From 54371183072977ed8945cef092069069e73f501e Mon Sep 17 00:00:00 2001 From: Dominik Schulz Date: Tue, 20 Feb 2018 12:11:41 +0100 Subject: [PATCH] Add experimental crypto backend (#645) This commit adds an experimental crypto backend. It comes with it's own keyring as well as an agent. The crypto is based on NaCl and Argon2. The on-disk format uses protobuf version 3. Fixes #154 --- .codecov.yml | 7 + .travis.yml | 5 +- Makefile | 8 +- action/action.go | 61 +- action/action_test.go | 38 +- action/clihelper.go | 63 +- action/clihelper_test.go | 49 +- action/clone.go | 56 +- action/clone_test.go | 48 +- action/config_test.go | 9 + action/fsck.go | 40 - action/fsck_test.go | 76 - action/git.go | 80 +- action/git_test.go | 21 +- action/init.go | 90 +- action/init_test.go | 7 +- action/move_test.go | 2 + action/otp.go | 4 +- action/recipients.go | 33 +- action/recipients_test.go | 29 +- action/sync.go | 4 +- action/templates.go | 5 - action/templates_test.go | 3 +- action/version.go | 11 +- action/xc.go | 226 ++ action/xc_test.go | 233 ++ backend/context.go | 149 + backend/crypto.go | 54 + backend/crypto/gpg/cli/binary.go | 45 + backend/crypto/gpg/cli/export.go | 27 + backend/crypto/gpg/cli/export_test.go | 17 + backend/crypto/gpg/cli/generate.go | 59 + backend/crypto/gpg/cli/gpg.go | 203 +- backend/crypto/gpg/cli/gpg_others.go | 2 +- backend/crypto/gpg/cli/gpg_test.go | 36 +- backend/crypto/gpg/cli/gpg_windows.go | 2 +- backend/crypto/gpg/cli/import.go | 30 + backend/crypto/gpg/cli/key.go | 26 + backend/crypto/gpg/cli/key_test.go | 77 + backend/crypto/gpg/cli/keyring.go | 98 + backend/crypto/gpg/cli/utils.go | 12 +- backend/crypto/gpg/cli/utils_test.go | 35 + backend/crypto/gpg/cli/version.go | 29 - backend/crypto/gpg/key.go | 11 +- backend/crypto/gpg/key_test.go | 6 +- backend/crypto/gpg/mock/gpg.go | 110 +- backend/crypto/gpg/mock/gpg_test.go | 65 +- backend/crypto/xc/README.md | 124 + backend/crypto/xc/compress.go | 37 + backend/crypto/xc/compress_test.go | 61 + backend/crypto/xc/decrypt.go | 144 + backend/crypto/xc/encrypt.go | 142 + backend/crypto/xc/encrypt_test.go | 112 + backend/crypto/xc/export.go | 22 + backend/crypto/xc/export_test.go | 69 + backend/crypto/xc/import.go | 19 + backend/crypto/xc/import_test.go | 91 + backend/crypto/xc/keyring/private_key.go | 93 + backend/crypto/xc/keyring/private_key_test.go | 38 + backend/crypto/xc/keyring/public_key.go | 38 + backend/crypto/xc/keyring/public_key_test.go | 13 + backend/crypto/xc/keyring/pubring.go | 228 ++ backend/crypto/xc/keyring/pubring_test.go | 57 + backend/crypto/xc/keyring/secring.go | 229 ++ backend/crypto/xc/keyring/secring_test.go | 54 + backend/crypto/xc/utils.go | 131 + backend/crypto/xc/utils_test.go | 70 + backend/crypto/xc/xc.go | 104 + backend/crypto/xc/xc_test.go | 34 + backend/crypto/xc/xcpb/Makefile | 7 + backend/crypto/xc/xcpb/identity.go | 11 + backend/crypto/xc/xcpb/xc.pb.go | 355 +++ backend/crypto/xc/xcpb/xc.proto | 53 + backend/store.go | 31 + backend/store/fs/store.go | 110 + backend/store/kv/mock/store.go | 117 + backend/sync.go | 33 + backend/sync/git/cli/config.go | 32 +- backend/sync/git/cli/config_test.go | 51 + backend/sync/git/cli/git.go | 15 +- backend/sync/git/cli/git_test.go | 25 +- backend/sync/git/gogit/git.go | 18 +- backend/sync/git/gogit/git_test.go | 12 + backend/sync/git/mock/git.go | 9 +- backend/sync/git/mock/git_test.go | 7 +- commands.go | 269 +- commands_test.go | 110 +- config/config.go | 67 +- config/config_test.go | 16 + config/io.go | 2 + config/io_test.go | 22 +- config/store_config.go | 27 +- store/err.go | 4 +- store/root/fsck.go | 58 - store/root/fsck_test.go | 32 - store/root/git.go | 72 +- store/root/git_test.go | 25 - store/root/gpg.go | 24 +- store/root/gpg_test.go | 26 - store/root/init.go | 27 +- store/root/init_test.go | 12 +- store/root/list.go | 4 +- store/root/mount.go | 17 +- store/root/mount_test.go | 10 + store/root/recipients.go | 7 +- store/root/recipients_test.go | 2 +- store/root/store.go | 25 +- store/root/store_test.go | 12 +- store/root/templates.go | 10 +- store/root/templates_test.go | 2 + store/sub/context_test.go | 1 + store/sub/fsck.go | 247 -- store/sub/fsck_test.go | 34 - store/sub/git.go | 61 +- store/sub/git_test.go | 20 +- store/sub/gpg.go | 119 +- store/sub/gpg_test.go | 10 +- store/sub/init.go | 16 +- store/sub/list.go | 67 +- store/sub/list_test.go | 12 +- store/sub/move.go | 45 +- store/sub/move_test.go | 37 +- store/sub/read.go | 14 +- store/sub/recipients.go | 59 +- store/sub/recipients_test.go | 64 +- store/sub/store.go | 157 +- store/sub/store_test.go | 87 +- store/sub/templates.go | 133 +- store/sub/templates_test.go | 19 +- store/sub/write.go | 19 +- tests/copy_test.go | 1 - tests/gptest/unit.go | 5 +- tests/tester.go | 18 +- tests/uninitialized_test.go | 1 - utils/agent/agent.go | 125 + utils/agent/agent_test.go | 68 + utils/agent/cache.go | 93 + utils/agent/cache_test.go | 55 + utils/agent/client/client.go | 113 + utils/agent/client/client_others.go | 24 + utils/agent/client/client_windows.go | 33 + utils/fsutil/umask.go | 18 + utils/fsutil/umask_test.go | 23 + utils/jsonapi/api_test.go | 8 +- utils/pinentry/pinentry.go | 109 + utils/pinentry/pinentry_darwin.go | 8 + utils/pinentry/pinentry_others.go | 8 + utils/pinentry/pinentry_test.go | 19 + utils/pinentry/pinentry_windows.go | 8 + vendor/github.com/cenk/backoff/LICENSE | 20 + vendor/github.com/cenk/backoff/README.md | 30 + vendor/github.com/cenk/backoff/backoff.go | 66 + vendor/github.com/cenk/backoff/context.go | 60 + vendor/github.com/cenk/backoff/exponential.go | 156 + vendor/github.com/cenk/backoff/retry.go | 78 + vendor/github.com/cenk/backoff/ticker.go | 81 + vendor/github.com/cenk/backoff/tries.go | 35 + vendor/github.com/golang/protobuf/LICENSE | 30 + .../github.com/golang/protobuf/proto/Makefile | 43 + .../github.com/golang/protobuf/proto/clone.go | 229 ++ .../golang/protobuf/proto/decode.go | 970 ++++++ .../golang/protobuf/proto/discard.go | 151 + .../golang/protobuf/proto/encode.go | 1362 +++++++++ .../github.com/golang/protobuf/proto/equal.go | 300 ++ .../golang/protobuf/proto/extensions.go | 587 ++++ .../github.com/golang/protobuf/proto/lib.go | 897 ++++++ .../golang/protobuf/proto/message_set.go | 311 ++ .../golang/protobuf/proto/pointer_reflect.go | 484 +++ .../golang/protobuf/proto/pointer_unsafe.go | 270 ++ .../golang/protobuf/proto/properties.go | 872 ++++++ .../github.com/golang/protobuf/proto/text.go | 854 ++++++ .../golang/protobuf/proto/text_parser.go | 895 ++++++ vendor/golang.org/x/crypto/argon2/argon2.go | 228 ++ vendor/golang.org/x/crypto/argon2/blake2b.go | 53 + .../x/crypto/argon2/blamka_amd64.go | 59 + .../golang.org/x/crypto/argon2/blamka_amd64.s | 252 ++ .../x/crypto/argon2/blamka_generic.go | 163 + .../golang.org/x/crypto/argon2/blamka_ref.go | 15 + vendor/golang.org/x/crypto/blake2b/blake2b.go | 221 ++ .../x/crypto/blake2b/blake2bAVX2_amd64.go | 43 + .../x/crypto/blake2b/blake2bAVX2_amd64.s | 762 +++++ .../x/crypto/blake2b/blake2b_amd64.go | 25 + .../x/crypto/blake2b/blake2b_amd64.s | 290 ++ .../x/crypto/blake2b/blake2b_generic.go | 179 ++ .../x/crypto/blake2b/blake2b_ref.go | 11 + vendor/golang.org/x/crypto/blake2b/blake2x.go | 177 ++ .../golang.org/x/crypto/blake2b/register.go | 32 + .../chacha20poly1305/chacha20poly1305.go | 83 + .../chacha20poly1305_amd64.go | 127 + .../chacha20poly1305/chacha20poly1305_amd64.s | 2714 +++++++++++++++++ .../chacha20poly1305_generic.go | 70 + .../chacha20poly1305_noasm.go | 15 + .../internal/chacha20/chacha_generic.go | 198 ++ vendor/golang.org/x/crypto/nacl/auth/auth.go | 58 + vendor/golang.org/x/crypto/nacl/box/box.go | 103 + .../x/crypto/nacl/secretbox/secretbox.go | 166 + .../golang.org/x/crypto/poly1305/poly1305.go | 33 + .../golang.org/x/crypto/poly1305/sum_amd64.go | 22 + .../golang.org/x/crypto/poly1305/sum_amd64.s | 125 + .../golang.org/x/crypto/poly1305/sum_arm.go | 22 + vendor/golang.org/x/crypto/poly1305/sum_arm.s | 427 +++ .../golang.org/x/crypto/poly1305/sum_ref.go | 141 + .../x/crypto/salsa20/salsa/hsalsa20.go | 144 + .../x/crypto/salsa20/salsa/salsa2020_amd64.s | 889 ++++++ .../x/crypto/salsa20/salsa/salsa208.go | 199 ++ .../x/crypto/salsa20/salsa/salsa20_amd64.go | 24 + .../x/crypto/salsa20/salsa/salsa20_ref.go | 234 ++ vendor/golang.org/x/crypto/sha3/doc.go | 66 + vendor/golang.org/x/crypto/sha3/hashes.go | 65 + vendor/golang.org/x/crypto/sha3/keccakf.go | 412 +++ .../golang.org/x/crypto/sha3/keccakf_amd64.go | 13 + .../golang.org/x/crypto/sha3/keccakf_amd64.s | 390 +++ vendor/golang.org/x/crypto/sha3/register.go | 18 + vendor/golang.org/x/crypto/sha3/sha3.go | 192 ++ vendor/golang.org/x/crypto/sha3/shake.go | 60 + vendor/golang.org/x/crypto/sha3/xor.go | 16 + .../golang.org/x/crypto/sha3/xor_generic.go | 28 + .../golang.org/x/crypto/sha3/xor_unaligned.go | 58 + .../gopkg.in/src-d/go-git.v4/config/config.go | 14 +- .../go-git.v4/plumbing/cache/object_lru.go | 8 +- .../plumbing/format/packfile/decoder.go | 2 + .../format/packfile/delta_selector.go | 32 +- vendor/vendor.json | 238 +- 223 files changed, 24718 insertions(+), 1916 deletions(-) delete mode 100644 action/fsck.go delete mode 100644 action/fsck_test.go create mode 100644 action/xc.go create mode 100644 action/xc_test.go create mode 100644 backend/context.go create mode 100644 backend/crypto.go create mode 100644 backend/crypto/gpg/cli/binary.go create mode 100644 backend/crypto/gpg/cli/export.go create mode 100644 backend/crypto/gpg/cli/export_test.go create mode 100644 backend/crypto/gpg/cli/generate.go create mode 100644 backend/crypto/gpg/cli/import.go create mode 100644 backend/crypto/gpg/cli/key.go create mode 100644 backend/crypto/gpg/cli/key_test.go create mode 100644 backend/crypto/gpg/cli/keyring.go create mode 100644 backend/crypto/gpg/cli/utils_test.go create mode 100644 backend/crypto/xc/README.md create mode 100644 backend/crypto/xc/compress.go create mode 100644 backend/crypto/xc/compress_test.go create mode 100644 backend/crypto/xc/decrypt.go create mode 100644 backend/crypto/xc/encrypt.go create mode 100644 backend/crypto/xc/encrypt_test.go create mode 100644 backend/crypto/xc/export.go create mode 100644 backend/crypto/xc/export_test.go create mode 100644 backend/crypto/xc/import.go create mode 100644 backend/crypto/xc/import_test.go create mode 100644 backend/crypto/xc/keyring/private_key.go create mode 100644 backend/crypto/xc/keyring/private_key_test.go create mode 100644 backend/crypto/xc/keyring/public_key.go create mode 100644 backend/crypto/xc/keyring/public_key_test.go create mode 100644 backend/crypto/xc/keyring/pubring.go create mode 100644 backend/crypto/xc/keyring/pubring_test.go create mode 100644 backend/crypto/xc/keyring/secring.go create mode 100644 backend/crypto/xc/keyring/secring_test.go create mode 100644 backend/crypto/xc/utils.go create mode 100644 backend/crypto/xc/utils_test.go create mode 100644 backend/crypto/xc/xc.go create mode 100644 backend/crypto/xc/xc_test.go create mode 100644 backend/crypto/xc/xcpb/Makefile create mode 100644 backend/crypto/xc/xcpb/identity.go create mode 100644 backend/crypto/xc/xcpb/xc.pb.go create mode 100644 backend/crypto/xc/xcpb/xc.proto create mode 100644 backend/store.go create mode 100644 backend/store/fs/store.go create mode 100644 backend/store/kv/mock/store.go create mode 100644 backend/sync.go create mode 100644 backend/sync/git/cli/config_test.go delete mode 100644 store/root/fsck.go delete mode 100644 store/root/fsck_test.go delete mode 100644 store/root/git_test.go delete mode 100644 store/root/gpg_test.go delete mode 100644 store/sub/fsck.go delete mode 100644 store/sub/fsck_test.go create mode 100644 utils/agent/agent.go create mode 100644 utils/agent/agent_test.go create mode 100644 utils/agent/cache.go create mode 100644 utils/agent/cache_test.go create mode 100644 utils/agent/client/client.go create mode 100644 utils/agent/client/client_others.go create mode 100644 utils/agent/client/client_windows.go create mode 100644 utils/fsutil/umask.go create mode 100644 utils/fsutil/umask_test.go create mode 100644 utils/pinentry/pinentry.go create mode 100644 utils/pinentry/pinentry_darwin.go create mode 100644 utils/pinentry/pinentry_others.go create mode 100644 utils/pinentry/pinentry_test.go create mode 100644 utils/pinentry/pinentry_windows.go create mode 100644 vendor/github.com/cenk/backoff/LICENSE create mode 100644 vendor/github.com/cenk/backoff/README.md create mode 100644 vendor/github.com/cenk/backoff/backoff.go create mode 100644 vendor/github.com/cenk/backoff/context.go create mode 100644 vendor/github.com/cenk/backoff/exponential.go create mode 100644 vendor/github.com/cenk/backoff/retry.go create mode 100644 vendor/github.com/cenk/backoff/ticker.go create mode 100644 vendor/github.com/cenk/backoff/tries.go create mode 100644 vendor/github.com/golang/protobuf/LICENSE create mode 100644 vendor/github.com/golang/protobuf/proto/Makefile create mode 100644 vendor/github.com/golang/protobuf/proto/clone.go create mode 100644 vendor/github.com/golang/protobuf/proto/decode.go create mode 100644 vendor/github.com/golang/protobuf/proto/discard.go create mode 100644 vendor/github.com/golang/protobuf/proto/encode.go create mode 100644 vendor/github.com/golang/protobuf/proto/equal.go create mode 100644 vendor/github.com/golang/protobuf/proto/extensions.go create mode 100644 vendor/github.com/golang/protobuf/proto/lib.go create mode 100644 vendor/github.com/golang/protobuf/proto/message_set.go create mode 100644 vendor/github.com/golang/protobuf/proto/pointer_reflect.go create mode 100644 vendor/github.com/golang/protobuf/proto/pointer_unsafe.go create mode 100644 vendor/github.com/golang/protobuf/proto/properties.go create mode 100644 vendor/github.com/golang/protobuf/proto/text.go create mode 100644 vendor/github.com/golang/protobuf/proto/text_parser.go create mode 100644 vendor/golang.org/x/crypto/argon2/argon2.go create mode 100644 vendor/golang.org/x/crypto/argon2/blake2b.go create mode 100644 vendor/golang.org/x/crypto/argon2/blamka_amd64.go create mode 100644 vendor/golang.org/x/crypto/argon2/blamka_amd64.s create mode 100644 vendor/golang.org/x/crypto/argon2/blamka_generic.go create mode 100644 vendor/golang.org/x/crypto/argon2/blamka_ref.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2b.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.s create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2b_amd64.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2b_amd64.s create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2b_generic.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2b_ref.go create mode 100644 vendor/golang.org/x/crypto/blake2b/blake2x.go create mode 100644 vendor/golang.org/x/crypto/blake2b/register.go create mode 100644 vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go create mode 100644 vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go create mode 100644 vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s create mode 100644 vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go create mode 100644 vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go create mode 100644 vendor/golang.org/x/crypto/internal/chacha20/chacha_generic.go create mode 100644 vendor/golang.org/x/crypto/nacl/auth/auth.go create mode 100644 vendor/golang.org/x/crypto/nacl/box/box.go create mode 100644 vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go create mode 100644 vendor/golang.org/x/crypto/poly1305/poly1305.go create mode 100644 vendor/golang.org/x/crypto/poly1305/sum_amd64.go create mode 100644 vendor/golang.org/x/crypto/poly1305/sum_amd64.s create mode 100644 vendor/golang.org/x/crypto/poly1305/sum_arm.go create mode 100644 vendor/golang.org/x/crypto/poly1305/sum_arm.s create mode 100644 vendor/golang.org/x/crypto/poly1305/sum_ref.go create mode 100644 vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go create mode 100644 vendor/golang.org/x/crypto/salsa20/salsa/salsa2020_amd64.s create mode 100644 vendor/golang.org/x/crypto/salsa20/salsa/salsa208.go create mode 100644 vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go create mode 100644 vendor/golang.org/x/crypto/salsa20/salsa/salsa20_ref.go create mode 100644 vendor/golang.org/x/crypto/sha3/doc.go create mode 100644 vendor/golang.org/x/crypto/sha3/hashes.go create mode 100644 vendor/golang.org/x/crypto/sha3/keccakf.go create mode 100644 vendor/golang.org/x/crypto/sha3/keccakf_amd64.go create mode 100644 vendor/golang.org/x/crypto/sha3/keccakf_amd64.s create mode 100644 vendor/golang.org/x/crypto/sha3/register.go create mode 100644 vendor/golang.org/x/crypto/sha3/sha3.go create mode 100644 vendor/golang.org/x/crypto/sha3/shake.go create mode 100644 vendor/golang.org/x/crypto/sha3/xor.go create mode 100644 vendor/golang.org/x/crypto/sha3/xor_generic.go create mode 100644 vendor/golang.org/x/crypto/sha3/xor_unaligned.go diff --git a/.codecov.yml b/.codecov.yml index ba577396de..847395d60b 100644 --- a/.codecov.yml +++ b/.codecov.yml @@ -2,5 +2,12 @@ coverage: range: 40..90 round: nearest precision: 2 + status: + project: + default: on + patch: + default: off + changes: + default: off ignore: - "vendor/" diff --git a/.travis.yml b/.travis.yml index 889fc41386..8bb70fe04c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,13 +2,14 @@ language: go dist: trusty os: - linux - - osx before_install: - if [ $TRAVIS_OS_NAME = linux ]; then sudo apt-get install git gnupg2; else brew install git gnupg || true; fi + - git config --global user.name nobody + - git config --global user.email foo.bar@example.org go: - - 1.9 + - '1.10' script: - make all diff --git a/Makefile b/Makefile index acd7a0f4be..cd7a113850 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ FIRST_GOPATH := $(firstword $(subst :, ,$(GOPATH))) -PKGS := $(shell go list ./... | grep -v /tests) -GOFILES_NOVENDOR := $(shell find . -type f -name '*.go' -not -path "./vendor/*") -GOFILES_NOTEST := $(shell find . -type f -name '*.go' -not -path "./vendor/*" -not -name "*_test.go") +PKGS := $(shell go list ./... | grep -v /tests | grep -v /xcpb) +GOFILES_NOVENDOR := $(shell find . -type f -name '*.go' -not -path "./vendor/*" -not -name "*.pb.go") +GOFILES_NOTEST := $(shell find . -type f -name '*.go' -not -path "./vendor/*" -not -name "*_test.go" -not -name "*.pb.go") GOPASS_VERSION ?= $(shell cat VERSION) GOPASS_OUTPUT ?= gopass GOPASS_REVISION := $(shell cat COMMIT 2>/dev/null || git rev-parse --short=8 HEAD) @@ -147,7 +147,7 @@ codequality: $(GO) get -u github.com/fzipp/gocyclo; \ fi @$(foreach gofile, $(GOFILES_NOVENDOR),\ - gocyclo -over 15 $(gofile) || exit 1;) + gocyclo -over 20 $(gofile) || exit 1;) @$(call ok) @echo -n " LINT " diff --git a/action/action.go b/action/action.go index ed6b54836b..05ba5be5b7 100644 --- a/action/action.go +++ b/action/action.go @@ -5,15 +5,10 @@ import ( "io" "os" "path/filepath" - "strconv" - "strings" "github.com/blang/semver" - "github.com/justwatchcom/gopass/backend/crypto/gpg" - gpgcli "github.com/justwatchcom/gopass/backend/crypto/gpg/cli" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/store/root" - "github.com/justwatchcom/gopass/utils/out" ) var ( @@ -22,44 +17,20 @@ var ( stderr io.Writer = os.Stderr ) -type gpger interface { - Binary() string - ListPublicKeys(context.Context) (gpg.KeyList, error) - FindPublicKeys(context.Context, ...string) (gpg.KeyList, error) - ListPrivateKeys(context.Context) (gpg.KeyList, error) - CreatePrivateKeyBatch(context.Context, string, string, string) error - CreatePrivateKey(context.Context) error - FindPrivateKeys(context.Context, ...string) (gpg.KeyList, error) - GetRecipients(context.Context, string) ([]string, error) - Encrypt(context.Context, string, []byte, []string) error - Decrypt(context.Context, string) ([]byte, error) - ExportPublicKey(context.Context, string, string) error - ImportPublicKey(context.Context, string) error - Version(context.Context) semver.Version -} - // Action knows everything to run gopass CLI actions type Action struct { Name string Store *root.Store cfg *config.Config - gpg gpger version semver.Version } // New returns a new Action wrapper func New(ctx context.Context, cfg *config.Config, sv semver.Version) (*Action, error) { - gpg, err := gpgcli.New(ctx, gpgcli.Config{ - Umask: umask(), - Args: gpgOpts(), - }) - if err != nil { - out.Red(ctx, "Warning: GPG not found: %s", err) - } - return newAction(ctx, cfg, sv, gpg) + return newAction(ctx, cfg, sv) } -func newAction(ctx context.Context, cfg *config.Config, sv semver.Version, gpg gpger) (*Action, error) { +func newAction(ctx context.Context, cfg *config.Config, sv semver.Version) (*Action, error) { name := "gopass" if len(os.Args) > 0 { name = filepath.Base(os.Args[0]) @@ -69,10 +40,9 @@ func newAction(ctx context.Context, cfg *config.Config, sv semver.Version, gpg g Name: name, cfg: cfg, version: sv, - gpg: gpg, } - store, err := root.New(ctx, cfg, act.gpg) + store, err := root.New(ctx, cfg) if err != nil { return nil, exitError(ctx, ExitUnknown, err, "failed to init root store: %s", err) } @@ -81,32 +51,7 @@ func newAction(ctx context.Context, cfg *config.Config, sv semver.Version, gpg g return act, nil } -func umask() int { - for _, en := range []string{"GOPASS_UMASK", "PASSWORD_STORE_UMASK"} { - if um := os.Getenv(en); um != "" { - if iv, err := strconv.ParseInt(um, 8, 32); err == nil && iv >= 0 && iv <= 0777 { - return int(iv) - } - } - } - return 077 -} - -func gpgOpts() []string { - for _, en := range []string{"GOPASS_GPG_OPTS", "PASSWORD_STORE_GPG_OPTS"} { - if opts := os.Getenv(en); opts != "" { - return strings.Fields(opts) - } - } - return nil -} - // String implement fmt.Stringer func (s *Action) String() string { return s.Store.String() } - -// HasGPG returns true if the GPG wrapper is initialized -func (s *Action) HasGPG() bool { - return s.gpg != nil -} diff --git a/action/action_test.go b/action/action_test.go index e5ff66b940..8c07db8a3e 100644 --- a/action/action_test.go +++ b/action/action_test.go @@ -8,7 +8,7 @@ import ( "testing" "github.com/blang/semver" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/tests/gptest" "github.com/stretchr/testify/assert" @@ -18,10 +18,9 @@ func newMock(ctx context.Context, u *gptest.Unit) (*Action, error) { cfg := config.New() cfg.Root.Path = u.StoreDir("") - sv := semver.Version{} - gpg := gpgmock.New() - - return newAction(ctx, cfg, sv, gpg) + ctx = backend.WithSyncBackendString(ctx, "gitmock") + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") + return newAction(ctx, cfg, semver.Version{}) } func TestAction(t *testing.T) { @@ -34,7 +33,6 @@ func TestAction(t *testing.T) { assert.Equal(t, "action.test", act.Name) assert.Contains(t, act.String(), u.StoreDir("")) - assert.Equal(t, true, act.HasGPG()) assert.Equal(t, 0, len(act.Store.Mounts())) } @@ -56,31 +54,3 @@ func TestNew(t *testing.T) { _, err = New(ctx, cfg, sv) assert.NoError(t, err) } - -func TestUmask(t *testing.T) { - for _, vn := range []string{"GOPASS_UMASK", "PASSWORD_STORE_UMASK"} { - for in, out := range map[string]int{ - "002": 02, - "0777": 0777, - "000": 0, - "07557575": 077, - } { - assert.NoError(t, os.Setenv(vn, in)) - assert.Equal(t, out, umask()) - assert.NoError(t, os.Unsetenv(vn)) - } - } -} - -func TestGpgOpts(t *testing.T) { - for _, vn := range []string{"GOPASS_GPG_OPTS", "PASSWORD_STORE_GPG_OPTS"} { - for in, out := range map[string][]string{ - "": nil, - "--decrypt --armor --recipient 0xDEADBEEF": {"--decrypt", "--armor", "--recipient", "0xDEADBEEF"}, - } { - assert.NoError(t, os.Setenv(vn, in)) - assert.Equal(t, out, gpgOpts()) - assert.NoError(t, os.Unsetenv(vn)) - } - } -} diff --git a/action/clihelper.go b/action/clihelper.go index 1e74cbaf68..4d2baf0b82 100644 --- a/action/clihelper.go +++ b/action/clihelper.go @@ -22,6 +22,7 @@ func (s *Action) ConfirmRecipients(ctx context.Context, name string, recipients return recipients, nil } + crypto := s.Store.Crypto(ctx, name) sort.Strings(recipients) fmt.Fprintf(stdout, "gopass: Encrypting %s for these recipients:\n", name) @@ -33,7 +34,7 @@ func (s *Action) ConfirmRecipients(ctx context.Context, name string, recipients default: } - kl, err := s.gpg.FindPublicKeys(ctx, r) + kl, err := crypto.FindPublicKeys(ctx, r) if err != nil { out.Red(ctx, "Failed to read public key for '%s': %s", name, err) continue @@ -42,7 +43,7 @@ func (s *Action) ConfirmRecipients(ctx context.Context, name string, recipients fmt.Fprintln(stdout, "key not found", r) continue } - fmt.Fprintf(stdout, " - %s\n", kl[0].OneLine()) + fmt.Fprintf(stdout, " - %s\n", crypto.FormatKey(ctx, kl[0])) } fmt.Fprintln(stdout, "") @@ -58,23 +59,23 @@ func (s *Action) ConfirmRecipients(ctx context.Context, name string, recipients } // askforPrivateKey promts the user to select from a list of private keys -func (s *Action) askForPrivateKey(ctx context.Context, prompt string) (string, error) { +func (s *Action) askForPrivateKey(ctx context.Context, name, prompt string) (string, error) { if !ctxutil.IsInteractive(ctx) { return "", errors.New("no interaction without terminal") } - kl, err := s.gpg.ListPrivateKeys(ctx) + crypto := s.Store.Crypto(ctx, name) + kl, err := crypto.ListPrivateKeyIDs(ctx) if err != nil { return "", err } - kl = kl.UseableKeys() if len(kl) < 1 { return "", errors.New("No useable private keys found") } for i := 0; i < maxTries; i++ { if !ctxutil.IsTerminal(ctx) { - return kl[0].Fingerprint, nil + return kl[0], nil } // check for context cancelation select { @@ -85,14 +86,14 @@ func (s *Action) askForPrivateKey(ctx context.Context, prompt string) (string, e fmt.Fprintln(stdout, prompt) for i, k := range kl { - fmt.Fprintf(stdout, "[%d] %s\n", i, k.OneLine()) + fmt.Fprintf(stdout, "[%d] %s\n", i, crypto.FormatKey(ctx, k)) } iv, err := termio.AskForInt(ctx, fmt.Sprintf("Please enter the number of a key (0-%d)", len(kl)-1), 0) if err != nil { continue } if iv >= 0 && iv < len(kl) { - return kl[iv].Fingerprint, nil + return kl[iv], nil } } return "", errors.New("no valid user input") @@ -104,39 +105,39 @@ func (s *Action) askForPrivateKey(ctx context.Context, prompt string) (string, e // On error or no selection, name and email will be empty. // If s.isTerm is false (i.e., the user cannot be prompted), however, // the first identity's name/email pair found is returned. -func (s *Action) askForGitConfigUser(ctx context.Context) (string, string, error) { +func (s *Action) askForGitConfigUser(ctx context.Context, name string) (string, string, error) { var useCurrent bool - keyList, err := s.gpg.ListPrivateKeys(ctx) + crypto := s.Store.Crypto(ctx, name) + keyList, err := crypto.ListPrivateKeyIDs(ctx) if err != nil { return "", "", err } - keyList = keyList.UseableKeys() if len(keyList) < 1 { return "", "", errors.New("No usable private keys found") } for _, key := range keyList { - for _, identity := range key.Identities { - if !ctxutil.IsTerminal(ctx) { - return identity.Name, identity.Email, nil - } - // check for context cancelation - select { - case <-ctx.Done(): - return "", "", errors.New("user aborted") - default: - } - - useCurrent, err = termio.AskForBool( - ctx, - fmt.Sprintf("Use %s (%s) for password store git config?", identity.Name, identity.Email), true) - if err != nil { - return "", "", err - } - if useCurrent { - return identity.Name, identity.Email, nil - } + // check for context cancelation + select { + case <-ctx.Done(): + return "", "", errors.New("user aborted") + default: + } + + name := crypto.NameFromKey(ctx, key) + email := crypto.EmailFromKey(ctx, key) + + useCurrent, err = termio.AskForBool( + ctx, + fmt.Sprintf("Use %s (%s) for password store git config?", name, email), + true, + ) + if err != nil { + return "", "", err + } + if useCurrent { + return name, email, nil } } diff --git a/action/clihelper_test.go b/action/clihelper_test.go index bf086fdfaf..1a6f3cbade 100644 --- a/action/clihelper_test.go +++ b/action/clihelper_test.go @@ -25,10 +25,16 @@ func TestConfirmRecipients(t *testing.T) { act, err := newMock(ctx, u) assert.NoError(t, err) - ctx = ctxutil.WithAlwaysYes(ctx, true) - + // AlwaysYes true in := []string{"foo", "bar"} - got, err := act.ConfirmRecipients(ctx, "test", in) + got, err := act.ConfirmRecipients(ctxutil.WithAlwaysYes(ctx, true), "test", in) + assert.NoError(t, err) + assert.Equal(t, in, got) + buf.Reset() + + // IsNoConfirm true + in = []string{"foo", "bar"} + got, err = act.ConfirmRecipients(ctxutil.WithNoConfirm(ctx, true), "test", in) assert.NoError(t, err) assert.Equal(t, in, got) buf.Reset() @@ -49,9 +55,9 @@ func TestAskForPrivateKey(t *testing.T) { assert.NoError(t, err) ctx = ctxutil.WithAlwaysYes(ctx, true) - key, err := act.askForPrivateKey(ctx, "test") + key, err := act.askForPrivateKey(ctx, "test", "test") assert.NoError(t, err) - assert.Equal(t, "000000000000000000000000DEADBEEF", key) + assert.Equal(t, "0xDEADBEEF", key) buf.Reset() } @@ -66,37 +72,10 @@ func TestAskForGitConfigUser(t *testing.T) { ctx = ctxutil.WithTerminal(ctx, true) ctx = ctxutil.WithAlwaysYes(ctx, true) - _, _, err = act.askForGitConfigUser(ctx) + _, _, err = act.askForGitConfigUser(ctx, "test") assert.NoError(t, err) } -func TestAskForGitConfigUserNonInteractive(t *testing.T) { - u := gptest.NewUnitTester(t) - defer u.Remove() - - ctx := context.Background() - act, err := newMock(ctx, u) - assert.NoError(t, err) - - ctx = ctxutil.WithTerminal(ctx, false) - - keyList, err := act.gpg.ListPrivateKeys(ctx) - assert.NoError(t, err) - - name, email, _ := act.askForGitConfigUser(ctx) - - // unit tests cannot know whether keyList returned empty or not. - // a better distinction would require mocking/patching - // calls to s.gpg.ListPrivateKeys() - if len(keyList) > 0 { - assert.NotEqual(t, "", name) - assert.NotEqual(t, "", email) - } else { - assert.Equal(t, "", name) - assert.Equal(t, "", email) - } -} - func TestAskForStore(t *testing.T) { u := gptest.NewUnitTester(t) defer u.Remove() @@ -113,4 +92,8 @@ func TestAskForStore(t *testing.T) { ctx = ctxutil.WithInteractive(ctx, false) assert.Equal(t, "", act.askForStore(ctx)) + + ctx = ctxutil.WithInteractive(ctx, true) + ctx = ctxutil.WithAlwaysYes(ctx, true) + assert.Equal(t, "", act.askForStore(ctx)) } diff --git a/action/clone.go b/action/clone.go index 49f184ce9f..272adc97d9 100644 --- a/action/clone.go +++ b/action/clone.go @@ -2,10 +2,15 @@ package action import ( "context" + "path/filepath" "github.com/fatih/color" - git "github.com/justwatchcom/gopass/backend/sync/git/cli" + "github.com/justwatchcom/gopass/backend" + "github.com/justwatchcom/gopass/backend/crypto/xc" + gitcli "github.com/justwatchcom/gopass/backend/sync/git/cli" + "github.com/justwatchcom/gopass/backend/sync/git/gogit" "github.com/justwatchcom/gopass/config" + "github.com/justwatchcom/gopass/utils/fsutil" "github.com/justwatchcom/gopass/utils/out" "github.com/justwatchcom/gopass/utils/termio" "github.com/urfave/cli" @@ -13,6 +18,9 @@ import ( // Clone will fetch and mount a new password store from a git repo func (s *Action) Clone(ctx context.Context, c *cli.Context) error { + ctx = backend.WithCryptoBackendString(ctx, c.String("crypto")) + ctx = backend.WithSyncBackendString(ctx, c.String("sync")) + if len(c.Args()) < 1 { return exitError(ctx, ExitUsage, nil, "Usage: %s clone repo [mount]", s.Name) } @@ -32,24 +40,43 @@ func (s *Action) clone(ctx context.Context, repo, mount, path string) error { if path == "" { path = config.PwStoreDir(mount) } - if mount == "" && s.Store.Initialized() { + if mount == "" && s.Store.Initialized(ctx) { return exitError(ctx, ExitAlreadyInitialized, nil, "Can not clone %s to the root store, as this store is already initialized. Please try cloning to a submount: `%s clone %s sub`", repo, s.Name, repo) } // clone repo - if _, err := git.Clone(ctx, s.gpg.Binary(), repo, path); err != nil { - return exitError(ctx, ExitGit, err, "failed to clone repo '%s' to '%s'", repo, path) + switch backend.GetSyncBackend(ctx) { + case backend.GoGit: + if _, err := gogit.Clone(ctx, repo, path); err != nil { + return exitError(ctx, ExitGit, err, "failed to clone repo '%s' to '%s'", repo, path) + } + case backend.GitCLI: + if _, err := gitcli.Clone(ctx, repo, path); err != nil { + return exitError(ctx, ExitGit, err, "failed to clone repo '%s' to '%s'", repo, path) + } + default: + return exitError(ctx, ExitGit, nil, "unknown sync backend '%s'", backend.SyncBackendName(backend.GetSyncBackend(ctx))) } + // detect crypto backend based on cloned repo + ctx = backend.WithCryptoBackend(ctx, detectCryptoBackend(ctx, path)) + // add mount if mount != "" { - if !s.Store.Initialized() { + if !s.Store.Initialized(ctx) { return exitError(ctx, ExitNotInitialized, nil, "Root-Store is not initialized. Clone or init root store first") } if err := s.Store.AddMount(ctx, mount, path); err != nil { return exitError(ctx, ExitMount, err, "Failed to add mount: %s", err) } out.Green(ctx, "Mounted password store %s at mount point `%s` ...", path, mount) + s.cfg.Mounts[mount].CryptoBackend = backend.CryptoBackendName(backend.GetCryptoBackend(ctx)) + s.cfg.Mounts[mount].SyncBackend = backend.SyncBackendName(backend.GetSyncBackend(ctx)) + s.cfg.Mounts[mount].StoreBackend = backend.StoreBackendName(backend.GetStoreBackend(ctx)) + } else { + s.cfg.Root.CryptoBackend = backend.CryptoBackendName(backend.GetCryptoBackend(ctx)) + s.cfg.Root.SyncBackend = backend.SyncBackendName(backend.GetSyncBackend(ctx)) + s.cfg.Root.StoreBackend = backend.StoreBackendName(backend.GetStoreBackend(ctx)) } // save new mount in config file @@ -59,19 +86,15 @@ func (s *Action) clone(ctx context.Context, repo, mount, path string) error { // try to init git config out.Green(ctx, "Configuring git repository ...") - sk, err := s.askForPrivateKey(ctx, color.CyanString("Please select a key for signing Git Commits")) - if err != nil { - out.Red(ctx, "Failed to ask for signing key: %s", err) - } // ask for git config values - username, email, err := s.cloneGetGitConfig(ctx) + username, email, err := s.cloneGetGitConfig(ctx, mount) if err != nil { return err } // initialize git config - if err := s.Store.GitInitConfig(ctx, mount, sk, username, email); err != nil { + if err := s.Store.GitInitConfig(ctx, mount, username, email); err != nil { out.Debug(ctx, "Stacktrace: %+v\n", err) out.Red(ctx, "Failed to configure git: %s", err) } @@ -84,10 +107,10 @@ func (s *Action) clone(ctx context.Context, repo, mount, path string) error { return nil } -func (s *Action) cloneGetGitConfig(ctx context.Context) (string, string, error) { +func (s *Action) cloneGetGitConfig(ctx context.Context, name string) (string, string, error) { // for convenience, set defaults to user-selected values from available private keys // NB: discarding returned error since this is merely a best-effort look-up for convenience - username, email, _ := s.askForGitConfigUser(ctx) + username, email, _ := s.askForGitConfigUser(ctx, name) if username == "" { var err error username, err = termio.AskForString(ctx, color.CyanString("Please enter a user name for password store git config"), username) @@ -104,3 +127,10 @@ func (s *Action) cloneGetGitConfig(ctx context.Context) (string, string, error) } return username, email, nil } + +func detectCryptoBackend(ctx context.Context, path string) backend.CryptoBackend { + if fsutil.IsFile(filepath.Join(path, xc.IDFile)) { + return backend.XC + } + return backend.GPGCLI +} diff --git a/action/clone_test.go b/action/clone_test.go index 6828f961d8..cb487d575b 100644 --- a/action/clone_test.go +++ b/action/clone_test.go @@ -9,6 +9,7 @@ import ( "path/filepath" "testing" + "github.com/justwatchcom/gopass/backend" git "github.com/justwatchcom/gopass/backend/sync/git/cli" "github.com/justwatchcom/gopass/tests/gptest" "github.com/justwatchcom/gopass/utils/ctxutil" @@ -24,6 +25,7 @@ func TestClone(t *testing.T) { ctx := context.Background() ctx = ctxutil.WithAlwaysYes(ctx, true) ctx = ctxutil.WithInteractive(ctx, false) + ctx = backend.WithSyncBackend(ctx, backend.GitCLI) act, err := newMock(ctx, u) assert.NoError(t, err) @@ -46,17 +48,55 @@ func TestClone(t *testing.T) { // clone to initialized store assert.Error(t, act.clone(ctx, "/tmp/non-existing-repo.git", "", filepath.Join(u.Dir, "store"))) - t.Skip("flaky") - // clone to mount gd := filepath.Join(u.Dir, "other-repo") assert.NoError(t, os.MkdirAll(gd, 0700)) _, err = git.Open(gd, "") - assert.NoError(t, err) + assert.Error(t, err) idf := filepath.Join(gd, ".gpg-id") assert.NoError(t, ioutil.WriteFile(idf, []byte("0xDEADBEEF"), 0600)) - gr, err := git.Init(ctx, gd, "", "", "", "") + gr, err := git.Init(ctx, gd, "Nobody", "foo.bar@example.org") assert.NoError(t, err) assert.NotNil(t, gr) assert.NoError(t, act.clone(ctx, gd, "gd", filepath.Join(u.Dir, "mount"))) } + +func TestCloneGetGitConfig(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + ctx = ctxutil.WithInteractive(ctx, false) + + act, err := newMock(ctx, u) + assert.NoError(t, err) + + name, email, err := act.cloneGetGitConfig(ctx, "foobar") + assert.NoError(t, err) + assert.Equal(t, "", name) + assert.Equal(t, "", email) +} + +func TestDetectCryptoBackend(t *testing.T) { + ctx := context.Background() + + tempdir, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(tempdir) + }() + + gpgdir := filepath.Join(tempdir, ".password-store-gpg") + gpgfn := filepath.Join(gpgdir, ".gpg-id") + assert.NoError(t, os.Mkdir(gpgdir, 0755)) + assert.NoError(t, ioutil.WriteFile(gpgfn, []byte("foobar"), 0644)) + + xcdir := filepath.Join(tempdir, ".password-store-xc") + xcfn := filepath.Join(xcdir, ".xc-ids") + assert.NoError(t, os.Mkdir(xcdir, 0755)) + assert.NoError(t, ioutil.WriteFile(xcfn, []byte("foobar"), 0644)) + + assert.Equal(t, backend.GPGCLI, detectCryptoBackend(ctx, gpgdir)) + assert.Equal(t, backend.XC, detectCryptoBackend(ctx, xcdir)) +} diff --git a/action/config_test.go b/action/config_test.go index 29495301b7..464ec36d69 100644 --- a/action/config_test.go +++ b/action/config_test.go @@ -41,12 +41,15 @@ func TestConfig(t *testing.T) { autoimport: true autosync: true cliptimeout: 45 + cryptobackend: gpg nocolor: false noconfirm: false nopager: false ` want += " path: " + u.StoreDir("") + "\n" want += ` safecontent: false + storebackend: fs + syncbackend: git usesymbols: false ` assert.Equal(t, want, buf.String()) @@ -77,12 +80,15 @@ foo/nopager: false` autoimport: true autosync: true cliptimeout: 45 + cryptobackend: gpg nocolor: false noconfirm: false nopager: true ` want += " path: " + u.StoreDir("") + "\n" want += ` safecontent: false + storebackend: fs + syncbackend: git usesymbols: false mount 'foo' config: autoimport: false @@ -118,11 +124,14 @@ mount 'foo' config: autoimport autosync cliptimeout +cryptobackend nocolor noconfirm nopager path safecontent +storebackend +syncbackend usesymbols ` assert.Equal(t, want, buf.String()) diff --git a/action/fsck.go b/action/fsck.go deleted file mode 100644 index d29a3c946a..0000000000 --- a/action/fsck.go +++ /dev/null @@ -1,40 +0,0 @@ -package action - -import ( - "context" - "os" - "path/filepath" - - "github.com/justwatchcom/gopass/config" - "github.com/justwatchcom/gopass/store/sub" - "github.com/justwatchcom/gopass/utils/fsutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/urfave/cli" -) - -// Fsck checks the store integrity -func (s *Action) Fsck(ctx context.Context, c *cli.Context) error { - if c.IsSet("check") { - ctx = sub.WithFsckCheck(ctx, c.Bool("check")) - } - if c.IsSet("force") { - ctx = sub.WithFsckForce(ctx, c.Bool("force")) - } - // make sure config is in the right place - // we may have loaded it from one of the fallback locations - if err := s.cfg.Save(); err != nil { - return exitError(ctx, ExitConfig, err, "failed to save config: %s", err) - } - // clean up any previous config locations - oldCfg := filepath.Join(config.Homedir(), ".gopass.yml") - if fsutil.IsFile(oldCfg) { - if err := os.Remove(oldCfg); err != nil { - out.Red(ctx, "Failed to remove old gopass config %s: %s", oldCfg, err) - } - } - - if _, err := s.Store.Fsck(ctx, ""); err != nil { - return exitError(ctx, ExitFsck, err, "fsck found errors") - } - return nil -} diff --git a/action/fsck_test.go b/action/fsck_test.go deleted file mode 100644 index 10af04705b..0000000000 --- a/action/fsck_test.go +++ /dev/null @@ -1,76 +0,0 @@ -package action - -import ( - "bytes" - "context" - "flag" - "os" - "testing" - - "github.com/justwatchcom/gopass/tests/gptest" - "github.com/justwatchcom/gopass/utils/ctxutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/stretchr/testify/assert" - "github.com/urfave/cli" -) - -func TestFsck(t *testing.T) { - u := gptest.NewUnitTester(t) - defer u.Remove() - - ctx := context.Background() - ctx = ctxutil.WithAlwaysYes(ctx, true) - act, err := newMock(ctx, u) - assert.NoError(t, err) - - buf := &bytes.Buffer{} - out.Stdout = buf - defer func() { - out.Stdout = os.Stdout - }() - - app := cli.NewApp() - - for _, tc := range []struct { - name string - args map[string]string - }{ - { - name: "fsck", - }, - { - name: "fsck --check", - args: map[string]string{ - "check": "true", - }, - }, - { - name: "fsck --force", - args: map[string]string{ - "force": "true", - }, - }, - { - name: "fsck --check --force", - args: map[string]string{ - "check": "true", - "force": "true", - }, - }, - } { - // fsck - fs := flag.NewFlagSet("default", flag.ContinueOnError) - args := make([]string, 0, len(tc.args)*2) - for an, av := range tc.args { - f := cli.BoolFlag{ - Name: an, - Usage: an, - } - assert.NoError(t, f.ApplyWithError(fs)) - args = append(args, "--"+an, av) - } - assert.NoError(t, fs.Parse(args)) - c := cli.NewContext(app, fs, nil) - assert.NoError(t, act.Fsck(ctx, c)) - } -} diff --git a/action/git.go b/action/git.go index 39cfb1cccb..93cc8d3053 100644 --- a/action/git.go +++ b/action/git.go @@ -5,74 +5,86 @@ import ( "os" "github.com/fatih/color" - "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/out" "github.com/justwatchcom/gopass/utils/termio" "github.com/pkg/errors" "github.com/urfave/cli" ) -// Git runs git commands inside the store or mounts -func (s *Action) Git(ctx context.Context, c *cli.Context) error { - store := c.String("store") - recurse := true - if c.IsSet("no-recurse") { - recurse = !c.Bool("no-recurse") - } - force := c.Bool("force") - - if err := s.Store.Git(ctxutil.WithVerbose(ctx, true), store, recurse, force, c.Args()...); err != nil { - return exitError(ctx, ExitGit, err, "git operation failed: %s", err) - } - return nil -} - // GitInit initializes a git repo including basic configuration func (s *Action) GitInit(ctx context.Context, c *cli.Context) error { store := c.String("store") - sk := c.String("sign-key") + un := c.String("username") + ue := c.String("useremail") - if err := s.gitInit(ctx, store, sk); err != nil { + if err := s.gitInit(ctx, store, un, ue); err != nil { return exitError(ctx, ExitGit, err, "failed to initialize git: %s", err) } return nil } -func (s *Action) gitInit(ctx context.Context, store, sk string) error { +func (s *Action) gitInit(ctx context.Context, store, un, ue string) error { out.Green(ctx, "Initializing git repository ...") - if sk == "" { - s, err := s.askForPrivateKey(ctx, color.CyanString("Please select a key for signing Git Commits")) - if err == nil { - sk = s + + userName, userEmail := s.getUserData(ctx, store, un, ue) + if err := s.Store.GitInit(ctx, store, userName, userEmail); err != nil { + if gtv := os.Getenv("GPG_TTY"); gtv == "" { + out.Yellow(ctx, "Git initialization failed. You may want to try to 'export GPG_TTY=$(tty)' and start over.") } + return errors.Wrapf(err, "failed to run git init") + } + + out.Green(ctx, "Git initialized") + return nil +} + +func (s *Action) getUserData(ctx context.Context, store, un, ue string) (string, string) { + if un != "" && ue != "" { + return un, ue } // for convenience, set defaults to user-selected values from available private keys // NB: discarding returned error since this is merely a best-effort look-up for convenience - userName, userEmail, _ := s.askForGitConfigUser(ctx) + userName, userEmail, _ := s.askForGitConfigUser(ctx, store) if userName == "" { var err error userName, err = termio.AskForString(ctx, color.CyanString("Please enter a user name for password store git config"), userName) if err != nil { - return errors.Wrapf(err, "failed to ask for user input") + out.Red(ctx, "Failed to ask for user input: %s", err) } } if userEmail == "" { var err error userEmail, err = termio.AskForString(ctx, color.CyanString("Please enter an email address for password store git config"), userEmail) if err != nil { - return errors.Wrapf(err, "failed to ask for user input") + out.Red(ctx, "Failed to ask for user input: %s", err) } } - if err := s.Store.GitInit(ctx, store, sk, userName, userEmail); err != nil { - if gtv := os.Getenv("GPG_TTY"); gtv == "" { - out.Yellow(ctx, "Git initialization failed. You may want to try to 'export GPG_TTY=$(tty)' and start over.") - } - return errors.Wrapf(err, "failed to run git init") - } + return userName, userEmail +} - out.Green(ctx, "Git initialized") - return nil +// GitAddRemote adds a new git remote +func (s *Action) GitAddRemote(ctx context.Context, c *cli.Context) error { + store := c.String("store") + remote := c.String("remote") + url := c.String("url") + return s.Store.GitAddRemote(ctx, store, remote, url) +} + +// GitPull pulls from a git remote +func (s *Action) GitPull(ctx context.Context, c *cli.Context) error { + store := c.String("store") + origin := c.String("origin") + branch := c.String("branch") + return s.Store.GitPull(ctx, store, origin, branch) +} + +// GitPush pushes to a git remote +func (s *Action) GitPush(ctx context.Context, c *cli.Context) error { + store := c.String("store") + origin := c.String("origin") + branch := c.String("branch") + return s.Store.GitPush(ctx, store, origin, branch) } diff --git a/action/git_test.go b/action/git_test.go index 17f4bc5e9f..5d15c35e27 100644 --- a/action/git_test.go +++ b/action/git_test.go @@ -37,18 +37,19 @@ func TestGit(t *testing.T) { // git init fs := flag.NewFlagSet("default", flag.ContinueOnError) + un := cli.StringFlag{ + Name: "username", + Usage: "username", + } + assert.NoError(t, un.ApplyWithError(fs)) + ue := cli.StringFlag{ + Name: "useremail", + Usage: "useremail", + } + assert.NoError(t, ue.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--username", "foobar", "--useremail", "foo.bar@example.org"})) c := cli.NewContext(app, fs, nil) assert.NoError(t, act.GitInit(ctx, c)) - t.Logf("Out: %s", buf.String()) - buf.Reset() - - // git status - fs = flag.NewFlagSet("default", flag.ContinueOnError) - assert.NoError(t, fs.Parse([]string{"status"})) - c = cli.NewContext(app, fs, nil) - assert.NoError(t, act.Git(ctx, c)) - want := "[root] Running git status\n" - assert.Contains(t, want, buf.String()) buf.Reset() } diff --git a/action/init.go b/action/init.go index babb30cd82..febddc82e9 100644 --- a/action/init.go +++ b/action/init.go @@ -3,9 +3,10 @@ package action import ( "context" "fmt" + "io/ioutil" - "github.com/blang/semver" "github.com/fatih/color" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/cui" @@ -19,22 +20,16 @@ import ( // Initialized returns an error if the store is not properly // prepared. func (s *Action) Initialized(ctx context.Context, c *cli.Context) error { - if s.gpg.Binary() == "" { - return exitError(ctx, ExitGPG, nil, "gpg not found but required") - } - if s.gpg.Version(ctx).LT(semver.Version{Major: 2, Minor: 0, Patch: 0}) { - out.Red(ctx, "Warning: Using GPG 1.x. Using GPG 2.0 or later is highly recommended") - } - if !s.Store.Initialized() { - if ctxutil.IsInteractive(ctx) { - if ok, err := termio.AskForBool(ctx, "It seems you are new to gopass. Do you want to run the onboarding wizard?", true); err == nil && ok { - if err := s.InitOnboarding(ctx, c); err != nil { - return exitError(ctx, ExitUnknown, err, "failed to run onboarding wizard: %s", err) - } - return nil + if !s.Store.Initialized(ctx) { + if !ctxutil.IsInteractive(ctx) { + return exitError(ctx, ExitNotInitialized, nil, "password-store is not initialized. Try '%s init'", s.Name) + } + if ok, err := termio.AskForBool(ctx, "It seems you are new to gopass. Do you want to run the onboarding wizard?", true); err == nil && ok { + if err := s.InitOnboarding(ctx, c); err != nil { + return exitError(ctx, ExitUnknown, err, "failed to run onboarding wizard: %s", err) } + return nil } - return exitError(ctx, ExitNotInitialized, nil, "password-store is not initialized. Try '%s init'", s.Name) } return nil } @@ -44,6 +39,8 @@ func (s *Action) Init(ctx context.Context, c *cli.Context) error { path := c.String("path") alias := c.String("store") nogit := c.Bool("nogit") + ctx = backend.WithCryptoBackendString(ctx, c.String("crypto")) + ctx = backend.WithSyncBackendString(ctx, c.String("sync")) ctx = out.WithPrefix(ctx, "[init] ") out.Cyan(ctx, "Initializing a new password store ...") @@ -64,7 +61,7 @@ func (s *Action) init(ctx context.Context, alias, path string, nogit bool, keys } if len(keys) < 1 { - nk, err := s.askForPrivateKey(ctx, color.CyanString("Please select a private key for encrypting secrets:")) + nk, err := s.askForPrivateKey(ctx, alias, color.CyanString("Please select a private key for encrypting secrets:")) if err != nil { return errors.Wrapf(err, "failed to read user input") } @@ -82,18 +79,14 @@ func (s *Action) init(ctx context.Context, alias, path string, nogit bool, keys } if !nogit { - sk := "" - if len(keys) == 1 { - sk = keys[0] - } - if err := s.gitInit(ctx, alias, sk); err != nil { + if err := s.gitInit(ctx, alias, "", ""); err != nil { out.Debug(ctx, "Stacktrace: %+v\n", err) out.Red(ctx, "Failed to init git: %s", err) } } out.Green(ctx, "Password store %s initialized for:", path) - s.printRecipients(ctx, path, alias) + s.printRecipients(ctx, alias) // write config if err := s.cfg.Save(); err != nil { @@ -103,11 +96,12 @@ func (s *Action) init(ctx context.Context, alias, path string, nogit bool, keys return nil } -func (s *Action) printRecipients(ctx context.Context, path, alias string) { +func (s *Action) printRecipients(ctx context.Context, alias string) { + crypto := s.Store.Crypto(ctx, alias) for _, recipient := range s.Store.ListRecipients(ctx, alias) { r := "0x" + recipient - if kl, err := s.gpg.FindPublicKeys(ctx, recipient); err == nil && len(kl) > 0 { - r = kl[0].OneLine() + if kl, err := crypto.FindPublicKeys(ctx, recipient); err == nil && len(kl) > 0 { + r = crypto.FormatKey(ctx, kl[0]) } out.Yellow(ctx, " "+r) } @@ -122,14 +116,15 @@ func (s *Action) InitOnboarding(ctx context.Context, c *cli.Context) error { email := c.String("email") ctx = out.AddPrefix(ctx, "[init] ") + ctx = backend.WithSyncBackend(ctx, backend.GitCLI) // check for existing GPG keypairs (private/secret keys). We need at least // one useable key pair. If none exists try to create one - if !s.initHasUseablePrivateKeys(ctx) { + if !s.initHasUseablePrivateKeys(ctx, team) { out.Yellow(ctx, "No useable GPG keys. Generating new key pair") ctx := out.AddPrefix(ctx, "[gpg] ") out.Print(ctx, "Key generation may take up to a few minutes") - if err := s.initCreatePrivateKey(ctx, name, email); err != nil { + if err := s.initCreatePrivateKey(ctx, team, name, email); err != nil { return errors.Wrapf(err, "failed to create new private key") } } @@ -167,7 +162,8 @@ func (s *Action) InitOnboarding(ctx context.Context, c *cli.Context) error { return nil } -func (s *Action) initCreatePrivateKey(ctx context.Context, name, email string) error { +func (s *Action) initCreatePrivateKey(ctx context.Context, mount, name, email string) error { + crypto := s.Store.Crypto(ctx, mount) out.Green(ctx, "Creating key pair ...") out.Yellow(ctx, "WARNING: We are about to generate some GPG keys.") out.Print(ctx, `However, the GPG program can sometimes lock up, displaying the following: @@ -177,7 +173,7 @@ https://github.com/justwatchcom/gopass/blob/master/docs/entropy.md`) if name != "" && email != "" { ctx := out.AddPrefix(ctx, " ") passphrase := xkcdgen.Random() - if err := s.gpg.CreatePrivateKeyBatch(ctx, name, email, passphrase); err != nil { + if err := crypto.CreatePrivateKeyBatch(ctx, name, email, passphrase); err != nil { return errors.Wrapf(err, "failed to create new private key in batch mode") } out.Green(ctx, "-> OK") @@ -187,41 +183,42 @@ https://github.com/justwatchcom/gopass/blob/master/docs/entropy.md`) return errors.Wrapf(err, "User aborted") } ctx := out.WithPrefix(ctx, " ") - if err := s.gpg.CreatePrivateKey(ctx); err != nil { + if err := crypto.CreatePrivateKey(ctx); err != nil { return errors.Wrapf(err, "failed to create new private key in interactive mode") } out.Green(ctx, "-> OK") } - kl, err := s.gpg.ListPrivateKeys(ctx) + kl, err := crypto.ListPrivateKeyIDs(ctx) if err != nil { return errors.Wrapf(err, "failed to list private keys") } - klu := kl.UseableKeys() - if len(klu) > 1 { + if len(kl) > 1 { out.Cyan(ctx, "WARNING: More than one private key detected. Make sure to communicate the right one") return nil } - if len(klu) < 1 { + if len(kl) < 1 { out.Debug(ctx, "Private Keys: %+v", kl) return errors.New("failed to create a useable key pair") } - key := klu[0] - fn := key.ID() + ".pub.key" - if err := s.gpg.ExportPublicKey(ctx, key.Fingerprint, fn); err != nil { + key := kl[0] + fn := key + ".pub.key" + pk, err := crypto.ExportPublicKey(ctx, key) + if err != nil { return errors.Wrapf(err, "failed to export public key") } + _ = ioutil.WriteFile(fn, pk, 06444) out.Cyan(ctx, "Public key exported to '%s'", fn) out.Green(ctx, "Done") return nil } -func (s *Action) initHasUseablePrivateKeys(ctx context.Context) bool { - kl, err := s.gpg.ListPrivateKeys(ctx) +func (s *Action) initHasUseablePrivateKeys(ctx context.Context, mount string) bool { + kl, err := s.Store.Crypto(ctx, mount).ListPrivateKeyIDs(ctx) if err != nil { return false } - return len(kl.UseableKeys()) > 0 + return len(kl) > 0 } func (s *Action) initSetupGitRemote(ctx context.Context, team, remote string) error { @@ -252,7 +249,6 @@ func (s *Action) initLocal(ctx context.Context, c *cli.Context) error { ctx = out.AddPrefix(ctx, "[local] ") out.Print(ctx, "Initializing your local store ...") - out.Yellow(ctx, "Setting up git to sign commits. You will be asked for your selected GPG keys passphrase to sign the initial commit") if err := s.init(out.WithHidden(ctx, true), "", "", false); err != nil { return errors.Wrapf(err, "failed to init local store") } @@ -260,13 +256,13 @@ func (s *Action) initLocal(ctx context.Context, c *cli.Context) error { out.Print(ctx, "Configuring your local store ...") - if want, err := termio.AskForBool(ctx, "Do you want to add a git remote?", false); err == nil && want { + if want, err := termio.AskForBool(ctx, out.Prefix(ctx)+"Do you want to add a git remote?", false); err == nil && want { out.Print(ctx, "Configuring the git remote ...") if err := s.initSetupGitRemote(ctx, "", ""); err != nil { return errors.Wrapf(err, "failed to setup git remote") } // autosync - if want, err := termio.AskForBool(ctx, "Do you want to automatically push any changes to the git remote (if any)?", true); err == nil { + if want, err := termio.AskForBool(ctx, out.Prefix(ctx)+"Do you want to automatically push any changes to the git remote (if any)?", true); err == nil { s.cfg.Root.AutoSync = want } } else { @@ -274,7 +270,7 @@ func (s *Action) initLocal(ctx context.Context, c *cli.Context) error { } // noconfirm - if want, err := termio.AskForBool(ctx, "Do you want to always confirm recipients when encrypting?", false); err == nil { + if want, err := termio.AskForBool(ctx, out.Prefix(ctx)+"Do you want to always confirm recipients when encrypting?", false); err == nil { s.cfg.Root.NoConfirm = !want } @@ -297,7 +293,7 @@ func (s *Action) initCreateTeam(ctx context.Context, c *cli.Context, team, remot } // name of the new team - team, err = termio.AskForString(ctx, "Please enter the name of your team (may contain slashes)", team) + team, err = termio.AskForString(ctx, out.Prefix(ctx)+"Please enter the name of your team (may contain slashes)", team) if err != nil { return errors.Wrapf(err, "failed to read user input") } @@ -329,14 +325,14 @@ func (s *Action) initJoinTeam(ctx context.Context, c *cli.Context, team, remote } // name of the existing team - team, err = termio.AskForString(ctx, "Please enter the name of your team (may contain slashes)", team) + team, err = termio.AskForString(ctx, out.Prefix(ctx)+"Please enter the name of your team (may contain slashes)", team) if err != nil { return err } ctx = out.AddPrefix(ctx, "["+team+"]") out.Print(ctx, "Configuring git remote ...") - remote, err = termio.AskForString(ctx, "Please enter the git remote for your shared store", remote) + remote, err = termio.AskForString(ctx, out.Prefix(ctx)+"Please enter the git remote for your shared store", remote) if err != nil { return err } diff --git a/action/init_test.go b/action/init_test.go index 5c586c0515..592428b584 100644 --- a/action/init_test.go +++ b/action/init_test.go @@ -22,6 +22,7 @@ func TestInit(t *testing.T) { ctx := context.Background() ctx = ctxutil.WithAlwaysYes(ctx, true) ctx = ctxutil.WithInteractive(ctx, false) + ctx = ctxutil.WithDebug(ctx, true) act, err := newMock(ctx, u) assert.NoError(t, err) @@ -38,10 +39,12 @@ func TestInit(t *testing.T) { assert.NoError(t, act.Initialized(ctx, c)) assert.Error(t, act.Init(ctx, c)) assert.Error(t, act.InitOnboarding(ctx, c)) - assert.Equal(t, true, act.initHasUseablePrivateKeys(ctx)) - assert.Error(t, act.initCreatePrivateKey(ctx, "foo bar", "foo.bar@example.org")) + assert.Equal(t, true, act.initHasUseablePrivateKeys(ctx, "")) + assert.Error(t, act.initCreatePrivateKey(ctx, "", "foo bar", "foo.bar@example.org")) + buf.Reset() // un-initialize the store assert.NoError(t, os.Remove(filepath.Join(u.StoreDir(""), ".gpg-id"))) assert.Error(t, act.Initialized(ctx, c)) + buf.Reset() } diff --git a/action/move_test.go b/action/move_test.go index 7fb8a7995f..8b71b4e163 100644 --- a/action/move_test.go +++ b/action/move_test.go @@ -20,6 +20,7 @@ func TestMove(t *testing.T) { ctx := context.Background() ctx = ctxutil.WithAlwaysYes(ctx, true) + ctx = ctxutil.WithDebug(ctx, true) act, err := newMock(ctx, u) assert.NoError(t, err) @@ -35,4 +36,5 @@ func TestMove(t *testing.T) { }() assert.NoError(t, act.Move(ctx, c)) + buf.Reset() } diff --git a/action/otp.go b/action/otp.go index 99a87a7e88..b95a43928c 100644 --- a/action/otp.go +++ b/action/otp.go @@ -15,8 +15,8 @@ import ( ) const ( - // TODO - replace this with the currently un-exported step value - // from twofactor.FromURL + // we might want to replace this with the currently un-exported step value + // from twofactor.FromURL if it gets ever exported otpPeriod = 30 ) diff --git a/action/recipients.go b/action/recipients.go index 3247341ad3..2123febe8f 100644 --- a/action/recipients.go +++ b/action/recipients.go @@ -68,14 +68,15 @@ func (s *Action) RecipientsAdd(ctx context.Context, c *cli.Context) error { store = s.askForStore(ctx) } + crypto := s.Store.Crypto(ctx, store) + // select recipient recipients := []string(c.Args()) if len(recipients) < 1 { choices := []string{} - kl, _ := s.gpg.FindPublicKeys(ctx) - kl = kl.UseableKeys() + kl, _ := crypto.FindPublicKeys(ctx) for _, key := range kl { - choices = append(choices, key.OneLine()) + choices = append(choices, crypto.FormatKey(ctx, key)) } if len(choices) > 0 { act, sel := cui.GetSelection(ctx, "Add Recipient -", "<↑/↓> to change the selection, <→> to add this recipient, to quit", choices) @@ -83,7 +84,7 @@ func (s *Action) RecipientsAdd(ctx context.Context, c *cli.Context) error { case "default": fallthrough case "show": - recipients = []string{kl[sel].Fingerprint} + recipients = []string{kl[sel]} default: return exitError(ctx, ExitAborted, nil, "user aborted") } @@ -91,12 +92,11 @@ func (s *Action) RecipientsAdd(ctx context.Context, c *cli.Context) error { } for _, r := range recipients { - keys, err := s.gpg.FindPublicKeys(ctx, r) + keys, err := crypto.FindPublicKeys(ctx, r) if err != nil { out.Cyan(ctx, "Failed to list public key '%s': %s", r, err) continue } - keys = keys.UseableKeys() if len(keys) < 1 { out.Cyan(ctx, "Warning: No matching valid key found. If the key is in your keyring you may need to validate it.") out.Cyan(ctx, "If this is your key: gpg --edit-key %s; trust (set to ultimate); quit", r) @@ -105,11 +105,11 @@ func (s *Action) RecipientsAdd(ctx context.Context, c *cli.Context) error { continue } - if !termio.AskForConfirmation(ctx, fmt.Sprintf("Do you want to add '%s' as an recipient to the store '%s'?", keys[0].OneLine(), store)) { + if !termio.AskForConfirmation(ctx, fmt.Sprintf("Do you want to add '%s' as an recipient to the store '%s'?", crypto.FormatKey(ctx, keys[0]), store)) { continue } - if err := s.Store.AddRecipient(ctxutil.WithNoConfirm(ctx, true), store, keys[0].Fingerprint); err != nil { + if err := s.Store.AddRecipient(ctxutil.WithNoConfirm(ctx, true), store, keys[0]); err != nil { return exitError(ctx, ExitRecipients, err, "failed to add recipient '%s': %s", r, err) } added++ @@ -132,6 +132,8 @@ func (s *Action) RecipientsRemove(ctx context.Context, c *cli.Context) error { store = s.askForStore(ctx) } + crypto := s.Store.Crypto(ctx, store) + // select recipient recipients := []string(c.Args()) if len(recipients) < 1 { @@ -144,7 +146,7 @@ func (s *Action) RecipientsRemove(ctx context.Context, c *cli.Context) error { removed := 0 for _, r := range recipients { - kl, err := s.gpg.FindPrivateKeys(ctx, r) + kl, err := crypto.FindPrivateKeys(ctx, r) if err == nil { if len(kl) > 0 { if !termio.AskForConfirmation(ctx, fmt.Sprintf("Do you want to remove yourself (%s) from the recipients?", r)) { @@ -165,17 +167,12 @@ func (s *Action) RecipientsRemove(ctx context.Context, c *cli.Context) error { } func (s *Action) recipientsSelectForRemoval(ctx context.Context, store string) ([]string, error) { + crypto := s.Store.Crypto(ctx, store) + ids := s.Store.ListRecipients(ctx, store) choices := make([]string, 0, len(ids)) - kl, err := s.gpg.FindPublicKeys(ctx, ids...) - if err == nil && kl != nil { - for _, id := range ids { - if key, err := kl.FindKey(id); err == nil { - choices = append(choices, key.OneLine()) - continue - } - choices = append(choices, id) - } + for _, id := range ids { + choices = append(choices, crypto.FormatKey(ctx, id)) } if len(choices) < 1 { return nil, nil diff --git a/action/recipients_test.go b/action/recipients_test.go index b34a874783..7e54b4f72b 100644 --- a/action/recipients_test.go +++ b/action/recipients_test.go @@ -7,9 +7,11 @@ import ( "os" "testing" + "github.com/fatih/color" "github.com/justwatchcom/gopass/tests/gptest" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/out" + "github.com/muesli/goprogressbar" "github.com/stretchr/testify/assert" "github.com/urfave/cli" ) @@ -30,16 +32,19 @@ func TestRecipients(t *testing.T) { buf := &bytes.Buffer{} out.Stdout = buf stdout = buf + goprogressbar.Stdout = buf + color.NoColor = true defer func() { out.Stdout = os.Stdout stdout = os.Stdout + goprogressbar.Stdout = os.Stdout }() // RecipientsPrint assert.NoError(t, act.RecipientsPrint(ctx, c)) want := `Hint: run 'gopass sync' to import any missing public keys gopass -└── 0xDEADBEEF (missing public key) +└── 0xDEADBEEF ` assert.Equal(t, want, buf.String()) @@ -47,7 +52,7 @@ gopass // RecipientsComplete act.RecipientsComplete(ctx, c) - want = "0xDEADBEEF (missing public key)\n" + want = "0xDEADBEEF\n" assert.Equal(t, want, buf.String()) buf.Reset() @@ -58,4 +63,24 @@ gopass // RecipientsRemove assert.Error(t, act.RecipientsRemove(ctx, c)) buf.Reset() + + // RecipientsAdd 0xFEEDBEEF + fs = flag.NewFlagSet("default", flag.ContinueOnError) + assert.NoError(t, fs.Parse([]string{"0xFEEDBEEF"})) + c = cli.NewContext(app, fs, nil) + assert.NoError(t, act.RecipientsAdd(ctx, c)) + buf.Reset() + + // RecipientsAdd 0xBEEFFEED + fs = flag.NewFlagSet("default", flag.ContinueOnError) + assert.NoError(t, fs.Parse([]string{"0xBEEFFEED"})) + c = cli.NewContext(app, fs, nil) + assert.Error(t, act.RecipientsAdd(ctx, c)) + buf.Reset() + + // RecipientsRemove 0xDEADBEEF + fs = flag.NewFlagSet("default", flag.ContinueOnError) + assert.NoError(t, fs.Parse([]string{"0xDEADBEEF"})) + c = cli.NewContext(app, fs, nil) + assert.NoError(t, act.RecipientsRemove(ctx, c)) } diff --git a/action/sync.go b/action/sync.go index 3cbb24d46b..6e4ba776a7 100644 --- a/action/sync.go +++ b/action/sync.go @@ -81,7 +81,7 @@ func (s *Action) syncMount(ctx context.Context, mp string) error { } numMP := 0 - if l, err := sub.List(""); err == nil { + if l, err := sub.List(ctx, ""); err == nil { numMP = len(l) } @@ -98,7 +98,7 @@ func (s *Action) syncMount(ctx context.Context, mp string) error { } out.Print(ctxno, color.GreenString("OK")) - if l, err := sub.List(""); err == nil { + if l, err := sub.List(ctx, ""); err == nil { diff := len(l) - numMP if diff > 0 { out.Print(ctxno, color.GreenString(" (Added %d entries)", diff)) diff --git a/action/templates.go b/action/templates.go index 1a09ad97b8..97cddcfbee 100644 --- a/action/templates.go +++ b/action/templates.go @@ -5,7 +5,6 @@ import ( "context" "fmt" - "github.com/pkg/errors" "github.com/urfave/cli" ) @@ -53,10 +52,6 @@ func (s *Action) TemplatePrint(ctx context.Context, c *cli.Context) error { // editor func (s *Action) TemplateEdit(ctx context.Context, c *cli.Context) error { name := c.Args().First() - // TODO support editing the root template as well - if name == "" { - return errors.Errorf("provide a template name") - } var content []byte if s.Store.HasTemplate(ctx, name) { diff --git a/action/templates_test.go b/action/templates_test.go index 730ae50c08..621cf364df 100644 --- a/action/templates_test.go +++ b/action/templates_test.go @@ -47,7 +47,8 @@ func TestTemplates(t *testing.T) { // add template assert.NoError(t, act.Store.SetTemplate(ctx, "foo", []byte("foobar"))) assert.NoError(t, act.TemplatesPrint(ctx, c)) - want := `gopass + want := `Pushed changes to git remote +gopass └── foo ` diff --git a/action/version.go b/action/version.go index c5d3f02f4f..f2da1b1364 100644 --- a/action/version.go +++ b/action/version.go @@ -61,8 +61,15 @@ func (s *Action) Version(ctx context.Context, c *cli.Context) error { cli.VersionPrinter(c) - fmt.Fprintf(stdout, " GPG: %s\n", s.Store.GPGVersion(ctx).String()) - fmt.Fprintf(stdout, " Git: %s\n", s.Store.GitVersion(ctx).String()) + // report all used crypto, sync and fs backends + for _, mp := range append(s.Store.MountPoints(), "") { + crypto := s.Store.Crypto(ctx, mp) + fmt.Fprintf(stdout, "[%s] Crypto: %s %s\n", mp, crypto.Name(), crypto.Version(ctx)) + sync := s.Store.Sync(ctx, mp) + fmt.Fprintf(stdout, "[%s] Sync: %s %s\n", mp, sync.Name(), sync.Version(ctx)) + storer := s.Store.Store(ctx, mp) + fmt.Fprintf(stdout, "[%s] Store: %s %s\n", mp, storer.Name(), storer.Version()) + } select { case vi := <-version: diff --git a/action/xc.go b/action/xc.go new file mode 100644 index 0000000000..36cb0a9d0e --- /dev/null +++ b/action/xc.go @@ -0,0 +1,226 @@ +package action + +import ( + "context" + "io/ioutil" + + "github.com/justwatchcom/gopass/backend/crypto/xc" + "github.com/justwatchcom/gopass/config" + "github.com/justwatchcom/gopass/utils/agent/client" + "github.com/justwatchcom/gopass/utils/fsutil" + "github.com/justwatchcom/gopass/utils/out" + "github.com/justwatchcom/gopass/utils/termio" + "github.com/urfave/cli" +) + +// XCListPrivateKeys list the XC private keys +func (s *Action) XCListPrivateKeys(ctx context.Context, c *cli.Context) error { + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + kl, err := crypto.ListPrivateKeyIDs(ctx) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to list private keys") + } + + out.Print(ctx, "XC Private Keys:") + for _, key := range kl { + out.Print(ctx, "%s - %s", key, crypto.FormatKey(ctx, key)) + } + + return nil +} + +// XCListPublicKeys lists the XC public keys +func (s *Action) XCListPublicKeys(ctx context.Context, c *cli.Context) error { + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + kl, err := crypto.ListPublicKeyIDs(ctx) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to list public keys") + } + + out.Print(ctx, "XC Public Keys:") + for _, key := range kl { + out.Print(ctx, "%s - %s", key, crypto.FormatKey(ctx, key)) + } + + return nil +} + +// XCGenerateKeypair generates a new XC keypair +func (s *Action) XCGenerateKeypair(ctx context.Context, c *cli.Context) error { + name := c.String("name") + email := c.String("email") + pw := c.String("passphrase") + + if name == "" { + var err error + name, err = termio.AskForString(ctx, "What is your full name?", "") + if err != nil || name == "" { + return exitError(ctx, ExitNoName, err, "please provide a name") + } + } + if email == "" { + var err error + email, err = termio.AskForString(ctx, "What is your email?", "") + if err != nil || name == "" { + return exitError(ctx, ExitNoName, err, "please provide a email") + } + } + if pw == "" { + var err error + pw, err = termio.AskForPassword(ctx, name) + if err != nil { + return exitError(ctx, ExitIO, err, "failed to ask for password: %s", err) + } + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + return crypto.CreatePrivateKeyBatch(ctx, name, email, pw) +} + +// XCExportPublicKey exports an XC key +func (s *Action) XCExportPublicKey(ctx context.Context, c *cli.Context) error { + id := c.String("id") + file := c.String("file") + + if id == "" { + return exitError(ctx, ExitUsage, nil, "need id") + } + if file == "" { + return exitError(ctx, ExitUsage, nil, "need file") + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + if fsutil.IsFile(file) { + return exitError(ctx, ExitUnknown, nil, "output file already exists") + } + + pk, err := crypto.ExportPublicKey(ctx, id) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to export key: %s", err) + } + + if err := ioutil.WriteFile(file, pk, 0600); err != nil { + return exitError(ctx, ExitIO, err, "failed to write file") + } + return nil +} + +// XCImportPublicKey imports an XC key +func (s *Action) XCImportPublicKey(ctx context.Context, c *cli.Context) error { + file := c.String("file") + + if file == "" { + return exitError(ctx, ExitUsage, nil, "need file") + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + if !fsutil.IsFile(file) { + return exitError(ctx, ExitNotFound, nil, "input file not found") + } + + buf, err := ioutil.ReadFile(file) + if err != nil { + return exitError(ctx, ExitIO, err, "failed to read file") + } + return crypto.ImportPublicKey(ctx, buf) +} + +// XCRemoveKey removes a key from the keyring +func (s *Action) XCRemoveKey(ctx context.Context, c *cli.Context) error { + id := c.String("id") + + if id == "" { + return exitError(ctx, ExitUsage, nil, "need id") + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + return crypto.RemoveKey(id) +} + +// XCExportPrivateKey exports an XC key +func (s *Action) XCExportPrivateKey(ctx context.Context, c *cli.Context) error { + id := c.String("id") + file := c.String("file") + + if id == "" { + return exitError(ctx, ExitUsage, nil, "need id") + } + if file == "" { + return exitError(ctx, ExitUsage, nil, "need file") + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + if fsutil.IsFile(file) { + return exitError(ctx, ExitUnknown, nil, "output file already exists") + } + + pk, err := crypto.ExportPrivateKey(ctx, id) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to export key: %s", err) + } + + if err := ioutil.WriteFile(file, pk, 0600); err != nil { + return exitError(ctx, ExitIO, err, "failed to write file") + } + return nil +} + +// XCImportPrivateKey imports an XC key +func (s *Action) XCImportPrivateKey(ctx context.Context, c *cli.Context) error { + file := c.String("file") + + if file == "" { + return exitError(ctx, ExitUsage, nil, "need file") + } + + cfgdir := config.Directory() + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return exitError(ctx, ExitUnknown, err, "failed to init XC") + } + + if !fsutil.IsFile(file) { + return exitError(ctx, ExitNotFound, nil, "input file not found") + } + + buf, err := ioutil.ReadFile(file) + if err != nil { + return exitError(ctx, ExitIO, err, "failed to read file") + } + return crypto.ImportPrivateKey(ctx, buf) +} diff --git a/action/xc_test.go b/action/xc_test.go new file mode 100644 index 0000000000..1df258a841 --- /dev/null +++ b/action/xc_test.go @@ -0,0 +1,233 @@ +package action + +import ( + "bytes" + "context" + "flag" + "os" + "testing" + + "github.com/justwatchcom/gopass/tests/gptest" + "github.com/justwatchcom/gopass/utils/ctxutil" + "github.com/justwatchcom/gopass/utils/out" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestXCListPrivateKeys(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.NoError(t, act.XCListPrivateKeys(ctx, c)) +} + +func TestXCListPublicKeys(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.NoError(t, act.XCListPublicKeys(ctx, c)) +} + +func TestXCGenerateKeypair(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + nf := cli.StringFlag{ + Name: "name", + Usage: "name", + } + assert.NoError(t, nf.ApplyWithError(fs)) + ef := cli.StringFlag{ + Name: "email", + Usage: "email", + } + assert.NoError(t, ef.ApplyWithError(fs)) + pf := cli.StringFlag{ + Name: "passphrase", + Usage: "passphrase", + } + assert.NoError(t, pf.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--name=foo", "--email=bar", "--passphrase=foobar"})) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.NoError(t, act.XCGenerateKeypair(ctx, c)) +} + +func TestXCExportPublicKey(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + id := cli.StringFlag{ + Name: "id", + Usage: "id", + } + assert.NoError(t, id.ApplyWithError(fs)) + ff := cli.StringFlag{ + Name: "file", + Usage: "file", + } + assert.NoError(t, ff.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--id=foo", "--file=/tmp/foo.pub"})) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.Error(t, act.XCExportPublicKey(ctx, c)) +} + +func TestXCImportPublicKey(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + ff := cli.StringFlag{ + Name: "file", + Usage: "file", + } + assert.NoError(t, ff.