types/key: delete legacy undifferentiated key types.

Updates #3206

Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson 2021-10-29 15:00:38 -07:00
parent eeb97fd89f
commit b43362852c
2 changed files with 0 additions and 193 deletions

View File

@ -1,119 +0,0 @@
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package key defines some types for the various keys Tailscale uses.
package key
import (
"encoding/base64"
"errors"
"fmt"
"go4.org/mem"
"golang.org/x/crypto/curve25519"
)
// Private represents a curve25519 private key of unspecified purpose.
//
// Deprecated: this key type has been used for several different
// keypairs, which are used in different protocols. This makes it easy
// to accidentally use the wrong key for a particular purpose, because
// the type system doesn't protect you. Please define dedicated key
// types for each purpose (e.g. communication with control, disco,
// wireguard...) instead, even if they are a Curve25519 value under
// the hood.
type Private [32]byte
// Private reports whether p is the zero value.
func (p Private) IsZero() bool { return p == Private{} }
// NewPrivate returns a new private key.
func NewPrivate() Private {
var p Private
rand(p[:])
clamp25519Private(p[:])
return p
}
// B32 returns k as the *[32]byte type that's used by the
// golang.org/x/crypto packages. This allocates; it might
// not be appropriate for performance-sensitive paths.
func (k Private) B32() *[32]byte { return (*[32]byte)(&k) }
// Public represents a curve25519 public key.
//
// Deprecated: this key type has been used for several different
// keypairs, which are used in different protocols. This makes it easy
// to accidentally use the wrong key for a particular purpose, because
// the type system doesn't protect you. Please define dedicated key
// types for each purpose (e.g. communication with control, disco,
// wireguard...) instead, even if they are a Curve25519 value under
// the hood.
type Public [32]byte
// Public reports whether p is the zero value.
func (p Public) IsZero() bool { return p == Public{} }
// ShortString returns the Tailscale conventional debug representation
// of a public key: the first five base64 digits of the key, in square
// brackets.
func (p Public) ShortString() string {
return "[" + base64.StdEncoding.EncodeToString(p[:])[:5] + "]"
}
func (p Public) MarshalText() ([]byte, error) {
buf := make([]byte, base64.StdEncoding.EncodedLen(len(p)))
base64.StdEncoding.Encode(buf, p[:])
return buf, nil
}
func (p *Public) UnmarshalText(txt []byte) error {
if *p != (Public{}) {
return errors.New("refusing to unmarshal into non-zero key.Public")
}
n, err := base64.StdEncoding.Decode(p[:], txt)
if err != nil {
return err
}
if n != 32 {
return fmt.Errorf("short decode of %d; want 32", n)
}
return nil
}
// B32 returns k as the *[32]byte type that's used by the
// golang.org/x/crypto packages. This allocates; it might
// not be appropriate for performance-sensitive paths.
func (k Public) B32() *[32]byte { return (*[32]byte)(&k) }
func (k Private) Public() Public {
var pub [32]byte
curve25519.ScalarBaseMult(&pub, (*[32]byte)(&k))
return Public(pub)
}
func (k Private) SharedSecret(pub Public) (ss [32]byte) {
apk := (*[32]byte)(&pub)
ask := (*[32]byte)(&k)
curve25519.ScalarMult(&ss, ask, apk)
return ss
}
// NewPublicFromHexMem parses a public key in its hex form, given in m.
// The provided m must be exactly 64 bytes in length.
func NewPublicFromHexMem(m mem.RO) (Public, error) {
if m.Len() != 64 {
return Public{}, errors.New("invalid length")
}
var p Public
for i := range p {
a, ok1 := fromHexChar(m.At(i*2 + 0))
b, ok2 := fromHexChar(m.At(i*2 + 1))
if !ok1 || !ok2 {
return Public{}, errors.New("invalid hex character")
}
p[i] = (a << 4) | b
}
return p, nil
}

View File

@ -1,74 +0,0 @@
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package key
import (
"bytes"
"encoding"
"reflect"
"testing"
)
type tmu interface {
encoding.TextMarshaler
encoding.TextUnmarshaler
}
func TestTextMarshal(t *testing.T) {
// Check that keys roundtrip correctly through marshaling, and
// cannot be unmarshaled as other key types.
type keyMaker func() (random, zero tmu)
keys := []keyMaker{
func() (tmu, tmu) { k := NewMachine(); return &k, &MachinePrivate{} },
func() (tmu, tmu) { k := NewMachine().Public(); return &k, &MachinePublic{} },
func() (tmu, tmu) { k := NewPrivate().Public(); return &k, &Public{} },
}
for i, kf := range keys {
k1, k2 := kf()
// Sanity check: both k's should have the same type, k2 should
// be the zero value.
if t1, t2 := reflect.ValueOf(k1).Elem().Type(), reflect.ValueOf(k2).Elem().Type(); t1 != t2 {
t.Fatalf("got two keys of different types %T and %T", t1, t2)
}
if !reflect.ValueOf(k2).Elem().IsZero() {
t.Fatal("k2 is not the zero value")
}
// All keys should marshal successfully.
t1, err := k1.MarshalText()
if err != nil {
t.Fatalf("MarshalText(%#v): %v", k1, err)
}
// Marshalling should round-trip.
if err := k2.UnmarshalText(t1); err != nil {
t.Fatalf("UnmarshalText(MarshalText(%#v)): %v", k1, err)
}
if !reflect.DeepEqual(k1, k2) {
t.Fatalf("UnmarshalText(MarshalText(k1)) changed\n old: %#v\n new: %#v", k1, k2)
}
// And the text representation should also roundtrip.
t2, err := k2.MarshalText()
if err != nil {
t.Fatalf("MarshalText(%#v): %v", k2, err)
}
if !bytes.Equal(t1, t2) {
t.Fatal("MarshalText(k1) != MarshalText(k2)")
}
// No other key type should be able to unmarshal the text of a
// different key.
for j, otherkf := range keys {
if i == j {
continue
}
_, otherk := otherkf()
if err := otherk.UnmarshalText(t1); err == nil {
t.Fatalf("key %#v can unmarshal as %#v (marshaled form %q)", k1, otherk, t1)
}
}
}
}