. we have too many test suites as it is, and these pretty much only test that we updated the fn_go bindings, which is actually a hassle as noted above and the cli will pretty quickly figure out anyway. * fn_go relies on openapi, which relies on mgo, which is deprecated and we'd like to remove as a dependency. openapi is a _huge_ dep built in a NIH fashion, that cannot simply remove the mgo dep as users may be using it. we've now stolen their date time and otherwise killed usage of it in fn core, for fn_go it still exists but that's less of a problem. * update deps removals: * easyjson * mgo * go-openapi * mapstructure * fn_go * purell * go-validator also, had to lock docker. we shouldn't use docker on master anyway, they strongly advise against that. had no luck with latest version rev, so i locked it to what we were using before. until next time. the rest is just playing dep roulette, those end up removing a ton tho * fix exec test to work * account for john le cache
91 lines
3.4 KiB
Go
91 lines
3.4 KiB
Go
// Copyright 2018 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Package sign signs small messages using public-key cryptography.
|
|
//
|
|
// Sign uses Ed25519 to sign messages. The length of messages is not hidden.
|
|
// Messages should be small because:
|
|
// 1. The whole message needs to be held in memory to be processed.
|
|
// 2. Using large messages pressures implementations on small machines to process
|
|
// plaintext without verifying the signature. This is very dangerous, and this API
|
|
// discourages it, but a protocol that uses excessive message sizes might present
|
|
// some implementations with no other choice.
|
|
// 3. Performance may be improved by working with messages that fit into data caches.
|
|
// Thus large amounts of data should be chunked so that each message is small.
|
|
//
|
|
// This package is not interoperable with the current release of NaCl
|
|
// (https://nacl.cr.yp.to/sign.html), which does not support Ed25519 yet. However,
|
|
// it is compatible with the NaCl fork libsodium (https://www.libsodium.org), as well
|
|
// as TweetNaCl (https://tweetnacl.cr.yp.to/).
|
|
package sign
|
|
|
|
import (
|
|
"io"
|
|
|
|
"golang.org/x/crypto/ed25519"
|
|
"golang.org/x/crypto/internal/subtle"
|
|
)
|
|
|
|
// Overhead is the number of bytes of overhead when signing a message.
|
|
const Overhead = 64
|
|
|
|
// GenerateKey generates a new public/private key pair suitable for use with
|
|
// Sign and Open.
|
|
func GenerateKey(rand io.Reader) (publicKey *[32]byte, privateKey *[64]byte, err error) {
|
|
pub, priv, err := ed25519.GenerateKey(rand)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
publicKey, privateKey = new([32]byte), new([64]byte)
|
|
copy((*publicKey)[:], pub)
|
|
copy((*privateKey)[:], priv)
|
|
return publicKey, privateKey, nil
|
|
}
|
|
|
|
// Sign appends a signed copy of message to out, which will be Overhead bytes
|
|
// longer than the original and must not overlap it.
|
|
func Sign(out, message []byte, privateKey *[64]byte) []byte {
|
|
sig := ed25519.Sign(ed25519.PrivateKey((*privateKey)[:]), message)
|
|
ret, out := sliceForAppend(out, Overhead+len(message))
|
|
if subtle.AnyOverlap(out, message) {
|
|
panic("nacl: invalid buffer overlap")
|
|
}
|
|
copy(out, sig)
|
|
copy(out[Overhead:], message)
|
|
return ret
|
|
}
|
|
|
|
// Open verifies a signed message produced by Sign and appends the message to
|
|
// out, which must not overlap the signed message. The output will be Overhead
|
|
// bytes smaller than the signed message.
|
|
func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool) {
|
|
if len(signedMessage) < Overhead {
|
|
return nil, false
|
|
}
|
|
if !ed25519.Verify(ed25519.PublicKey((*publicKey)[:]), signedMessage[Overhead:], signedMessage[:Overhead]) {
|
|
return nil, false
|
|
}
|
|
ret, out := sliceForAppend(out, len(signedMessage)-Overhead)
|
|
if subtle.AnyOverlap(out, signedMessage) {
|
|
panic("nacl: invalid buffer overlap")
|
|
}
|
|
copy(out, signedMessage[Overhead:])
|
|
return ret, true
|
|
}
|
|
|
|
// sliceForAppend takes a slice and a requested number of bytes. It returns a
|
|
// slice with the contents of the given slice followed by that many bytes and a
|
|
// second slice that aliases into it and contains only the extra bytes. If the
|
|
// original slice has sufficient capacity then no allocation is performed.
|
|
func sliceForAppend(in []byte, n int) (head, tail []byte) {
|
|
if total := len(in) + n; cap(in) >= total {
|
|
head = in[:total]
|
|
} else {
|
|
head = make([]byte, total)
|
|
copy(head, in)
|
|
}
|
|
tail = head[len(in):]
|
|
return
|
|
}
|