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--file=/tmp/foo.pub"})) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.Error(t, act.XCImportPublicKey(ctx, c)) +} + +func TestXCExportPrivateKey(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + id := cli.StringFlag{ + Name: "id", + Usage: "id", + } + assert.NoError(t, id.ApplyWithError(fs)) + ff := cli.StringFlag{ + Name: "file", + Usage: "file", + } + assert.NoError(t, ff.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--id=foo", "--file=/tmp/foo.pub"})) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.Error(t, act.XCExportPrivateKey(ctx, c)) +} + +func TestXCImportPrivateKey(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + act, err := newMock(ctx, u) + assert.NoError(t, err) + + app := cli.NewApp() + fs := flag.NewFlagSet("default", flag.ContinueOnError) + ff := cli.StringFlag{ + Name: "file", + Usage: "file", + } + assert.NoError(t, ff.ApplyWithError(fs)) + assert.NoError(t, fs.Parse([]string{"--file=/tmp/foo.pub"})) + c := cli.NewContext(app, fs, nil) + + buf := &bytes.Buffer{} + out.Stdout = buf + stdout = buf + defer func() { + out.Stdout = os.Stdout + stdout = os.Stdout + }() + + assert.Error(t, act.XCImportPrivateKey(ctx, c)) +} diff --git a/backend/context.go b/backend/context.go new file mode 100644 index 0000000000..0a2a10cba6 --- /dev/null +++ b/backend/context.go @@ -0,0 +1,149 @@ +package backend + +import "context" + +type contextKey int + +const ( + ctxKeyCryptoBackend contextKey = iota + ctxKeySyncBackend + ctxKeyStoreBackend +) + +// CryptoBackendName returns the name of the given backend +func CryptoBackendName(cb CryptoBackend) string { + switch cb { + case GPGMock: + return "gpgmock" + case GPGCLI: + return "gpgcli" + case XC: + return "xc" + default: + return "" + } +} + +// WithCryptoBackendString returns a context with the given crypto backend set +func WithCryptoBackendString(ctx context.Context, be string) context.Context { + switch be { + case "gpg": + fallthrough + case "gpgcli": + return WithCryptoBackend(ctx, GPGCLI) + case "gpgmock": + return WithCryptoBackend(ctx, GPGMock) + case "xc": + return WithCryptoBackend(ctx, XC) + default: + return ctx + } +} + +// WithCryptoBackend returns a context with the given crypto backend set +func WithCryptoBackend(ctx context.Context, be CryptoBackend) context.Context { + return context.WithValue(ctx, ctxKeyCryptoBackend, be) +} + +// HasCryptoBackend returns true if a value for crypto backend has been set in the context +func HasCryptoBackend(ctx context.Context) bool { + _, ok := ctx.Value(ctxKeyCryptoBackend).(CryptoBackend) + return ok +} + +// GetCryptoBackend returns the selected crypto backend or the default (GPGCLI) +func GetCryptoBackend(ctx context.Context) CryptoBackend { + be, ok := ctx.Value(ctxKeyCryptoBackend).(CryptoBackend) + if !ok { + return GPGCLI + } + return be +} + +// SyncBackendName returns the name of the given backend +func SyncBackendName(sb SyncBackend) string { + switch sb { + case GitMock: + return "gitmock" + case GitCLI: + return "gitcli" + case GoGit: + return "gogit" + default: + return "" + } +} + +// WithSyncBackendString returns a context with the given sync backend set +func WithSyncBackendString(ctx context.Context, sb string) context.Context { + switch sb { + case "git": + fallthrough + case "gitcli": + return WithSyncBackend(ctx, GitCLI) + case "gogit": + return WithSyncBackend(ctx, GoGit) + case "gitmock": + return WithSyncBackend(ctx, GitMock) + default: + return WithSyncBackend(ctx, GitMock) + } +} + +// WithSyncBackend returns a context with the given sync backend set +func WithSyncBackend(ctx context.Context, sb SyncBackend) context.Context { + return context.WithValue(ctx, ctxKeySyncBackend, sb) +} + +// HasSyncBackend returns true if a value for sync backend has been set in the context +func HasSyncBackend(ctx context.Context) bool { + _, ok := ctx.Value(ctxKeySyncBackend).(SyncBackend) + return ok +} + +// GetSyncBackend returns the sync backend or the default (Git Mock) +func GetSyncBackend(ctx context.Context) SyncBackend { + be, ok := ctx.Value(ctxKeySyncBackend).(SyncBackend) + if !ok { + return GitMock + } + return be +} + +// WithStoreBackendString returns a context with the given store backend set +func WithStoreBackendString(ctx context.Context, sb string) context.Context { + switch sb { + case "kvmock": + return WithStoreBackend(ctx, KVMock) + case "fs": + return WithStoreBackend(ctx, FS) + default: + return WithStoreBackend(ctx, FS) + } +} + +// WithStoreBackend returns a context with the given store backend set +func WithStoreBackend(ctx context.Context, sb StoreBackend) context.Context { + return context.WithValue(ctx, ctxKeyStoreBackend, sb) +} + +// GetStoreBackend returns the store backend or the default (FS) +func GetStoreBackend(ctx context.Context) StoreBackend { + be, ok := ctx.Value(ctxKeyStoreBackend).(StoreBackend) + if !ok { + return FS + } + return be +} + +// StoreBackendName returns the name of the given backend +func StoreBackendName(sb StoreBackend) string { + switch sb { + case FS: + return "fs" + case KVMock: + return "kvmock" + default: + return "" + } +} diff --git a/backend/crypto.go b/backend/crypto.go new file mode 100644 index 0000000000..1b37d3c255 --- /dev/null +++ b/backend/crypto.go @@ -0,0 +1,54 @@ +package backend + +import ( + "context" + + "github.com/blang/semver" +) + +// CryptoBackend is a cryptographic backend +type CryptoBackend int + +const ( + // GPGMock is a no-op crypto backend + GPGMock CryptoBackend = iota + // GPGCLI is a gpg-cli based crypto backend + GPGCLI + // XC is an experimental crypto backend + XC +) + +// Keyring is a public/private key manager +type Keyring interface { + ImportPublicKey(ctx context.Context, key []byte) error + ExportPublicKey(ctx context.Context, id string) ([]byte, error) + + ListPublicKeyIDs(ctx context.Context) ([]string, error) + ListPrivateKeyIDs(ctx context.Context) ([]string, error) + + FindPublicKeys(ctx context.Context, needles ...string) ([]string, error) + FindPrivateKeys(ctx context.Context, needles ...string) ([]string, error) + + FormatKey(ctx context.Context, id string) string + NameFromKey(ctx context.Context, id string) string + EmailFromKey(ctx context.Context, id string) string + ReadNamesFromKey(ctx context.Context, buf []byte) ([]string, error) + + CreatePrivateKeyBatch(ctx context.Context, name, email, passphrase string) error + CreatePrivateKey(ctx context.Context) error +} + +// Crypto is a crypto backend +type Crypto interface { + Keyring + + Encrypt(ctx context.Context, plaintext []byte, recipients []string) ([]byte, error) + Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error) + RecipientIDs(ctx context.Context, ciphertext []byte) ([]string, error) + + Name() string + Version(context.Context) semver.Version + Initialized(ctx context.Context) error + Ext() string // filename extension + IDFile() string // recipient IDs +} diff --git a/backend/crypto/gpg/cli/binary.go b/backend/crypto/gpg/cli/binary.go new file mode 100644 index 0000000000..83c7da9365 --- /dev/null +++ b/backend/crypto/gpg/cli/binary.go @@ -0,0 +1,45 @@ +package cli + +import ( + "context" + "errors" + "os/exec" + "sort" + + "github.com/justwatchcom/gopass/utils/out" +) + +// Binary returns the GPG binary location +func (g *GPG) Binary() string { + if g == nil { + return "" + } + return g.binary +} + +// Binary reutrns the GGP binary location +func Binary(ctx context.Context, bin string) (string, error) { + bins, err := detectBinaryCandidates(bin) + if err != nil { + return "", err + } + bv := make(byVersion, 0, len(bins)) + for _, b := range bins { + out.Debug(ctx, "gpg.detectBinary - Looking for '%s' ...", b) + if p, err := exec.LookPath(b); err == nil { + gb := gpgBin{ + path: p, + ver: version(ctx, p), + } + out.Debug(ctx, "gpg.detectBinary - Found '%s' at '%s' (%s)", b, p, gb.ver.String()) + bv = append(bv, gb) + } + } + if len(bv) < 1 { + return "", errors.New("no gpg binary found") + } + sort.Sort(bv) + binary := bv[len(bv)-1].path + out.Debug(ctx, "gpg.detectBinary - using '%s'", binary) + return binary, nil +} diff --git a/backend/crypto/gpg/cli/export.go b/backend/crypto/gpg/cli/export.go new file mode 100644 index 0000000000..ba7c2d7072 --- /dev/null +++ b/backend/crypto/gpg/cli/export.go @@ -0,0 +1,27 @@ +package cli + +import ( + "context" + "os/exec" + + "github.com/justwatchcom/gopass/utils/out" + "github.com/pkg/errors" +) + +// ExportPublicKey will export the named public key to the location given +func (g *GPG) ExportPublicKey(ctx context.Context, id string) ([]byte, error) { + args := append(g.args, "--armor", "--export", id) + cmd := exec.CommandContext(ctx, g.binary, args...) + + out.Debug(ctx, "gpg.ExportPublicKey: %s %+v", cmd.Path, cmd.Args) + out, err := cmd.Output() + if err != nil { + return nil, errors.Wrapf(err, "failed to run command '%s %+v'", cmd.Path, cmd.Args) + } + + if len(out) < 1 { + return nil, errors.Errorf("Key not found") + } + + return out, nil +} diff --git a/backend/crypto/gpg/cli/export_test.go b/backend/crypto/gpg/cli/export_test.go new file mode 100644 index 0000000000..e4890af1fe --- /dev/null +++ b/backend/crypto/gpg/cli/export_test.go @@ -0,0 +1,17 @@ +package cli + +import ( + "context" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestExportPublicKey(t *testing.T) { + ctx := context.Background() + g, err := New(ctx, Config{}) + assert.NoError(t, err) + + _, err = g.ExportPublicKey(ctx, "foobar") + assert.Error(t, err) +} diff --git a/backend/crypto/gpg/cli/generate.go b/backend/crypto/gpg/cli/generate.go new file mode 100644 index 0000000000..c9a783b12f --- /dev/null +++ b/backend/crypto/gpg/cli/generate.go @@ -0,0 +1,59 @@ +package cli + +import ( + "bytes" + "context" + "os" + "os/exec" + + "github.com/justwatchcom/gopass/utils/out" + "github.com/pkg/errors" +) + +// CreatePrivateKeyBatch will create a new GPG keypair in batch mode +func (g *GPG) CreatePrivateKeyBatch(ctx context.Context, name, email, passphrase string) error { + buf := &bytes.Buffer{} + // https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=de0f21ccba60c3037c2a155156202df1cd098507;hb=refs/heads/STABLE-BRANCH-1-4#l716 + _, _ = buf.WriteString(`%echo Generating a RSA/RSA key pair +Key-Type: RSA +Key-Length: 2048 +Subkey-Type: RSA +Subkey-Length: 2048 +Expire-Date: 0 +`) + _, _ = buf.WriteString("Name-Real: " + name + "\n") + _, _ = buf.WriteString("Name-Email: " + email + "\n") + _, _ = buf.WriteString("Passphrase: " + passphrase + "\n") + + args := []string{"--batch", "--gen-key"} + cmd := exec.CommandContext(ctx, g.binary, args...) + cmd.Stdin = bytes.NewReader(buf.Bytes()) + cmd.Stdout = nil + cmd.Stderr = nil + + out.Debug(ctx, "gpg.CreatePrivateKeyBatch: %s %+v", cmd.Path, cmd.Args) + if err := cmd.Run(); err != nil { + return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) + } + g.privKeys = nil + g.pubKeys = nil + return nil +} + +// CreatePrivateKey will create a new GPG key in interactive mode +func (g *GPG) CreatePrivateKey(ctx context.Context) error { + args := []string{"--gen-key"} + cmd := exec.CommandContext(ctx, g.binary, args...) + cmd.Stdin = os.Stdin + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + out.Debug(ctx, "gpg.CreatePrivateKey: %s %+v", cmd.Path, cmd.Args) + if err := cmd.Run(); err != nil { + return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) + } + + g.privKeys = nil + g.pubKeys = nil + return nil +} diff --git a/backend/crypto/gpg/cli/gpg.go b/backend/crypto/gpg/cli/gpg.go index b9d0f44e9c..006d54c2f5 100644 --- a/backend/crypto/gpg/cli/gpg.go +++ b/backend/crypto/gpg/cli/gpg.go @@ -4,21 +4,13 @@ import ( "bufio" "bytes" "context" - "io/ioutil" "os" "os/exec" - "path/filepath" "regexp" "strings" "github.com/justwatchcom/gopass/backend/crypto/gpg" "github.com/justwatchcom/gopass/utils/out" - "github.com/pkg/errors" -) - -const ( - fileMode = 0600 - dirPerm = 0700 ) var ( @@ -28,6 +20,10 @@ var ( // defaultArgs contains the default GPG args for non-interactive use. Note: Do not use '--batch' // as this will disable (necessary) passphrase questions! defaultArgs = []string{"--quiet", "--yes", "--compress-algo=none", "--no-encrypt-to", "--no-auto-check-trustdb"} + // Ext is the file extension used by this backend + Ext = "gpg" + // IDFile is the name of the recipients file used by this backend + IDFile = ".gpg-id" ) // GPG is a gpg wrapper @@ -63,83 +59,23 @@ func New(ctx context.Context, cfg Config) (*GPG, error) { args: append(defaultArgs, cfg.Args...), } - if err := g.detectBinary(ctx, cfg.Binary); err != nil { + bin, err := Binary(ctx, cfg.Binary) + if err != nil { return nil, err } + g.binary = bin return g, nil } -// Binary returns the GPG binary location -func (g *GPG) Binary() string { - if g == nil { - return "" - } - return g.binary -} - -// listKey lists all keys of the given type and matching the search strings -func (g *GPG) listKeys(ctx context.Context, typ string, search ...string) (gpg.KeyList, error) { - args := []string{"--with-colons", "--with-fingerprint", "--fixed-list-mode", "--list-" + typ + "-keys"} - args = append(args, search...) - cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stderr = nil - - out.Debug(ctx, "gpg.listKeys: %s %+v\n", cmd.Path, cmd.Args) - cmdout, err := cmd.Output() - if err != nil { - if bytes.Contains(cmdout, []byte("secret key not available")) { - return gpg.KeyList{}, nil - } - return gpg.KeyList{}, err - } - - return parseColons(bytes.NewBuffer(cmdout)), nil -} - -// ListPublicKeys returns a parsed list of GPG public keys -func (g *GPG) ListPublicKeys(ctx context.Context) (gpg.KeyList, error) { - if g.pubKeys == nil { - kl, err := g.listKeys(ctx, "public") - if err != nil { - return nil, err - } - g.pubKeys = kl - } - return g.pubKeys, nil -} - -// FindPublicKeys searches for the given public keys -func (g *GPG) FindPublicKeys(ctx context.Context, search ...string) (gpg.KeyList, error) { - // TODO use cache - return g.listKeys(ctx, "public", search...) -} - -// ListPrivateKeys returns a parsed list of GPG secret keys -func (g *GPG) ListPrivateKeys(ctx context.Context) (gpg.KeyList, error) { - if g.privKeys == nil { - kl, err := g.listKeys(ctx, "secret") - if err != nil { - return nil, err - } - g.privKeys = kl - } - return g.privKeys, nil -} - -// FindPrivateKeys searches for the given private keys -func (g *GPG) FindPrivateKeys(ctx context.Context, search ...string) (gpg.KeyList, error) { - // TODO use cache - return g.listKeys(ctx, "secret", search...) -} - -// GetRecipients returns a list of recipient IDs for a given file -func (g *GPG) GetRecipients(ctx context.Context, file string) ([]string, error) { +// RecipientIDs returns a list of recipient IDs for a given file +func (g *GPG) RecipientIDs(ctx context.Context, buf []byte) ([]string, error) { _ = os.Setenv("LANGUAGE", "C") recp := make([]string, 0, 5) - args := []string{"--batch", "--list-only", "--list-packets", "--no-default-keyring", "--secret-keyring", "/dev/null", file} + args := []string{"--batch", "--list-only", "--list-packets", "--no-default-keyring", "--secret-keyring", "/dev/null"} cmd := exec.CommandContext(ctx, g.binary, args...) + cmd.Stdin = bytes.NewReader(buf) out.Debug(ctx, "gpg.GetRecipients: %s %+v", cmd.Path, cmd.Args) cmdout, err := cmd.CombinedOutput() @@ -166,12 +102,8 @@ func (g *GPG) GetRecipients(ctx context.Context, file string) ([]string, error) // Encrypt will encrypt the given content for the recipients. If alwaysTrust is true // the trust-model will be set to always as to avoid (annoying) "unusable public key" // errors when encrypting. -func (g *GPG) Encrypt(ctx context.Context, path string, content []byte, recipients []string) error { - if err := os.MkdirAll(filepath.Dir(path), dirPerm); err != nil { - return errors.Wrapf(err, "failed to create dir '%s'", path) - } - - args := append(g.args, "--encrypt", "--output", path) +func (g *GPG) Encrypt(ctx context.Context, plaintext []byte, recipients []string) ([]byte, error) { + args := append(g.args, "--encrypt") if gpg.IsAlwaysTrust(ctx) { // changing the trustmodel is possibly dangerous. A user should always // explicitly opt-in to do this @@ -181,111 +113,44 @@ func (g *GPG) Encrypt(ctx context.Context, path string, content []byte, recipien args = append(args, "--recipient", r) } + buf := &bytes.Buffer{} + cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stdin = bytes.NewReader(content) - cmd.Stdout = os.Stdout + cmd.Stdin = bytes.NewReader(plaintext) + cmd.Stdout = buf cmd.Stderr = os.Stderr out.Debug(ctx, "gpg.Encrypt: %s %+v", cmd.Path, cmd.Args) - return cmd.Run() + err := cmd.Run() + return buf.Bytes(), err } // Decrypt will try to decrypt the given file -func (g *GPG) Decrypt(ctx context.Context, path string) ([]byte, error) { - args := append(g.args, "--decrypt", path) +func (g *GPG) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error) { + args := append(g.args, "--decrypt") cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stdin = os.Stdin + cmd.Stdin = bytes.NewReader(ciphertext) out.Debug(ctx, "gpg.Decrypt: %s %+v", cmd.Path, cmd.Args) return cmd.Output() } -// ExportPublicKey will export the named public key to the location given -func (g *GPG) ExportPublicKey(ctx context.Context, id, filename string) error { - args := append(g.args, "--armor", "--export", id) - cmd := exec.CommandContext(ctx, g.binary, args...) - - out.Debug(ctx, "gpg.ExportPublicKey: %s %+v", cmd.Path, cmd.Args) - out, err := cmd.Output() - if err != nil { - return errors.Wrapf(err, "failed to run command '%s %+v'", cmd.Path, cmd.Args) - } - - if len(out) < 1 { - return errors.Errorf("Key not found") - } - - return ioutil.WriteFile(filename, out, fileMode) -} - -// ImportPublicKey will import a key from the given location -func (g *GPG) ImportPublicKey(ctx context.Context, filename string) error { - buf, err := ioutil.ReadFile(filename) - if err != nil { - return errors.Wrapf(err, "failed to read file '%s'", filename) - } - - args := append(g.args, "--import") - cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stdin = bytes.NewReader(buf) - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - - out.Debug(ctx, "gpg.ImportPublicKey: %s %+v", cmd.Path, cmd.Args) - if err := cmd.Run(); err != nil { - return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) - } - - // clear key cache - g.privKeys = nil - g.pubKeys = nil +// Initialized always returns nil +func (g *GPG) Initialized(ctx context.Context) error { return nil } -// CreatePrivateKeyBatch will create a new GPG keypair in batch mode -func (g *GPG) CreatePrivateKeyBatch(ctx context.Context, name, email, passphrase string) error { - buf := &bytes.Buffer{} - // https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=de0f21ccba60c3037c2a155156202df1cd098507;hb=refs/heads/STABLE-BRANCH-1-4#l716 - _, _ = buf.WriteString(`%echo Generating a RSA/RSA key pair -Key-Type: RSA -Key-Length: 2048 -Subkey-Type: RSA -Subkey-Length: 2048 -Expire-Date: 0 -`) - _, _ = buf.WriteString("Name-Real: " + name + "\n") - _, _ = buf.WriteString("Name-Email: " + email + "\n") - _, _ = buf.WriteString("Passphrase: " + passphrase + "\n") - - args := []string{"--batch", "--gen-key"} - cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stdin = bytes.NewReader(buf.Bytes()) - cmd.Stdout = nil - cmd.Stderr = nil - - out.Debug(ctx, "gpg.CreatePrivateKeyBatch: %s %+v", cmd.Path, cmd.Args) - if err := cmd.Run(); err != nil { - return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) - } - g.privKeys = nil - g.pubKeys = nil - return nil +// Name returns gpg +func (g *GPG) Name() string { + return "gpg" } -// CreatePrivateKey will create a new GPG key in interactive mode -func (g *GPG) CreatePrivateKey(ctx context.Context) error { - args := []string{"--gen-key"} - cmd := exec.CommandContext(ctx, g.binary, args...) - cmd.Stdin = os.Stdin - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - - out.Debug(ctx, "gpg.CreatePrivateKey: %s %+v", cmd.Path, cmd.Args) - if err := cmd.Run(); err != nil { - return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) - } +// Ext returns gpg +func (g *GPG) Ext() string { + return Ext +} - g.privKeys = nil - g.pubKeys = nil - return nil +// IDFile returns .gpg-id +func (g *GPG) IDFile() string { + return IDFile } diff --git a/backend/crypto/gpg/cli/gpg_others.go b/backend/crypto/gpg/cli/gpg_others.go index 2b65a1e184..6c758802d7 100644 --- a/backend/crypto/gpg/cli/gpg_others.go +++ b/backend/crypto/gpg/cli/gpg_others.go @@ -2,7 +2,7 @@ package cli -func (g *GPG) detectBinaryCandidates(bin string) ([]string, error) { +func detectBinaryCandidates(bin string) ([]string, error) { bins := []string{"gpg2", "gpg1", "gpg"} if bin != "" { bins = append(bins, bin) diff --git a/backend/crypto/gpg/cli/gpg_test.go b/backend/crypto/gpg/cli/gpg_test.go index 2997d0d741..c86b0e0e13 100644 --- a/backend/crypto/gpg/cli/gpg_test.go +++ b/backend/crypto/gpg/cli/gpg_test.go @@ -7,29 +7,35 @@ import ( "github.com/stretchr/testify/assert" ) -func TestSplitPacket(t *testing.T) { - m := splitPacket(":pubkey enc packet: version 3, algo 16, keyid 6780DF473C7A71D3") - val, found := m["keyid"] - if !found { - t.Errorf("Failed to parse/lookup keyid") - } - if val != "6780DF473C7A71D3" { - t.Errorf("Failed to get keyid") - } -} - func TestGPG(t *testing.T) { ctx := context.Background() - g, err := New(ctx, Config{}) + + var err error + var g *GPG + + assert.Equal(t, "", g.Binary()) + + g, err = New(ctx, Config{}) assert.NoError(t, err) assert.NotEqual(t, "", g.Binary()) - _, err = g.ListPublicKeys(ctx) + _, err = g.ListPublicKeyIDs(ctx) assert.NoError(t, err) - _, err = g.ListPrivateKeys(ctx) + _, err = g.ListPrivateKeyIDs(ctx) assert.NoError(t, err) - _, err = g.GetRecipients(ctx, "nothing") + _, err = g.RecipientIDs(ctx, []byte{}) assert.Error(t, err) + + assert.NoError(t, g.Initialized(ctx)) + assert.Equal(t, "gpg", g.Name()) + assert.Equal(t, "gpg", g.Ext()) + assert.Equal(t, ".gpg-id", g.IDFile()) +} + +func TestDetectBinaryCandidates(t *testing.T) { + bins, err := detectBinaryCandidates("foobar") + assert.NoError(t, err) + assert.Equal(t, []string{"gpg2", "gpg1", "gpg", "foobar"}, bins) } diff --git a/backend/crypto/gpg/cli/gpg_windows.go b/backend/crypto/gpg/cli/gpg_windows.go index 53f8a87003..bbb2b4404d 100644 --- a/backend/crypto/gpg/cli/gpg_windows.go +++ b/backend/crypto/gpg/cli/gpg_windows.go @@ -10,7 +10,7 @@ import ( "golang.org/x/sys/windows/registry" ) -func (g *GPG) detectBinaryCandidates(bin string) ([]string, error) { +func detectBinaryCandidates(bin string) ([]string, error) { // gpg.exe for GPG4Win 3.0.0; would be gpg2.exe for 2.x bins := make([]string, 0, 4) diff --git a/backend/crypto/gpg/cli/import.go b/backend/crypto/gpg/cli/import.go new file mode 100644 index 0000000000..f997a67b07 --- /dev/null +++ b/backend/crypto/gpg/cli/import.go @@ -0,0 +1,30 @@ +package cli + +import ( + "bytes" + "context" + "os" + "os/exec" + + "github.com/justwatchcom/gopass/utils/out" + "github.com/pkg/errors" +) + +// ImportPublicKey will import a key from the given location +func (g *GPG) ImportPublicKey(ctx context.Context, buf []byte) error { + args := append(g.args, "--import") + cmd := exec.CommandContext(ctx, g.binary, args...) + cmd.Stdin = bytes.NewReader(buf) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + out.Debug(ctx, "gpg.ImportPublicKey: %s %+v", cmd.Path, cmd.Args) + if err := cmd.Run(); err != nil { + return errors.Wrapf(err, "failed to run command: '%s %+v'", cmd.Path, cmd.Args) + } + + // clear key cache + g.privKeys = nil + g.pubKeys = nil + return nil +} diff --git a/backend/crypto/gpg/cli/key.go b/backend/crypto/gpg/cli/key.go new file mode 100644 index 0000000000..bde0f54cb4 --- /dev/null +++ b/backend/crypto/gpg/cli/key.go @@ -0,0 +1,26 @@ +package cli + +import ( + "bytes" + "context" + + "github.com/pkg/errors" + + "golang.org/x/crypto/openpgp" +) + +// ReadNamesFromKey unmarshals and returns the names associated with the given public key +func (g *GPG) ReadNamesFromKey(ctx context.Context, buf []byte) ([]string, error) { + el, err := openpgp.ReadArmoredKeyRing(bytes.NewReader(buf)) + if err != nil { + return nil, errors.Wrapf(err, "failed to read key ring") + } + if len(el) != 1 { + return nil, errors.Errorf("Public Key must contain exactly one Entity") + } + names := make([]string, 0, len(el[0].Identities)) + for _, v := range el[0].Identities { + names = append(names, v.Name) + } + return names, nil +} diff --git a/backend/crypto/gpg/cli/key_test.go b/backend/crypto/gpg/cli/key_test.go new file mode 100644 index 0000000000..3687d2e88f --- /dev/null +++ b/backend/crypto/gpg/cli/key_test.go @@ -0,0 +1,77 @@ +package cli + +import ( + "context" + "testing" + + "github.com/justwatchcom/gopass/utils/ctxutil" + "github.com/stretchr/testify/assert" +) + +const pubkey = ` +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1 + +mQINBFn18UoBEACbfzn9kr35IRXuDC+VA6Yuv7AR2EGLb1tGzvtKfG1JDECV/Npo +Ru/lwN02iW+pWt8JR/yHOaMjQzZhbH+I9nuLmBITR/V9ZiPnggCpN+uNMH6EBU7W +TXbiVNm/3kOY9PkLFZQiBL8HCXw0qARmlU4UlwBFjFEtv5ra9gbZH4EoKoLP6uFh +ziDIjViVKUCI+Z1iJZwalu7ac63LI/mXzwrAf/uWE8fAu2WpK1xuxwxFxyUxm2yO +c9Y+ytKCQ1/PAiOvzL96SMlQNHsuSW/8kOU/C8PhoAbwArd/Hxqi0blqPinNdfGP +NzGwKoxak0ZEwfjMo2/uOIWQCcQm7NYsI0YcAH9+7El6ZWkkLi98lRwhLCmpffe+ +w4FanGNfVVYrwsAUS0ejGpbXNF5jv9cMjEcxQlkID1xOOFAwSmg/f2PQM0wtJdDG +Z9/DduIOXfnf5PXdR9EZhwo9N2RRciPr8FheIZe/RZqmhUejLVp2idEPhiGDbO45 +OQak0JaPSxKRHsMwHKgNmfyO2XoJ+0ONNnyJL7Gm8cr4Lq6Zg189R4qEfNF8/JIU +//AQotKO3y2s6oHxjo2bQIYm/xkG0++Lcq4H5FxVJTqOE9XmYTyIoehGaPuk1eqy +to/4flXBBxy9UpTfF4cF79PvJqxHz7GNPolBscecNEG+nFbMOF6CPzG1UQARAQAB +tDFHb3Bhc3MgQXJjaGl2ZSBTaWduaW5nIEtleSA8Z29wYXNzQGp1c3R3YXRjaC5j +b20+iQI9BBMBCgAnBQJZ9fFKAhsDBQkSzAMABQsJCAcDBRUKCQgLBRYCAwEAAh4B +AheAAAoJEAySIlqX9rZmyscP/Rlv+0zDOCS5c7Bwyg5EkYRCQGDzt5W6+Udu9r4H +UenhB40XD5Ox0lU0oYSGgGLKxfPqD3/mY/6AGxZNtNsiQTKz52ire3Gs4tQXQu7j ++w1QrQkARc9Q3+FpbYVePMe8xXx4TAbKladYZumEctLp2SYXgHbG3EekYX51gBIY +kY6akJa/7tR37QdJkCq6Twhh621CsqyJI6lSCL6kKekUktwzV/c5XUijxAAs064Y +sPq9Hxm7bp+c1lMtz9tP/7wTSiJ5ufRpQZ85TnmJH016IdRNj1AEu07eTpFpmqxe +9pfsPCmRFVUwGoLTG+3yCsNyWJDRumW+mmHjpFTBX3OLxW4CI3z1fczbxmFAwr6d +tgsiUPe2tAw5LCAluo9wZxxeQLbDw8+e5FO/r7uiXLVwyWnIm4kKKu7SEZTFyWf4 +gvr+Smlm2o4NDqjqp0TurshKZcETJuNE23v9zh+gxekEqKAjdEwjsPPhhbLAT2V3 +qkzMHejDcGOZWFjz4LFHCnAwYNKOY3dhyv12dbr4PvS6CoEZGVx2vCIkLkGzmg8I +zcvN2gdoiiy2WtZ0b5Hd+BIRgNFTDLszm8eMgFhRHgO52c2ZunRCAFtDdUDx54O6 +EHTswZ/pFJZiH6PI//jSr+nPlxLt7fbjFRJI6deOYtW94Tw+fHkzaLWvF7UC0vz2 +rw8NuQINBFn18UoBEACwuB5KkTw8xU5m9cJSRnMQ+GfH9kc8mis/O1N+zMYc/o51 +mHOclXCCG4C68Ba1DBm3PrzWBoaiGoVFomEW7SskQKyvvPwe13lD2l88d0CUIbmx +6wbv8ESNnH4xf1Yhl/khxZ3ecEd81DN1vVevcb6Eay5aRBxihTdeRg4J9PahL8nj +cMOTdH3J2GiEDGwIR7oBcI0a0EOpBN5PJU9goKr3Dl8ObRwB4wV1bsHFLsifWtYn +bOYYp+hKWRPf4CfNWEoESzMHsmx7ki8aS1EXL9aZFVEcZ67ZdTu8iDaMdmnW4el/ +p+D+4PeVlZSzQBDqyCdYB0zTi+ByLpJ2MhNHMBK2pdLuIWk7vvxTQCz794cqYpEI +P0/KN788UGJ8YYg2ab5L1YBpXqyqu2wFSGWK6q/I3u5uQsm0/T+x/n8kEt+spNcu +66zcco+ddQ/4waKbTZdY69VGgWiRubT/dJRmsgbT4sFgLmnYrLHH/v/XFYewc2e6 +szaGAWr0P//XB/UFTEltJVSox7qWNuB2UBMmCVw/9Ow0ylt1j0Zve9NgYi7yr0Qr +lZCzkqkGnL1L54FK6JChseC5L6gsJuzXmP2nH1LDB9+NCYHdzmAAsKsy+prTS1Zv +aty0xzK4Ds00g1EJC7LIe7Iaj8HqPIZ9sDT+PRdJRcM6Z5q9TjW1VU1iRXXqIQAR +AQABiQIlBBgBCgAPBQJZ9fFKAhsMBQkSzAMAAAoJEAySIlqX9rZmioQP/iQGtLDG +2pyhv79qQOn4tMwIS0urSCJhLZRI09v11gfXchI8DhmOm2re4ZNFM09vvCX+Z4EI +SG2mofY+bB0hwiYF8YECpCNSIzlMGC8O39/0VkcTHXO8fwT8Yet9RvalI5owmiO8 +t9tZeiSBNO8f2MbWWZZuDwcQm3VJSoBR0GpWk8JhyIgfBnmefQTKH60sqbrWdTk2 +7rBFQonWacioUFx5MeNVFqaY2ixQcywlGtwzXx67bM4zfgJUr5zps1pmjwKHspxR +nZ7twHlS5V2ccFamigoa9OW52hDZZqpkjwJxbv1WjMY410r099fd5epVklLinuzz +l6RoSl119G/Bmyv1rLguT96ALLW+rBM/6X02XLdNzVrDOFbudh8rzAcPnN+jagb6 +r7bpPxJKUVeDsMOAFpQkXfizxIO7xUkL4nSrybanckiJ9kn54KAPq5l2W4qjvwUe +lc9H2dcZ5BfyTxSqGq+C0fRmERQt075FegIXRWTPN2r9xnFp4r1LE184vwL+7ec0 +TuG22zcizbrw+MhuAA8gfa+dxPR+Lm/BzrRYTrjrKVNJczQi5O1h4RsBj59EnaYM +W1w17WmlKUS9SKiFT52hKi7b3C/19WPamvDoarjglEkpOKkETUOIwA8ViI9Wa4Fm +oLGNPe8bErLNfny6AWU0Enam6a13BxwbBrtr +=AmFu +-----END PGP PUBLIC KEY BLOCK----- +` + +func TestReadNamesFromKey(t *testing.T) { + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + + g, err := New(ctx, Config{}) + assert.NoError(t, err) + assert.NotEqual(t, "", g.Binary()) + + names, err := g.ReadNamesFromKey(ctx, []byte(pubkey)) + assert.NoError(t, err) + assert.Equal(t, []string{"Gopass Archive Signing Key "}, names) +} diff --git a/backend/crypto/gpg/cli/keyring.go b/backend/crypto/gpg/cli/keyring.go new file mode 100644 index 0000000000..755e61517d --- /dev/null +++ b/backend/crypto/gpg/cli/keyring.go @@ -0,0 +1,98 @@ +package cli + +import ( + "bytes" + "context" + "os/exec" + + "github.com/justwatchcom/gopass/backend/crypto/gpg" + "github.com/justwatchcom/gopass/utils/out" +) + +// listKey lists all keys of the given type and matching the search strings +func (g *GPG) listKeys(ctx context.Context, typ string, search ...string) (gpg.KeyList, error) { + args := []string{"--with-colons", "--with-fingerprint", "--fixed-list-mode", "--list-" + typ + "-keys"} + args = append(args, search...) + cmd := exec.CommandContext(ctx, g.binary, args...) + cmd.Stderr = nil + + out.Debug(ctx, "gpg.listKeys: %s %+v\n", cmd.Path, cmd.Args) + cmdout, err := cmd.Output() + if err != nil { + if bytes.Contains(cmdout, []byte("secret key not available")) { + return gpg.KeyList{}, nil + } + return gpg.KeyList{}, err + } + + return parseColons(bytes.NewBuffer(cmdout)), nil +} + +// ListPublicKeyIDs returns a parsed list of GPG public keys +func (g *GPG) ListPublicKeyIDs(ctx context.Context) ([]string, error) { + if g.pubKeys == nil { + kl, err := g.listKeys(ctx, "public") + if err != nil { + return nil, err + } + g.pubKeys = kl + } + return g.pubKeys.UseableKeys().Recipients(), nil +} + +// FindPublicKeys searches for the given public keys +func (g *GPG) FindPublicKeys(ctx context.Context, search ...string) ([]string, error) { + kl, err := g.listKeys(ctx, "public", search...) + if err != nil || kl == nil { + return nil, err + } + return kl.UseableKeys().Recipients(), nil +} + +// ListPrivateKeyIDs returns a parsed list of GPG secret keys +func (g *GPG) ListPrivateKeyIDs(ctx context.Context) ([]string, error) { + if g.privKeys == nil { + kl, err := g.listKeys(ctx, "secret") + if err != nil { + return nil, err + } + g.privKeys = kl + } + return g.privKeys.UseableKeys().Recipients(), nil +} + +// FindPrivateKeys searches for the given private keys +func (g *GPG) FindPrivateKeys(ctx context.Context, search ...string) ([]string, error) { + kl, err := g.listKeys(ctx, "secret", search...) + if err != nil || kl == nil { + return nil, err + } + return kl.UseableKeys().Recipients(), nil +} + +func (g *GPG) findKey(ctx context.Context, id string) gpg.Key { + kl, _ := g.listKeys(ctx, "secret", id) + if len(kl) == 1 { + return kl[0] + } + kl, _ = g.listKeys(ctx, "public", id) + if len(kl) == 1 { + return kl[0] + } + return gpg.Key{} +} + +// EmailFromKey extracts the email from a key id +func (g *GPG) EmailFromKey(ctx context.Context, id string) string { + return g.findKey(ctx, id).Identity().Email +} + +// NameFromKey extracts the name from a key id +func (g *GPG) NameFromKey(ctx context.Context, id string) string { + return g.findKey(ctx, id).Identity().Name +} + +// FormatKey formats the details of a key id +func (g *GPG) FormatKey(ctx context.Context, id string) string { + return g.findKey(ctx, id).Identity().ID() +} diff --git a/backend/crypto/gpg/cli/utils.go b/backend/crypto/gpg/cli/utils.go index 43b4e0bef1..d0912071a7 100644 --- a/backend/crypto/gpg/cli/utils.go +++ b/backend/crypto/gpg/cli/utils.go @@ -39,7 +39,7 @@ func splitPacket(in string) map[string]string { } p = strings.Split(strings.TrimSpace(p[2]), " ") for i := 0; i+1 < len(p); i += 2 { - m[p[i]] = p[i+1] + m[p[i]] = strings.Trim(p[i+1], ",") } return m } @@ -53,3 +53,13 @@ func tty() string { } return dest } + +// GPGOpts parses extra GPG options from the environment +func GPGOpts() []string { + for _, en := range []string{"GOPASS_GPG_OPTS", "PASSWORD_STORE_GPG_OPTS"} { + if opts := os.Getenv(en); opts != "" { + return strings.Fields(opts) + } + } + return nil +} diff --git a/backend/crypto/gpg/cli/utils_test.go b/backend/crypto/gpg/cli/utils_test.go new file mode 100644 index 0000000000..75b9defe17 --- /dev/null +++ b/backend/crypto/gpg/cli/utils_test.go @@ -0,0 +1,35 @@ +package cli + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestGpgOpts(t *testing.T) { + for _, vn := range []string{"GOPASS_GPG_OPTS", "PASSWORD_STORE_GPG_OPTS"} { + for in, out := range map[string][]string{ + "": nil, + "--decrypt --armor --recipient 0xDEADBEEF": {"--decrypt", "--armor", "--recipient", "0xDEADBEEF"}, + } { + assert.NoError(t, os.Setenv(vn, in)) + assert.Equal(t, out, GPGOpts()) + assert.NoError(t, os.Unsetenv(vn)) + } + } +} + +func TestSplitPacket(t *testing.T) { + for in, out := range map[string]map[string]string{ + "": {}, + ":pubkey enc packet: version 3, algo 1, keyid 00F0FF00FFC00F0F": { + "algo": "1", + "keyid": "00F0FF00FFC00F0F", + "version": "3", + }, + ":encrypted data packet:": {}, + } { + assert.Equal(t, out, splitPacket(in)) + } +} diff --git a/backend/crypto/gpg/cli/version.go b/backend/crypto/gpg/cli/version.go index 06f0b8e6d6..aa922f99d0 100644 --- a/backend/crypto/gpg/cli/version.go +++ b/backend/crypto/gpg/cli/version.go @@ -4,13 +4,10 @@ import ( "bufio" "bytes" "context" - "errors" "os/exec" - "sort" "strings" "github.com/blang/semver" - "github.com/justwatchcom/gopass/utils/out" ) type gpgBin struct { @@ -60,29 +57,3 @@ func version(ctx context.Context, binary string) semver.Version { } return v } - -func (g *GPG) detectBinary(ctx context.Context, bin string) error { - bins, err := g.detectBinaryCandidates(bin) - if err != nil { - return err - } - bv := make(byVersion, 0, len(bins)) - for _, b := range bins { - out.Debug(ctx, "gpg.detectBinary - Looking for '%s' ...", b) - if p, err := exec.LookPath(b); err == nil { - gb := gpgBin{ - path: p, - ver: version(ctx, p), - } - out.Debug(ctx, "gpg.detectBinary - Found '%s' at '%s' (%s)", b, p, gb.ver.String()) - bv = append(bv, gb) - } - } - if len(bv) < 1 { - return errors.New("no gpg binary found") - } - sort.Sort(bv) - g.binary = bv[len(bv)-1].path - out.Debug(ctx, "gpg.detectBinary - using '%s'", g.binary) - return nil -} diff --git a/backend/crypto/gpg/key.go b/backend/crypto/gpg/key.go index 0ed0a3671e..f82102c7db 100644 --- a/backend/crypto/gpg/key.go +++ b/backend/crypto/gpg/key.go @@ -56,6 +56,11 @@ func (k Key) String() string { // OneLine prints a terse representation of this key on one line (includes only // the first identity!) func (k Key) OneLine() string { + return fmt.Sprintf("0x%s - %s", k.Fingerprint[24:], k.Identity().ID()) +} + +// Identity returns the first identity +func (k Key) Identity() Identity { ids := make([]Identity, 0, len(k.Identities)) for _, i := range k.Identities { ids = append(ids, i) @@ -63,12 +68,10 @@ func (k Key) OneLine() string { sort.Slice(ids, func(i, j int) bool { return ids[i].CreationDate.After(ids[j].CreationDate) }) - id := Identity{} for _, i := range ids { - id = i - break + return i } - return fmt.Sprintf("0x%s - %s", k.Fingerprint[24:], id.ID()) + return Identity{} } // ID returns the short fingerprint diff --git a/backend/crypto/gpg/key_test.go b/backend/crypto/gpg/key_test.go index 435629558e..5502f3f1c7 100644 --- a/backend/crypto/gpg/key_test.go +++ b/backend/crypto/gpg/key_test.go @@ -61,7 +61,11 @@ func genTestKey(args ...string) Key { } func TestKey(t *testing.T) { - k := genTestKey() + k := Key{ + Identities: map[string]Identity{}, + } + assert.Equal(t, "", k.Identity().Name) + k = genTestKey() assert.Equal(t, k.IsUseable(), true) assert.Equal(t, "sec 2048D/0x62AF4031C82E0039 2018-01-01 [expires: 2218-01-01]\n Key fingerprint = 25FF1614B8F87B52FFFF99B962AF4031C82E0039\nuid John Doe (johnny) ", k.String()) assert.Equal(t, "0x62AF4031C82E0039 - John Doe (johnny) ", k.OneLine()) diff --git a/backend/crypto/gpg/mock/gpg.go b/backend/crypto/gpg/mock/gpg.go index a474772107..53392b2c28 100644 --- a/backend/crypto/gpg/mock/gpg.go +++ b/backend/crypto/gpg/mock/gpg.go @@ -5,13 +5,11 @@ import ( "crypto/sha256" "fmt" "io/ioutil" - "os" - "path/filepath" + "strings" "time" "github.com/blang/semver" "github.com/justwatchcom/gopass/backend/crypto/gpg" - "github.com/pkg/errors" ) var staticPrivateKeyList = gpg.KeyList{ @@ -29,6 +27,20 @@ var staticPrivateKeyList = gpg.KeyList{ }, }, }, + gpg.Key{ + KeyType: "rsa", + KeyLength: 2048, + Validity: "u", + CreationDate: time.Now(), + Fingerprint: "000000000000000000000000FEEDBEEF", + Identities: map[string]gpg.Identity{ + "Feed Beef ": { + Name: "Feed Beef", + Email: "feed.beef@example.com", + CreationDate: time.Now(), + }, + }, + }, } // Mocker is a no-op GPG mock @@ -39,51 +51,57 @@ func New() *Mocker { return &Mocker{} } -// ListPublicKeys does nothing -func (m *Mocker) ListPublicKeys(context.Context) (gpg.KeyList, error) { - return gpg.KeyList{}, nil +// ListPublicKeyIDs does nothing +func (m *Mocker) ListPublicKeyIDs(context.Context) ([]string, error) { + return staticPrivateKeyList.Recipients(), nil } // FindPublicKeys does nothing -func (m *Mocker) FindPublicKeys(context.Context, ...string) (gpg.KeyList, error) { - return gpg.KeyList{}, nil +func (m *Mocker) FindPublicKeys(ctx context.Context, keys ...string) ([]string, error) { + rs := staticPrivateKeyList.Recipients() + res := make([]string, 0, len(rs)) + for _, r := range rs { + for _, needle := range keys { + if strings.HasSuffix(r, needle) { + res = append(res, r) + } + } + } + return res, nil } -// ListPrivateKeys does nothing -func (m *Mocker) ListPrivateKeys(context.Context) (gpg.KeyList, error) { - return staticPrivateKeyList, nil +// ListPrivateKeyIDs does nothing +func (m *Mocker) ListPrivateKeyIDs(context.Context) ([]string, error) { + return staticPrivateKeyList.Recipients(), nil } // FindPrivateKeys does nothing -func (m *Mocker) FindPrivateKeys(context.Context, ...string) (gpg.KeyList, error) { - return staticPrivateKeyList, nil +func (m *Mocker) FindPrivateKeys(ctx context.Context, keys ...string) ([]string, error) { + return m.FindPublicKeys(ctx, keys...) } -// GetRecipients does nothing -func (m *Mocker) GetRecipients(context.Context, string) ([]string, error) { - return []string{}, nil +// RecipientIDs does nothing +func (m *Mocker) RecipientIDs(context.Context, []byte) ([]string, error) { + return staticPrivateKeyList.Recipients(), nil } // Encrypt writes the input to disk unaltered -func (m *Mocker) Encrypt(ctx context.Context, path string, content []byte, recipients []string) error { - if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil { - return errors.Wrapf(err, "failed to create dir '%s'", path) - } - return ioutil.WriteFile(path, content, 0600) +func (m *Mocker) Encrypt(ctx context.Context, content []byte, recipients []string) ([]byte, error) { + return content, nil } // Decrypt read the file from disk unaltered -func (m *Mocker) Decrypt(ctx context.Context, path string) ([]byte, error) { - return ioutil.ReadFile(path) +func (m *Mocker) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error) { + return ciphertext, nil } // ExportPublicKey does nothing -func (m *Mocker) ExportPublicKey(context.Context, string, string) error { - return nil +func (m *Mocker) ExportPublicKey(context.Context, string) ([]byte, error) { + return nil, nil } // ImportPublicKey does nothing -func (m *Mocker) ImportPublicKey(context.Context, string) error { +func (m *Mocker) ImportPublicKey(context.Context, []byte) error { return nil } @@ -140,3 +158,43 @@ func (m *Mocker) CreatePrivateKey(ctx context.Context) error { func (m *Mocker) CreatePrivateKeyBatch(ctx context.Context, name, email, pw string) error { return fmt.Errorf("not yet implemented") } + +// EmailFromKey returns nothing +func (m *Mocker) EmailFromKey(context.Context, string) string { + return "" +} + +// NameFromKey returns nothing +func (m *Mocker) NameFromKey(context.Context, string) string { + return "" +} + +// FormatKey returns the id +func (m *Mocker) FormatKey(ctx context.Context, id string) string { + return id +} + +// Initialized returns nil +func (m *Mocker) Initialized(context.Context) error { + return nil +} + +// Name returns gpgmock +func (m *Mocker) Name() string { + return "gpgmock" +} + +// Ext returns gpg +func (m *Mocker) Ext() string { + return "gpg" +} + +// IDFile returns .gpg-id +func (m *Mocker) IDFile() string { + return ".gpg-id" +} + +// ReadNamesFromKey does nothing +func (m *Mocker) ReadNamesFromKey(ctx context.Context, buf []byte) ([]string, error) { + return []string{"unsupported"}, nil +} diff --git a/backend/crypto/gpg/mock/gpg_test.go b/backend/crypto/gpg/mock/gpg_test.go index c8e21ea2b3..282ce04eb5 100644 --- a/backend/crypto/gpg/mock/gpg_test.go +++ b/backend/crypto/gpg/mock/gpg_test.go @@ -23,44 +23,75 @@ func TestMock(t *testing.T) { ctx = ctxutil.WithAlwaysYes(ctx, true) m := New() - kl, err := m.ListPrivateKeys(ctx) + kl, err := m.ListPrivateKeyIDs(ctx) assert.NoError(t, err) assert.NotEmpty(t, kl) - assert.Equal(t, "0xDEADBEEF", kl[0].ID()) + assert.Equal(t, "0xDEADBEEF", kl[0]) - kl, err = m.ListPublicKeys(ctx) + kl, err = m.ListPublicKeyIDs(ctx) assert.NoError(t, err) - assert.Empty(t, kl) + assert.NotEmpty(t, kl, "ListPublicKeyIDs") - rcs, err := m.GetRecipients(ctx, "") + rcs, err := m.RecipientIDs(ctx, []byte{}) assert.NoError(t, err) - assert.Empty(t, rcs) + assert.NotEmpty(t, rcs, "RecipientIDs") - fn := filepath.Join(td, "sec.gpg") - assert.NoError(t, m.Encrypt(ctx, fn, []byte("foobar"), []string{"0xDEADBEEF"})) - assert.FileExists(t, fn) + buf, err := m.Encrypt(ctx, []byte("foobar"), []string{"0xDEADBEEF"}) + assert.NoError(t, err) - content, err := m.Decrypt(ctx, fn) + content, err := m.Decrypt(ctx, buf) assert.NoError(t, err) assert.Equal(t, string(content), "foobar") assert.Equal(t, "gpg", m.Binary()) - sigfn := fn + ".sig" - assert.NoError(t, m.Sign(ctx, fn, sigfn)) - assert.NoError(t, m.Verify(ctx, sigfn, fn)) - assert.Error(t, m.CreatePrivateKey(ctx)) assert.Error(t, m.CreatePrivateKeyBatch(ctx, "", "", "")) kl, err = m.FindPublicKeys(ctx) assert.NoError(t, err) - assert.Empty(t, kl) + assert.Empty(t, kl, "FindPublicKeys()") + + kl, err = m.FindPublicKeys(ctx, "0xDEADBEEF") + assert.NoError(t, err) + assert.NotEmpty(t, kl, "FindPublicKeys(0xDEADBEEF)") _, err = m.FindPrivateKeys(ctx) assert.NoError(t, err) - assert.NoError(t, m.ExportPublicKey(ctx, "", "")) - assert.NoError(t, m.ImportPublicKey(ctx, "")) + buf, err = m.ExportPublicKey(ctx, "") + assert.NoError(t, err) + assert.NoError(t, m.ImportPublicKey(ctx, buf)) assert.Equal(t, semver.Version{}, m.Version(ctx)) + + assert.Equal(t, "", m.EmailFromKey(ctx, "")) + assert.Equal(t, "", m.NameFromKey(ctx, "")) + assert.Equal(t, "", m.FormatKey(ctx, "")) + assert.Nil(t, m.Initialized(ctx)) + assert.Equal(t, "gpgmock", m.Name()) + assert.Equal(t, "gpg", m.Ext()) + assert.Equal(t, ".gpg-id", m.IDFile()) + names, err := m.ReadNamesFromKey(ctx, nil) + assert.NoError(t, err) + assert.Equal(t, []string{"unsupported"}, names) +} + +func TestSignVerify(t *testing.T) { + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + + m := New() + + in := filepath.Join(td, "in") + assert.NoError(t, ioutil.WriteFile(in, []byte("in"), 0644)) + sigf := filepath.Join(td, "sigf") + + assert.NoError(t, m.Sign(ctx, in, sigf)) + assert.NoError(t, m.Verify(ctx, sigf, in)) } diff --git a/backend/crypto/xc/README.md b/backend/crypto/xc/README.md new file mode 100644 index 0000000000..3e6177b824 --- /dev/null +++ b/backend/crypto/xc/README.md @@ -0,0 +1,124 @@ +Experimental Crypto Backend for gopass +====================================== + +This package contains an experimental crypto backend for gopass. +The goal is to provide an implementation that is feature complete +compared to the GPG backend but doesn't require any external binaries, +especially no GPG. Of course this would break compatilibity to existing +GPG deployments and users of different pass implementations, but +especially for closed teams with no existing GPG deployment this should +make little to no difference. + +Motivation +---------- + +While GPG is believed to be very secure and it supports a wide range of +applications and devices, it's not really user friendly. Even passioned +[crypto experts](https://moxie.org/blog/gpg-and-me/) don't enjoy working with GPG and for +newcomers it's a major hurdle. For the gopass developers it's about the +most time consuming task to provide support and implement workaround for +GPG issues. This doesn't mean that GPG is bad, but security is hard and +complex and GPG adds a lot of flexiblity on top of that so the result +is complex and complicated. + +WARNING +------- + +We are no crypto experts. While this code uses professional implementations of +well known and rather easy to use crypto primitives there is still a lot of room +for making mistakes. This code so far has recieved no kind of security audit. +Please don't use it for anything critical unless you have reviewed and verified +it yourself and are willing to take any risk. + +Status +------ + +Working, needs more of testing. + +Design +------ + +* Hybrid encryption + * Symmetric encryption for payload (secrets) + * Using [Chacha20Poly1305](https://godoc.org/golang.org/x/crypto/chacha20poly1305) [AEAD](https://godoc.org/crypto/cipher#AEAD) + * [Random session key](https://godoc.org/crypto/rand) + * Asymmetric encryption per recipient + * Using [Curve25519, XSalsa20, Poly1305 (NaCL Box)](https://godoc.org/golang.org/x/crypto/nacl/box) + * (optional) Unencrypted Metadata + * Disk format uses [protocol buffers version 3](https://developers.google.com/protocol-buffers/) encoding +* Keystore + * Unencrypted public keys / metadata + * Private Keys encrypted with [XSalsa20, Poly1305 (NaCL Secretbox)](https://godoc.org/golang.org/x/crypto/nacl/secretbox) + * Using [Argon2 KDF](https://godoc.org/golang.org/x/crypto/argon2) + * Key ID similar to GnuPG, using the low 64 bits of a SHA-3 / SHAKE-256 hash + * Disk format uses [protocol buffers version 3](https://developers.google.com/protocol-buffers/) encoding +* Agent + * (optional) Listens on Unix Socket + * Invokes pinentry if necessary, caches passphrase + +Attack Vectors +-------------- + +* Information Disclosure + * Header + * Session key is encrypted and authenticated using NaCl Box + * Metadata is unencrypted, but unused right now + * Body + * Plaintext is encrypted and authenticated using Chacha20Poly1305 AEAD + +Testing Notes +------------- + +```bash +# Create two different homedirs +mkdir -p /tmp/gp1 /tmp/gp2 + +# Create a shared remote +mkdir -p /tmp/gpgit +cd /tmp/gpgit && git init --bare + +# Generate two keypairs +GOPASS_HOMEDIR=/tmp/gp1 gopass xc generate +GOPASS_HOMEDIR=/tmp/gp2 gopass xc generate + +# Get the key IDs (the init wizard doesn't support XC, yet) +GOPASS_HOMEDIR=/tmp/gp1 gopass xc list-private-keys +GOPASS_HOMEDIR=/tmp/gp2 gopass xc list-private-keys + +# Init first password store +GOPASS_HOMEDIR=/tmp/gp1 gopass init --crypto=xc --sync=gitcli + +# add git remote +GOPASS_HOMEDIR=/tmp/gp1 ./gopass git remote add --remote origin --url /tmp/gpgit + +# push to git remote (will produce a warning which can be ignored) +GOPASS_HOMEDIR=/tmp/gp1 ./gopass git push + +# clone second store +GOPASS_HOMEDIR=/tmp/gp2 ./gopass clone --crypto=xc --sync=gitcli /tmp/gpgit + +# Generate some secrets +GOPASS_HOMEDIR=/tmp/gp1 gopass generate foo/bar 24 + +# Sync stores +GOPASS_HOMEDIR=/tmp/gp1 gopass sync +GOPASS_HOMEDIR=/tmp/gp2 gopass sync + +# Try to decrypt +GOPASS_HOMEDIR=/tmp/gp2 gopass show foo/bar # should fail + +# Export recipient +GOPASS_HOMEDIR=/tmp/gp2 gopass xc export --id --file /tmp/pub + +# Import recipient +GOPASS_HOMEDIR=/tmp/gp1 gopass xc import --file /tmp/pub + +# Add recipient +GOPASS_HOMEDIR=/tmp/gp1 gopass recipients add + +# Sync +GOPASS_HOMEDIR=/tmp/gp2 gopass sync + +# Display secret +GOPASS_HOMEDIR=/tmp/gp2 gopass show foo/bar +``` diff --git a/backend/crypto/xc/compress.go b/backend/crypto/xc/compress.go new file mode 100644 index 0000000000..0c1c1b597e --- /dev/null +++ b/backend/crypto/xc/compress.go @@ -0,0 +1,37 @@ +package xc + +import ( + "bytes" + "compress/gzip" + "io" +) + +func compress(in []byte) ([]byte, bool) { + buf := &bytes.Buffer{} + gzw, err := gzip.NewWriterLevel(buf, gzip.BestCompression) + if err != nil { + return in, false + } + if _, err := gzw.Write(in); err != nil { + return in, false + } + if err := gzw.Close(); err != nil { + return in, false + } + if len(buf.Bytes()) >= len(in) { + return in, false + } + return buf.Bytes(), true +} + +func decompress(in []byte) ([]byte, error) { + buf := &bytes.Buffer{} + gzr, err := gzip.NewReader(bytes.NewReader(in)) + if err != nil { + return nil, err + } + if _, err := io.Copy(buf, gzr); err != nil { + return nil, err + } + return buf.Bytes(), nil +} diff --git a/backend/crypto/xc/compress_test.go b/backend/crypto/xc/compress_test.go new file mode 100644 index 0000000000..e9d8b1000c --- /dev/null +++ b/backend/crypto/xc/compress_test.go @@ -0,0 +1,61 @@ +package xc + +import ( + "bytes" + "compress/gzip" + "io" + "testing" + + "github.com/justwatchcom/gopass/utils/pwgen" + "github.com/justwatchcom/gopass/utils/pwgen/xkcdgen" + "github.com/stretchr/testify/assert" +) + +func TestCompressPlain(t *testing.T) { + for _, pwg := range []func(n int) string{ + func(n int) string { return pwgen.GeneratePassword(n+1, true) }, + func(n int) string { + pw, _ := xkcdgen.RandomLength(n, "en") + return pw + }, + } { + for i := 0; i < 1024; i++ { + pw := pwg(i) + buf := &bytes.Buffer{} + gzw, err := gzip.NewWriterLevel(buf, gzip.BestCompression) + assert.NoError(t, err) + _, _ = gzw.Write([]byte(pw)) + assert.NoError(t, gzw.Close()) + gzr, err := gzip.NewReader(bytes.NewReader(buf.Bytes())) + assert.NoError(t, err) + out := &bytes.Buffer{} + _, err = io.Copy(out, gzr) + assert.NoError(t, err) + assert.Equal(t, pw, out.String()) + t.Logf("len(raw): %d - len(gzip): %d - len(raw) < len(gzip): %t", len(pw), len(buf.Bytes()), len(pw) < len(buf.Bytes())) + } + } +} + +func TestCompress(t *testing.T) { + for _, pwg := range []func(n int) string{ + func(n int) string { return pwgen.GeneratePassword(n+1, true) }, + func(n int) string { + pw, _ := xkcdgen.RandomLength(n, "en") + return pw + }, + } { + for i := 0; i < 1024; i++ { + pw := pwg(i) + compPlain, compressed := compress([]byte(pw)) + decompPlain := []byte(pw) + if compressed { + var err error + decompPlain, err = decompress(compPlain) + assert.NoError(t, err) + } + assert.True(t, len(compPlain) <= len([]byte(pw))) + assert.Equal(t, pw, string(decompPlain)) + } + } +} diff --git a/backend/crypto/xc/decrypt.go b/backend/crypto/xc/decrypt.go new file mode 100644 index 0000000000..dd395f2a27 --- /dev/null +++ b/backend/crypto/xc/decrypt.go @@ -0,0 +1,144 @@ +package xc + +import ( + "context" + "fmt" + "time" + + "github.com/golang/protobuf/proto" + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" + "github.com/pkg/errors" + "golang.org/x/crypto/chacha20poly1305" + "golang.org/x/crypto/nacl/box" +) + +const ( + maxUnlockAttempts = 3 +) + +// Decrypt tries to decrypt the given ciphertext and returns the plaintext +func (x *XC) Decrypt(ctx context.Context, buf []byte) ([]byte, error) { + // unmarshal the protobuf message, the header and body are still encrypted + // afterwards (parts of the header are plaintext!) + msg := &xcpb.Message{} + if err := proto.Unmarshal(buf, msg); err != nil { + return nil, err + } + + // try to find a suiteable decryption key in the header + sk, err := x.decryptSessionKey(msg.Header) + if err != nil { + return nil, err + } + + // initialize the AEAD cipher with the session key + cp, err := chacha20poly1305.New(sk) + if err != nil { + return nil, err + } + + // decrypt and verify the ciphertext + plaintext, err := cp.Open(nil, msg.Header.Nonce, msg.Body, nil) + if err != nil { + return nil, err + } + + if !msg.Compressed { + return plaintext, nil + } + + return decompress(plaintext) +} + +// findDecryptionKey tries to find a suiteable decryption key from the available +// decryption keys and the recipients +func (x *XC) findDecryptionKey(hdr *xcpb.Header) (*keyring.PrivateKey, error) { + for _, pk := range x.secring.KeyIDs() { + if _, found := hdr.Recipients[pk]; found { + return x.secring.Get(pk), nil + } + } + return nil, fmt.Errorf("no decryption key found for: %+v", hdr.Recipients) +} + +// findPublicKey tries to find a given public key in the keyring +func (x *XC) findPublicKey(needle string) (*keyring.PublicKey, error) { + for _, id := range x.pubring.KeyIDs() { + if id == needle { + return x.pubring.Get(id), nil + } + } + return nil, fmt.Errorf("no sender found for id '%s'", needle) +} + +// decryptPrivateKey will ask the agent to unlock the private key +func (x *XC) decryptPrivateKey(recp *keyring.PrivateKey) error { + fp := recp.Fingerprint() + + for i := 0; i < maxUnlockAttempts; i++ { + // retry asking for key in case it's wrong + passphrase, err := x.client.Passphrase(fp, fmt.Sprintf("Unlock private key %s", recp.Fingerprint())) + if err != nil { + return errors.Wrapf(err, "failed to get passphrase from agent: %s", err) + } + + if err = recp.Decrypt(passphrase); err == nil { + // passphrase is correct, the key should now be decrypted + return nil + } + + // decryption failed, clear cache and wait a moment before trying again + if err := x.client.Remove(fp); err != nil { + return errors.Wrapf(err, "failed to clear cache") + } + time.Sleep(10 * time.Millisecond) + } + + return fmt.Errorf("failed to unlock private key '%s' after %d retries", fp, maxUnlockAttempts) +} + +// decryptSessionKey will attempt to find a readable recipient entry in the +// header and decrypt it's session key +func (x *XC) decryptSessionKey(hdr *xcpb.Header) ([]byte, error) { + // find a suiteable decryption key, i.e. a recipient entry which was encrypted + // for one of our private keys + recp, err := x.findDecryptionKey(hdr) + if err != nil { + return nil, errors.Wrapf(err, "unable to find decryption key") + } + + // we need the senders public key to decrypt/verify the message, since the + // box algorithm ties successful decryption to successful verification + sender, err := x.findPublicKey(hdr.Sender) + if err != nil { + return nil, errors.Wrapf(err, "unable to find sender pub key for signature verification: %s", hdr.Sender) + } + + // unlock recipient key + if err := x.decryptPrivateKey(recp); err != nil { + return nil, err + } + + // this is the per recipient ciphertext, we need to decrypt it to extract + // the session key + ciphertext := hdr.Recipients[recp.Fingerprint()] + + // since box works with byte arrays (or: pointers thereof) we need to copy + // the slice to fixed arrays + var nonce [24]byte + copy(nonce[:], ciphertext[:24]) + + var privKey [32]byte + pk := recp.PrivateKey() + copy(privKey[:], pk[:]) + + // now we can try to decrypt/verify the ciphertext. unfortunately box doesn't give + // us any diagnostic information in case it fails, i.e. we can't discern between + // a failed decryption and a failed verification + decrypted, ok := box.Open(nil, ciphertext[24:], &nonce, &sender.PublicKey, &privKey) + if !ok { + return nil, fmt.Errorf("failed to decrypt session key") + } + return decrypted, nil +} diff --git a/backend/crypto/xc/encrypt.go b/backend/crypto/xc/encrypt.go new file mode 100644 index 0000000000..a81c0c376a --- /dev/null +++ b/backend/crypto/xc/encrypt.go @@ -0,0 +1,142 @@ +package xc + +import ( + "context" + "fmt" + "io" + "sort" + + "github.com/golang/protobuf/proto" + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" + "github.com/pkg/errors" + + crypto_rand "crypto/rand" + + "golang.org/x/crypto/chacha20poly1305" + "golang.org/x/crypto/nacl/box" +) + +const ( + // OnDiskVersion is the version of our on-disk format + OnDiskVersion = 1 +) + +// Encrypt encrypts the given plaintext for all the given recipients and returns the +// ciphertext +func (x *XC) Encrypt(ctx context.Context, plaintext []byte, recipients []string) ([]byte, error) { + privKeyIDs := x.secring.KeyIDs() + if len(privKeyIDs) < 1 { + return nil, fmt.Errorf("no signing keys available on our keyring") + } + privKey := x.secring.Get(privKeyIDs[0]) + + var compressed bool + plaintext, compressed = compress(plaintext) + + // encrypt body (als generates a random nonce and a random session key) + sk, nonce, body, err := encryptBody(plaintext) + if err != nil { + return nil, errors.Wrapf(err, "failed to encrypt body: %s", err) + } + + // encrypt the session key per recipient + header, err := x.encryptHeader(privKey, sk, nonce, recipients) + if err != nil { + return nil, errors.Wrapf(err, "failed to encrypt header: %s", err) + } + + msg := &xcpb.Message{ + Version: OnDiskVersion, + Header: header, + Body: body, + Compressed: compressed, + } + + return proto.Marshal(msg) +} + +// encrypt header creates and populates a header struct with the nonce (plain) +// and the session key encrypted per recipient +func (x *XC) encryptHeader(signKey *keyring.PrivateKey, sk, nonce []byte, recipients []string) (*xcpb.Header, error) { + hdr := &xcpb.Header{ + Sender: signKey.Fingerprint(), + Nonce: nonce, + Recipients: make(map[string][]byte, len(recipients)), + Metadata: make(map[string]string), // metadata is plaintext! + } + + recipients = append(recipients, signKey.Fingerprint()) + sort.Strings(recipients) + + for _, recp := range recipients { + // skip duplicates + if _, found := hdr.Recipients[recp]; found { + continue + } + + r, err := x.encryptForRecipient(signKey, sk, recp) + if err != nil { + return nil, errors.Wrapf(err, "failed to encrypt session key for recipient %s: %s", recp, err) + } + + hdr.Recipients[recp] = r + } + + return hdr, nil +} + +// encryptForRecipients encrypts the given session key for the given recipient +func (x *XC) encryptForRecipient(sender *keyring.PrivateKey, sk []byte, recipient string) ([]byte, error) { + recp := x.pubring.Get(recipient) + if recp == nil { + return nil, fmt.Errorf("recipient public key not available for %s", recipient) + } + + var recipientPublicKey [32]byte + copy(recipientPublicKey[:], recp.PublicKey[:]) + + // unlock sender key + if err := x.decryptPrivateKey(sender); err != nil { + return nil, err + } + + // we need to copy the byte silces to byte arrays for box + var senderPrivateKey [32]byte + pk := sender.PrivateKey() + copy(senderPrivateKey[:], pk[:]) + + var nonce [24]byte + if _, err := io.ReadFull(crypto_rand.Reader, nonce[:]); err != nil { + return nil, err + } + + return box.Seal(nonce[:], sk, &nonce, &recipientPublicKey, &senderPrivateKey), nil +} + +// encryptBody generates a random session key and a nonce and encrypts the given +// plaintext with those. it returns all three +func encryptBody(plaintext []byte) ([]byte, []byte, []byte, error) { + // generate session / encryption key + sessionKey := make([]byte, 32) + if _, err := crypto_rand.Read(sessionKey); err != nil { + return nil, nil, nil, err + } + + // generate a random nonce + nonce := make([]byte, 12) + if _, err := crypto_rand.Read(nonce); err != nil { + return nil, nil, nil, err + } + + // initialize the AEAD with the generated session key + cp, err := chacha20poly1305.New(sessionKey) + if err != nil { + return nil, nil, nil, err + } + + // encrypt the plaintext using the random nonce + ciphertext := cp.Seal(nil, nonce, plaintext, nil) + + return sessionKey, nonce, ciphertext, nil +} diff --git a/backend/crypto/xc/encrypt_test.go b/backend/crypto/xc/encrypt_test.go new file mode 100644 index 0000000000..8d0ee1f282 --- /dev/null +++ b/backend/crypto/xc/encrypt_test.go @@ -0,0 +1,112 @@ +package xc + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/stretchr/testify/assert" +) + +type fakeAgent struct { + pw string +} + +func (f *fakeAgent) Ping() error { + return nil +} + +func (f *fakeAgent) Remove(string) error { + return nil +} + +func (f *fakeAgent) Passphrase(string, string) (string, error) { + return f.pw, nil +} + +func TestEncryptSimple(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + + k1, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + + skr := keyring.NewSecring() + assert.NoError(t, skr.Set(k1)) + + pkr := keyring.NewPubring(skr) + + xc := &XC{ + pubring: pkr, + secring: skr, + client: &fakeAgent{passphrase}, + } + + buf, err := xc.Encrypt(ctx, []byte("foobar"), []string{k1.Fingerprint()}) + assert.NoError(t, err) + + recps, err := xc.RecipientIDs(ctx, buf) + assert.NoError(t, err) + assert.Equal(t, []string{k1.Fingerprint()}, recps) + + buf, err = xc.Decrypt(ctx, buf) + assert.NoError(t, err) + assert.Equal(t, "foobar", string(buf)) +} + +func TestEncryptMultiKeys(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + + k1, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + k2, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + k3, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + + skr := keyring.NewSecring() + assert.NoError(t, skr.Set(k1)) + + pkr := keyring.NewPubring(skr) + assert.NoError(t, pkr.Set(&k2.PublicKey)) + assert.NoError(t, pkr.Set(&k3.PublicKey)) + + xc := &XC{ + pubring: pkr, + secring: skr, + client: &fakeAgent{passphrase}, + } + + buf, err := xc.Encrypt(ctx, []byte("foobar"), []string{k1.Fingerprint()}) + assert.NoError(t, err) + + recps, err := xc.RecipientIDs(ctx, buf) + assert.NoError(t, err) + assert.Equal(t, []string{k1.Fingerprint()}, recps) + + buf, err = xc.Decrypt(ctx, buf) + assert.NoError(t, err) + assert.Equal(t, "foobar", string(buf)) +} diff --git a/backend/crypto/xc/export.go b/backend/crypto/xc/export.go new file mode 100644 index 0000000000..a549a1ae19 --- /dev/null +++ b/backend/crypto/xc/export.go @@ -0,0 +1,22 @@ +package xc + +import ( + "context" + "fmt" +) + +// ExportPublicKey exports a given public key +func (x *XC) ExportPublicKey(ctx context.Context, id string) ([]byte, error) { + if x.pubring.Contains(id) { + return x.pubring.Export(id) + } + if x.secring.Contains(id) { + return x.secring.Export(id, false) + } + return nil, fmt.Errorf("key not found") +} + +// ExportPrivateKey exports a given private key +func (x *XC) ExportPrivateKey(ctx context.Context, id string) ([]byte, error) { + return x.secring.Export(id, true) +} diff --git a/backend/crypto/xc/export_test.go b/backend/crypto/xc/export_test.go new file mode 100644 index 0000000000..709a3d6254 --- /dev/null +++ b/backend/crypto/xc/export_test.go @@ -0,0 +1,69 @@ +package xc + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/stretchr/testify/assert" +) + +func TestExportKey(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + + k1, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + k2, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + k3, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + k3.Identity.Name = "foobar" + + skr := keyring.NewSecring() + assert.NoError(t, skr.Set(k1)) + + pkr := keyring.NewPubring(skr) + assert.NoError(t, pkr.Set(&k2.PublicKey)) + assert.NoError(t, pkr.Set(&k3.PublicKey)) + + xc := &XC{ + pubring: pkr, + secring: skr, + client: &fakeAgent{passphrase}, + } + + _, err = xc.ExportPublicKey(ctx, k1.Fingerprint()) + assert.NoError(t, err) + + _, err = xc.ExportPublicKey(ctx, k2.Fingerprint()) + assert.NoError(t, err) + + buf, err := xc.ExportPublicKey(ctx, k3.Fingerprint()) + assert.NoError(t, err) + + names, err := xc.ReadNamesFromKey(ctx, buf) + assert.NoError(t, err) + assert.Equal(t, []string{"foobar"}, names) + + _, err = xc.ExportPublicKey(ctx, "foobar") + assert.Error(t, err) + + _, err = xc.ExportPrivateKey(ctx, k1.Fingerprint()) + assert.NoError(t, err) + + _, err = xc.ExportPrivateKey(ctx, k2.Fingerprint()) + assert.Error(t, err) +} diff --git a/backend/crypto/xc/import.go b/backend/crypto/xc/import.go new file mode 100644 index 0000000000..2763340238 --- /dev/null +++ b/backend/crypto/xc/import.go @@ -0,0 +1,19 @@ +package xc + +import "context" + +// ImportPublicKey imports a given public key into the keyring +func (x *XC) ImportPublicKey(ctx context.Context, buf []byte) error { + if err := x.pubring.Import(buf); err != nil { + return err + } + return x.pubring.Save() +} + +// ImportPrivateKey imports a given private key into the keyring +func (x *XC) ImportPrivateKey(ctx context.Context, buf []byte) error { + if err := x.secring.Import(buf); err != nil { + return err + } + return x.secring.Save() +} diff --git a/backend/crypto/xc/import_test.go b/backend/crypto/xc/import_test.go new file mode 100644 index 0000000000..c78424f7d6 --- /dev/null +++ b/backend/crypto/xc/import_test.go @@ -0,0 +1,91 @@ +package xc + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/stretchr/testify/assert" +) + +func TestImportKey(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + + // XC #1 + x1k1, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + x1k2, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + x1k3, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + + x1skrfn := filepath.Join(td, "x1skr") + x1skr, err := keyring.LoadSecring(x1skrfn) + assert.NoError(t, err) + assert.NoError(t, x1skr.Set(x1k1)) + + x1pkrfn := filepath.Join(td, "x1pkr") + x1pkr, err := keyring.LoadPubring(x1pkrfn, x1skr) + assert.NoError(t, err) + assert.NoError(t, x1pkr.Set(&x1k2.PublicKey)) + assert.NoError(t, x1pkr.Set(&x1k3.PublicKey)) + + xc1 := &XC{ + pubring: x1pkr, + secring: x1skr, + client: &fakeAgent{passphrase}, + } + + // XC #2 + x2k1, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + x2k2, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + x2k3, err := keyring.GenerateKeypair(passphrase) + assert.NoError(t, err) + + x2skrfn := filepath.Join(td, "x2skr") + x2skr, err := keyring.LoadSecring(x2skrfn) + assert.NoError(t, err) + assert.NoError(t, x2skr.Set(x2k1)) + + x2pkrfn := filepath.Join(td, "x2pkr") + x2pkr, err := keyring.LoadPubring(x2pkrfn, x2skr) + assert.NoError(t, err) + assert.NoError(t, x2pkr.Set(&x2k2.PublicKey)) + assert.NoError(t, x2pkr.Set(&x2k3.PublicKey)) + + xc2 := &XC{ + pubring: x2pkr, + secring: x2skr, + client: &fakeAgent{passphrase}, + } + + // export & import public key from X1 -> X2 + buf, err := xc1.ExportPublicKey(ctx, x1k1.Fingerprint()) + assert.NoError(t, err) + + assert.NoError(t, xc2.ImportPublicKey(ctx, buf)) + assert.Equal(t, true, x2pkr.Contains(x1k1.Fingerprint())) + + // export & import private key from X2 -> X1 + buf, err = xc2.ExportPrivateKey(ctx, x2k1.Fingerprint()) + assert.NoError(t, err) + + assert.NoError(t, xc1.ImportPrivateKey(ctx, buf)) + assert.Equal(t, true, x1pkr.Contains(x2k1.Fingerprint())) + assert.Equal(t, true, x1skr.Contains(x2k1.Fingerprint())) +} diff --git a/backend/crypto/xc/keyring/private_key.go b/backend/crypto/xc/keyring/private_key.go new file mode 100644 index 0000000000..135107ff31 --- /dev/null +++ b/backend/crypto/xc/keyring/private_key.go @@ -0,0 +1,93 @@ +package keyring + +import ( + "fmt" + "io" + "time" + + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" + + crypto_rand "crypto/rand" + + "golang.org/x/crypto/argon2" + "golang.org/x/crypto/nacl/box" + "golang.org/x/crypto/nacl/secretbox" +) + +// PrivateKey is a private key part of a keypair +type PrivateKey struct { + PublicKey + Encrypted bool + EncryptedData []byte + privateKey [32]byte // only available after decryption + Nonce [24]byte // for private key encryption + + Salt []byte // for KDF +} + +// PrivateKey returns the decrypted private key material +func (p *PrivateKey) PrivateKey() [32]byte { + return p.privateKey +} + +// GenerateKeypair generates a new keypair +func GenerateKeypair(passphrase string) (*PrivateKey, error) { + pub, priv, err := box.GenerateKey(crypto_rand.Reader) + if err != nil { + return nil, err + } + k := &PrivateKey{ + PublicKey: PublicKey{ + CreationTime: time.Now(), + PubKeyAlgo: PubKeyNaCl, + PublicKey: *pub, + Identity: &xcpb.Identity{}, + }, + Encrypted: true, + privateKey: *priv, + } + err = k.Encrypt(passphrase) + return k, err +} + +// Encrypt encrypts the private key material with the given passphrase +func (p *PrivateKey) Encrypt(passphrase string) error { + p.Salt = make([]byte, 12) + if n, err := crypto_rand.Read(p.Salt); err != nil || n < len(p.Salt) { + return err + } + secretKey := p.deriveKey(passphrase) + //fmt.Printf("[Encrypt] Passphrase: %s -> SecretKey: %x\n", passphrase, secretKey) + var nonce [24]byte + if _, err := io.ReadFull(crypto_rand.Reader, nonce[:]); err != nil { + return err + } + //fmt.Printf("[Encrypt] Plaintext: %x\n", p.privateKey) + p.Nonce = nonce + p.EncryptedData = secretbox.Seal(nil, p.privateKey[:], &nonce, &secretKey) + return nil +} + +// Decrypt decrypts the private key +func (p *PrivateKey) Decrypt(passphrase string) error { + if !p.Encrypted { + return nil + } + secretKey := p.deriveKey(passphrase) + //fmt.Printf("[Decrypt] Passphrase: %s -> SecretKey: %x\n", passphrase, secretKey) + decrypted, ok := secretbox.Open(nil, p.EncryptedData, &p.Nonce, &secretKey) + if !ok { + return fmt.Errorf("decryption error") + } + copy(p.privateKey[:], decrypted) + //fmt.Printf("[Decrypt] Plaintext: %x\n", p.privateKey) + p.Encrypted = false + return nil +} + +func (p *PrivateKey) deriveKey(passphrase string) [32]byte { + secretKeyBytes := argon2.Key([]byte(passphrase), p.Salt, 4, 32*1024, 4, 32) + var secretKey [32]byte + copy(secretKey[:], secretKeyBytes) + return secretKey +} diff --git a/backend/crypto/xc/keyring/private_key_test.go b/backend/crypto/xc/keyring/private_key_test.go new file mode 100644 index 0000000000..04c839a306 --- /dev/null +++ b/backend/crypto/xc/keyring/private_key_test.go @@ -0,0 +1,38 @@ +package keyring + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +var zeroArray32 = [32]uint8{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0} + +func TestPrivateKeyDecrypt(t *testing.T) { + passphrase := "test" + + key, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + t.Logf("Key: %+v\n", key) + + assert.NoError(t, key.Encrypt(passphrase)) + t.Logf("Key: %+v\n", key) + + assert.NoError(t, key.Decrypt(passphrase)) + t.Logf("Key: %+v\n", key) + assert.NotEqual(t, zeroArray32, key.privateKey) +} + +func TestPrivateKeyMarshal(t *testing.T) { + passphrase := "test" + + key, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + + assert.NoError(t, key.Encrypt(passphrase)) + t.Logf("Key: %+v\n", key) + + assert.NoError(t, key.Decrypt(passphrase)) + t.Logf("Key: %+v\n", key) + assert.NotEqual(t, zeroArray32, key.PrivateKey()) +} diff --git a/backend/crypto/xc/keyring/public_key.go b/backend/crypto/xc/keyring/public_key.go new file mode 100644 index 0000000000..79cda2f538 --- /dev/null +++ b/backend/crypto/xc/keyring/public_key.go @@ -0,0 +1,38 @@ +package keyring + +import ( + "encoding/binary" + "fmt" + "time" + + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" + + "golang.org/x/crypto/sha3" +) + +// PublicKeyAlgorithm is a type of public key algorithm +type PublicKeyAlgorithm uint8 + +const ( + // PubKeyNaCl is a NaCl (Salt) based public key + PubKeyNaCl PublicKeyAlgorithm = iota +) + +// PublicKey is the public part of a keypair +type PublicKey struct { + CreationTime time.Time + PubKeyAlgo PublicKeyAlgorithm + PublicKey [32]byte + Identity *xcpb.Identity +} + +// Fingerprint calculates the unique ID of a public key +func (p PublicKey) Fingerprint() string { + h := make([]byte, 20) + d := sha3.NewShake256() + _, _ = d.Write([]byte{0x42}) + _ = binary.Write(d, binary.LittleEndian, p.PubKeyAlgo) + _, _ = d.Write(p.PublicKey[:]) + _, _ = d.Read(h) + return fmt.Sprintf("%x", h) +} diff --git a/backend/crypto/xc/keyring/public_key_test.go b/backend/crypto/xc/keyring/public_key_test.go new file mode 100644 index 0000000000..e6e2b1e4a2 --- /dev/null +++ b/backend/crypto/xc/keyring/public_key_test.go @@ -0,0 +1,13 @@ +package keyring + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestFingerprint(t *testing.T) { + pk := PublicKey{} + + assert.Equal(t, "7471b2b8801eb22f1657f0003cab1d0adf9dadd8", pk.Fingerprint()) +} diff --git a/backend/crypto/xc/keyring/pubring.go b/backend/crypto/xc/keyring/pubring.go new file mode 100644 index 0000000000..41aae0ff3d --- /dev/null +++ b/backend/crypto/xc/keyring/pubring.go @@ -0,0 +1,228 @@ +package keyring + +import ( + "fmt" + "io/ioutil" + "os" + "sort" + "sync" + "time" + + "github.com/golang/protobuf/proto" + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" +) + +// Pubring is a public key ring +type Pubring struct { + File string + + sync.Mutex + data *xcpb.Pubring + + secring *Secring +} + +// NewPubring initializes a new public key ring +func NewPubring(sec *Secring) *Pubring { + return &Pubring{ + data: &xcpb.Pubring{ + PublicKeys: make([]*xcpb.PublicKey, 0, 10), + }, + secring: sec, + } +} + +// LoadPubring loads an existing keyring from disk. If the file is not +// found an empty keyring is returned. +func LoadPubring(file string, sec *Secring) (*Pubring, error) { + pr := NewPubring(sec) + pr.File = file + + buf, err := ioutil.ReadFile(file) + if os.IsNotExist(err) { + return pr, nil + } + if err != nil { + return nil, err + } + + if err := proto.Unmarshal(buf, pr.data); err != nil { + return nil, err + } + + return pr, nil +} + +// Save writes the keyring to the previously set location on disk +func (p *Pubring) Save() error { + buf, err := proto.Marshal(p.data) + if err != nil { + return err + } + return ioutil.WriteFile(p.File, buf, 0600) +} + +// Contains checks if a given key is in the keyring +func (p *Pubring) Contains(fp string) bool { + p.Lock() + defer p.Unlock() + + for _, pk := range p.data.PublicKeys { + if pk.Fingerprint == fp { + return true + } + } + + if p.secring == nil { + return false + } + + return p.secring.Contains(fp) +} + +// KeyIDs returns a list of all key IDs +func (p *Pubring) KeyIDs() []string { + p.Lock() + defer p.Unlock() + + ids := make([]string, 0, len(p.data.PublicKeys)) + for _, pk := range p.data.PublicKeys { + ids = append(ids, pk.Fingerprint) + } + if p.secring != nil { + ids = append(ids, p.secring.KeyIDs()...) + } + sort.Strings(ids) + return ids +} + +// Export marshals a single key +func (p *Pubring) Export(id string) ([]byte, error) { + p.Lock() + defer p.Unlock() + + xpk := p.fetch(id) + if xpk == nil { + if p.secring != nil { + return p.secring.Export(id, false) + } + return nil, fmt.Errorf("key not found") + } + + return proto.Marshal(xpk) +} + +// Get returns a single key +func (p *Pubring) Get(id string) *PublicKey { + p.Lock() + defer p.Unlock() + + xpk := p.fetch(id) + if