ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
terraform/vendor/github.com/joyent/triton-go/authentication/ecdsa_signature.go

67 lines
1.3 KiB
Go
Raw Normal View History

provider/triton: Move to joyent/triton-go (#13225) * provider/triton: Move to joyent/triton-go This commit moves the Triton provider to the new joyent/triton-go library from gosdc. This has a number of advantages - not least that requests can be signed using an SSH agent without having to keep unencrypted key material in memory. Schema has been maintained for all resources, and several tests have been added and acceptance tests repaired - in some cases by fixing bugs in the underlying resources. After applying this patch, all acceptance tests pass: ``` go generate $(go list ./... | grep -v /terraform/vendor/) 2017/03/30 13:48:33 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/triton -v -timeout 120m === RUN TestProvider --- PASS: TestProvider (0.00s) === RUN TestProvider_impl --- PASS: TestProvider_impl (0.00s) === RUN TestAccTritonFabric_basic --- PASS: TestAccTritonFabric_basic (15.11s) === RUN TestAccTritonFirewallRule_basic --- PASS: TestAccTritonFirewallRule_basic (1.48s) === RUN TestAccTritonFirewallRule_update --- PASS: TestAccTritonFirewallRule_update (1.55s) === RUN TestAccTritonFirewallRule_enable --- PASS: TestAccTritonFirewallRule_enable (1.52s) === RUN TestAccTritonKey_basic --- PASS: TestAccTritonKey_basic (11.76s) === RUN TestAccTritonKey_noKeyName --- PASS: TestAccTritonKey_noKeyName (11.20s) === RUN TestAccTritonMachine_basic --- PASS: TestAccTritonMachine_basic (82.19s) === RUN TestAccTritonMachine_dns --- PASS: TestAccTritonMachine_dns (173.36s) === RUN TestAccTritonMachine_nic --- PASS: TestAccTritonMachine_nic (167.82s) === RUN TestAccTritonMachine_addNIC --- PASS: TestAccTritonMachine_addNIC (192.11s) === RUN TestAccTritonMachine_firewall --- PASS: TestAccTritonMachine_firewall (188.53s) === RUN TestAccTritonMachine_metadata --- PASS: TestAccTritonMachine_metadata (614.57s) === RUN TestAccTritonVLAN_basic --- PASS: TestAccTritonVLAN_basic (0.93s) === RUN TestAccTritonVLAN_update --- PASS: TestAccTritonVLAN_update (1.50s) PASS ok github.com/hashicorp/terraform/builtin/providers/triton 1463.621s ``` * provider/triton: Update docs for provider config * deps: Vendor github.com/joyent/triton-go/... * deps: Remove github.com/joyent/gosdc
2017-03-31 00:25:27 +02:00
package authentication
import (
"encoding/asn1"
"encoding/base64"
"fmt"
"math/big"
"github.com/hashicorp/errwrap"
"golang.org/x/crypto/ssh"
)
type ecdsaSignature struct {
hashAlgorithm string
R *big.Int
S *big.Int
}
func (s *ecdsaSignature) SignatureType() string {
return fmt.Sprintf("ecdsa-%s", s.hashAlgorithm)
}
func (s *ecdsaSignature) String() string {
toEncode := struct {
R *big.Int
S *big.Int
}{
R: s.R,
S: s.S,
}
signatureBytes, err := asn1.Marshal(toEncode)
if err != nil {
panic(fmt.Sprintf("Error marshaling signature: %s", err))
}
return base64.StdEncoding.EncodeToString(signatureBytes)
}
func newECDSASignature(signatureBlob []byte) (*ecdsaSignature, error) {
var ecSig struct {
R *big.Int
S *big.Int
}
if err := ssh.Unmarshal(signatureBlob, &ecSig); err != nil {
return nil, errwrap.Wrapf("Error unmarshaling signature: {{err}}", err)
}
rValue := ecSig.R.Bytes()
var hashAlgorithm string
switch len(rValue) {
case 31, 32:
hashAlgorithm = "sha256"
case 65, 66:
hashAlgorithm = "sha512"
default:
return nil, fmt.Errorf("Unsupported key length: %d", len(rValue))
}
return &ecdsaSignature{
hashAlgorithm: hashAlgorithm,
R: ecSig.R,
S: ecSig.S,
}, nil
}