webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

types/key: add MachinePrivate and MachinePublic.

Browse Source 
Plumb throughout the codebase as a replacement for the mixed use of
tailcfg.MachineKey and wgkey.Private/Public.

Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson
2021-09-01 01:52:27 -07:00
committed by Dave Anderson
parent 4ce091cbd8
commit 4fdb88efe1
24 changed files with 605 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files
types/key/key.go
+20 -23
View File
@@ -2,21 +2,27 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package key defines some types related to curve25519 keys.
// Package key defines some types for the various keys Tailscale uses.
package key
import (
crand "crypto/rand"
"encoding/base64"
"errors"
"fmt"
"io"
"go4.org/mem"
"golang.org/x/crypto/curve25519"
)
// Private represents a curve25519 private key.
// Private represents a curve25519 private key of unspecified purpose.
//
// Deprecated: this key type has been used for several different
// keypairs, which are used in different protocols. This makes it easy
// to accidentally use the wrong key for a particular purpose, because
// the type system doesn't protect you. Please define dedicated key
// types for each purpose (e.g. communication with control, disco,
// wireguard...) instead, even if they are a Curve25519 value under
// the hood.
type Private [32]byte
// Private reports whether p is the zero value.
@@ -25,11 +31,8 @@ func (p Private) IsZero() bool { return p == Private{} }
// NewPrivate returns a new private key.
func NewPrivate() Private {
var p Private
if _, err := io.ReadFull(crand.Reader, p[:]); err != nil {
panic(err)
}
p[0] &= 248
p[31] = (p[31] & 127) | 64
rand(p[:])
clamp25519Private(p[:])
return p
}
@@ -39,6 +42,14 @@ func NewPrivate() Private {
func (k Private) B32() *[32]byte { return (*[32]byte)(&k) }
// Public represents a curve25519 public key.
//
// Deprecated: this key type has been used for several different
// keypairs, which are used in different protocols. This makes it easy
// to accidentally use the wrong key for a particular purpose, because
// the type system doesn't protect you. Please define dedicated key
// types for each purpose (e.g. communication with control, disco,
// wireguard...) instead, even if they are a Curve25519 value under
// the hood.
type Public [32]byte
// Public reports whether p is the zero value.
@@ -106,17 +117,3 @@ func NewPublicFromHexMem(m mem.RO) (Public, error) {
}
return p, nil
}
// fromHexChar converts a hex character into its value and a success flag.
func fromHexChar(c byte) (byte, bool) {
switch {
case '0' <= c && c <= '9':
return c - '0', true
case 'a' <= c && c <= 'f':
return c - 'a' + 10, true
case 'A' <= c && c <= 'F':
return c - 'A' + 10, true
}
return 0, false
}