xpk == nil { + if p.secring != nil { + if pk := p.secring.Get(id); pk != nil { + return &pk.PublicKey + } + } + return nil + } + + return pubPBToKR(xpk) +} + +func (p *Pubring) fetch(id string) *xcpb.PublicKey { + for _, pk := range p.data.PublicKeys { + if pk.Fingerprint == id { + return pk + } + } + return nil +} + +// Import unmarshals and inserts and previously exported key +func (p *Pubring) Import(buf []byte) error { + pk := &xcpb.PublicKey{} + if err := proto.Unmarshal(buf, pk); err != nil { + return err + } + + p.insert(pk) + return nil +} + +// Set inserts a key, possibly overwriting and existing entry +func (p *Pubring) Set(pk *PublicKey) error { + p.Lock() + defer p.Unlock() + + p.insert(pubKRToPB(pk)) + return nil +} + +func (p *Pubring) insert(xpk *xcpb.PublicKey) { + for i, e := range p.data.PublicKeys { + if e.Fingerprint == xpk.Fingerprint { + p.data.PublicKeys[i] = xpk + return + } + } + + p.data.PublicKeys = append(p.data.PublicKeys, xpk) +} + +// Remove deletes a single key +func (p *Pubring) Remove(id string) error { + p.Lock() + defer p.Unlock() + + match := -1 + for i, pk := range p.data.PublicKeys { + if pk.Fingerprint == id { + match = i + break + } + } + if match < 0 || match > len(p.data.PublicKeys) { + return fmt.Errorf("not found") + } + p.data.PublicKeys = append(p.data.PublicKeys[:match], p.data.PublicKeys[match+1:]...) + return nil +} + +func pubPBToKR(xpk *xcpb.PublicKey) *PublicKey { + if xpk == nil { + return nil + } + + pk := &PublicKey{ + PublicKey: [32]byte{}, + } + pk.CreationTime = time.Unix(int64(xpk.CreationTime), 0) + switch xpk.PubKeyAlgo { + case xcpb.PublicKeyAlgorithm_NACL: + pk.PubKeyAlgo = PubKeyNaCl + } + copy(pk.PublicKey[:], xpk.PublicKey) + pk.Identity = xpk.Identity + + return pk +} + +func pubKRToPB(pk *PublicKey) *xcpb.PublicKey { + if pk == nil { + return nil + } + + xpk := &xcpb.PublicKey{ + CreationTime: uint64(pk.CreationTime.Unix()), + Identity: pk.Identity, + Fingerprint: pk.Fingerprint(), + } + switch pk.PubKeyAlgo { + case PubKeyNaCl: + xpk.PubKeyAlgo = xcpb.PublicKeyAlgorithm_NACL + } + copy(xpk.PublicKey[:], pk.PublicKey[:]) + + return xpk +} diff --git a/backend/crypto/xc/keyring/pubring_test.go b/backend/crypto/xc/keyring/pubring_test.go new file mode 100644 index 0000000000..b88716f09d --- /dev/null +++ b/backend/crypto/xc/keyring/pubring_test.go @@ -0,0 +1,57 @@ +package keyring + +import ( + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestPubring(t *testing.T) { + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + + fn := filepath.Join(td, "pubring.xcb") + + passphrase := "test" + + k1, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + k2, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + + k1Fp := k1.PublicKey.Fingerprint() + var k1Pk [32]byte + copy(k1Pk[:], k1.PublicKey.PublicKey[:]) + + kr, err := LoadPubring(fn, nil) + assert.NoError(t, err) + assert.NotNil(t, kr) + + assert.NoError(t, kr.Set(&k1.PublicKey)) + assert.NoError(t, kr.Set(&k2.PublicKey)) + + assert.NoError(t, kr.Save()) + + kr, err = LoadPubring(fn, nil) + assert.NoError(t, err) + assert.NotNil(t, kr) + + for _, key := range kr.KeyIDs() { + pk := kr.Get(key) + t.Logf("PublicKey: %+v", pk) + if pk.Fingerprint() == k1Fp { + assert.Equal(t, k1Fp, pk.PublicKey) + } + } + + assert.Equal(t, true, kr.Contains(k1.Fingerprint())) + assert.Equal(t, true, kr.Contains(k2.Fingerprint())) + assert.NoError(t, kr.Remove(k2.Fingerprint())) + assert.Error(t, kr.Remove(k2.Fingerprint())) +} diff --git a/backend/crypto/xc/keyring/secring.go b/backend/crypto/xc/keyring/secring.go new file mode 100644 index 0000000000..7aa968eb61 --- /dev/null +++ b/backend/crypto/xc/keyring/secring.go @@ -0,0 +1,229 @@ +package keyring + +import ( + "fmt" + "io/ioutil" + "os" + "sort" + "sync" + "time" + + "github.com/golang/protobuf/proto" + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" +) + +// Secring is private key ring +type Secring struct { + File string + + sync.Mutex + data *xcpb.Secring +} + +// NewSecring initializes and a new secring +func NewSecring() *Secring { + return &Secring{ + data: &xcpb.Secring{ + PrivateKeys: make([]*xcpb.PrivateKey, 0, 10), + }, + } +} + +// LoadSecring loads an existing secring from disk. If the file is not found +// an empty keyring is returned +func LoadSecring(file string) (*Secring, error) { + pr := NewSecring() + pr.File = file + + buf, err := ioutil.ReadFile(file) + if os.IsNotExist(err) { + return pr, nil + } + if err != nil { + return nil, err + } + + if err := proto.Unmarshal(buf, pr.data); err != nil { + return nil, err + } + + return pr, nil +} + +// Save writes the keyring to the previously set location on disk +func (p *Secring) Save() error { + buf, err := proto.Marshal(p.data) + if err != nil { + return err + } + return ioutil.WriteFile(p.File, buf, 0600) +} + +// Contains returns true if the given key is found in the keyring +func (p *Secring) Contains(fp string) bool { + p.Lock() + defer p.Unlock() + + for _, pk := range p.data.PrivateKeys { + if pk.PublicKey.Fingerprint == fp { + return true + } + } + return false +} + +// KeyIDs returns a list of key IDs +func (p *Secring) KeyIDs() []string { + p.Lock() + defer p.Unlock() + + ids := make([]string, 0, len(p.data.PrivateKeys)) + for _, pk := range p.data.PrivateKeys { + ids = append(ids, pk.PublicKey.Fingerprint) + } + sort.Strings(ids) + return ids +} + +// Export marshals a single private key +func (p *Secring) Export(id string, withPrivate bool) ([]byte, error) { + p.Lock() + defer p.Unlock() + + xpk := p.fetch(id) + if xpk == nil { + return nil, fmt.Errorf("key not found") + } + + if withPrivate { + return proto.Marshal(xpk) + } + return proto.Marshal(xpk.PublicKey) +} + +// Get returns a single key +func (p *Secring) Get(id string) *PrivateKey { + p.Lock() + defer p.Unlock() + + xpk := p.fetch(id) + if xpk == nil { + return nil + } + + return secPBToKR(xpk) +} + +func (p *Secring) fetch(id string) *xcpb.PrivateKey { + for _, pk := range p.data.PrivateKeys { + if pk.PublicKey.Fingerprint == id { + return pk + } + } + return nil +} + +// Import unmarshals and imports a previously exported key +func (p *Secring) Import(buf []byte) error { + pk := &xcpb.PrivateKey{} + if err := proto.Unmarshal(buf, pk); err != nil { + return err + } + + p.insert(pk) + return nil +} + +// Set inserts a single key +func (p *Secring) Set(pk *PrivateKey) error { + if !pk.Encrypted { + return fmt.Errorf("private key must be encrypted") + } + + p.Lock() + defer p.Unlock() + + p.insert(secKRToPB(pk)) + return nil +} + +func (p *Secring) insert(xpk *xcpb.PrivateKey) { + for i, e := range p.data.PrivateKeys { + if e.PublicKey.Fingerprint == xpk.PublicKey.Fingerprint { + p.data.PrivateKeys[i] = xpk + } + } + + p.data.PrivateKeys = append(p.data.PrivateKeys, xpk) +} + +// Remove deletes the given key +func (p *Secring) Remove(id string) error { + p.Lock() + defer p.Unlock() + + match := -1 + for i, pk := range p.data.PrivateKeys { + if pk.PublicKey.Fingerprint == id { + match = i + break + } + } + if match < 0 || match > len(p.data.PrivateKeys) { + return fmt.Errorf("not found") + } + p.data.PrivateKeys = append(p.data.PrivateKeys[:match], p.data.PrivateKeys[match+1:]...) + return nil +} + +func secPBToKR(xpk *xcpb.PrivateKey) *PrivateKey { + pk := &PrivateKey{ + PublicKey: PublicKey{ + PublicKey: [32]byte{}, + }, + EncryptedData: make([]byte, len(xpk.Ciphertext)), + Nonce: [24]byte{}, + Salt: make([]byte, len(xpk.Salt)), + } + // public part + pk.PublicKey.CreationTime = time.Unix(int64(xpk.PublicKey.CreationTime), 0) + switch xpk.PublicKey.PubKeyAlgo { + case xcpb.PublicKeyAlgorithm_NACL: + pk.PublicKey.PubKeyAlgo = PubKeyNaCl + } + copy(pk.PublicKey.PublicKey[:], xpk.PublicKey.PublicKey) + pk.PublicKey.Identity = xpk.PublicKey.Identity + // private part + pk.Encrypted = true + copy(pk.EncryptedData, xpk.Ciphertext) + copy(pk.Nonce[:], xpk.Nonce) + copy(pk.Salt, xpk.Salt) + + return pk +} + +func secKRToPB(pk *PrivateKey) *xcpb.PrivateKey { + xpk := &xcpb.PrivateKey{ + PublicKey: &xcpb.PublicKey{ + CreationTime: uint64(pk.CreationTime.Unix()), + Identity: pk.Identity, + Fingerprint: pk.Fingerprint(), + PublicKey: make([]byte, len(pk.PublicKey.PublicKey)), + }, + Ciphertext: make([]byte, len(pk.EncryptedData)), + Nonce: make([]byte, len(pk.Nonce)), + Salt: make([]byte, len(pk.Salt)), + } + // public key + switch pk.PubKeyAlgo { + case PubKeyNaCl: + xpk.PublicKey.PubKeyAlgo = xcpb.PublicKeyAlgorithm_NACL + } + copy(xpk.PublicKey.PublicKey, pk.PublicKey.PublicKey[:]) + + // private key + copy(xpk.Ciphertext, pk.EncryptedData) + copy(xpk.Nonce, pk.Nonce[:]) + copy(xpk.Salt, pk.Salt) + return xpk +} diff --git a/backend/crypto/xc/keyring/secring_test.go b/backend/crypto/xc/keyring/secring_test.go new file mode 100644 index 0000000000..31a45c7110 --- /dev/null +++ b/backend/crypto/xc/keyring/secring_test.go @@ -0,0 +1,54 @@ +package keyring + +import ( + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestSecring(t *testing.T) { + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + + fn := filepath.Join(td, "secring.xcb") + + passphrase := "test" + + k1, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + k2, err := GenerateKeypair(passphrase) + assert.NoError(t, err) + + kr, err := LoadSecring(fn) + assert.NoError(t, err) + assert.NotNil(t, kr) + + assert.NoError(t, kr.Set(k1)) + assert.NoError(t, kr.Set(k2)) + + assert.NoError(t, kr.Save()) + + kr, err = LoadSecring(fn) + assert.NoError(t, err) + assert.NotNil(t, kr) + + for _, key := range kr.KeyIDs() { + pk := kr.Get(key) + t.Logf("PrivateKey: %+v", pk) + assert.Equal(t, true, pk.Encrypted) + assert.NoError(t, pk.Decrypt(passphrase)) + assert.Equal(t, false, pk.Encrypted) + t.Logf("PrivateKey: %+v", pk) + } + + assert.Equal(t, true, kr.Contains(k1.Fingerprint())) + assert.Equal(t, true, kr.Contains(k2.Fingerprint())) + assert.NoError(t, kr.Remove(k2.Fingerprint())) + assert.Error(t, kr.Remove(k2.Fingerprint())) +} diff --git a/backend/crypto/xc/utils.go b/backend/crypto/xc/utils.go new file mode 100644 index 0000000000..23a8b7c8b6 --- /dev/null +++ b/backend/crypto/xc/utils.go @@ -0,0 +1,131 @@ +package xc + +import ( + "context" + "fmt" + "sort" + "strings" + + "github.com/golang/protobuf/proto" + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/justwatchcom/gopass/backend/crypto/xc/xcpb" + "github.com/pkg/errors" +) + +// RecipientIDs reads the header of the given file and extracts the +// recipients IDs +func (x *XC) RecipientIDs(ctx context.Context, ciphertext []byte) ([]string, error) { + msg := &xcpb.Message{} + if err := proto.Unmarshal(ciphertext, msg); err != nil { + return nil, err + } + + ids := make([]string, 0, len(msg.Header.Recipients)) + for k := range msg.Header.Recipients { + ids = append(ids, k) + } + sort.Strings(ids) + return ids, nil +} + +// ReadNamesFromKey unmarshals the given public key and returns the identities name +func (x *XC) ReadNamesFromKey(ctx context.Context, buf []byte) ([]string, error) { + pk := &xcpb.PublicKey{} + if err := proto.Unmarshal(buf, pk); err != nil { + return nil, errors.Wrapf(err, "failed to unmarshal public key: %s", err) + } + + return []string{pk.Identity.Name}, nil +} + +// ListPublicKeyIDs lists all public key IDs +func (x *XC) ListPublicKeyIDs(ctx context.Context) ([]string, error) { + return x.pubring.KeyIDs(), nil +} + +// ListPrivateKeyIDs lists all private key IDs +func (x *XC) ListPrivateKeyIDs(ctx context.Context) ([]string, error) { + return x.secring.KeyIDs(), nil +} + +// FindPublicKeys finds all matching public keys +func (x *XC) FindPublicKeys(ctx context.Context, search ...string) ([]string, error) { + ids := make([]string, 0, 1) + candidates, _ := x.ListPublicKeyIDs(ctx) + for _, needle := range search { + for _, fp := range candidates { + if strings.HasSuffix(fp, needle) { + ids = append(ids, fp) + } + } + } + sort.Strings(ids) + return ids, nil +} + +// FindPrivateKeys finds all matching private keys +func (x *XC) FindPrivateKeys(ctx context.Context, search ...string) ([]string, error) { + ids := make([]string, 0, 1) + candidates, _ := x.ListPrivateKeyIDs(ctx) + for _, needle := range search { + for _, fp := range candidates { + if strings.HasSuffix(fp, needle) { + ids = append(ids, fp) + } + } + } + sort.Strings(ids) + return ids, nil +} + +// FormatKey formats a key +func (x *XC) FormatKey(ctx context.Context, id string) string { + if key := x.pubring.Get(id); key != nil { + return key.Identity.ID() + } + if key := x.secring.Get(id); key != nil { + return key.PublicKey.Identity.ID() + } + return id +} + +// NameFromKey extracts the name from a key +func (x *XC) NameFromKey(ctx context.Context, id string) string { + if key := x.pubring.Get(id); key != nil { + return key.Identity.Name + } + if key := x.secring.Get(id); key != nil { + return key.PublicKey.Identity.Name + } + return id +} + +// EmailFromKey extracts the email from a key +func (x *XC) EmailFromKey(ctx context.Context, id string) string { + if key := x.pubring.Get(id); key != nil { + return key.Identity.Email + } + if key := x.secring.Get(id); key != nil { + return key.PublicKey.Identity.Email + } + return id +} + +// CreatePrivateKeyBatch creates a new keypair +func (x *XC) CreatePrivateKeyBatch(ctx context.Context, name, email, passphrase string) error { + k, err := keyring.GenerateKeypair(passphrase) + if err != nil { + return err + } + k.Identity.Name = name + k.Identity.Email = email + if err := x.secring.Set(k); err != nil { + return err + } + return x.secring.Save() +} + +// CreatePrivateKey is not implemented +func (x *XC) CreatePrivateKey(ctx context.Context) error { + return fmt.Errorf("not yet implemented") +} diff --git a/backend/crypto/xc/utils_test.go b/backend/crypto/xc/utils_test.go new file mode 100644 index 0000000000..d2614f75cc --- /dev/null +++ b/backend/crypto/xc/utils_test.go @@ -0,0 +1,70 @@ +package xc + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" + "github.com/stretchr/testify/assert" +) + +func TestCreatePrivateKeyBatch(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + skr, err := keyring.LoadSecring(filepath.Join(td, "skr")) + assert.NoError(t, err) + pkr, err := keyring.LoadPubring(filepath.Join(td, "pkr"), skr) + assert.NoError(t, err) + + xc := &XC{ + pubring: pkr, + secring: skr, + client: &fakeAgent{passphrase}, + } + + assert.NoError(t, xc.CreatePrivateKeyBatch(ctx, "foo", "bar@example.org", passphrase)) + + pubKeys, err := xc.ListPublicKeyIDs(ctx) + assert.NoError(t, err) + + privKeys, err := xc.ListPrivateKeyIDs(ctx) + assert.NoError(t, err) + + assert.Equal(t, 1, len(pubKeys)) + assert.Equal(t, len(pubKeys), len(privKeys)) + + id := pubKeys[0] + assert.Equal(t, "foo ", xc.FormatKey(ctx, id)) + assert.Equal(t, "foo", xc.NameFromKey(ctx, id)) + assert.Equal(t, "bar@example.org", xc.EmailFromKey(ctx, id)) + + pubKeys, err = xc.FindPublicKeys(ctx, id) + assert.NoError(t, err) + assert.Equal(t, []string{id}, pubKeys) + + privKeys, err = xc.FindPrivateKeys(ctx, id) + assert.NoError(t, err) + assert.Equal(t, []string{id}, privKeys) + + assert.NoError(t, xc.RemoveKey(id)) +} + +func TestCreatePrivateKey(t *testing.T) { + ctx := context.Background() + + var x *XC + + assert.Error(t, x.CreatePrivateKey(ctx)) +} diff --git a/backend/crypto/xc/xc.go b/backend/crypto/xc/xc.go new file mode 100644 index 0000000000..7956f76d1c --- /dev/null +++ b/backend/crypto/xc/xc.go @@ -0,0 +1,104 @@ +package xc + +import ( + "context" + "fmt" + "path/filepath" + + "github.com/blang/semver" + "github.com/justwatchcom/gopass/backend/crypto/xc/keyring" +) + +const ( + pubringFilename = ".gopass-pubring.xc" + secringFilename = ".gopass-secring.xc" + // Ext is the extension used by this backend + Ext = "xc" + // IDFile is the recipients list used by this backend + IDFile = ".xc-ids" +) + +type agentClient interface { + Ping() error + Passphrase(string, string) (string, error) + Remove(string) error +} + +// XC is an experimental crypto backend +type XC struct { + dir string + pubring *keyring.Pubring + secring *keyring.Secring + client agentClient +} + +// New creates a new XC backend +func New(dir string, client agentClient) (*XC, error) { + skr, _ := keyring.LoadSecring(filepath.Join(dir, secringFilename)) + pkr, _ := keyring.LoadPubring(filepath.Join(dir, pubringFilename), skr) + return &XC{ + dir: dir, + pubring: pkr, + secring: skr, + client: client, + }, nil +} + +// RemoveKey removes a single key from the keyring +func (x *XC) RemoveKey(id string) error { + if x.secring.Contains(id) { + if err := x.secring.Remove(id); err != nil { + return err + } + return x.secring.Save() + } + if x.pubring.Contains(id) { + if err := x.pubring.Remove(id); err != nil { + return err + } + return x.pubring.Save() + } + return fmt.Errorf("not found") +} + +// Initialized returns an error if this backend is not properly initialized +func (x *XC) Initialized(ctx context.Context) error { + if x == nil { + return fmt.Errorf("XC not initialized") + } + if x.pubring == nil { + return fmt.Errorf("pubring not initialized") + } + if x.secring == nil { + return fmt.Errorf("secring not initialized") + } + if x.client == nil { + return fmt.Errorf("client not initialized") + } + if err := x.client.Ping(); err != nil { + return fmt.Errorf("agent not running") + } + return nil +} + +// Name returns xc +func (x *XC) Name() string { + return "xc" +} + +// Version returns 0.0.1 +func (x *XC) Version(ctx context.Context) semver.Version { + return semver.Version{ + Patch: 1, + } +} + +// Ext returns xc +func (x *XC) Ext() string { + return Ext +} + +// IDFile returns .xc-ids +func (x *XC) IDFile() string { + return IDFile +} diff --git a/backend/crypto/xc/xc_test.go b/backend/crypto/xc/xc_test.go new file mode 100644 index 0000000000..d60ef0a10c --- /dev/null +++ b/backend/crypto/xc/xc_test.go @@ -0,0 +1,34 @@ +package xc + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/blang/semver" + "github.com/stretchr/testify/assert" +) + +func TestNew(t *testing.T) { + ctx := context.Background() + + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + assert.NoError(t, os.Setenv("GOPASS_CONFIG", filepath.Join(td, ".gopass.yml"))) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) + + passphrase := "test" + xc, err := New(td, &fakeAgent{passphrase}) + assert.NoError(t, err) + assert.NotNil(t, xc) + assert.NoError(t, xc.Initialized(ctx)) + assert.Equal(t, "xc", xc.Name()) + assert.Equal(t, semver.Version{Patch: 1}, xc.Version(ctx)) + assert.Equal(t, "xc", xc.Ext()) + assert.Equal(t, ".xc-ids", xc.IDFile()) +} diff --git a/backend/crypto/xc/xcpb/Makefile b/backend/crypto/xc/xcpb/Makefile new file mode 100644 index 0000000000..dfeaf6d58c --- /dev/null +++ b/backend/crypto/xc/xcpb/Makefile @@ -0,0 +1,7 @@ +all: + protoc -I/usr/local/include -I. \ + -I${GOPATH}/src \ + -I${GOPATH}/src/github.com/googleapis/googleapis \ + -I${GOPATH}/src/github.com/grpc-ecosystem/grpc-gateway/third_party/googleapis \ + --go_out=. \ + xc.proto diff --git a/backend/crypto/xc/xcpb/identity.go b/backend/crypto/xc/xcpb/identity.go new file mode 100644 index 0000000000..047dcbb4c2 --- /dev/null +++ b/backend/crypto/xc/xcpb/identity.go @@ -0,0 +1,11 @@ +package xcpb + +// ID returns the GPG ID format +func (i Identity) ID() string { + out := i.Name + if i.Comment != "" { + out += " (" + i.Comment + ")" + } + out += " <" + i.Email + ">" + return out +} diff --git a/backend/crypto/xc/xcpb/xc.pb.go b/backend/crypto/xc/xcpb/xc.pb.go new file mode 100644 index 0000000000..e9ae16f72c --- /dev/null +++ b/backend/crypto/xc/xcpb/xc.pb.go @@ -0,0 +1,355 @@ +// Code generated by protoc-gen-go. +// source: xc.proto +// DO NOT EDIT! + +/* +Package xcpb is a generated protocol buffer package. + +It is generated from these files: + xc.proto + +It has these top-level messages: + Header + Message + Identity + PublicKey + PrivateKey + Secring + Pubring +*/ +package xcpb + +import proto "github.com/golang/protobuf/proto" +import fmt "fmt" +import math "math" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package + +type PublicKeyAlgorithm int32 + +const ( + PublicKeyAlgorithm_UNKNOWN PublicKeyAlgorithm = 0 + PublicKeyAlgorithm_NACL PublicKeyAlgorithm = 1 +) + +var PublicKeyAlgorithm_name = map[int32]string{ + 0: "UNKNOWN", + 1: "NACL", +} +var PublicKeyAlgorithm_value = map[string]int32{ + "UNKNOWN": 0, + "NACL": 1, +} + +func (x PublicKeyAlgorithm) String() string { + return proto.EnumName(PublicKeyAlgorithm_name, int32(x)) +} +func (PublicKeyAlgorithm) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + +type Header struct { + Sender string `protobuf:"bytes,1,opt,name=Sender" json:"Sender,omitempty"` + Nonce []byte `protobuf:"bytes,2,opt,name=Nonce,proto3" json:"Nonce,omitempty"` + Recipients map[string][]byte `protobuf:"bytes,3,rep,name=Recipients" json:"Recipients,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value,proto3"` + Metadata map[string]string `protobuf:"bytes,4,rep,name=Metadata" json:"Metadata,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"` +} + +func (m *Header) Reset() { *m = Header{} } +func (m *Header) String() string { return proto.CompactTextString(m) } +func (*Header) ProtoMessage() {} +func (*Header) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + +func (m *Header) GetSender() string { + if m != nil { + return m.Sender + } + return "" +} + +func (m *Header) GetNonce() []byte { + if m != nil { + return m.Nonce + } + return nil +} + +func (m *Header) GetRecipients() map[string][]byte { + if m != nil { + return m.Recipients + } + return nil +} + +func (m *Header) GetMetadata() map[string]string { + if m != nil { + return m.Metadata + } + return nil +} + +type Message struct { + Version uint32 `protobuf:"varint,1,opt,name=Version" json:"Version,omitempty"` + Header *Header `protobuf:"bytes,2,opt,name=Header" json:"Header,omitempty"` + Body []byte `protobuf:"bytes,3,opt,name=Body,proto3" json:"Body,omitempty"` + Compressed bool `protobuf:"varint,4,opt,name=Compressed" json:"Compressed,omitempty"` +} + +func (m *Message) Reset() { *m = Message{} } +func (m *Message) String() string { return proto.CompactTextString(m) } +func (*Message) ProtoMessage() {} +func (*Message) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} } + +func (m *Message) GetVersion() uint32 { + if m != nil { + return m.Version + } + return 0 +} + +func (m *Message) GetHeader() *Header { + if m != nil { + return m.Header + } + return nil +} + +func (m *Message) GetBody() []byte { + if m != nil { + return m.Body + } + return nil +} + +func (m *Message) GetCompressed() bool { + if m != nil { + return m.Compressed + } + return false +} + +type Identity struct { + Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` + Comment string `protobuf:"bytes,2,opt,name=Comment" json:"Comment,omitempty"` + Email string `protobuf:"bytes,3,opt,name=Email" json:"Email,omitempty"` +} + +func (m *Identity) Reset() { *m = Identity{} } +func (m *Identity) String() string { return proto.CompactTextString(m) } +func (*Identity) ProtoMessage() {} +func (*Identity) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} } + +func (m *Identity) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Identity) GetComment() string { + if m != nil { + return m.Comment + } + return "" +} + +func (m *Identity) GetEmail() string { + if m != nil { + return m.Email + } + return "" +} + +type PublicKey struct { + PubKeyAlgo PublicKeyAlgorithm `protobuf:"varint,1,opt,name=PubKeyAlgo,enum=xcpb.PublicKeyAlgorithm" json:"PubKeyAlgo,omitempty"` + CreationTime uint64 `protobuf:"varint,2,opt,name=CreationTime" json:"CreationTime,omitempty"` + PublicKey []byte `protobuf:"bytes,3,opt,name=PublicKey,proto3" json:"PublicKey,omitempty"` + Identity *Identity `protobuf:"bytes,4,opt,name=Identity" json:"Identity,omitempty"` + Fingerprint string `protobuf:"bytes,5,opt,name=Fingerprint" json:"Fingerprint,omitempty"` +} + +func (m *PublicKey) Reset() { *m = PublicKey{} } +func (m *PublicKey) String() string { return proto.CompactTextString(m) } +func (*PublicKey) ProtoMessage() {} +func (*PublicKey) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} } + +func (m *PublicKey) GetPubKeyAlgo() PublicKeyAlgorithm { + if m != nil { + return m.PubKeyAlgo + } + return PublicKeyAlgorithm_UNKNOWN +} + +func (m *PublicKey) GetCreationTime() uint64 { + if m != nil { + return m.CreationTime + } + return 0 +} + +func (m *PublicKey) GetPublicKey() []byte { + if m != nil { + return m.PublicKey + } + return nil +} + +func (m *PublicKey) GetIdentity() *Identity { + if m != nil { + return m.Identity + } + return nil +} + +func (m *PublicKey) GetFingerprint() string { + if m != nil { + return m.Fingerprint + } + return "" +} + +type PrivateKey struct { + PublicKey *PublicKey `protobuf:"bytes,1,opt,name=PublicKey" json:"PublicKey,omitempty"` + Ciphertext []byte `protobuf:"bytes,2,opt,name=Ciphertext,proto3" json:"Ciphertext,omitempty"` + Nonce []byte `protobuf:"bytes,3,opt,name=Nonce,proto3" json:"Nonce,omitempty"` + Salt []byte `protobuf:"bytes,4,opt,name=Salt,proto3" json:"Salt,omitempty"` +} + +func (m *PrivateKey) Reset() { *m = PrivateKey{} } +func (m *PrivateKey) String() string { return proto.CompactTextString(m) } +func (*PrivateKey) ProtoMessage() {} +func (*PrivateKey) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} } + +func (m *PrivateKey) GetPublicKey() *PublicKey { + if m != nil { + return m.PublicKey + } + return nil +} + +func (m *PrivateKey) GetCiphertext() []byte { + if m != nil { + return m.Ciphertext + } + return nil +} + +func (m *PrivateKey) GetNonce() []byte { + if m != nil { + return m.Nonce + } + return nil +} + +func (m *PrivateKey) GetSalt() []byte { + if m != nil { + return m.Salt + } + return nil +} + +type Secring struct { + Version uint32 `protobuf:"varint,1,opt,name=Version" json:"Version,omitempty"` + PrivateKeys []*PrivateKey `protobuf:"bytes,2,rep,name=PrivateKeys" json:"PrivateKeys,omitempty"` +} + +func (m *Secring) Reset() { *m = Secring{} } +func (m *Secring) String() string { return proto.CompactTextString(m) } +func (*Secring) ProtoMessage() {} +func (*Secring) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} } + +func (m *Secring) GetVersion() uint32 { + if m != nil { + return m.Version + } + return 0 +} + +func (m *Secring) GetPrivateKeys() []*PrivateKey { + if m != nil { + return m.PrivateKeys + } + return nil +} + +type Pubring struct { + Version uint32 `protobuf:"varint,1,opt,name=Version" json:"Version,omitempty"` + PublicKeys []*PublicKey `protobuf:"bytes,2,rep,name=PublicKeys" json:"PublicKeys,omitempty"` +} + +func (m *Pubring) Reset() { *m = Pubring{} } +func (m *Pubring) String() string { return proto.CompactTextString(m) } +func (*Pubring) ProtoMessage() {} +func (*Pubring) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} } + +func (m *Pubring) GetVersion() uint32 { + if m != nil { + return m.Version + } + return 0 +} + +func (m *Pubring) GetPublicKeys() []*PublicKey { + if m != nil { + return m.PublicKeys + } + return nil +} + +func init() { + proto.RegisterType((*Header)(nil), "xcpb.Header") + proto.RegisterType((*Message)(nil), "xcpb.Message") + proto.RegisterType((*Identity)(nil), "xcpb.Identity") + proto.RegisterType((*PublicKey)(nil), "xcpb.PublicKey") + proto.RegisterType((*PrivateKey)(nil), "xcpb.PrivateKey") + proto.RegisterType((*Secring)(nil), "xcpb.Secring") + proto.RegisterType((*Pubring)(nil), "xcpb.Pubring") + proto.RegisterEnum("xcpb.PublicKeyAlgorithm", PublicKeyAlgorithm_name, PublicKeyAlgorithm_value) +} + +func init() { proto.RegisterFile("xc.proto", fileDescriptor0) } + +var fileDescriptor0 = []byte{ + // 537 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x54, 0x5d, 0x6b, 0xdb, 0x30, + 0x14, 0x9d, 0x13, 0x37, 0x1f, 0xd7, 0x69, 0x1b, 0xc4, 0x18, 0x26, 0x94, 0x11, 0xcc, 0x1e, 0x42, + 0xc7, 0x32, 0xc8, 0x60, 0x94, 0x7d, 0x3c, 0x74, 0xa1, 0x63, 0x23, 0xab, 0x17, 0x94, 0x6e, 0x7d, + 0x56, 0xec, 0x4b, 0x2a, 0x16, 0xcb, 0x46, 0x56, 0x4a, 0xfc, 0xb0, 0xc7, 0xfd, 0x97, 0xfd, 0xa1, + 0xfd, 0x9f, 0x61, 0xd9, 0x8e, 0x95, 0x16, 0xda, 0xb7, 0xfb, 0x75, 0xce, 0x3d, 0x47, 0xb2, 0x0c, + 0x9d, 0x6d, 0x30, 0x4e, 0x64, 0xac, 0x62, 0x62, 0x6f, 0x83, 0x64, 0xe9, 0xfd, 0x6d, 0x40, 0xeb, + 0x0b, 0xb2, 0x10, 0x25, 0x79, 0x06, 0xad, 0x05, 0x8a, 0x10, 0xa5, 0x6b, 0x0d, 0xad, 0x51, 0x97, + 0x96, 0x19, 0x79, 0x0a, 0x07, 0x7e, 0x2c, 0x02, 0x74, 0x1b, 0x43, 0x6b, 0xd4, 0xa3, 0x45, 0x42, + 0x3e, 0x00, 0x50, 0x0c, 0x78, 0xc2, 0x51, 0xa8, 0xd4, 0x6d, 0x0e, 0x9b, 0x23, 0x67, 0x72, 0x32, + 0xce, 0x39, 0xc7, 0x05, 0xdf, 0xb8, 0x6e, 0x5f, 0x08, 0x25, 0x33, 0x6a, 0xcc, 0x93, 0xb7, 0xd0, + 0xb9, 0x44, 0xc5, 0x42, 0xa6, 0x98, 0x6b, 0x6b, 0xec, 0x60, 0x0f, 0x5b, 0x35, 0x0b, 0xe4, 0x6e, + 0x76, 0xf0, 0x11, 0x8e, 0xef, 0xd0, 0x92, 0x3e, 0x34, 0x7f, 0x61, 0x56, 0x6a, 0xce, 0xc3, 0x5c, + 0xf0, 0x2d, 0x5b, 0x6f, 0x76, 0x82, 0x75, 0xf2, 0xae, 0x71, 0x66, 0x0d, 0xde, 0xc3, 0xe1, 0x1e, + 0xf3, 0x63, 0xe0, 0xae, 0x01, 0xf6, 0x7e, 0x43, 0xfb, 0x12, 0xd3, 0x94, 0xad, 0x90, 0xb8, 0xd0, + 0xfe, 0x89, 0x32, 0xe5, 0xb1, 0xd0, 0xd0, 0x43, 0x5a, 0xa5, 0xe4, 0x45, 0x75, 0x9c, 0x1a, 0xef, + 0x4c, 0x7a, 0xa6, 0x2d, 0x5a, 0x1d, 0x35, 0x01, 0xfb, 0x53, 0x1c, 0x66, 0x6e, 0x53, 0x0b, 0xd4, + 0x31, 0x79, 0x0e, 0x30, 0x8d, 0xa3, 0x44, 0x62, 0x9a, 0x62, 0xe8, 0xda, 0x43, 0x6b, 0xd4, 0xa1, + 0x46, 0xc5, 0xf3, 0xa1, 0xf3, 0x35, 0x44, 0xa1, 0xb8, 0xca, 0x72, 0xbc, 0xcf, 0x22, 0x2c, 0x75, + 0xeb, 0x38, 0xd7, 0x34, 0x8d, 0xa3, 0x08, 0x85, 0x2a, 0xa5, 0x57, 0x69, 0x6e, 0xe9, 0x22, 0x62, + 0x7c, 0xad, 0xd7, 0x75, 0x69, 0x91, 0x78, 0xff, 0x2c, 0xe8, 0xce, 0x37, 0xcb, 0x35, 0x0f, 0x66, + 0x98, 0x91, 0x33, 0x80, 0xf9, 0x66, 0x39, 0xc3, 0xec, 0x7c, 0xbd, 0x8a, 0x35, 0xef, 0xd1, 0xc4, + 0x2d, 0xb4, 0xef, 0x86, 0xf2, 0x96, 0xe4, 0xea, 0x26, 0xa2, 0xc6, 0x2c, 0xf1, 0xa0, 0x37, 0x95, + 0xc8, 0x14, 0x8f, 0xc5, 0x15, 0x8f, 0x8a, 0x73, 0xb3, 0xe9, 0x5e, 0x8d, 0x9c, 0x18, 0xab, 0x4a, + 0xd3, 0xc6, 0xee, 0xd3, 0xda, 0x99, 0xf6, 0xed, 0x4c, 0x8e, 0x8a, 0xcd, 0x55, 0x95, 0xd6, 0xce, + 0x87, 0xe0, 0x7c, 0xe6, 0x62, 0x85, 0x32, 0x91, 0x5c, 0x28, 0xf7, 0x40, 0x3b, 0x32, 0x4b, 0xde, + 0x1f, 0x0b, 0x60, 0x2e, 0xf9, 0x2d, 0x53, 0x98, 0x93, 0xbf, 0x32, 0x57, 0x5b, 0x9a, 0xfd, 0xf8, + 0x8e, 0x2f, 0x53, 0x4b, 0x7e, 0x0b, 0x3c, 0xb9, 0x41, 0xa9, 0x70, 0xab, 0xca, 0x0f, 0xc8, 0xa8, + 0xd4, 0x8f, 0xa1, 0x69, 0x3e, 0x06, 0x02, 0xf6, 0x82, 0xad, 0x95, 0x56, 0xdf, 0xa3, 0x3a, 0xf6, + 0xae, 0xa1, 0xbd, 0xc0, 0x40, 0x72, 0xb1, 0x7a, 0xe0, 0x73, 0x99, 0x80, 0x53, 0x6b, 0x4d, 0xdd, + 0x86, 0x7e, 0x0a, 0xfd, 0x52, 0xdf, 0xae, 0x41, 0xcd, 0x21, 0xef, 0x0a, 0xda, 0xf3, 0xcd, 0xf2, + 0x11, 0xe2, 0xd7, 0xfa, 0x3e, 0x0b, 0x53, 0x15, 0xef, 0x3d, 0xdf, 0xc6, 0xc8, 0xe9, 0x4b, 0x20, + 0xf7, 0x2f, 0x9a, 0x38, 0xd0, 0xfe, 0xe1, 0xcf, 0xfc, 0xef, 0xd7, 0x7e, 0xff, 0x09, 0xe9, 0x80, + 0xed, 0x9f, 0x4f, 0xbf, 0xf5, 0xad, 0x65, 0x4b, 0xff, 0x42, 0xde, 0xfc, 0x0f, 0x00, 0x00, 0xff, + 0xff, 0x30, 0x0b, 0xe7, 0x89, 0x4e, 0x04, 0x00, 0x00, +} diff --git a/backend/crypto/xc/xcpb/xc.proto b/backend/crypto/xc/xcpb/xc.proto new file mode 100644 index 0000000000..19df6f2e59 --- /dev/null +++ b/backend/crypto/xc/xcpb/xc.proto @@ -0,0 +1,53 @@ +syntax = "proto3"; + +package xcpb; + +message Header { + string Sender = 1; + bytes Nonce = 2; + map Recipients = 3; + map Metadata = 4; +} + +message Message { + uint32 Version = 1; + Header Header = 2; + bytes Body = 3; + bool Compressed = 4; +} + +enum PublicKeyAlgorithm { + UNKNOWN = 0; + NACL = 1; +} + +message Identity { + string Name = 1; + string Comment = 2; + string Email = 3; +} + +message PublicKey { + PublicKeyAlgorithm PubKeyAlgo = 1; + uint64 CreationTime = 2; + bytes PublicKey = 3; + Identity Identity = 4; + string Fingerprint = 5; +} + +message PrivateKey { + PublicKey PublicKey = 1; + bytes Ciphertext = 2; + bytes Nonce = 3; + bytes Salt = 4; +} + +message Secring { + uint32 Version = 1; + repeated PrivateKey PrivateKeys = 2; +} + +message Pubring { + uint32 Version = 1; + repeated PublicKey PublicKeys = 2; +} diff --git a/backend/store.go b/backend/store.go new file mode 100644 index 0000000000..56d213ee3a --- /dev/null +++ b/backend/store.go @@ -0,0 +1,31 @@ +package backend + +import ( + "context" + + "github.com/blang/semver" +) + +// StoreBackend is a type of storage backend +type StoreBackend int + +const ( + // KVMock is an in-memory mock store for tests + KVMock StoreBackend = iota + // FS is a filesystem-backend storage + FS +) + +// Store is an storage backend +type Store interface { + Get(ctx context.Context, name string) ([]byte, error) + Set(ctx context.Context, name string, value []byte) error + Delete(ctx context.Context, name string) error + Exists(ctx context.Context, name string) bool + List(ctx context.Context, prefix string) ([]string, error) + IsDir(ctx context.Context, name string) bool + Prune(ctx context.Context, prefix string) error + + Name() string + Version() semver.Version +} diff --git a/backend/store/fs/store.go b/backend/store/fs/store.go new file mode 100644 index 0000000000..14a0700756 --- /dev/null +++ b/backend/store/fs/store.go @@ -0,0 +1,110 @@ +package fs + +import ( + "context" + "io/ioutil" + "os" + "path/filepath" + "sort" + "strings" + + "github.com/blang/semver" + "github.com/justwatchcom/gopass/utils/fsutil" + "github.com/justwatchcom/gopass/utils/out" +) + +// Store is a fs based store +type Store struct { + path string +} + +// New creates a new store +func New(dir string) *Store { + return &Store{ + path: dir, + } +} + +// Get retrieves the named content +func (s *Store) Get(ctx context.Context, name string) ([]byte, error) { + path := filepath.Join(s.path, filepath.Clean(name)) + out.Debug(ctx, "fs.Get(%s) - %s", name, path) + return ioutil.ReadFile(path) +} + +// Set writes the given content +func (s *Store) Set(ctx context.Context, name string, value []byte) error { + filename := filepath.Join(s.path, filepath.Clean(name)) + filedir := filepath.Dir(filename) + if !fsutil.IsDir(filedir) { + if err := os.MkdirAll(filedir, 0700); err != nil { + return err + } + } + out.Debug(ctx, "fs.Set(%s) - %s", name, filepath.Join(s.path, name)) + return ioutil.WriteFile(filepath.Join(s.path, name), value, 0644) +} + +// Delete removes the named entity +func (s *Store) Delete(ctx context.Context, name string) error { + path := filepath.Join(s.path, filepath.Clean(name)) + out.Debug(ctx, "fs.Delete(%s) - %s", name, path) + return os.Remove(path) +} + +// Exists checks if the named entity exists +func (s *Store) Exists(ctx context.Context, name string) bool { + path := filepath.Join(s.path, filepath.Clean(name)) + out.Debug(ctx, "fs.Exists(%s) - %s", name, path) + return fsutil.IsFile(path) +} + +// List returns a list of all entities +func (s *Store) List(ctx context.Context, prefix string) ([]string, error) { + files := make([]string, 0, 100) + if err := filepath.Walk(s.path, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + if info.IsDir() && strings.HasPrefix(info.Name(), ".") && path != s.path { + return filepath.SkipDir + } + if info.IsDir() { + return nil + } + if path == s.path { + return nil + } + name := strings.TrimPrefix(path, s.path+string(filepath.Separator)) + files = append(files, name) + return nil + }); err != nil { + return nil, err + } + sort.Strings(files) + return files, nil +} + +// IsDir returns true if the named entity is a directory +func (s *Store) IsDir(ctx context.Context, name string) bool { + path := filepath.Join(s.path, filepath.Clean(name)) + out.Debug(ctx, "fs.Isdir(%s) - %s", name, path) + return fsutil.IsDir(path) +} + +// Prune removes a named directory +func (s *Store) Prune(ctx context.Context, prefix string) error { + path := filepath.Join(s.path, filepath.Clean(prefix)) + out.Debug(ctx, "fs.Prune(%s) - %s", prefix, path) + return os.RemoveAll(path) +} + +// Name returns the name of this backend +func (s *Store) Name() string { + return "fs" +} + +// Version returns the version of this backend +func (s *Store) Version() semver.Version { + return semver.Version{Minor: 1} +} diff --git a/backend/store/kv/mock/store.go b/backend/store/kv/mock/store.go new file mode 100644 index 0000000000..b9106975a0 --- /dev/null +++ b/backend/store/kv/mock/store.go @@ -0,0 +1,117 @@ +package mock + +import ( + "context" + "fmt" + "sort" + "strings" + "sync" + + "github.com/blang/semver" +) + +// Mock is a in-memory store +type Mock struct { + sync.Mutex + data map[string][]byte +} + +// New creates a new mock +func New() *Mock { + return &Mock{ + data: make(map[string][]byte, 10), + } +} + +// Get retrieves a value +func (m *Mock) Get(ctx context.Context, name string) ([]byte, error) { + m.Lock() + defer m.Unlock() + + sec, found := m.data[name] + if !found { + return nil, fmt.Errorf("entry not found") + } + return sec, nil +} + +// Set writes a value +func (m *Mock) Set(ctx context.Context, name string, value []byte) error { + m.Lock() + defer m.Unlock() + + m.data[name] = value + return nil +} + +// Delete removes a value +func (m *Mock) Delete(ctx context.Context, name string) error { + m.Lock() + defer m.Unlock() + + delete(m.data, name) + return nil +} + +// Exists checks is a value exists +func (m *Mock) Exists(ctx context.Context, name string) bool { + m.Lock() + defer m.Unlock() + + _, found := m.data[name] + return found +} + +// List shows all values +func (m *Mock) List(ctx context.Context, prefix string) ([]string, error) { + m.Lock() + defer m.Unlock() + + keys := make([]string, 0, len(m.data)) + for k := range m.data { + keys = append(keys, k) + } + sort.Strings(keys) + return keys, nil +} + +// IsDir returns true if the entry is a directory +func (m *Mock) IsDir(ctx context.Context, name string) bool { + m.Lock() + defer m.Unlock() + + for k := range m.data { + if strings.HasPrefix(k, name+"/") { + return true + } + } + return false +} + +// Prune removes a directory +func (m *Mock) Prune(ctx context.Context, prefix string) error { + m.Lock() + defer m.Unlock() + + deleted := 0 + for k := range m.data { + if strings.HasPrefix(k, prefix+"/") { + delete(m.data, k) + deleted++ + } + } + if deleted < 1 { + return fmt.Errorf("not found") + } + return nil +} + +// Name returns the name of this backend +func (m *Mock) Name() string { + return "kvmock" +} + +// Version returns the version of this backend +func (m *Mock) Version() semver.Version { + return semver.Version{Major: 1} +} diff --git a/backend/sync.go b/backend/sync.go new file mode 100644 index 0000000000..585305c333 --- /dev/null +++ b/backend/sync.go @@ -0,0 +1,33 @@ +package backend + +import ( + "context" + + "github.com/blang/semver" +) + +// SyncBackend is a remote-sync backend +type SyncBackend int + +const ( + // GitMock is a no-op mock backend + GitMock SyncBackend = iota + // GitCLI is a git-cli based sync backend + GitCLI + // GoGit is an src-d/go-git.v4 based sync backend + GoGit +) + +// Sync is a sync backend +type Sync interface { + Add(ctx context.Context, args ...string) error + Commit(ctx context.Context, msg string) error + Push(ctx context.Context, remote, location string) error + Pull(ctx context.Context, remote, location string) error + + Name() string + Version(ctx context.Context) semver.Version + + InitConfig(ctx context.Context, name, email string) error + AddRemote(ctx context.Context, remote, location string) error +} diff --git a/backend/sync/git/cli/config.go b/backend/sync/git/cli/config.go index edac85f337..a5678565d4 100644 --- a/backend/sync/git/cli/config.go +++ b/backend/sync/git/cli/config.go @@ -3,13 +3,13 @@ package cli import ( "bytes" "context" + "fmt" "io/ioutil" "os" "os/exec" "path/filepath" "strings" - "github.com/fatih/color" "github.com/justwatchcom/gopass/store" "github.com/justwatchcom/gopass/utils/out" "github.com/pkg/errors" @@ -35,18 +35,14 @@ func (g *Git) fixConfig(ctx context.Context) error { out.Yellow(ctx, "Error while initializing git: %s", err) } - if g.gpg == "" { - return nil - } - - if err := g.Cmd(ctx, "gitFixConfig", "config", "--local", "gpg.program", g.gpg); err != nil { - return errors.Wrapf(err, "failed to set git config gpg.program") - } return nil } // InitConfig initialized and preparse the git config -func (g *Git) InitConfig(ctx context.Context, signKey, userName, userEmail string) error { +func (g *Git) InitConfig(ctx context.Context, userName, userEmail string) error { + if userName == "" || userEmail == "" || !strings.Contains(userEmail, "@") { + return fmt.Errorf("Username and Email must not be empty and valid") + } // set commit identity if err := g.ConfigSet(ctx, "user.name", userName); err != nil { return errors.Wrapf(err, "failed to set git config user.name") @@ -70,27 +66,9 @@ func (g *Git) InitConfig(ctx context.Context, signKey, userName, userEmail strin out.Yellow(ctx, "Warning: Failed to commit .gitattributes to git") } - // set GPG signkey - if err := g.SetSignKey(ctx, signKey); err != nil { - color.Yellow("Failed to configure Git GPG Commit signing: %s\n", err) - } - return nil } -// SetSignKey configures git to use the given sign key -func (g *Git) SetSignKey(ctx context.Context, sk string) error { - if sk == "" { - return errors.Errorf("SignKey not set") - } - - if err := g.ConfigSet(ctx, "user.signingkey", sk); err != nil { - return errors.Wrapf(err, "failed to set git sign key") - } - - return g.ConfigSet(ctx, "commit.gpgsign", "true") -} - // ConfigSet sets a local config value func (g *Git) ConfigSet(ctx context.Context, key, value string) error { return g.Cmd(ctx, "gitConfigSet", "config", "--local", key, value) diff --git a/backend/sync/git/cli/config_test.go b/backend/sync/git/cli/config_test.go new file mode 100644 index 0000000000..8d1542849e --- /dev/null +++ b/backend/sync/git/cli/config_test.go @@ -0,0 +1,51 @@ +package cli + +import ( + "bytes" + "context" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "github.com/justwatchcom/gopass/utils/ctxutil" + "github.com/justwatchcom/gopass/utils/out" + "github.com/stretchr/testify/assert" +) + +func TestGitConfig(t *testing.T) { + td, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(td) + }() + + gitdir := filepath.Join(td, "git") + assert.NoError(t, os.Mkdir(gitdir, 0755)) + + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + ctx = ctxutil.WithDebug(ctx, true) + + buf := &bytes.Buffer{} + out.Stdout = buf + defer func() { + out.Stdout = os.Stdout + }() + + git, err := Init(ctx, gitdir, "Dead Beef", "dead.beef@example.org") + assert.NoError(t, err) + un, err := git.ConfigGet(ctx, "user.name") + assert.NoError(t, err) + assert.Equal(t, "Dead Beef", un) + + assert.NoError(t, git.InitConfig(ctx, "Foo Bar", "foo.bar@example.org")) + un, err = git.ConfigGet(ctx, "user.name") + assert.NoError(t, err) + assert.Equal(t, "Foo Bar", un) + + assert.NoError(t, git.ConfigSet(ctx, "user.name", "foo")) + un, err = git.ConfigGet(ctx, "user.name") + assert.NoError(t, err) + assert.Equal(t, "foo", un) +} diff --git a/backend/sync/git/cli/git.go b/backend/sync/git/cli/git.go index 4c5da07c75..6673a37234 100644 --- a/backend/sync/git/cli/git.go +++ b/backend/sync/git/cli/git.go @@ -20,7 +20,6 @@ import ( // Git is a cli based git backend type Git struct { path string - gpg string } // Open creates a new git cli based git backend @@ -30,15 +29,13 @@ func Open(path, gpg string) (*Git, error) { } return &Git{ path: path, - gpg: gpg, }, nil } // Clone clones an existing git repo and returns a new cli based git backend // configured for this clone repo -func Clone(ctx context.Context, gpg, repo, path string) (*Git, error) { +func Clone(ctx context.Context, repo, path string) (*Git, error) { g := &Git{ - gpg: gpg, path: filepath.Dir(path), } if err := g.Cmd(ctx, "Clone", "clone", repo, path); err != nil { @@ -49,10 +46,9 @@ func Clone(ctx context.Context, gpg, repo, path string) (*Git, error) { } // Init initializes this store's git repo -func Init(ctx context.Context, path, gpg, signKey, userName, userEmail string) (*Git, error) { +func Init(ctx context.Context, path, userName, userEmail string) (*Git, error) { g := &Git{ path: path, - gpg: gpg, } // the git repo may be empty (i.e. no branches, cloned from a fresh remote) // or already initialized. Only run git init if the folder is completely empty @@ -63,7 +59,7 @@ func Init(ctx context.Context, path, gpg, signKey, userName, userEmail string) ( } // initialize the local git config - if err := g.InitConfig(ctx, signKey, userName, userEmail); err != nil { + if err := g.InitConfig(ctx, userName, userEmail); err != nil { return g, errors.Errorf("failed to configure git: %s", err) } @@ -108,6 +104,11 @@ func (g *Git) Cmd(ctx context.Context, name string, args ...string) error { return nil } +// Name returns git +func (g *Git) Name() string { + return "git" +} + // Version returns the git version as major, minor and patch level func (g *Git) Version(ctx context.Context) semver.Version { v := semver.Version{} diff --git a/backend/sync/git/cli/git_test.go b/backend/sync/git/cli/git_test.go index b297737b33..7684acbf26 100644 --- a/backend/sync/git/cli/git_test.go +++ b/backend/sync/git/cli/git_test.go @@ -8,7 +8,6 @@ import ( "path/filepath" "testing" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/out" "github.com/stretchr/testify/assert" @@ -21,8 +20,12 @@ func TestGit(t *testing.T) { _ = os.RemoveAll(td) }() + gitdir := filepath.Join(td, "git") + assert.NoError(t, os.Mkdir(gitdir, 0755)) + ctx := context.Background() ctx = ctxutil.WithAlwaysYes(ctx, true) + ctx = ctxutil.WithDebug(ctx, true) buf := &bytes.Buffer{} out.Stdout = buf @@ -30,21 +33,31 @@ func TestGit(t *testing.T) { out.Stdout = os.Stdout }() - gpg := gpgmock.New() - git, err := Init(ctx, td, gpg.Binary(), "0xDEADBEEF", "Dead Beef", "dead.beef@example.org") + git, err := Init(ctx, gitdir, "Dead Beef", "dead.beef@example.org") assert.NoError(t, err) sv := git.Version(ctx) assert.NotEqual(t, "", sv.String()) assert.Equal(t, true, git.IsInitialized()) - tf := filepath.Join(td, "some-file") + tf := filepath.Join(gitdir, "some-file") assert.NoError(t, ioutil.WriteFile(tf, []byte("foobar"), 0644)) assert.NoError(t, git.Add(ctx, "some-file")) assert.Equal(t, true, git.HasStagedChanges(ctx)) assert.Error(t, git.Push(ctx, "origin", "master")) assert.Error(t, git.Pull(ctx, "origin", "master")) - // flaky - //assert.NoError(t, git.Commit(ctx, "added some-file")) + git, err = Open(gitdir, "") + assert.NoError(t, err) + assert.Equal(t, "git", git.Name()) + assert.NoError(t, git.AddRemote(ctx, "foo", "file:///tmp/foo")) + + gitdir2 := filepath.Join(td, "git2") + assert.NoError(t, os.Mkdir(gitdir2, 0755)) + + git, err = Clone(ctx, gitdir, gitdir2) + assert.NoError(t, err) + assert.Equal(t, "git", git.Name()) + + assert.Error(t, git.Commit(ctx, "added some-file")) } diff --git a/backend/sync/git/gogit/git.go b/backend/sync/git/gogit/git.go index 285b96641b..d317fd963f 100644 --- a/backend/sync/git/gogit/git.go +++ b/backend/sync/git/gogit/git.go @@ -92,8 +92,6 @@ func Init(ctx context.Context, path string) (*Git, error) { g.wt = wt } - // TODO initialize the local git config - // add current content of the store if err := g.Add(ctx, g.path); err != nil { return g, errors.Wrapf(err, "failed to add '%s' to git", g.path) @@ -253,10 +251,6 @@ func (g *Git) Push(ctx context.Context, remote, branch string) error { if remote == "" { remote = "origin" } - // TODO branch - //if branch == "" { - // branch = "master" - //} cfg, err := g.repo.Config() if err != nil { @@ -267,8 +261,7 @@ func (g *Git) Push(ctx context.Context, remote, branch string) error { } return g.repo.PushContext(ctx, &git.PushOptions{ RemoteName: remote, - //RefSpecs: []config.RefSpec{config.RefSpec(branch + ":" + branch)}, - Progress: Stdout, + Progress: Stdout, }) } @@ -278,8 +271,8 @@ func (g *Git) Cmd(context.Context, string, ...string) error { } // InitConfig is not yet implemented -func (g *Git) InitConfig(context.Context, string, string, string) error { - return fmt.Errorf("not yet implemented") +func (g *Git) InitConfig(context.Context, string, string) error { + return fmt.Errorf("not supported") } // AddRemote adds a new remote @@ -290,3 +283,8 @@ func (g *Git) AddRemote(ctx context.Context, remote, url string) error { }) return err } + +// Name returns go-git +func (g *Git) Name() string { + return "go-git" +} diff --git a/backend/sync/git/gogit/git_test.go b/backend/sync/git/gogit/git_test.go index dc221d3912..ab8fb5d38e 100644 --- a/backend/sync/git/gogit/git_test.go +++ b/backend/sync/git/gogit/git_test.go @@ -117,6 +117,18 @@ func TestInit(t *testing.T) { // push to remote assert.NoError(t, g.PushPull(ctx, "push", "", "")) + + g, err = Open(path) + assert.NoError(t, err) + assert.Error(t, g.Cmd(ctx, "foo", "bar")) + assert.Error(t, g.InitConfig(ctx, "foo", "bar")) + assert.Equal(t, "go-git", g.Name()) + assert.NoError(t, g.AddRemote(ctx, "foo", "file:///tmp/foo")) + + // list remotes + list, err = g.repo.Remotes() + assert.NoError(t, err) + t.Logf("Remotes: %+v", list) } func run(ctx context.Context, wd, command string, args ...string) error { diff --git a/backend/sync/git/mock/git.go b/backend/sync/git/mock/git.go index fa891699aa..141b52e002 100644 --- a/backend/sync/git/mock/git.go +++ b/backend/sync/git/mock/git.go @@ -40,12 +40,12 @@ func (g *Git) Cmd(ctx context.Context, name string, args ...string) error { } // Init does nothing -func (g *Git) Init(context.Context, string, string, string) error { +func (g *Git) Init(context.Context, string, string) error { return nil } // InitConfig does nothing -func (g *Git) InitConfig(context.Context, string, string, string) error { +func (g *Git) InitConfig(context.Context, string, string) error { return nil } @@ -54,6 +54,11 @@ func (g *Git) Version(context.Context) semver.Version { return semver.Version{} } +// Name returns git-mock +func (g *Git) Name() string { + return "git-mock" +} + // AddRemote does nothing func (g *Git) AddRemote(ctx context.Context, remote, url string) error { return nil diff --git a/backend/sync/git/mock/git_test.go b/backend/sync/git/mock/git_test.go index 3e2d5939b6..6cefc1718e 100644 --- a/backend/sync/git/mock/git_test.go +++ b/backend/sync/git/mock/git_test.go @@ -15,8 +15,11 @@ func TestGitMock(t *testing.T) { assert.NoError(t, g.Add(ctx, "foo", "bar")) assert.NoError(t, g.Commit(ctx, "foobar")) assert.NoError(t, g.Push(ctx, "foo", "bar")) + assert.NoError(t, g.Pull(ctx, "foo", "bar")) assert.NoError(t, g.Cmd(ctx, "foo", "bar")) - assert.NoError(t, g.Init(ctx, "foo", "bar", "baz")) - assert.NoError(t, g.InitConfig(ctx, "foo", "bar", "baz")) + assert.NoError(t, g.Init(ctx, "foo", "bar")) + assert.NoError(t, g.InitConfig(ctx, "foo", "bar")) assert.Equal(t, g.Version(ctx), semver.Version{}) + assert.Equal(t, "git-mock", g.Name()) + assert.NoError(t, g.AddRemote(ctx, "foo", "bar")) } diff --git a/commands.go b/commands.go index aa918bf9cd..25b0eb05d5 100644 --- a/commands.go +++ b/commands.go @@ -5,12 +5,49 @@ import ( "fmt" ap "github.com/justwatchcom/gopass/action" + "github.com/justwatchcom/gopass/config" + "github.com/justwatchcom/gopass/utils/agent" + "github.com/justwatchcom/gopass/utils/agent/client" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/urfave/cli" ) func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Command { return []cli.Command{ + { + Name: "agent", + Usage: "Start gopass-agent", + Description: "" + + "This command start the gopass agent that will cache passphrases" + + "so they don't have to be entered repeately.", + Action: func(c *cli.Context) error { + ec := make(chan error) + go func() { + ec <- agent.New(config.Directory()).ListenAndServe() + }() + select { + case <-ctx.Done(): + return fmt.Errorf("aborted") + case e := <-ec: + return e + } + }, + Subcommands: []cli.Command{ + { + Name: "client", + Usage: "Start a simple agent test client", + Hidden: true, + Action: func(c *cli.Context) error { + pw, err := client.New(config.Directory()).Passphrase("test", "test") + if err != nil { + return err + } + fmt.Println("Passphrase:" + pw) + return nil + }, + }, + }, + }, { Name: "audit", Usage: "Scan for weak passwords", @@ -151,6 +188,14 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com Name: "path", Usage: "Path to clone the repo to", }, + cli.StringFlag{ + Name: "crypto", + Usage: "Select crypto backend (gpg, gpgcli, gpgmock, xc)", + }, + cli.StringFlag{ + Name: "sync", + Usage: "Select sync backend (git, gitcli, gogit, gitmock)", + }, }, }, { @@ -312,27 +357,6 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com }, }, }, - { - Name: "fsck", - Usage: "Check inconsistencies (ALPHA)", - Description: "" + - "Check all mounted password stores for know issues and inconsistencies, like " + - "wrong file persmissions or missing / extra recipients.", - Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, - Action: func(c *cli.Context) error { - return action.Fsck(withGlobalFlags(ctx, c), c) - }, - Flags: []cli.Flag{ - cli.BoolFlag{ - Name: "check, c", - Usage: "Only report", - }, - cli.BoolFlag{ - Name: "force, f", - Usage: "Auto-correct any errors, do not ask", - }, - }, - }, { Name: "generate", Usage: "Generate a new password", @@ -460,24 +484,6 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com Description: "" + "If the password store is a git repository, execute a git command " + "specified by git-command-args.", - Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, - Action: func(c *cli.Context) error { - return action.Git(withGlobalFlags(ctx, c), c) - }, - Flags: []cli.Flag{ - cli.StringFlag{ - Name: "store, s", - Usage: "Store to operate on", - }, - cli.BoolFlag{ - Name: "no-recurse, n", - Usage: "Do not recurse to mounted sub-stores", - }, - cli.BoolFlag{ - Name: "force, f", - Usage: "Print errors but continue", - }, - }, Subcommands: []cli.Command{ { Name: "init", @@ -498,6 +504,83 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com }, }, }, + { + Name: "remote", + Usage: "TODO", + Description: "TODO", + Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, + Subcommands: []cli.Command{ + { + Name: "add", + Usage: "Add git remote", + Description: "TODO", + Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, + Action: func(c *cli.Context) error { + return action.GitAddRemote(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "store", + Usage: "Store to operate on", + }, + cli.StringFlag{ + Name: "remote", + Usage: "Git remote to add", + }, + cli.StringFlag{ + Name: "url", + Usage: "Git URL", + }, + }, + }, + }, + }, + { + Name: "push", + Usage: "Push to remote", + Description: "TODO", + Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, + Action: func(c *cli.Context) error { + return action.GitPush(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "store", + Usage: "Store to operate on", + }, + cli.StringFlag{ + Name: "origin", + Usage: "Git Origin to push to", + }, + cli.StringFlag{ + Name: "branch", + Usage: "Git branch to push", + }, + }, + }, + { + Name: "pull", + Usage: "Pull from remote", + Description: "TODO", + Before: func(c *cli.Context) error { return action.Initialized(withGlobalFlags(ctx, c), c) }, + Action: func(c *cli.Context) error { + return action.GitPull(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "store", + Usage: "Store to operate on", + }, + cli.StringFlag{ + Name: "origin", + Usage: "Git Origin to push to", + }, + cli.StringFlag{ + Name: "branch", + Usage: "Git branch to push", + }, + }, + }, }, }, { @@ -516,12 +599,6 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com Usage: "Initialize new password store.", Description: "" + "Initialize new password storage and use gpg-id for encryption.", - Before: func(c *cli.Context) error { - if !action.HasGPG() { - return fmt.Errorf("gpg not found") - } - return nil - }, Action: func(c *cli.Context) error { return action.Init(withGlobalFlags(ctx, c), c) }, @@ -538,6 +615,14 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com Name: "nogit", Usage: "Do not init git repo", }, + cli.StringFlag{ + Name: "crypto", + Usage: "Select crypto backend (gpg, gpgcli, gpgmock, xc)", + }, + cli.StringFlag{ + Name: "sync", + Usage: "Select sync backend (git, gitcli, gogit, gitmock)", + }, }, }, { @@ -896,5 +981,99 @@ func getCommands(ctx context.Context, action *ap.Action, app *cli.App) []cli.Com return action.Version(withGlobalFlags(ctx, c), c) }, }, + { + Name: "xc", + Usage: "Experimental Crypto", + Description: "" + + "These subcommands are used to control and test the experimental crypto" + + "implementation.", + Subcommands: []cli.Command{ + { + Name: "list-private-keys", + Action: func(c *cli.Context) error { + return action.XCListPrivateKeys(withGlobalFlags(ctx, c), c) + }, + }, + { + Name: "list-public-keys", + Action: func(c *cli.Context) error { + return action.XCListPublicKeys(withGlobalFlags(ctx, c), c) + }, + }, + { + Name: "generate", + Action: func(c *cli.Context) error { + return action.XCGenerateKeypair(withGlobalFlags(ctx, c), c) + }, + }, + { + Name: "export", + Action: func(c *cli.Context) error { + return action.XCExportPublicKey(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "id", + }, + cli.StringFlag{ + Name: "file", + }, + }, + }, + { + Name: "import", + Action: func(c *cli.Context) error { + return action.XCImportPublicKey(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "id", + }, + cli.StringFlag{ + Name: "file", + }, + }, + }, + { + Name: "export-private-key", + Action: func(c *cli.Context) error { + return action.XCExportPrivateKey(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "id", + }, + cli.StringFlag{ + Name: "file", + }, + }, + }, + { + Name: "import-private-key", + Action: func(c *cli.Context) error { + return action.XCImportPrivateKey(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "id", + }, + cli.StringFlag{ + Name: "file", + }, + }, + }, + { + Name: "remove", + Action: func(c *cli.Context) error { + return action.XCRemoveKey(withGlobalFlags(ctx, c), c) + }, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "id", + }, + }, + }, + }, + }, } } diff --git a/commands_test.go b/commands_test.go index 3d66f696ce..611aa71cdb 100644 --- a/commands_test.go +++ b/commands_test.go @@ -1,15 +1,123 @@ package main import ( + "bytes" "context" + "flag" + "os" "testing" + "github.com/atotto/clipboard" + "github.com/blang/semver" + "github.com/fatih/color" + "github.com/justwatchcom/gopass/action" + "github.com/justwatchcom/gopass/backend" + "github.com/justwatchcom/gopass/config" + "github.com/justwatchcom/gopass/tests/gptest" + "github.com/justwatchcom/gopass/utils/ctxutil" + "github.com/justwatchcom/gopass/utils/out" "github.com/stretchr/testify/assert" "github.com/urfave/cli" ) +var commandsWithError = map[string]struct{}{ + ".audit": {}, + ".audit.hibp": {}, + ".binary.cat": {}, + ".binary.copy": {}, + ".binary.move": {}, + ".binary.sum": {}, + ".clone": {}, + ".copy": {}, + ".create": {}, + ".delete": {}, + ".edit": {}, + ".find": {}, + ".generate": {}, + ".grep": {}, + ".init": {}, + ".insert": {}, + ".mounts.add": {}, + ".mounts.remove": {}, + ".move": {}, + ".otp": {}, + ".recipients.add": {}, + ".recipients.remove": {}, + ".setup": {}, + ".show": {}, + ".templates.edit": {}, + ".templates.remove": {}, + ".templates.show": {}, + ".xc.export": {}, + ".xc.export-private-key": {}, + ".xc.generate": {}, + ".xc.import": {}, + ".xc.import-private-key": {}, + ".xc.remove": {}, + ".unclip": {}, +} + func TestGetCommands(t *testing.T) { + u := gptest.NewUnitTester(t) + defer u.Remove() + + buf := &bytes.Buffer{} + out.Stdout = buf + color.NoColor = true + defer func() { + out.Stdout = os.Stdout + }() + + cfg := config.New() + cfg.Root.Path = u.StoreDir("") + + clipboard.Unsupported = true + ctx := context.Background() + ctx = ctxutil.WithAlwaysYes(ctx, true) + ctx = ctxutil.WithInteractive(ctx, false) + ctx = ctxutil.WithTerminal(ctx, false) + ctx = out.WithHidden(ctx, true) + ctx = backend.WithSyncBackendString(ctx, "gitmock") + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") + + act, err := action.New(ctx, cfg, semver.Version{}) + assert.NoError(t, err) + app := cli.NewApp() - assert.Equal(t, 30, len(getCommands(ctx, nil, app))) + fs := flag.NewFlagSet("default", flag.ContinueOnError) + c := cli.NewContext(app, fs, nil) + + commands := getCommands(ctx, act, app) + assert.Equal(t, 31, len(commands)) + + prefix := "" + testCommands(t, c, commands, prefix) +} + +func testCommands(t *testing.T, c *cli.Context, commands []cli.Command, prefix string) { + for _, cmd := range commands { + if cmd.Name == "agent" || cmd.Name == "update" { + // the agent command is blocking + continue + } + if len(cmd.Subcommands) > 0 { + testCommands(t, c, cmd.Subcommands, prefix+"."+cmd.Name) + } + if cmd.Before != nil { + if err := cmd.Before(c); err != nil { + continue + } + } + if cmd.Action != nil { + fullName := prefix + "." + cmd.Name + if av, ok := cmd.Action.(func(c *cli.Context) error); ok { + if _, found := commandsWithError[fullName]; found { + assert.Error(t, av(c), fullName) + continue + } + assert.NoError(t, av(c), fullName) + } + } + } } diff --git a/config/config.go b/config/config.go index 7d6eea5114..d63575f4d7 100644 --- a/config/config.go +++ b/config/config.go @@ -1,7 +1,9 @@ package config import ( + "fmt" "os" + "sort" "github.com/pkg/errors" ) @@ -34,15 +36,18 @@ type Config struct { func New() *Config { return &Config{ Root: &StoreConfig{ - AskForMore: false, - AutoImport: true, - AutoSync: true, - ClipTimeout: 45, - NoConfirm: false, - NoPager: false, - SafeContent: false, - UseSymbols: false, - NoColor: false, + AskForMore: false, + AutoImport: true, + AutoSync: true, + ClipTimeout: 45, + CryptoBackend: "gpg", + NoColor: false, + NoConfirm: false, + NoPager: false, + SafeContent: false, + StoreBackend: "fs", + SyncBackend: "git", + UseSymbols: false, }, Mounts: make(map[string]*StoreConfig), Version: "", @@ -76,3 +81,47 @@ func (c *Config) SetConfigValue(mount, key, value string) error { } return c.Save() } + +func (c *Config) checkDefaults() { + if c == nil { + return + } + if c.Root == nil { + c.Root = &StoreConfig{} + } + if c.Root.CryptoBackend == "" { + c.Root.CryptoBackend = "gpg" + } + if c.Root.SyncBackend == "" { + c.Root.SyncBackend = "git" + } + if c.Root.StoreBackend == "" { + c.Root.StoreBackend = "fs" + } + for _, sc := range c.Mounts { + if sc.CryptoBackend == "" { + sc.CryptoBackend = "gpg" + } + if sc.SyncBackend == "" { + sc.SyncBackend = "git" + } + if sc.StoreBackend == "" { + sc.StoreBackend = "fs" + } + } +} + +func (c *Config) String() string { + mounts := "" + keys := make([]string, 0, len(c.Mounts)) + for alias := range c.Mounts { + keys = append(keys, alias) + } + sort.Strings(keys) + + for _, alias := range keys { + sc := c.Mounts[alias] + mounts += alias + "=>" + sc.String() + } + return fmt.Sprintf("Config[Root:%s,Mounts(%s),Version:%s]", c.Root.String(), mounts, c.Version) +} diff --git a/config/config_test.go b/config/config_test.go index 107163c215..a0dc9b222a 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -17,6 +17,22 @@ func TestNewConfig(t *testing.T) { cfg := New() assert.Equal(t, false, cfg.Root.AskForMore) + cfg.checkDefaults() + assert.Equal(t, "gpg", cfg.Root.CryptoBackend) + assert.Equal(t, "git", cfg.Root.SyncBackend) + assert.Equal(t, "fs", cfg.Root.StoreBackend) + assert.Equal(t, "Config[Root:StoreConfig[AskForMore:false,AutoImport:true,AutoSync:true,ClipTimeout:45,CryptoBackend:gpg,NoColor:false,NoConfirm:false,NoPager:false,Path:,SafeContent:false,SyncBackend:git,UseSymbols:false],Mounts(),Version:]", cfg.String()) + + cfg = nil + cfg.checkDefaults() + + cfg = &Config{ + Mounts: make(map[string]*StoreConfig, 2), + } + cfg.Mounts["foo"] = &StoreConfig{} + cfg.Mounts["bar"] = &StoreConfig{} + cfg.checkDefaults() + assert.Equal(t, "Config[Root:StoreConfig[AskForMore:false,AutoImport:false,AutoSync:false,ClipTimeout:0,CryptoBackend:gpg,NoColor:false,NoConfirm:false,NoPager:false,Path:,SafeContent:false,SyncBackend:git,UseSymbols:false],Mounts(bar=>StoreConfig[AskForMore:false,AutoImport:false,AutoSync:false,ClipTimeout:0,CryptoBackend:gpg,NoColor:false,NoConfirm:false,NoPager:false,Path:,SafeContent:false,SyncBackend:git,UseSymbols:false]foo=>StoreConfig[AskForMore:false,AutoImport:false,AutoSync:false,ClipTimeout:0,CryptoBackend:gpg,NoColor:false,NoConfirm:false,NoPager:false,Path:,SafeContent:false,SyncBackend:git,UseSymbols:false]),Version:]", cfg.String()) } func TestSetConfigValue(t *testing.T) { diff --git a/config/io.go b/config/io.go index e32dc66ed2..54b3a04cdd 100644 --- a/config/io.go +++ b/config/io.go @@ -28,6 +28,7 @@ func Load() *Config { } cfg := New() cfg.Root.Path = PwStoreDir("") + cfg.checkDefaults() return cfg } @@ -103,6 +104,7 @@ func decode(buf []byte) (*Config, error) { // Save saves the config func (c *Config) Save() error { + c.checkDefaults() buf, err := yaml.Marshal(c) if err != nil { return errors.Wrapf(err, "failed to marshal YAML") diff --git a/config/io_test.go b/config/io_test.go index df1d60eaf1..b83ef2af10 100644 --- a/config/io_test.go +++ b/config/io_test.go @@ -147,19 +147,19 @@ mounts: version: 1.4.0` func TestLoad(t *testing.T) { - gcfg := filepath.Join(os.TempDir(), ".gopass.yml") - if err := os.Setenv("GOPASS_CONFIG", gcfg); err != nil { - t.Fatalf("Failed to set GOPASS_CONFIG: %s", err) - } - - if err := ioutil.WriteFile(gcfg, []byte(testConfig), 0600); err != nil { - t.Fatalf("Failed to write config %s: %s", gcfg, err) - } + td := os.TempDir() + gcfg := filepath.Join(td, ".gopass.yml") + assert.NoError(t, os.Remove(gcfg)) + assert.NoError(t, os.Setenv("GOPASS_CONFIG", gcfg)) + assert.NoError(t, os.Setenv("GOPASS_HOMEDIR", td)) cfg := Load() - if !cfg.Root.SafeContent { - t.Errorf("SafeContent should be true") - } + assert.Equal(t, filepath.Join(td, ".password-store"), cfg.Root.Path) + assert.Equal(t, "gpg", cfg.Root.CryptoBackend) + + assert.NoError(t, ioutil.WriteFile(gcfg, []byte(testConfig), 0600)) + cfg = Load() + assert.Equal(t, true, cfg.Root.SafeContent) } func TestLoadError(t *testing.T) { diff --git a/config/store_config.go b/config/store_config.go index 85f5a3c41e..83fc8e1880 100644 --- a/config/store_config.go +++ b/config/store_config.go @@ -11,16 +11,19 @@ import ( // StoreConfig is a per-store (root or mount) config type StoreConfig struct { - AskForMore bool `yaml:"askformore"` // ask for more data on generate - AutoImport bool `yaml:"autoimport"` // import missing public keys w/o asking - AutoSync bool `yaml:"autosync"` // push to git remote after commit, pull before push if necessary - ClipTimeout int `yaml:"cliptimeout"` // clear clipboard after seconds - NoConfirm bool `yaml:"noconfirm"` // do not confirm recipients when encrypting - NoPager bool `yaml:"nopager"` // do not invoke a pager to display long lists - Path string `yaml:"path"` // path to the root store - SafeContent bool `yaml:"safecontent"` // avoid showing passwords in terminal - UseSymbols bool `yaml:"usesymbols"` // always use symbols when generating passwords - NoColor bool `yaml:"nocolor"` // do not use color when outputing text + AskForMore bool `yaml:"askformore"` // ask for more data on generate + AutoImport bool `yaml:"autoimport"` // import missing public keys w/o asking + AutoSync bool `yaml:"autosync"` // push to git remote after commit, pull before push if necessary + ClipTimeout int `yaml:"cliptimeout"` // clear clipboard after seconds + CryptoBackend string `yaml:"cryptobackend"` // encryption backend (e.g. GPG, XC) + NoColor bool `yaml:"nocolor"` // do not use color when outputing text + NoConfirm bool `yaml:"noconfirm"` // do not confirm recipients when encrypting + NoPager bool `yaml:"nopager"` // do not invoke a pager to display long lists + Path string `yaml:"path"` // path to the root store + SafeContent bool `yaml:"safecontent"` // avoid showing passwords in terminal + StoreBackend string `yaml:"storebackend"` // storage backend (e.g. FS, K/V, ...) + SyncBackend string `yaml:"syncbackend"` // sync backend (e.g. GitCLI, GoGit, ...) + UseSymbols bool `yaml:"usesymbols"` // always use symbols when generating passwords } // ConfigMap returns a map of stringified config values for easy printing @@ -87,3 +90,7 @@ func (c *StoreConfig) SetConfigValue(key, value string) error { } return nil } + +func (c *StoreConfig) String() string { + return fmt.Sprintf("StoreConfig[AskForMore:%t,AutoImport:%t,AutoSync:%t,ClipTimeout:%d,CryptoBackend:%s,NoColor:%t,NoConfirm:%t,NoPager:%t,Path:%s,SafeContent:%t,SyncBackend:%s,UseSymbols:%t]", c.AskForMore, c.AutoImport, c.AutoSync, c.ClipTimeout, c.CryptoBackend, c.NoColor, c.NoConfirm, c.NoPager, c.Path, c.SafeContent, c.SyncBackend, c.UseSymbols) +} diff --git a/store/err.go b/store/err.go index 5f042ce699..7c276288a0 100644 --- a/store/err.go +++ b/store/err.go @@ -11,8 +11,8 @@ var ( ErrEncrypt = errors.Errorf("Failed to encrypt") // ErrDecrypt is returned if we failed to decrypt and entry ErrDecrypt = errors.Errorf("Failed to decrypt") - // ErrSneaky is returned if the user passes a possible malicious path to gopass - ErrSneaky = errors.Errorf("you've attempted to pass a sneaky path to gopass. go home") + // ErrIO is any kind of I/O error + ErrIO = errors.Errorf("I/O error") // ErrGitInit is returned if git is already initialized ErrGitInit = errors.Errorf("git is already initialized") // ErrGitNotInit is returned if git is not initialized diff --git a/store/root/fsck.go b/store/root/fsck.go deleted file mode 100644 index cd9e50257f..0000000000 --- a/store/root/fsck.go +++ /dev/null @@ -1,58 +0,0 @@ -package root - -import ( - "context" - - "github.com/justwatchcom/gopass/utils/out" -) - -// Fsck checks the stores integrity -func (r *Store) Fsck(ctx context.Context, prefix string) (map[string]uint64, error) { - rc := make(map[string]uint64, 10) - sh := make(map[string]string, 100) - for _, alias := range r.MountPoints() { - // check sub-store integrity - counts, err := r.mounts[alias].Fsck(ctx, alias) - if err != nil { - return rc, err - } - for k, v := range counts { - rc[k] += v - } - - out.Green(ctx, "[%s] Store (%s) checked (%d OK, %d warnings, %d errors)", alias, r.mounts[alias].Path(), counts["ok"], counts["warn"], counts["err"]) - - // check shadowing - lst, err := r.mounts[alias].List(alias) - if err != nil { - return rc, err - } - for _, e := range lst { - if a, found := sh[e]; found { - out.Yellow(ctx, "Entry %s is being shadowed by %s", e, a) - } - sh[e] = alias - } - } - - counts, err := r.store.Fsck(ctx, "root") - if err != nil { - return rc, err - } - for k, v := range counts { - rc[k] += v - } - out.Green(ctx, "[%s] Store checked (%d OK, %d warnings, %d errors)", r.store.Path(), counts["ok"], counts["warn"], counts["err"]) - // check shadowing - lst, err := r.store.List("") - if err != nil { - return rc, err - } - for _, e := range lst { - if a, found := sh[e]; found { - out.Yellow(ctx, "Entry %s is being shadowed by %s", e, a) - } - sh[e] = "" - } - return rc, nil -} diff --git a/store/root/fsck_test.go b/store/root/fsck_test.go deleted file mode 100644 index 9dabedaa4a..0000000000 --- a/store/root/fsck_test.go +++ /dev/null @@ -1,32 +0,0 @@ -package root - -import ( - "context" - "testing" - - "github.com/justwatchcom/gopass/tests/gptest" - "github.com/justwatchcom/gopass/utils/ctxutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/stretchr/testify/assert" -) - -func TestFsck(t *testing.T) { - u := gptest.NewUnitTester(t) - defer u.Remove() - - ctx := context.Background() - ctx = ctxutil.WithAlwaysYes(ctx, true) - ctx = out.WithHidden(ctx, true) - - rs, err := createRootStore(ctx, u) - assert.NoError(t, err) - - assert.NoError(t, u.InitStore("sub1")) - assert.NoError(t, u.InitStore("sub2")) - - assert.NoError(t, rs.AddMount(ctx, "sub1", u.StoreDir("sub1"))) - assert.NoError(t, rs.AddMount(ctx, "sub2", u.StoreDir("sub2"))) - - _, err = rs.Fsck(ctx, "") - assert.NoError(t, err) -} diff --git a/store/root/git.go b/store/root/git.go index 1998423839..8d2a6cab09 100644 --- a/store/root/git.go +++ b/store/root/git.go @@ -2,24 +2,27 @@ package root import ( "context" - "strings" "github.com/blang/semver" - "github.com/justwatchcom/gopass/store" - "github.com/justwatchcom/gopass/utils/out" - "github.com/pkg/errors" + "github.com/justwatchcom/gopass/backend" ) +// Sync returns the sync backend +func (r *Store) Sync(ctx context.Context, name string) backend.Sync { + _, sub, _ := r.getStore(ctx, name) + return sub.Sync() +} + // GitInit initializes the git repo -func (r *Store) GitInit(ctx context.Context, name, sk, userName, userEmail string) error { +func (r *Store) GitInit(ctx context.Context, name, userName, userEmail string) error { ctx, store, _ := r.getStore(ctx, name) - return store.GitInit(ctx, sk, userName, userEmail) + return store.GitInit(ctx, userName, userEmail) } // GitInitConfig initializes the git repos local config -func (r *Store) GitInitConfig(ctx context.Context, name, sk, userName, userEmail string) error { +func (r *Store) GitInitConfig(ctx context.Context, name, userName, userEmail string) error { ctx, store, _ := r.getStore(ctx, name) - return store.GitInitConfig(ctx, sk, userName, userEmail) + return store.GitInitConfig(ctx, userName, userEmail) } // GitVersion returns git version information @@ -44,56 +47,3 @@ func (r *Store) GitPush(ctx context.Context, name, origin, remote string) error ctx, store, _ := r.getStore(ctx, name) return store.GitPush(ctx, origin, remote) } - -// Git runs arbitrary git commands on this store and all substores -func (r *Store) Git(ctx context.Context, name string, recurse, force bool, args ...string) error { - // run on selected store only - if name != "" { - ctx, sub, _ := r.getStore(ctx, name) - ctx = out.AddPrefix(ctx, "["+name+"] ") - out.Cyan(ctx, "Running 'git %s'", strings.Join(args, " ")) - return sub.Git(ctx, args...) - } - - // run on all stores - dispName := name - if dispName == "" { - dispName = "root" - } - ctxRoot := out.AddPrefix(ctx, "["+dispName+"] ") - - out.Cyan(ctxRoot, "Running git %s", strings.Join(args, " ")) - if err := r.store.Git(ctxRoot, args...); err != nil { - if errors.Cause(err) == store.ErrGitNoRemote { - out.Yellow(ctxRoot, "Has no remote. Skipping") - } else { - if !force { - return errors.Wrapf(err, "failed to run git %s on sub store %s", strings.Join(args, " "), dispName) - } - out.Red(ctxRoot, "Failed to run 'git %s'", strings.Join(args, " ")) - } - } - - // TODO(dschulz) we could properly handle the "recurse to given