2022-07-18 11:43:25 +00:00
|
|
|
// Copyright (C) 2019-2022 Nicola Murino
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published
|
|
|
|
// by the Free Software Foundation, version 3.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
2020-11-30 20:46:34 +00:00
|
|
|
package kms
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/aes"
|
|
|
|
"crypto/cipher"
|
|
|
|
"crypto/rand"
|
2021-04-05 16:23:40 +00:00
|
|
|
"crypto/sha256"
|
2020-11-30 20:46:34 +00:00
|
|
|
"encoding/hex"
|
2022-01-04 11:49:30 +00:00
|
|
|
"errors"
|
2020-11-30 20:46:34 +00:00
|
|
|
"io"
|
2022-01-06 09:11:47 +00:00
|
|
|
|
2022-01-06 10:54:43 +00:00
|
|
|
sdkkms "github.com/sftpgo/sdk/kms"
|
2022-01-04 11:49:30 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
errMalformedCiphertext = errors.New("malformed ciphertext")
|
2020-11-30 20:46:34 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type builtinSecret struct {
|
2022-01-04 15:07:41 +00:00
|
|
|
BaseSecret
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
|
2021-07-13 19:17:21 +00:00
|
|
|
func init() {
|
2022-01-06 09:11:47 +00:00
|
|
|
RegisterSecretProvider(sdkkms.SchemeBuiltin, sdkkms.SecretStatusAES256GCM, newBuiltinSecret)
|
2021-07-13 19:17:21 +00:00
|
|
|
}
|
|
|
|
|
2022-01-04 15:07:41 +00:00
|
|
|
func newBuiltinSecret(base BaseSecret, url, masterKey string) SecretProvider {
|
2020-11-30 20:46:34 +00:00
|
|
|
return &builtinSecret{
|
2021-07-13 19:17:21 +00:00
|
|
|
BaseSecret: base,
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *builtinSecret) Name() string {
|
2021-07-13 19:17:21 +00:00
|
|
|
return "Builtin"
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *builtinSecret) IsEncrypted() bool {
|
2022-01-06 09:11:47 +00:00
|
|
|
return s.Status == sdkkms.SecretStatusAES256GCM
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *builtinSecret) deriveKey(key []byte) []byte {
|
|
|
|
var combined []byte
|
|
|
|
combined = append(combined, key...)
|
|
|
|
if s.AdditionalData != "" {
|
|
|
|
combined = append(combined, []byte(s.AdditionalData)...)
|
|
|
|
}
|
|
|
|
combined = append(combined, key...)
|
|
|
|
hash := sha256.Sum256(combined)
|
|
|
|
return hash[:]
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *builtinSecret) Encrypt() error {
|
|
|
|
if s.Payload == "" {
|
2022-01-04 15:07:41 +00:00
|
|
|
return ErrInvalidSecret
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
switch s.Status {
|
2022-01-06 09:11:47 +00:00
|
|
|
case sdkkms.SecretStatusPlain:
|
2020-11-30 20:46:34 +00:00
|
|
|
key := make([]byte, 32)
|
|
|
|
if _, err := io.ReadFull(rand.Reader, key); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
block, err := aes.NewCipher(s.deriveKey(key))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
gcm, err := cipher.NewGCM(block)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
nonce := make([]byte, gcm.NonceSize())
|
|
|
|
if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
var aad []byte
|
|
|
|
if s.AdditionalData != "" {
|
|
|
|
aad = []byte(s.AdditionalData)
|
|
|
|
}
|
|
|
|
ciphertext := gcm.Seal(nonce, nonce, []byte(s.Payload), aad)
|
|
|
|
s.Key = hex.EncodeToString(key)
|
|
|
|
s.Payload = hex.EncodeToString(ciphertext)
|
2022-01-06 09:11:47 +00:00
|
|
|
s.Status = sdkkms.SecretStatusAES256GCM
|
2020-11-30 20:46:34 +00:00
|
|
|
return nil
|
|
|
|
default:
|
2022-01-04 15:07:41 +00:00
|
|
|
return ErrWrongSecretStatus
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *builtinSecret) Decrypt() error {
|
|
|
|
switch s.Status {
|
2022-01-06 09:11:47 +00:00
|
|
|
case sdkkms.SecretStatusAES256GCM:
|
2020-11-30 20:46:34 +00:00
|
|
|
encrypted, err := hex.DecodeString(s.Payload)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
key, err := hex.DecodeString(s.Key)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
block, err := aes.NewCipher(s.deriveKey(key))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
gcm, err := cipher.NewGCM(block)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
nonceSize := gcm.NonceSize()
|
|
|
|
if len(encrypted) < nonceSize {
|
|
|
|
return errMalformedCiphertext
|
|
|
|
}
|
|
|
|
nonce, ciphertext := encrypted[:nonceSize], encrypted[nonceSize:]
|
|
|
|
var aad []byte
|
|
|
|
if s.AdditionalData != "" {
|
|
|
|
aad = []byte(s.AdditionalData)
|
|
|
|
}
|
|
|
|
plaintext, err := gcm.Open(nil, nonce, ciphertext, aad)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-01-06 09:11:47 +00:00
|
|
|
s.Status = sdkkms.SecretStatusPlain
|
2020-11-30 20:46:34 +00:00
|
|
|
s.Payload = string(plaintext)
|
|
|
|
s.Key = ""
|
|
|
|
s.AdditionalData = ""
|
|
|
|
return nil
|
|
|
|
default:
|
2022-01-04 15:07:41 +00:00
|
|
|
return ErrWrongSecretStatus
|
2021-07-13 19:17:21 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-04 15:07:41 +00:00
|
|
|
func (s *builtinSecret) Clone() SecretProvider {
|
|
|
|
baseSecret := BaseSecret{
|
2021-07-13 19:17:21 +00:00
|
|
|
Status: s.Status,
|
|
|
|
Payload: s.Payload,
|
|
|
|
Key: s.Key,
|
|
|
|
AdditionalData: s.AdditionalData,
|
|
|
|
Mode: s.Mode,
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|
2021-07-13 19:17:21 +00:00
|
|
|
return newBuiltinSecret(baseSecret, "", "")
|
2020-11-30 20:46:34 +00:00
|
|
|
}
|