substores" - // case ... - if !recurse { - return nil - } - - for _, alias := range r.MountPoints() { - ctx := out.AddPrefix(ctx, "["+alias+"] ") - out.Cyan(ctx, "Running 'git %s'", strings.Join(args, " ")) - if err := r.mounts[alias].Git(ctx, args...); err != nil { - if errors.Cause(err) == store.ErrGitNoRemote { - out.Yellow(ctx, "Has no remote. Skipping") - continue - } - if !force { - return errors.Wrapf(err, "failed to perform git %s on %s", strings.Join(args, " "), alias) - } - out.Red(ctx, "Failed to run 'git %s'", strings.Join(args, " ")) - } - } - - return nil -} diff --git a/store/root/git_test.go b/store/root/git_test.go deleted file mode 100644 index 27fc2ad6d1..0000000000 --- a/store/root/git_test.go +++ /dev/null @@ -1,25 +0,0 @@ -package root - -import ( - "context" - "testing" - - "github.com/justwatchcom/gopass/tests/gptest" - "github.com/justwatchcom/gopass/utils/ctxutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/stretchr/testify/assert" -) - -func TestGit(t *testing.T) { - u := gptest.NewUnitTester(t) - defer u.Remove() - - ctx := context.Background() - ctx = ctxutil.WithAlwaysYes(ctx, true) - ctx = out.WithHidden(ctx, true) - - rs, err := createRootStore(ctx, u) - assert.NoError(t, err) - - assert.NoError(t, rs.Git(ctx, "", true, true, "status")) -} diff --git a/store/root/gpg.go b/store/root/gpg.go index d03cd3b951..93b2c56d7e 100644 --- a/store/root/gpg.go +++ b/store/root/gpg.go @@ -3,25 +3,11 @@ package root import ( "context" - "github.com/blang/semver" - "github.com/justwatchcom/gopass/backend/crypto/gpg" + "github.com/justwatchcom/gopass/backend" ) -type gpger interface { - Binary() string - ListPublicKeys(context.Context) (gpg.KeyList, error) - FindPublicKeys(context.Context, ...string) (gpg.KeyList, error) - ListPrivateKeys(context.Context) (gpg.KeyList, error) - FindPrivateKeys(context.Context, ...string) (gpg.KeyList, error) - GetRecipients(context.Context, string) ([]string, error) - Encrypt(context.Context, string, []byte, []string) error - Decrypt(context.Context, string) ([]byte, error) - ExportPublicKey(context.Context, string, string) error - ImportPublicKey(context.Context, string) error - Version(context.Context) semver.Version -} - -// GPGVersion returns GPG version information -func (r *Store) GPGVersion(ctx context.Context) semver.Version { - return r.store.GPGVersion(ctx) +// Crypto returns the crypto backend +func (r *Store) Crypto(ctx context.Context, name string) backend.Crypto { + _, sub, _ := r.getStore(ctx, name) + return sub.Crypto() } diff --git a/store/root/gpg_test.go b/store/root/gpg_test.go deleted file mode 100644 index b863ef0b22..0000000000 --- a/store/root/gpg_test.go +++ /dev/null @@ -1,26 +0,0 @@ -package root - -import ( - "context" - "testing" - - "github.com/blang/semver" - "github.com/justwatchcom/gopass/tests/gptest" - "github.com/justwatchcom/gopass/utils/ctxutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/stretchr/testify/assert" -) - -func TestGPG(t *testing.T) { - u := gptest.NewUnitTester(t) - defer u.Remove() - - ctx := context.Background() - ctx = ctxutil.WithAlwaysYes(ctx, true) - ctx = out.WithHidden(ctx, true) - - rs, err := createRootStore(ctx, u) - assert.NoError(t, err) - - assert.Equal(t, semver.Version{}, rs.GPGVersion(ctx)) -} diff --git a/store/root/init.go b/store/root/init.go index 710df3bdc7..7f6b691a97 100644 --- a/store/root/init.go +++ b/store/root/init.go @@ -3,23 +3,40 @@ package root import ( "context" + "github.com/justwatchcom/gopass/backend" + "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/store/sub" ) // Initialized checks on disk if .gpg-id was generated and thus returns true. -func (r *Store) Initialized() bool { - return r.store.Initialized() +func (r *Store) Initialized(ctx context.Context) bool { + return r.store.Initialized(ctx) } // Init tries to initialize a new password store location matching the object func (r *Store) Init(ctx context.Context, alias, path string, ids ...string) error { - sub, err := sub.New(alias, path, r.gpg) + sub, err := sub.New(ctx, alias, path, config.Directory()) if err != nil { return err } - if !r.store.Initialized() && alias == "" { + if !r.store.Initialized(ctx) && alias == "" { r.store = sub } - return sub.Init(ctx, path, ids...) + if err := sub.Init(ctx, path, ids...); err != nil { + return err + } + if alias == "" { + r.cfg.Root.CryptoBackend = backend.CryptoBackendName(backend.GetCryptoBackend(ctx)) + r.cfg.Root.SyncBackend = backend.SyncBackendName(backend.GetSyncBackend(ctx)) + r.cfg.Root.StoreBackend = backend.StoreBackendName(backend.GetStoreBackend(ctx)) + } else { + if sc := r.cfg.Mounts[alias]; sc == nil { + r.cfg.Mounts[alias] = &config.StoreConfig{} + } + r.cfg.Mounts[alias].CryptoBackend = backend.CryptoBackendName(backend.GetCryptoBackend(ctx)) + r.cfg.Mounts[alias].SyncBackend = backend.SyncBackendName(backend.GetSyncBackend(ctx)) + r.cfg.Mounts[alias].StoreBackend = backend.StoreBackendName(backend.GetStoreBackend(ctx)) + } + return nil } diff --git a/store/root/init_test.go b/store/root/init_test.go index dae085aff8..a23fa3a188 100644 --- a/store/root/init_test.go +++ b/store/root/init_test.go @@ -4,6 +4,8 @@ import ( "context" "testing" + "github.com/justwatchcom/gopass/backend" + "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/tests/gptest" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/out" @@ -17,9 +19,15 @@ func TestInit(t *testing.T) { ctx := context.Background() ctx = ctxutil.WithAlwaysYes(ctx, true) ctx = out.WithHidden(ctx, true) + ctx = backend.WithCryptoBackend(ctx, backend.GPGMock) - rs, err := createRootStore(ctx, u) + cfg := config.New() + cfg.Root.Path = u.StoreDir("rs") + rs, err := New(ctx, cfg) assert.NoError(t, err) - assert.Error(t, rs.Init(ctx, "", "")) + assert.Equal(t, false, rs.Initialized(ctx)) + assert.NoError(t, rs.Init(ctx, "", u.StoreDir("rs"), "0xDEADBEEF")) + assert.Equal(t, true, rs.Initialized(ctx)) + assert.NoError(t, rs.Init(ctx, "rs2", u.StoreDir("rs2"), "0xDEADBEEF")) } diff --git a/store/root/list.go b/store/root/list.go index a43bd036a3..8f3474e3a5 100644 --- a/store/root/list.go +++ b/store/root/list.go @@ -52,7 +52,7 @@ func (r *Store) Tree(ctx context.Context) (tree.Tree, error) { } } - sf, err := r.store.List("") + sf, err := r.store.List(ctx, "") if err != nil { return nil, err } @@ -69,7 +69,7 @@ func (r *Store) Tree(ctx context.Context) (tree.Tree, error) { if err := root.AddMount(alias, substore.Path()); err != nil { return nil, errors.Errorf("failed to add mount: %s", err) } - sf, err := substore.List(alias) + sf, err := substore.List(ctx, alias) if err != nil { return nil, errors.Errorf("failed to add file: %s", err) } diff --git a/store/root/mount.go b/store/root/mount.go index ba29babe91..6a3a539ef5 100644 --- a/store/root/mount.go +++ b/store/root/mount.go @@ -6,6 +6,7 @@ import ( "strings" "github.com/fatih/color" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/store" "github.com/justwatchcom/gopass/store/sub" @@ -37,12 +38,21 @@ func (r *Store) addMount(ctx context.Context, alias, path string, sc *config.Sto } // propagate our config settings to the sub store - s, err := sub.New(alias, path, r.gpg) + if sc != nil { + if !backend.HasCryptoBackend(ctx) { + ctx = backend.WithCryptoBackendString(ctx, sc.CryptoBackend) + } + if !backend.HasSyncBackend(ctx) { + ctx = backend.WithSyncBackendString(ctx, sc.SyncBackend) + } + } + s, err := sub.New(ctx, alias, path, config.Directory()) if err != nil { return errors.Wrapf(err, "failed to initialize store '%s' at '%s': %s", alias, path, err) } - if !s.Initialized() { + if !s.Initialized(ctx) { + out.Debug(ctx, "[%s] Mount %s is not initialized", alias, path) if len(keys) < 1 { return errors.Errorf("password store %s is not initialized. Try gopass init --store %s --path %s", alias, alias, path) } @@ -64,6 +74,9 @@ func (r *Store) addMount(ctx context.Context, alias, path string, sc *config.Sto // values cp := *r.cfg.Root sc = &cp + sc.CryptoBackend = backend.CryptoBackendName(backend.GetCryptoBackend(ctx)) + sc.SyncBackend = backend.SyncBackendName(backend.GetSyncBackend(ctx)) + sc.StoreBackend = backend.StoreBackendName(backend.GetStoreBackend(ctx)) } if path != "" { sc.Path = path diff --git a/store/root/mount_test.go b/store/root/mount_test.go index 507abc5c53..64069637d2 100644 --- a/store/root/mount_test.go +++ b/store/root/mount_test.go @@ -23,4 +23,14 @@ func TestMount(t *testing.T) { assert.Equal(t, map[string]string{}, rs.Mounts()) assert.Equal(t, []string{}, rs.MountPoints()) + + sub, err := rs.GetSubStore("") + assert.NoError(t, err) + assert.NotNil(t, sub) + + sub, err = rs.GetSubStore("foo") + assert.Error(t, err) + assert.Nil(t, sub) + + assert.Error(t, rs.RemoveMount(ctx, "foo")) } diff --git a/store/root/recipients.go b/store/root/recipients.go index 796a9602c9..6cc65a0473 100644 --- a/store/root/recipients.go +++ b/store/root/recipients.go @@ -32,14 +32,15 @@ func (r *Store) RemoveRecipient(ctx context.Context, store, rec string) error { } func (r *Store) addRecipient(ctx context.Context, prefix string, root tree.Tree, recp string, pretty bool) error { + ctx, sub, _ := r.getStore(ctx, prefix) key := fmt.Sprintf("%s (missing public key)", recp) - kl, err := r.gpg.FindPublicKeys(ctx, recp) + kl, err := sub.Crypto().FindPublicKeys(ctx, recp) if err == nil { if len(kl) > 0 { if pretty { - key = kl[0].OneLine() + key = sub.Crypto().FormatKey(ctx, kl[0]) } else { - key = kl[0].Fingerprint + key = kl[0] } } } diff --git a/store/root/recipients_test.go b/store/root/recipients_test.go index 40069e72fd..407bca8d40 100644 --- a/store/root/recipients_test.go +++ b/store/root/recipients_test.go @@ -26,5 +26,5 @@ func TestRecipients(t *testing.T) { assert.Equal(t, []string{"0xDEADBEEF"}, rs.ListRecipients(ctx, "")) rt, err := rs.RecipientsTree(ctx, false) assert.NoError(t, err) - assert.Equal(t, "gopass\n└── 0xDEADBEEF (missing public key)\n", rt.Format(0)) + assert.Equal(t, "gopass\n└── 0xDEADBEEF\n", rt.Format(0)) } diff --git a/store/root/store.go b/store/root/store.go index cf7407172f..5139e0d18f 100644 --- a/store/root/store.go +++ b/store/root/store.go @@ -5,6 +5,7 @@ import ( "fmt" "strings" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/store/sub" "github.com/justwatchcom/gopass/utils/fsutil" @@ -15,7 +16,6 @@ import ( // Store is the public facing password store type Store struct { cfg *config.Config - gpg gpger mounts map[string]*sub.Store path string // path to the root store store *sub.Store @@ -23,7 +23,7 @@ type Store struct { } // New creates a new store -func New(ctx context.Context, cfg *config.Config, gpg gpger) (*Store, error) { +func New(ctx context.Context, cfg *config.Config) (*Store, error) { if cfg == nil { cfg = &config.Config{} } @@ -32,14 +32,19 @@ func New(ctx context.Context, cfg *config.Config, gpg gpger) (*Store, error) { } r := &Store{ cfg: cfg, - gpg: gpg, mounts: make(map[string]*sub.Store, len(cfg.Mounts)), path: cfg.Root.Path, version: cfg.Version, } // create the base store - s, err := sub.New("", r.Path(), gpg) + if !backend.HasCryptoBackend(ctx) { + ctx = backend.WithCryptoBackendString(ctx, cfg.Root.CryptoBackend) + } + if !backend.HasSyncBackend(ctx) { + ctx = backend.WithSyncBackendString(ctx, cfg.Root.SyncBackend) + } + s, err := sub.New(ctx, "", r.Path(), config.Directory()) if err != nil { return nil, errors.Wrapf(err, "failed to initialize the root store at '%s': %s", r.Path(), err) } @@ -49,7 +54,7 @@ func New(ctx context.Context, cfg *config.Config, gpg gpger) (*Store, error) { for alias, sc := range cfg.Mounts { path := fsutil.CleanPath(sc.Path) if err := r.addMount(ctx, alias, path, sc); err != nil { - out.Red(ctx, "Failed to initialize mount %s (%s): %s. Ignoring", alias, path, err) + out.Red(ctx, "Failed to initialize mount %s (%s). Ignoring: %s", alias, path, err) continue } } @@ -65,13 +70,13 @@ func New(ctx context.Context, cfg *config.Config, gpg gpger) (*Store, error) { // Exists checks the existence of a single entry func (r *Store) Exists(ctx context.Context, name string) bool { _, store, name := r.getStore(ctx, name) - return store.Exists(name) + return store.Exists(ctx, name) } // IsDir checks if a given key is actually a folder func (r *Store) IsDir(ctx context.Context, name string) bool { _, store, name := r.getStore(ctx, name) - return store.IsDir(name) + return store.IsDir(ctx, name) } func (r *Store) String() string { @@ -91,3 +96,9 @@ func (r *Store) Path() string { func (r *Store) Alias() string { return "" } + +// Store returns the storage backend for the given mount point +func (r *Store) Store(ctx context.Context, name string) backend.Store { + _, sub, _ := r.getStore(ctx, name) + return sub.Store() +} diff --git a/store/root/store_test.go b/store/root/store_test.go index 4128913e7d..ec45ec511d 100644 --- a/store/root/store_test.go +++ b/store/root/store_test.go @@ -7,7 +7,7 @@ import ( "path" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/tests/gptest" "github.com/stretchr/testify/assert" @@ -106,9 +106,18 @@ func TestListNested(t *testing.T) { lst := tree.List(0) sort.Strings(lst) assert.Equal(t, ents, lst) + + assert.Equal(t, false, rs.Exists(ctx, "sub1")) + // TODO create entry and text Exists == true + assert.Equal(t, true, rs.IsDir(ctx, "sub1")) + //assert.Equal(t, "", rs.String()) // TODO + assert.Equal(t, "", rs.Alias()) + assert.NotNil(t, rs.Store(ctx, "sub1")) } func createRootStore(ctx context.Context, u *gptest.Unit) (*Store, error) { + ctx = backend.WithSyncBackendString(ctx, "gitmock") + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") return New( ctx, &config.Config{ @@ -116,6 +125,5 @@ func createRootStore(ctx context.Context, u *gptest.Unit) (*Store, error) { Path: u.StoreDir(""), }, }, - gpgmock.New(), ) } diff --git a/store/root/templates.go b/store/root/templates.go index 340da848dc..49302b4204 100644 --- a/store/root/templates.go +++ b/store/root/templates.go @@ -14,7 +14,7 @@ import ( // LookupTemplate will lookup and return a template func (r *Store) LookupTemplate(ctx context.Context, name string) ([]byte, bool) { _, store, name := r.getStore(ctx, name) - return store.LookupTemplate(name) + return store.LookupTemplate(ctx, name) } // TemplateTree returns a tree of all templates @@ -50,23 +50,23 @@ func (r *Store) TemplateTree(ctx context.Context) (tree.Tree, error) { // HasTemplate returns true if the template exists func (r *Store) HasTemplate(ctx context.Context, name string) bool { _, store, name := r.getStore(ctx, name) - return store.HasTemplate(name) + return store.HasTemplate(ctx, name) } // GetTemplate will return the content of the named template func (r *Store) GetTemplate(ctx context.Context, name string) ([]byte, error) { _, store, name := r.getStore(ctx, name) - return store.GetTemplate(name) + return store.GetTemplate(ctx, name) } // SetTemplate will (over)write the content to the template file func (r *Store) SetTemplate(ctx context.Context, name string, content []byte) error { _, store, name := r.getStore(ctx, name) - return store.SetTemplate(name, content) + return store.SetTemplate(ctx, name, content) } // RemoveTemplate will delete the named template if it exists func (r *Store) RemoveTemplate(ctx context.Context, name string) error { _, store, name := r.getStore(ctx, name) - return store.RemoveTemplate(name) + return store.RemoveTemplate(ctx, name) } diff --git a/store/root/templates_test.go b/store/root/templates_test.go index 655c35559b..dffc55c498 100644 --- a/store/root/templates_test.go +++ b/store/root/templates_test.go @@ -34,9 +34,11 @@ func TestTemplate(t *testing.T) { assert.NoError(t, rs.SetTemplate(ctx, "foo", []byte("foobar"))) assert.Equal(t, true, rs.HasTemplate(ctx, "foo")) + b, err := rs.GetTemplate(ctx, "foo") assert.NoError(t, err) assert.Equal(t, "foobar", string(b)) + b, found := rs.LookupTemplate(ctx, "foo/bar") assert.Equal(t, true, found) assert.Equal(t, "foobar", string(b)) diff --git a/store/sub/context_test.go b/store/sub/context_test.go index dd2d4710e8..0d32032e83 100644 --- a/store/sub/context_test.go +++ b/store/sub/context_test.go @@ -73,6 +73,7 @@ func TestFsckFunc(t *testing.T) { return true } assert.NotNil(t, GetFsckFunc(ctx)) + assert.Equal(t, true, GetFsckFunc(ctx)(ctx, "")) assert.Equal(t, true, GetFsckFunc(WithFsckFunc(ctx, ffunc))(ctx, "")) assert.Equal(t, true, HasFsckFunc(WithFsckFunc(ctx, ffunc))) } diff --git a/store/sub/fsck.go b/store/sub/fsck.go deleted file mode 100644 index f6763a24b7..0000000000 --- a/store/sub/fsck.go +++ /dev/null @@ -1,247 +0,0 @@ -package sub - -import ( - "context" - "os" - "path/filepath" - "strings" - "syscall" - - "github.com/justwatchcom/gopass/backend/crypto/gpg" - "github.com/justwatchcom/gopass/utils/fsutil" - "github.com/justwatchcom/gopass/utils/out" - "github.com/pkg/errors" -) - -// Fsck checks this stores integrity -func (s *Store) Fsck(ctx context.Context, prefix string) (map[string]uint64, error) { - rs, err := s.GetRecipients(ctx, "") - if err != nil { - return nil, errors.Wrapf(err, "failed to get recipients") - } - - storeRec, err := s.gpg.FindPublicKeys(ctx, rs...) - if err != nil { - out.Red(ctx, "Failed to list recipients: %s", err) - } - - counts := make(map[string]uint64, 5) - countFn := func(t string) { - counts[t]++ - } - - path, err := filepath.EvalSymlinks(s.path) - if err != nil { - return counts, err - } - err = filepath.Walk(path, s.mkStoreWalkerFsckFunc(ctx, prefix, storeRec, countFn)) - return counts, err -} - -// mkStoreFsckWalkerFunc create a func to walk a (sub)store, i.e. list it's content -func (s *Store) mkStoreWalkerFsckFunc(ctx context.Context, prefix string, storeRec gpg.KeyList, countFn func(string)) func(string, os.FileInfo, error) error { - shadowMap := make(map[string]struct{}, 100) - return func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() && strings.HasPrefix(info.Name(), ".") && path != s.path { - return filepath.SkipDir - } - if info.IsDir() && (info.Name() == "." || info.Name() == "..") { - return filepath.SkipDir - } - if info.IsDir() && info.Name() == ".git" { - return filepath.SkipDir - } - if info.IsDir() { - return s.fsckCheckDir(ctx, prefix, path, shadowMap, countFn) - } - return s.fsckCheckFile(ctx, prefix, path, storeRec, shadowMap, countFn) - } -} - -// fsckCheckDir checks a directory, mostly for it's permissions -func (s *Store) fsckCheckDir(ctx context.Context, prefix, fn string, sh map[string]struct{}, countFn func(string)) error { - askFunc := GetFsckFunc(ctx) - fi, err := os.Stat(fn) - if err != nil { - out.Red(ctx, "[%s] Failed to check %s: %s\n", prefix, fn, err) - countFn("err") - return nil - } - // check for shadowing - name := s.filenameToName(fn) - if _, found := sh[name]; found { - out.Yellow(ctx, "[%s] Shadowed %s by %s", name, fn) - countFn("warn") - } - sh[name] = struct{}{} - // check if any group or other perms are set, - // i.e. check for perms other than rwx------ - if fi.Mode().Perm()&077 != 0 { - out.Yellow(ctx, "[%s] Permissions too wide: %s (%s)", prefix, fn, fi.Mode().Perm().String()) - countFn("warn") - if !IsFsckCheck(ctx) && (IsFsckForce(ctx) || askFunc(ctx, "Fix permissions?")) { - np := uint32(fi.Mode().Perm() & 0700) - out.Green(ctx, "[%s] Fixing permissions from %s to %s", prefix, fi.Mode().Perm().String(), os.FileMode(np).Perm().String()) - countFn("fixed") - if err := syscall.Chmod(fn, np); err != nil { - out.Red(ctx, "[%s] Failed to set permissions for %s to rwx------: %s", prefix, fn, err) - countFn("err") - } - } - } - // check for empty folders - isEmpty, err := fsutil.IsEmptyDir(fn) - if err != nil { - return errors.Wrapf(err, "failed to check if '%s' is empty", fn) - } - if isEmpty { - out.Yellow(ctx, "[%s] Empty folder: %s", prefix, fn) - countFn("warn") - if !IsFsckCheck(ctx) && (IsFsckForce(ctx) || askFunc(ctx, "Remove empty folder?")) { - out.Green(ctx, "[%s] Removing empty folder %s", prefix, fn) - if err := os.RemoveAll(fn); err != nil { - out.Red(ctx, "[%s] Failed to remove folder %s: %s", fn, err) - countFn("err") - } else { - countFn("fixed") - } - } - return filepath.SkipDir - } - return nil -} - -func (s *Store) fsckCheckFile(ctx context.Context, prefix, fn string, storeRec gpg.KeyList, sh map[string]struct{}, countFn func(string)) error { - askFunc := GetFsckFunc(ctx) - fi, err := os.Stat(fn) - if err != nil { - out.Red(ctx, "[%s] Failed to check %s: %s\n", prefix, fn, err) - countFn("err") - return nil - } - - // check if any group or other perms are set, - // i.e. check for perms other than rw------- - fsckCheckFilePerms(ctx, fi, prefix, fn, countFn) - - // we check all files (secrets and meta-data) for permissions, - // but all other checks are only applied to secrets (which end in .gpg) - if !strings.HasSuffix(fn, ".gpg") { - return nil - } - - // check for shadowing - name := s.filenameToName(fn) - if _, found := sh[name]; found { - out.Yellow(ctx, "[%s] Shadowed %s by %s", prefix, name, fn) - countFn("warn") - } - sh[name] = struct{}{} - - // check that we can decrypt this file - if err := s.fsckCheckSelfDecrypt(ctx, fn); err != nil { - out.Red(ctx, "[%s] Secret Key missing. Can't fix: %s", prefix, fn) - countFn("err") - return nil - } - - // get the IDs this file was encrypted for - fileRec, err := s.gpg.GetRecipients(ctx, fn) - if err != nil { - out.Red(ctx, "[%s] Failed to check recipients: %s (%s)", prefix, fn, err) - countFn("err") - return nil - } - - // check that each recipient of the file is in the current - // recipient list - for _, rec := range fileRec { - s.fsckCheckRecipients(ctx, rec, storeRec, prefix, fn, countFn) - } - - // check that each recipient of the store can actually decrypt this file - for _, key := range storeRec { - if err := fsckCheckRecipientsInSubkeys(key, fileRec); err == nil { - continue - } - out.Yellow(ctx, "[%s] Recipient missing %s: %s", prefix, name, key.ID()) - countFn("warn") - if !IsFsckCheck(ctx) && (IsFsckForce(ctx) || askFunc(ctx, "Fix recipients?")) { - if err := s.fsckFixRecipients(ctx, fn); err != nil { - out.Red(ctx, "[%s] Failed to fix recipients for %s: %s\n", prefix, fn, err) - countFn("err") - } - } - } - return nil -} - -func (s *Store) fsckCheckRecipients(ctx context.Context, rec string, storeRec gpg.KeyList, prefix, fn string, countFn func(string)) { - if _, err := storeRec.FindKey(rec); err == nil { - // the recipient is (still) present in the recipients file of the store - return - } - - // the recipient is not present in the recipients file of the store - out.Yellow(ctx, "[%s] Extra recipient found %s: %s", prefix, fn, rec) - countFn("warn") - if !IsFsckCheck(ctx) && (IsFsckForce(ctx) || GetFsckFunc(ctx)(ctx, "Fix recipients?")) { - if err := s.fsckFixRecipients(ctx, fn); err != nil { - out.Red(ctx, "[%s] Failed to fix recipients for %s: %s", prefix, fn, err) - countFn("err") - } - } -} - -func fsckCheckFilePerms(ctx context.Context, fi os.FileInfo, prefix, fn string, countFn func(string)) { - if fi.Mode().Perm()&0177 == 0 { - return - } - out.Yellow(ctx, "[%s] Permissions too wide: %s (%s)", prefix, fn, fi.Mode().String()) - countFn("warn") - - if IsFsckCheck(ctx) { - return - } - - if !IsFsckForce(ctx) && !GetFsckFunc(ctx)(ctx, "Fix permissions?") { - return - } - - np := uint32(fi.Mode().Perm() & 0600) - out.Green(ctx, "[%s] Fixing permissions from %s to %s", prefix, fi.Mode().Perm().String(), os.FileMode(np).Perm().String()) - if err := syscall.Chmod(fn, np); err != nil { - out.Red(ctx, "[%s] Failed to set permissions for %s to rw-------: %s", prefix, fn, err) - countFn("err") - } else { - countFn("fixed") - } -} - -func fsckCheckRecipientsInSubkeys(key gpg.Key, recipients []string) error { - for _, rec := range recipients { - for k := range key.SubKeys { - if strings.HasSuffix(k, rec) { - return nil - } - } - } - return errors.Errorf("None of the Recipients matches a subkey") -} - -func (s *Store) fsckCheckSelfDecrypt(ctx context.Context, fn string) error { - _, err := s.Get(ctx, s.filenameToName(fn)) - return errors.Wrapf(err, "failed to decode secret") -} - -func (s *Store) fsckFixRecipients(ctx context.Context, fn string) error { - name := s.filenameToName(fn) - content, err := s.Get(ctx, s.filenameToName(fn)) - if err != nil { - return errors.Wrapf(err, "failed to decode secret") - } - return s.Set(WithReason(ctx, "fsck fix recipients"), name, content) -} diff --git a/store/sub/fsck_test.go b/store/sub/fsck_test.go deleted file mode 100644 index 27d24119c8..0000000000 --- a/store/sub/fsck_test.go +++ /dev/null @@ -1,34 +0,0 @@ -package sub - -import ( - "bytes" - "context" - "io/ioutil" - "os" - "testing" - - "github.com/justwatchcom/gopass/utils/out" - "github.com/stretchr/testify/assert" -) - -func TestFsck(t *testing.T) { - ctx := context.Background() - - tempdir, err := ioutil.TempDir("", "gopass-") - assert.NoError(t, err) - defer func() { - _ = os.RemoveAll(tempdir) - }() - - obuf := &bytes.Buffer{} - out.Stdout = obuf - defer func() { - out.Stdout = os.Stdout - }() - - s, err := createSubStore(tempdir) - assert.NoError(t, err) - - _, err = s.Fsck(ctx, "") - assert.NoError(t, err) -} diff --git a/store/sub/git.go b/store/sub/git.go index bad85e64ba..407ab3b670 100644 --- a/store/sub/git.go +++ b/store/sub/git.go @@ -2,71 +2,68 @@ package sub import ( "context" - "os" + "fmt" "github.com/blang/semver" + "github.com/justwatchcom/gopass/backend" gitcli "github.com/justwatchcom/gopass/backend/sync/git/cli" "github.com/justwatchcom/gopass/backend/sync/git/gogit" + "github.com/justwatchcom/gopass/utils/out" "github.com/pkg/errors" ) -type giter interface { - Add(context.Context, ...string) error - AddRemote(context.Context, string, string) error - Cmd(context.Context, string, ...string) error - Commit(context.Context, string) error - InitConfig(context.Context, string, string, string) error - Pull(context.Context, string, string) error - Push(context.Context, string, string) error - Version(context.Context) semver.Version +// Sync returns the sync backend +func (s *Store) Sync() backend.Sync { + return s.sync } // GitInit initializes the the git repo in the store -func (s *Store) GitInit(ctx context.Context, sk, un, ue string) error { - if gg := os.Getenv("GOPASS_EXPERIMENTAL_GOGIT"); gg != "" { +func (s *Store) GitInit(ctx context.Context, un, ue string) error { + switch backend.GetSyncBackend(ctx) { + case backend.GoGit: + out.Cyan(ctx, "WARNING: Using experimental sync backend 'go-git'") git, err := gogit.Init(ctx, s.path) if err != nil { return errors.Wrapf(err, "failed to init git: %s", err) } - s.git = git + s.sync = git return nil + case backend.GitCLI: + git, err := gitcli.Init(ctx, s.path, un, ue) + if err != nil { + return errors.Wrapf(err, "failed to init git: %s", err) + } + s.sync = git + return nil + case backend.GitMock: + out.Cyan(ctx, "WARNING: Initializing with no-op (mock) git backend") + return nil + default: + return fmt.Errorf("Unknown Sync Backend: %d", backend.GetSyncBackend(ctx)) } - - git, err := gitcli.Init(ctx, s.path, s.gpg.Binary(), sk, un, ue) - if err != nil { - return errors.Wrapf(err, "failed to init git: %s", err) - } - s.git = git - return nil } // GitInitConfig (re-)intializes the git config in an existing repo -func (s *Store) GitInitConfig(ctx context.Context, sk, un, ue string) error { - return s.git.InitConfig(ctx, sk, un, ue) +func (s *Store) GitInitConfig(ctx context.Context, un, ue string) error { + return s.sync.InitConfig(ctx, un, ue) } // GitVersion returns the git version func (s *Store) GitVersion(ctx context.Context) semver.Version { - return s.git.Version(ctx) -} - -// Git channels any git subcommand to git in the store -// TODO remove this command, doesn't work with gogit -func (s *Store) Git(ctx context.Context, args ...string) error { - return s.git.Cmd(ctx, "Git", args...) + return s.sync.Version(ctx) } // GitAddRemote adds a new remote func (s *Store) GitAddRemote(ctx context.Context, remote, url string) error { - return s.git.AddRemote(ctx, remote, url) + return s.sync.AddRemote(ctx, remote, url) } // GitPull performs a git pull func (s *Store) GitPull(ctx context.Context, origin, branch string) error { - return s.git.Pull(ctx, origin, branch) + return s.sync.Pull(ctx, origin, branch) } // GitPush performs a git push func (s *Store) GitPush(ctx context.Context, origin, branch string) error { - return s.git.Push(ctx, origin, branch) + return s.sync.Push(ctx, origin, branch) } diff --git a/store/sub/git_test.go b/store/sub/git_test.go index c36366ed8d..cc5aaea01e 100644 --- a/store/sub/git_test.go +++ b/store/sub/git_test.go @@ -6,6 +6,9 @@ import ( "os" "testing" + "github.com/blang/semver" + "github.com/justwatchcom/gopass/backend" + "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/stretchr/testify/assert" ) @@ -21,10 +24,19 @@ func TestGit(t *testing.T) { s, err := createSubStore(tempdir) assert.NoError(t, err) - assert.NoError(t, s.Git(ctx, "status")) + assert.NotNil(t, s.Sync()) + assert.Equal(t, "git-mock", s.Sync().Name()) + assert.NoError(t, s.GitInitConfig(ctx, "foo", "bar@baz.com")) + assert.Equal(t, semver.Version{}, s.GitVersion(ctx)) + assert.NoError(t, s.GitAddRemote(ctx, "foo", "bar")) + assert.NoError(t, s.GitPull(ctx, "origin", "master")) assert.NoError(t, s.GitPush(ctx, "origin", "master")) - t.Skip("flaky") - assert.NoError(t, s.GitInit(ctx, "", "", "")) - assert.NoError(t, s.Git(ctx, "status")) + assert.NoError(t, s.GitInit(ctx, "", "")) + assert.NoError(t, s.GitInit(backend.WithSyncBackend(ctx, backend.GitMock), "", "")) + assert.NoError(t, s.GitInit(backend.WithSyncBackend(ctx, backend.GoGit), "", "")) + assert.Error(t, s.GitInit(backend.WithSyncBackend(ctx, -1), "", "")) + + ctx = ctxutil.WithDebug(ctx, true) + assert.NoError(t, s.GitInit(backend.WithSyncBackend(ctx, backend.GitCLI), "Foo Bar", "foo.bar@example.org")) } diff --git a/store/sub/gpg.go b/store/sub/gpg.go index e9d82aae5a..294e80dbfb 100644 --- a/store/sub/gpg.go +++ b/store/sub/gpg.go @@ -3,34 +3,16 @@ package sub import ( "context" "fmt" - "os" "path/filepath" - "github.com/blang/semver" - "github.com/justwatchcom/gopass/backend/crypto/gpg" - "github.com/justwatchcom/gopass/utils/fsutil" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/utils/out" "github.com/pkg/errors" - "golang.org/x/crypto/openpgp" ) -type gpger interface { - Binary() string - ListPublicKeys(context.Context) (gpg.KeyList, error) - FindPublicKeys(context.Context, ...string) (gpg.KeyList, error) - ListPrivateKeys(context.Context) (gpg.KeyList, error) - FindPrivateKeys(context.Context, ...string) (gpg.KeyList, error) - GetRecipients(context.Context, string) ([]string, error) - Encrypt(context.Context, string, []byte, []string) error - Decrypt(context.Context, string) ([]byte, error) - ExportPublicKey(context.Context, string, string) error - ImportPublicKey(context.Context, string) error - Version(context.Context) semver.Version -} - -// GPGVersion returns parsed GPG version information -func (s *Store) GPGVersion(ctx context.Context) semver.Version { - return s.gpg.Version(ctx) +// Crypto returns the crypto backend +func (s *Store) Crypto() backend.Crypto { + return s.crypto } // ImportMissingPublicKeys will try to import any missing public keys from the @@ -46,7 +28,7 @@ func (s *Store) ImportMissingPublicKeys(ctx context.Context) error { // we could list all keys outside the loop and just do the lookup here // but this way we ensure to use the exact same lookup logic as // gpg does on encryption - kl, err := s.gpg.FindPublicKeys(ctx, r) + kl, err := s.crypto.FindPublicKeys(ctx, r) if err != nil { out.Red(ctx, "[%s] Failed to get public key for %s: %s", s.alias, r, err) } @@ -80,84 +62,61 @@ func (s *Store) ImportMissingPublicKeys(ctx context.Context) error { return nil } -// export an ASCII armored public key -func (s *Store) exportPublicKey(ctx context.Context, r string) (string, error) { - filedir := filepath.Join(s.path, keyDir) - - // make sure dir exists - if !fsutil.IsDir(filedir) { - if err := os.Mkdir(filedir, 0700); err != nil { - return "", err +func (s *Store) decodePublicKey(ctx context.Context, r string) ([]string, error) { + for _, kd := range []string{keyDir, oldKeyDir} { + filename := filepath.Join(kd, r) + if !s.store.Exists(ctx, filename) { + out.Debug(ctx, "Public Key %s not found at %s", r, filename) + continue + } + buf, err := s.store.Get(ctx, filename) + if err != nil { + return nil, errors.Errorf("Unable to read Public Key %s %s: %s", r, filename, err) } + return s.crypto.ReadNamesFromKey(ctx, buf) } + return nil, errors.Errorf("Public Key %s not found", r) +} - filename := filepath.Join(filedir, r) +// export an ASCII armored public key +func (s *Store) exportPublicKey(ctx context.Context, r string) (string, error) { + filename := filepath.Join(keyDir, r) // do not overwrite existing keys - if fsutil.IsFile(filename) { + if s.store.Exists(ctx, filename) { return "", nil } - tmpFilename := filename + ".new" - if err := s.gpg.ExportPublicKey(ctx, r, tmpFilename); err != nil { - return "", err - } - - defer func() { - _ = os.Remove(tmpFilename) - }() - - fi, err := os.Stat(tmpFilename) + pk, err := s.crypto.ExportPublicKey(ctx, r) if err != nil { - return "", err + return "", errors.Wrapf(err, "failed to export public key") } // ECC keys are at least 700 byte, RSA should be a lot bigger - if fi.Size() < 256 { + if len(pk) < 32 { return "", errors.New("exported key too small") } - if err := os.Rename(tmpFilename, filename); err != nil { - return "", err + if err := s.store.Set(ctx, filename, pk); err != nil { + return "", errors.Wrapf(err, "failed to write exported public key to store") } return filename, nil } -func (s *Store) decodePublicKey(ctx context.Context, r string) ([]string, error) { - filename := filepath.Join(s.path, keyDir, r) - if !fsutil.IsFile(filename) { - return nil, errors.Errorf("Public Key %s not found at %s", r, filename) - } - - fh, err := os.Open(filename) - if err != nil { - return nil, err - } - defer func() { - _ = fh.Close() - }() - - el, err := openpgp.ReadArmoredKeyRing(fh) - if err != nil { - return nil, err - } - if len(el) != 1 { - return nil, fmt.Errorf("Public Key must contain exactly one Entity") - } - names := make([]string, 0, len(el[0].Identities)) - for _, v := range el[0].Identities { - names = append(names, v.Name) - } - return names, nil -} - // import an public key into the default keyring func (s *Store) importPublicKey(ctx context.Context, r string) error { - filename := filepath.Join(s.path, keyDir, r) - if !fsutil.IsFile(filename) { - return errors.Errorf("Public Key %s not found at %s", r, filename) + for _, kd := range []string{keyDir, oldKeyDir} { + filename := filepath.Join(kd, r) + if !s.store.Exists(ctx, filename) { + out.Debug(ctx, "Public Key %s not found at %s", r, filename) + continue + } + pk, err := s.store.Get(ctx, filename) + if err != nil { + return err + } + return s.crypto.ImportPublicKey(ctx, pk) } - - return s.gpg.ImportPublicKey(ctx, filename) + return fmt.Errorf("Public Key not found in store") } diff --git a/store/sub/gpg_test.go b/store/sub/gpg_test.go index b2b1f54951..e03addd3bd 100644 --- a/store/sub/gpg_test.go +++ b/store/sub/gpg_test.go @@ -8,6 +8,7 @@ import ( "testing" "github.com/justwatchcom/gopass/utils/out" + "github.com/muesli/goprogressbar" "github.com/stretchr/testify/assert" ) @@ -22,15 +23,20 @@ func TestGPG(t *testing.T) { obuf := &bytes.Buffer{} out.Stdout = obuf + goprogressbar.Stdout = obuf defer func() { out.Stdout = os.Stdout + goprogressbar.Stdout = os.Stdout }() s, err := createSubStore(tempdir) assert.NoError(t, err) - sv := s.GPGVersion(ctx) - t.Logf("GPG-Version: %s", sv.String()) + assert.NoError(t, s.ImportMissingPublicKeys(ctx)) + + newRecp := "A3683834" + err = s.AddRecipient(ctx, newRecp) + assert.NoError(t, err) assert.NoError(t, s.ImportMissingPublicKeys(ctx)) } diff --git a/store/sub/init.go b/store/sub/init.go index 0183de8142..5766d81b7d 100644 --- a/store/sub/init.go +++ b/store/sub/init.go @@ -4,19 +4,18 @@ import ( "context" "strings" - "github.com/justwatchcom/gopass/utils/fsutil" "github.com/justwatchcom/gopass/utils/out" "github.com/pkg/errors" ) // Initialized returns true if the store is properly initialized -func (s *Store) Initialized() bool { - return fsutil.IsFile(s.idFile("")) +func (s *Store) Initialized(ctx context.Context) bool { + return s.store.Exists(ctx, s.idFile(ctx, "")) } // Init tries to initialize a new password store location matching the object func (s *Store) Init(ctx context.Context, path string, ids ...string) error { - if s.Initialized() { + if s.Initialized(ctx) { return errors.Errorf(`Found already initialized store at %s. You can add secondary stores with gopass init --path --store `, path) } @@ -28,24 +27,23 @@ You can add secondary stores with gopass init --path - if id == "" { continue } - kl, err := s.gpg.FindPublicKeys(ctx, id) - if err != nil || len(kl) < 1 { + kl, err := s.crypto.FindPublicKeys(ctx, id) + if err != nil { out.Red(ctx, "Failed to fetch public key for '%s': %s", id, err) continue } - kl = kl.UseableKeys() if len(kl) < 1 { out.Red(ctx, "No useable keys for '%s'", id) continue } - recipients = append(recipients, kl[0].Fingerprint) + recipients = append(recipients, kl[0]) } if len(recipients) < 1 { return errors.Errorf("failed to initialize store: no valid recipients given") } - kl, err := s.gpg.FindPrivateKeys(ctx, recipients...) + kl, err := s.crypto.FindPrivateKeys(ctx, recipients...) if err != nil { return errors.Errorf("Failed to get available private keys: %s", err) } diff --git a/store/sub/list.go b/store/sub/list.go index e7e73a23e4..5bc6c1301b 100644 --- a/store/sub/list.go +++ b/store/sub/list.go @@ -1,7 +1,7 @@ package sub import ( - "os" + "context" "path/filepath" "strings" ) @@ -10,56 +10,23 @@ var ( sep = string(filepath.Separator) ) -// mkStoreWalkerFunc create a func to walk a (sub)store, i.e. list it's content -func mkStoreWalkerFunc(alias, folder string, fn func(...string)) func(string, os.FileInfo, error) error { - return func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() && strings.HasPrefix(info.Name(), ".") && path != folder { - return filepath.SkipDir - } - if info.IsDir() { - return nil - } - if path == folder { - return nil - } - if strings.HasPrefix(info.Name(), ".") { - return nil - } - if path == filepath.Join(folder, GPGID) { - return nil - } - if info.Mode()&os.ModeSymlink != 0 { - return nil - } - if !strings.HasSuffix(path, ".gpg") { - return nil - } - s := strings.TrimPrefix(path, folder+sep) - s = strings.TrimSuffix(s, ".gpg") - if alias != "" { - s = alias + sep + s - } - // make sure to always use forward slashes for internal gopass representation - s = filepath.ToSlash(s) - fn(s) - return nil - } -} - // List will list all entries in this store -func (s *Store) List(prefix string) ([]string, error) { - lst := make([]string, 0, 10) - addFunc := func(in ...string) { - lst = append(lst, in...) - } - - path, err := filepath.EvalSymlinks(s.path) +func (s *Store) List(ctx context.Context, prefix string) ([]string, error) { + lst, err := s.store.List(ctx, prefix) if err != nil { - return lst, err + return nil, err + } + out := make([]string, 0, len(lst)) + cExt := "." + s.crypto.Ext() + for _, path := range lst { + if !strings.HasSuffix(path, cExt) { + continue + } + path = strings.TrimSuffix(path, cExt) + if s.alias != "" { + path = s.alias + sep + path + } + out = append(out, path) } - err = filepath.Walk(path, mkStoreWalkerFunc(prefix, path, addFunc)) - return lst, err + return out, nil } diff --git a/store/sub/list_test.go b/store/sub/list_test.go index e150399db8..3a63c17f39 100644 --- a/store/sub/list_test.go +++ b/store/sub/list_test.go @@ -8,6 +8,7 @@ import ( "testing" gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend/store/fs" gitmock "github.com/justwatchcom/gopass/backend/sync/git/mock" "github.com/justwatchcom/gopass/store/secret" "github.com/justwatchcom/gopass/utils/out" @@ -70,10 +71,11 @@ func TestList(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } assert.NoError(t, s.saveRecipients(ctx, []string{"john.doe"}, "test", false)) @@ -83,7 +85,7 @@ func TestList(t *testing.T) { obuf.Reset() // run test case - out, err := s.List("") + out, err := s.List(ctx, "") assert.NoError(t, err) assert.Equal(t, tc.out, out) obuf.Reset() diff --git a/store/sub/move.go b/store/sub/move.go index 57c11c9230..4d64860648 100644 --- a/store/sub/move.go +++ b/store/sub/move.go @@ -3,12 +3,10 @@ package sub import ( "context" "fmt" - "os" "path/filepath" "strings" "github.com/justwatchcom/gopass/store" - "github.com/justwatchcom/gopass/utils/fsutil" "github.com/justwatchcom/gopass/utils/out" "github.com/pkg/errors" ) @@ -18,16 +16,16 @@ import ( // to make sure it's encrypted for the right set of recipients. func (s *Store) Copy(ctx context.Context, from, to string) error { // recursive copy? - if s.IsDir(from) { - if s.Exists(to) { + if s.IsDir(ctx, from) { + if s.Exists(ctx, to) { return errors.Errorf("Can not copy dir to file") } - sf, err := s.List("") + sf, err := s.List(ctx, "") if err != nil { return errors.Wrapf(err, "failed to list store") } destPrefix := to - if s.IsDir(to) { + if s.IsDir(ctx, to) { destPrefix = filepath.Join(to, filepath.Base(from)) } for _, e := range sf { @@ -58,16 +56,16 @@ func (s *Store) Copy(ctx context.Context, from, to string) error { // from the old location afterwards. func (s *Store) Move(ctx context.Context, from, to string) error { // recursive move? - if s.IsDir(from) { - if s.Exists(to) { + if s.IsDir(ctx, from) { + if s.Exists(ctx, to) { return errors.Errorf("Can not move dir to file") } - sf, err := s.List("") + sf, err := s.List(ctx, "") if err != nil { return errors.Wrapf(err, "failed to list store") } destPrefix := to - if s.IsDir(to) { + if s.IsDir(ctx, to) { destPrefix = filepath.Join(to, filepath.Base(from)) } for _, e := range sf { @@ -110,31 +108,34 @@ func (s *Store) Prune(ctx context.Context, tree string) error { // os.RemoveAll for the recursive mode. func (s *Store) delete(ctx context.Context, name string, recurse bool) error { path := s.passfile(name) - rf := os.Remove - if !recurse && !fsutil.IsFile(path) { + if !recurse && !s.store.Exists(ctx, path) { return store.ErrNotFound } - if recurse && !fsutil.IsFile(path) { - path = filepath.Join(s.path, name) - rf = os.RemoveAll - if !fsutil.IsDir(path) { - return store.ErrNotFound + if recurse && !s.store.IsDir(ctx, name) && !s.store.Exists(ctx, path) { + return store.ErrNotFound + } + + if recurse { + if err := s.store.Prune(ctx, name); err != nil { + return err } } - if err := rf(path); err != nil { - return errors.Errorf("Failed to remove secret: %v", err) + if err := s.store.Delete(ctx, path); err != nil { + if !recurse { + return err + } } - if err := s.git.Add(ctx, path); err != nil { + if err := s.sync.Add(ctx, path); err != nil { if errors.Cause(err) == store.ErrGitNotInit { return nil } return errors.Wrapf(err, "failed to add '%s' to git", path) } - if err := s.git.Commit(ctx, fmt.Sprintf("Remove %s from store.", name)); err != nil { + if err := s.sync.Commit(ctx, fmt.Sprintf("Remove %s from store.", name)); err != nil { if errors.Cause(err) == store.ErrGitNotInit { return nil } @@ -145,7 +146,7 @@ func (s *Store) delete(ctx context.Context, name string, recurse bool) error { return nil } - if err := s.git.Push(ctx, "", ""); err != nil { + if err := s.sync.Push(ctx, "", ""); err != nil { if errors.Cause(err) == store.ErrGitNotInit || errors.Cause(err) == store.ErrGitNoRemote { return nil } diff --git a/store/sub/move_test.go b/store/sub/move_test.go index 72ce221965..aea486ba88 100644 --- a/store/sub/move_test.go +++ b/store/sub/move_test.go @@ -8,6 +8,7 @@ import ( "testing" gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend/store/fs" gitmock "github.com/justwatchcom/gopass/backend/sync/git/mock" "github.com/justwatchcom/gopass/store/secret" "github.com/justwatchcom/gopass/utils/out" @@ -82,10 +83,11 @@ func TestCopy(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } assert.NoError(t, s.saveRecipients(ctx, []string{"john.doe"}, "test", false)) @@ -159,10 +161,11 @@ func TestMove(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } err = s.saveRecipients(ctx, []string{"john.doe"}, "test", false) @@ -215,10 +218,11 @@ func TestDelete(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } err = s.saveRecipients(ctx, []string{"john.doe"}, "test", false) @@ -292,10 +296,11 @@ func TestPrune(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } err = s.saveRecipients(ctx, []string{"john.doe"}, "test", false) diff --git a/store/sub/read.go b/store/sub/read.go index 7559335454..df3a63dd80 100644 --- a/store/sub/read.go +++ b/store/sub/read.go @@ -2,11 +2,9 @@ package sub import ( "context" - "strings" "github.com/justwatchcom/gopass/store" "github.com/justwatchcom/gopass/store/secret" - "github.com/justwatchcom/gopass/utils/fsutil" "github.com/justwatchcom/gopass/utils/out" ) @@ -14,17 +12,15 @@ import ( func (s *Store) Get(ctx context.Context, name string) (*secret.Secret, error) { p := s.passfile(name) - if !strings.HasPrefix(p, s.path) { - return nil, store.ErrSneaky - } - - if !fsutil.IsFile(p) { - out.Debug(ctx, "File %s not found", p) + ciphertext, err := s.store.Get(ctx, p) + if err != nil { + out.Debug(ctx, "File %s not found: %s", p, err) return nil, store.ErrNotFound } - content, err := s.gpg.Decrypt(ctx, p) + content, err := s.crypto.Decrypt(ctx, ciphertext) if err != nil { + out.Debug(ctx, "Decryption failed: %s", err) return nil, store.ErrDecrypt } diff --git a/store/sub/recipients.go b/store/sub/recipients.go index de4e23a51d..684f6dd115 100644 --- a/store/sub/recipients.go +++ b/store/sub/recipients.go @@ -5,8 +5,6 @@ import ( "bytes" "context" "fmt" - "io" - "io/ioutil" "os" "path/filepath" "sort" @@ -18,9 +16,9 @@ import ( ) const ( - keyDir = ".gpg-keys" - fileMode = 0600 - dirMode = 0700 + keyDir = ".public-keys" + oldKeyDir = ".gpg-keys" + dirMode = 0700 ) // Recipients returns the list of recipients of this store @@ -68,7 +66,7 @@ func (s *Store) SaveRecipients(ctx context.Context) error { // but if this key is not available on this machine we // just try to remove it literally func (s *Store) RemoveRecipient(ctx context.Context, id string) error { - keys, err := s.gpg.FindPublicKeys(ctx, id) + keys, err := s.crypto.FindPublicKeys(ctx, id) if err != nil { out.Cyan(ctx, "Warning: Failed to get GPG Key Info for %s: %s", id, err) } @@ -87,7 +85,7 @@ RECIPIENTS: // if the key is available locally we can also match the id against // the fingerprint for _, key := range keys { - if strings.HasSuffix(key.Fingerprint, k) { + if strings.HasSuffix(key, k) { continue RECIPIENTS } } @@ -109,11 +107,11 @@ RECIPIENTS: // (if any) func (s *Store) OurKeyID(ctx context.Context) string { for _, r := range s.Recipients(ctx) { - kl, err := s.gpg.FindPrivateKeys(ctx, r) + kl, err := s.crypto.FindPrivateKeys(ctx, r) if err != nil || len(kl) < 1 { continue } - return kl[0].Fingerprint + return kl[0] } return "" } @@ -121,26 +119,16 @@ func (s *Store) OurKeyID(ctx context.Context) string { // GetRecipients will load all Recipients from the .gpg-id file for the given // secret path func (s *Store) GetRecipients(ctx context.Context, name string) ([]string, error) { - idf := s.idFile(name) - - out.Debug(ctx, "GetRecipients(%s) - idfile: %s", name, idf) - // open recipient list (store/.gpg-id) - f, err := os.Open(idf) + buf, err := s.store.Get(ctx, s.idFile(ctx, name)) if err != nil { - return []string{}, err + return nil, errors.Wrapf(err, "failed to get recipients for %s", name) } - defer func() { - if err := f.Close(); err != nil { - out.Red(ctx, "Failed to close %s: %s", idf, err) - } - }() - - return unmarshalRecipients(f), nil + return unmarshalRecipients(buf), nil } // ExportMissingPublicKeys will export any possibly missing public keys to the -// stores .gpg-keys directory +// stores .public-keys directory func (s *Store) ExportMissingPublicKeys(ctx context.Context, rs []string) (bool, error) { ok := true exported := false @@ -156,7 +144,7 @@ func (s *Store) ExportMissingPublicKeys(ctx context.Context, rs []string) (bool, } // at least one key has been exported exported = true - if err := s.git.Add(ctx, path); err != nil { + if err := s.sync.Add(ctx, path); err != nil { if errors.Cause(err) == store.ErrGitNotInit { continue } @@ -164,7 +152,7 @@ func (s *Store) ExportMissingPublicKeys(ctx context.Context, rs []string) (bool, out.Red(ctx, "failed to add public key for '%s' to git: %s", r, err) continue } - if err := s.git.Commit(ctx, fmt.Sprintf("Exported Public Keys %s", r)); err != nil && err != store.ErrGitNothingToCommit { + if err := s.sync.Commit(ctx, fmt.Sprintf("Exported Public Keys %s", r)); err != nil && err != store.ErrGitNothingToCommit { ok = false out.Red(ctx, "Failed to git commit: %s", err) continue @@ -182,25 +170,18 @@ func (s *Store) saveRecipients(ctx context.Context, rs []string, msg string, exp return errors.New("can not remove all recipients") } - idf := s.idFile("") - - // filepath.Dir(s.idFile()) should equal s.path, but better safe than sorry - if err := os.MkdirAll(filepath.Dir(idf), dirMode); err != nil { - return errors.Wrapf(err, "failed to create directory for recipients") - } - - // save recipients to store/.gpg-id - if err := ioutil.WriteFile(idf, marshalRecipients(rs), fileMode); err != nil { + idf := s.idFile(ctx, "") + if err := s.store.Set(ctx, idf, marshalRecipients(rs)); err != nil { return errors.Wrapf(err, "failed to write recipients file") } - if err := s.git.Add(ctx, idf); err != nil { + if err := s.sync.Add(ctx, idf); err != nil { if err != store.ErrGitNotInit { return errors.Wrapf(err, "failed to add file '%s' to git", idf) } } - if err := s.git.Commit(ctx, msg); err != nil { + if err := s.sync.Commit(ctx, msg); err != nil { if err != store.ErrGitNotInit && err != store.ErrGitNothingToCommit { return errors.Wrapf(err, "failed to commit changes to git") } @@ -219,7 +200,7 @@ func (s *Store) saveRecipients(ctx context.Context, rs []string, msg string, exp } // push to remote repo - if err := s.git.Push(ctx, "", ""); err != nil { + if err := s.sync.Push(ctx, "", ""); err != nil { if errors.Cause(err) == store.ErrGitNotInit { return nil } @@ -263,9 +244,9 @@ func marshalRecipients(r []string) []byte { } // unmarshal Recipients line by line from a io.Reader. -func unmarshalRecipients(reader io.Reader) []string { +func unmarshalRecipients(buf []byte) []string { m := make(map[string]struct{}, 5) - scanner := bufio.NewScanner(reader) + scanner := bufio.NewScanner(bytes.NewReader(buf)) for scanner.Scan() { line := strings.TrimSpace(scanner.Text()) diff --git a/store/sub/recipients_test.go b/store/sub/recipients_test.go index 4130df9c33..9f11c2ffa1 100644 --- a/store/sub/recipients_test.go +++ b/store/sub/recipients_test.go @@ -11,7 +11,9 @@ import ( "strings" "testing" + "github.com/justwatchcom/gopass/backend" gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend/store/fs" gitmock "github.com/justwatchcom/gopass/backend/sync/git/mock" "github.com/justwatchcom/gopass/utils/out" "github.com/stretchr/testify/assert" @@ -36,10 +38,11 @@ func TestGetRecipientsDefault(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } assert.Equal(t, genRecs, s.Recipients(ctx)) @@ -67,17 +70,18 @@ func TestGetRecipientsSubID(t *testing.T) { assert.NoError(t, err) s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } recs, err := s.GetRecipients(ctx, "") assert.NoError(t, err) assert.Equal(t, genRecs, recs) - err = ioutil.WriteFile(filepath.Join(tempdir, "foo", "bar", GPGID), []byte("john.doe\n"), 0600) + err = ioutil.WriteFile(filepath.Join(tempdir, "foo", "bar", s.crypto.IDFile()), []byte("john.doe\n"), 0600) assert.NoError(t, err) recs, err = s.GetRecipients(ctx, "foo/bar/baz") @@ -104,19 +108,20 @@ func TestSaveRecipients(t *testing.T) { recp := []string{"john.doe"} s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } // remove recipients - _ = os.Remove(filepath.Join(tempdir, GPGID)) + _ = os.Remove(filepath.Join(tempdir, s.crypto.IDFile())) - err = s.saveRecipients(ctx, recp, "test-save-recipients", true) - assert.NoError(t, err) + assert.NoError(t, s.saveRecipients(ctx, recp, "test-save-recipients", true)) + assert.Error(t, s.saveRecipients(ctx, nil, "test-save-recipients", true)) - buf, err := ioutil.ReadFile(s.idFile("")) + buf, err := s.store.Get(ctx, s.idFile(ctx, "")) assert.NoError(t, err) foundRecs := []string{} @@ -157,10 +162,11 @@ func TestAddRecipient(t *testing.T) { }() s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } newRecp := "A3683834" @@ -195,10 +201,11 @@ func TestRemoveRecipient(t *testing.T) { }() s := &Store{ - alias: "", - path: tempdir, - gpg: gpgmock.New(), - git: gitmock.New(), + alias: "", + path: tempdir, + crypto: gpgmock.New(), + sync: gitmock.New(), + store: fs.New(tempdir), } err = s.RemoveRecipient(ctx, "0xDEADBEEF") @@ -227,14 +234,19 @@ func TestListRecipients(t *testing.T) { out.Stdout = os.Stdout }() + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") + ctx = backend.WithSyncBackendString(ctx, "gitmock") s, err := New( + ctx, "", tempdir, - gpgmock.New(), + tempdir, ) assert.NoError(t, err) rs, err := s.GetRecipients(ctx, "") assert.NoError(t, err) assert.Equal(t, genRecs, rs) + + assert.Equal(t, "0xDEADBEEF", s.OurKeyID(ctx)) } diff --git a/store/sub/store.go b/store/sub/store.go index 8b5b8ee2e1..5e458aed96 100644 --- a/store/sub/store.go +++ b/store/sub/store.go @@ -3,14 +3,19 @@ package sub import ( "context" "fmt" - "os" "path/filepath" - "strings" + "github.com/justwatchcom/gopass/backend" + gpgcli "github.com/justwatchcom/gopass/backend/crypto/gpg/cli" + gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend/crypto/xc" + "github.com/justwatchcom/gopass/backend/store/fs" + kvmock "github.com/justwatchcom/gopass/backend/store/kv/mock" gitcli "github.com/justwatchcom/gopass/backend/sync/git/cli" "github.com/justwatchcom/gopass/backend/sync/git/gogit" gitmock "github.com/justwatchcom/gopass/backend/sync/git/mock" "github.com/justwatchcom/gopass/store" + "github.com/justwatchcom/gopass/utils/agent/client" "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/fsutil" "github.com/justwatchcom/gopass/utils/out" @@ -18,51 +23,99 @@ import ( "github.com/pkg/errors" ) -const ( - // GPGID is the name of the file containing the recipient ids - GPGID = ".gpg-id" -) - // Store is password store type Store struct { - alias string - path string - gpg gpger - git giter + alias string + path string + crypto backend.Crypto + sync backend.Sync + store backend.Store } // New creates a new store, copying settings from the given root store -func New(alias string, path string, gpg gpger) (*Store, error) { +func New(ctx context.Context, alias, path string, cfgdir string) (*Store, error) { path = fsutil.CleanPath(path) s := &Store{ alias: alias, path: path, - gpg: gpg, - git: gitmock.New(), + sync: gitmock.New(), + } + + // init store backend + switch backend.GetStoreBackend(ctx) { + case backend.FS: + s.store = fs.New(path) + out.Debug(ctx, "Using Store Backend: fs") + case backend.KVMock: + s.store = kvmock.New() + out.Debug(ctx, "Using Store Backend: kvmock") + default: + return nil, fmt.Errorf("Unknown store backend") } - if gg := os.Getenv("GOPASS_EXPERIMENTAL_GOGIT"); gg != "" { + + // init sync backend + switch backend.GetSyncBackend(ctx) { + case backend.GoGit: + out.Cyan(ctx, "WARNING: Using experimental sync backend 'go-git'") git, err := gogit.Open(path) - if err == nil { - s.git = git + if err != nil { + out.Debug(ctx, "Failed to initialize sync backend 'gogit': %s", err) + } else { + s.sync = git + out.Debug(ctx, "Using Sync Backend: go-git") + } + case backend.GitCLI: + gpgBin, _ := gpgcli.Binary(ctx, "") + git, err := gitcli.Open(path, gpgBin) + if err != nil { + out.Debug(ctx, "Failed to initialize sync backend 'git': %s", err) + } else { + s.sync = git + out.Debug(ctx, "Using Sync Backend: git-cli") } - return s, nil + case backend.GitMock: + // no-op + out.Debug(ctx, "Using Sync Backend: git-mock") + default: + return nil, fmt.Errorf("Unknown Sync Backend") } - git, err := gitcli.Open(path, gpg.Binary()) - if err == nil { - s.git = git + // init crypto backend + switch backend.GetCryptoBackend(ctx) { + case backend.GPGCLI: + gpg, err := gpgcli.New(ctx, gpgcli.Config{ + Umask: fsutil.Umask(), + Args: gpgcli.GPGOpts(), + }) + if err != nil { + return nil, err + } + s.crypto = gpg + out.Debug(ctx, "Using Crypto Backend: gpg-cli") + case backend.XC: + //out.Red(ctx, "WARNING: Using highly experimental crypto backend!") + crypto, err := xc.New(cfgdir, client.New(cfgdir)) + if err != nil { + return nil, err + } + s.crypto = crypto + out.Debug(ctx, "Using Crypto Backend: xc") + case backend.GPGMock: + //out.Red(ctx, "WARNING: Using no-op crypto backend (NO ENCRYPTION)!") + s.crypto = gpgmock.New() + out.Debug(ctx, "Using Crypto Backend: gpg-mock") + default: + return nil, fmt.Errorf("no valid crypto backend selected") } + return s, nil } // idFile returns the path to the recipient list for this store // it walks up from the given filename until it finds a directory containing // a gpg id file or it leaves the scope of this store. -func (s *Store) idFile(name string) string { - fn, err := filepath.Abs(filepath.Join(s.path, name)) - if err != nil { - panic(err) - } +func (s *Store) idFile(ctx context.Context, name string) string { + fn := name var cnt uint8 for { cnt++ @@ -72,17 +125,13 @@ func (s *Store) idFile(name string) string { if fn == "" || fn == sep { break } - if !strings.HasPrefix(fn, s.path) { - break - } - gfn := filepath.Join(fn, GPGID) - fi, err := os.Stat(gfn) - if err == nil && !fi.IsDir() { + gfn := filepath.Join(fn, s.crypto.IDFile()) + if s.store.Exists(ctx, gfn) { return gfn } fn = filepath.Dir(fn) } - return fsutil.CleanPath(filepath.Join(s.path, GPGID)) + return s.crypto.IDFile() } // Equals returns true if this store has the same on-disk path as the other @@ -94,19 +143,13 @@ func (s *Store) Equals(other *Store) bool { } // IsDir returns true if the entry is folder inside the store -func (s *Store) IsDir(name string) bool { - return fsutil.IsDir(filepath.Join(s.path, name)) +func (s *Store) IsDir(ctx context.Context, name string) bool { + return s.store.IsDir(ctx, name) } // Exists checks the existence of a single entry -func (s *Store) Exists(name string) bool { - p := s.passfile(name) - - if !strings.HasPrefix(p, s.path) { - return false - } - - return fsutil.IsFile(p) +func (s *Store) Exists(ctx context.Context, name string) bool { + return s.store.Exists(ctx, s.passfile(name)) } func (s *Store) useableKeys(ctx context.Context, name string) ([]string, error) { @@ -119,24 +162,17 @@ func (s *Store) useableKeys(ctx context.Context, name string) ([]string, error) return rs, nil } - kl, err := s.gpg.FindPublicKeys(ctx, rs...) + kl, err := s.crypto.FindPublicKeys(ctx, rs...) if err != nil { return rs, err } - unusable := kl.UnusableKeys() - if len(unusable) > 0 { - out.Red(ctx, "Unusable public keys detected (IGNORING FOR ENCRYPTION):") - for _, k := range unusable { - out.Red(ctx, " - %s", k.OneLine()) - } - } - return kl.UseableKeys().Recipients(), nil + return kl, nil } // passfile returns the name of gpg file on disk, for the given key/name func (s *Store) passfile(name string) string { - return fsutil.CleanPath(filepath.Join(s.path, name) + ".gpg") + return name + "." + s.crypto.Ext() } // String implement fmt.Stringer @@ -144,13 +180,9 @@ func (s *Store) String() string { return fmt.Sprintf("Store(Alias: %s, Path: %s)", s.alias, s.path) } -func (s *Store) filenameToName(fn string) string { - return strings.TrimPrefix(strings.TrimSuffix(fn, ".gpg"), s.path+sep) -} - // reencrypt will re-encrypt all entries for the current recipients func (s *Store) reencrypt(ctx context.Context) error { - entries, err := s.List("") + entries, err := s.List(ctx, "") if err != nil { return errors.Wrapf(err, "failed to list store") } @@ -194,7 +226,7 @@ func (s *Store) reencrypt(ctx context.Context) error { } } - if err := s.git.Commit(ctx, GetReason(ctx)); err != nil { + if err := s.sync.Commit(ctx, GetReason(ctx)); err != nil { if errors.Cause(err) != store.ErrGitNotInit { return errors.Wrapf(err, "failed to commit changes to git") } @@ -208,7 +240,7 @@ func (s *Store) reencrypt(ctx context.Context) error { } func (s *Store) reencryptGitPush(ctx context.Context) error { - if err := s.git.Push(ctx, "", ""); err != nil { + if err := s.sync.Push(ctx, "", ""); err != nil { if errors.Cause(err) == store.ErrGitNotInit { msg := "Warning: git is not initialized for this store. Ignoring auto-push option\n" + "Run: gopass git init" @@ -235,3 +267,8 @@ func (s *Store) Path() string { func (s *Store) Alias() string { return s.alias } + +// Store returns the storage backend used by this store +func (s *Store) Store() backend.Store { + return s.store +} diff --git a/store/sub/store_test.go b/store/sub/store_test.go index f26ae9681b..98a7ff7a43 100644 --- a/store/sub/store_test.go +++ b/store/sub/store_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/store/secret" "github.com/stretchr/testify/assert" ) @@ -36,16 +36,23 @@ func createSubStore(dir string) (*Store, error) { if err := os.Setenv("GOPASS_NO_NOTIFY", "true"); err != nil { return nil, err } + if err := os.Setenv("GOPASS_DISABLE_ENCRYPTION", "true"); err != nil { + return nil, err + } gpgDir := filepath.Join(dir, ".gnupg") if err := os.Setenv("GNUPGHOME", gpgDir); err != nil { return nil, err } + ctx := context.Background() + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") + ctx = backend.WithSyncBackendString(ctx, "gitmock") return New( + ctx, "", sd, - gpgmock.New(), + sd, ) } @@ -72,7 +79,7 @@ func createStore(dir string, recipients, entries []string) ([]string, []string, return recipients, entries, err } } - err := ioutil.WriteFile(filepath.Join(dir, GPGID), []byte(strings.Join(recipients, "\n")), 0600) + err := ioutil.WriteFile(filepath.Join(dir, ".gpg-id"), []byte(strings.Join(recipients, "\n")), 0600) return recipients, entries, err } @@ -109,9 +116,9 @@ func TestIdFile(t *testing.T) { secName += "/a" } assert.NoError(t, s.Set(ctx, secName, secret.New("foo", "bar"))) - assert.NoError(t, ioutil.WriteFile(filepath.Join(tempdir, "sub", "a", GPGID), []byte("foobar"), 0600)) - assert.Equal(t, filepath.Join(tempdir, "sub", "a", GPGID), s.idFile(secName)) - assert.Equal(t, true, s.Exists(secName)) + assert.NoError(t, ioutil.WriteFile(filepath.Join(tempdir, "sub", "a", ".gpg-id"), []byte("foobar"), 0600)) + assert.Equal(t, filepath.Join("a", ".gpg-id"), s.idFile(ctx, secName)) + assert.Equal(t, true, s.Exists(ctx, secName)) // test abort condition secName = "a" @@ -119,6 +126,70 @@ func TestIdFile(t *testing.T) { secName += "/a" } assert.NoError(t, s.Set(ctx, secName, secret.New("foo", "bar"))) - assert.NoError(t, ioutil.WriteFile(filepath.Join(tempdir, "sub", "a", GPGID), []byte("foobar"), 0600)) - assert.Equal(t, filepath.Join(tempdir, "sub", GPGID), s.idFile(secName)) + assert.NoError(t, ioutil.WriteFile(filepath.Join(tempdir, "sub", "a", ".gpg-id"), []byte("foobar"), 0600)) + assert.Equal(t, ".gpg-id", s.idFile(ctx, secName)) +} + +func TestNew(t *testing.T) { + ctx := context.Background() + + tempdir, err := ioutil.TempDir("", "gopass-") + assert.NoError(t, err) + defer func() { + _ = os.RemoveAll(tempdir) + }() + + for _, tc := range []struct { + ctx context.Context + ok bool + }{ + { + ctx: backend.WithStoreBackend(ctx, backend.KVMock), + ok: true, + }, + { + ctx: backend.WithStoreBackend(ctx, -1), + ok: false, + }, + { + ctx: backend.WithSyncBackend(ctx, backend.GoGit), + ok: true, + }, + { + ctx: backend.WithSyncBackend(ctx, backend.GitCLI), + ok: true, + }, + { + ctx: backend.WithSyncBackend(ctx, backend.GitMock), + ok: true, + }, + { + ctx: backend.WithSyncBackend(ctx, -1), + ok: false, + }, + { + ctx: backend.WithCryptoBackend(ctx, backend.GPGCLI), + ok: true, + }, + { + ctx: backend.WithCryptoBackend(ctx, backend.XC), + ok: true, + }, + { + ctx: backend.WithCryptoBackend(ctx, backend.GPGMock), + ok: true, + }, + { + ctx: backend.WithCryptoBackend(ctx, -1), + ok: false, + }, + } { + s, err := New(tc.ctx, "", tempdir, tempdir) + if tc.ok { + assert.NoError(t, err) + assert.NotNil(t, s) + } else { + assert.Error(t, err) + } + } } diff --git a/store/sub/templates.go b/store/sub/templates.go index c0c00afa4e..84c4464d75 100644 --- a/store/sub/templates.go +++ b/store/sub/templates.go @@ -2,12 +2,12 @@ package sub import ( "context" - "io/ioutil" - "os" "path/filepath" + "sort" "strings" - "github.com/justwatchcom/gopass/utils/fsutil" + "github.com/justwatchcom/gopass/store" + "github.com/justwatchcom/gopass/utils/ctxutil" "github.com/justwatchcom/gopass/utils/out" "github.com/justwatchcom/gopass/utils/tree" "github.com/justwatchcom/gopass/utils/tree/simple" @@ -20,7 +20,7 @@ const ( ) // LookupTemplate will lookup and return a template -func (s *Store) LookupTemplate(name string) ([]byte, bool) { +func (s *Store) LookupTemplate(ctx context.Context, name string) ([]byte, bool) { // chop off one path element until we find something for { l1 := len(name) @@ -28,9 +28,9 @@ func (s *Store) LookupTemplate(name string) ([]byte, bool) { if len(name) == l1 { break } - tpl := filepath.Join(s.path, name, TemplateFile) - if fsutil.IsFile(tpl) { - if content, err := ioutil.ReadFile(tpl); err == nil { + tpl := filepath.Join(name, TemplateFile) + if s.store.Exists(ctx, tpl) { + if content, err := s.store.Get(ctx, tpl); err == nil { return content, true } } @@ -38,58 +38,27 @@ func (s *Store) LookupTemplate(name string) ([]byte, bool) { return []byte{}, false } -func mkTemplateStoreWalkerFunc(alias, folder string, fn func(...string)) func(string, os.FileInfo, error) error { - return func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() && strings.HasPrefix(info.Name(), ".") && path != folder { - return filepath.SkipDir - } - if info.IsDir() { - return nil - } - if info.Name() != TemplateFile { - return nil - } - if path == folder { - return nil - } - if info.Mode()&os.ModeSymlink != 0 { - return nil - } - s := strings.TrimPrefix(path, folder+sep) - s = strings.TrimSuffix(s, TemplateFile) - s = strings.TrimSuffix(s, sep) - if s == "" { - s = "default" - } - if alias != "" { - s = alias + sep + s - } - // make sure to always use forward slashes for internal gopass representation - s = filepath.ToSlash(s) - fn(s) - return nil - } -} - // ListTemplates will list all templates in this store func (s *Store) ListTemplates(ctx context.Context, prefix string) []string { - lst := make([]string, 0, 10) - addFunc := func(in ...string) { - lst = append(lst, in...) - } - - path, err := filepath.EvalSymlinks(s.path) + lst, err := s.store.List(ctx, prefix) if err != nil { - return lst + out.Debug(ctx, "failed to list templates: %s", err) + return nil } - if err := filepath.Walk(path, mkTemplateStoreWalkerFunc(prefix, path, addFunc)); err != nil { - out.Red(ctx, "Failed to list templates: %s", err) + tpls := make(map[string]struct{}, len(lst)) + for _, path := range lst { + if !strings.HasSuffix(path, TemplateFile) { + continue + } + path = strings.TrimSuffix(path, sep+TemplateFile) + tpls[path] = struct{}{} } - - return lst + out := make([]string, 0, len(tpls)) + for k := range tpls { + out = append(out, k) + } + sort.Strings(out) + return out } // TemplateTree returns a tree of all templates @@ -106,35 +75,59 @@ func (s *Store) TemplateTree(ctx context.Context) (tree.Tree, error) { // templatefile returns the name of the given template on disk func (s *Store) templatefile(name string) string { - return filepath.Join(s.path, name, TemplateFile) + return filepath.Join(name, TemplateFile) } // HasTemplate returns true if the template exists -func (s *Store) HasTemplate(name string) bool { - return fsutil.IsFile(s.templatefile(name)) +func (s *Store) HasTemplate(ctx context.Context, name string) bool { + return s.store.Exists(ctx, s.templatefile(name)) } // GetTemplate will return the content of the named template -func (s *Store) GetTemplate(name string) ([]byte, error) { - return ioutil.ReadFile(s.templatefile(name)) +func (s *Store) GetTemplate(ctx context.Context, name string) ([]byte, error) { + return s.store.Get(ctx, s.templatefile(name)) } // SetTemplate will (over)write the content to the template file -func (s *Store) SetTemplate(name string, content []byte) error { - tplFile := s.templatefile(name) - tplDir := filepath.Dir(tplFile) - if err := os.MkdirAll(tplDir, 0700); err != nil { - return err +func (s *Store) SetTemplate(ctx context.Context, name string, content []byte) error { + p := s.templatefile(name) + + if err := s.store.Set(ctx, p, content); err != nil { + return errors.Wrapf(err, "failed to write template") + } + + if err := s.sync.Add(ctx, p); err != nil { + if errors.Cause(err) == store.ErrGitNotInit { + return nil + } + return errors.Wrapf(err, "failed to add '%s' to git", p) + } + + if !ctxutil.IsGitCommit(ctx) { + return nil } - return ioutil.WriteFile(tplFile, content, 0600) + + return s.gitCommitAndPush(ctx, name) } // RemoveTemplate will delete the named template if it exists -func (s *Store) RemoveTemplate(name string) error { - t := s.templatefile(name) - if !fsutil.IsFile(t) { - return errors.Errorf("template not found") +func (s *Store) RemoveTemplate(ctx context.Context, name string) error { + p := s.templatefile(name) + + if err := s.store.Delete(ctx, p); err != nil { + return errors.Wrapf(err, "failed to remote template") + } + + if err := s.sync.Add(ctx, p); err != nil { + if errors.Cause(err) == store.ErrGitNotInit { + return nil + } + return errors.Wrapf(err, "failed to add '%s' to git", p) + } + + if !ctxutil.IsGitCommit(ctx) { + return nil } - return os.Remove(t) + return s.gitCommitAndPush(ctx, name) } diff --git a/store/sub/templates_test.go b/store/sub/templates_test.go index c053ac550b..f48c1a2187 100644 --- a/store/sub/templates_test.go +++ b/store/sub/templates_test.go @@ -7,7 +7,7 @@ import ( "testing" "github.com/fatih/color" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend" "github.com/stretchr/testify/assert" ) @@ -25,33 +25,36 @@ func TestTemplates(t *testing.T) { _, _, err = createStore(tempdir, nil, nil) assert.NoError(t, err) + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") + ctx = backend.WithSyncBackendString(ctx, "gitmock") s, err := New( + ctx, "", tempdir, - gpgmock.New(), + tempdir, ) assert.NoError(t, err) assert.Equal(t, 0, len(s.ListTemplates(ctx, ""))) - assert.NoError(t, s.SetTemplate("foo", []byte("foobar"))) + assert.NoError(t, s.SetTemplate(ctx, "foo", []byte("foobar"))) assert.Equal(t, 1, len(s.ListTemplates(ctx, ""))) tt, err := s.TemplateTree(ctx) assert.NoError(t, err) assert.Equal(t, "gopass\n└── foo\n", tt.Format(0)) - assert.Equal(t, true, s.HasTemplate("foo")) + assert.Equal(t, true, s.HasTemplate(ctx, "foo")) - b, err := s.GetTemplate("foo") + b, err := s.GetTemplate(ctx, "foo") assert.NoError(t, err) assert.Equal(t, "foobar", string(b)) - b, found := s.LookupTemplate("foo/bar") + b, found := s.LookupTemplate(ctx, "foo/bar") assert.Equal(t, true, found) assert.Equal(t, "foobar", string(b)) - assert.NoError(t, s.RemoveTemplate("foo")) + assert.NoError(t, s.RemoveTemplate(ctx, "foo")) assert.Equal(t, 0, len(s.ListTemplates(ctx, ""))) - assert.Error(t, s.RemoveTemplate("foo")) + assert.Error(t, s.RemoveTemplate(ctx, "foo")) } diff --git a/store/sub/write.go b/store/sub/write.go index 52dbe333dd..d2c16e3a36 100644 --- a/store/sub/write.go +++ b/store/sub/write.go @@ -22,11 +22,7 @@ func (s *Store) Set(ctx context.Context, name string, sec *secret.Secret) error p := s.passfile(name) - if !strings.HasPrefix(p, s.path) { - return store.ErrSneaky - } - - if s.IsDir(name) { + if s.IsDir(ctx, name) { return errors.Errorf("a folder named %s already exists", name) } @@ -47,11 +43,16 @@ func (s *Store) Set(ctx context.Context, name string, sec *secret.Secret) error return errors.Wrapf(err, "failed to encode secret") } - if err := s.gpg.Encrypt(ctx, p, buf, recipients); err != nil { + ciphertext, err := s.crypto.Encrypt(ctx, buf, recipients) + if err != nil { return store.ErrEncrypt } - if err := s.git.Add(ctx, p); err != nil { + if err := s.store.Set(ctx, p, ciphertext); err != nil { + return errors.Wrapf(err, "failed to write secret") + } + + if err := s.sync.Add(ctx, p); err != nil { if errors.Cause(err) == store.ErrGitNotInit { return nil } @@ -66,7 +67,7 @@ func (s *Store) Set(ctx context.Context, name string, sec *secret.Secret) error } func (s *Store) gitCommitAndPush(ctx context.Context, name string) error { - if err := s.git.Commit(ctx, fmt.Sprintf("Save secret to %s: %s", name, GetReason(ctx))); err != nil { + if err := s.sync.Commit(ctx, fmt.Sprintf("Save secret to %s: %s", name, GetReason(ctx))); err != nil { if errors.Cause(err) == store.ErrGitNotInit { return nil } @@ -77,7 +78,7 @@ func (s *Store) gitCommitAndPush(ctx context.Context, name string) error { return nil } - if err := s.git.Push(ctx, "", ""); err != nil { + if err := s.sync.Push(ctx, "", ""); err != nil { if errors.Cause(err) == store.ErrGitNotInit { msg := "Warning: git is not initialized for this store. Ignoring auto-push option\n" + "Run: gopass git init" diff --git a/tests/copy_test.go b/tests/copy_test.go index b8aa43b99e..5954e88c51 100644 --- a/tests/copy_test.go +++ b/tests/copy_test.go @@ -30,7 +30,6 @@ func TestCopy(t *testing.T) { ts.initSecrets("") - // TODO: foo is a directory to be copied, which doesn't work out, err = ts.run("copy foo bar") assert.Error(t, err) assert.Equal(t, "\nError: foo does not exist\n", out) diff --git a/tests/gptest/unit.go b/tests/gptest/unit.go index 1699a73b7d..8b51c65abe 100644 --- a/tests/gptest/unit.go +++ b/tests/gptest/unit.go @@ -16,6 +16,8 @@ autoimport: true autosync: true cliptimeout: 45 noconfirm: true +cryptobackend: gpgmock +syncbackend: gitmock safecontent: true` ) @@ -54,6 +56,7 @@ func NewUnitTester(t *testing.T) *Unit { "CHECKPOINT_DISABLE": "true", "GNUPGHOME": u.GPGHome(), "GOPASS_CONFIG": u.GPConfig(), + "GOPASS_DISABLE_ENCRYPTION": "true", "GOPASS_EXPERIMENTAL_GOGIT": "", "GOPASS_HOMEDIR": u.Dir, "GOPASS_NOCOLOR": "true", @@ -61,7 +64,7 @@ func NewUnitTester(t *testing.T) *Unit { "PAGER": "", } assert.NoError(t, setupEnv(u.env)) - assert.NoError(t, os.Mkdir(u.GPGHome(), 0600)) + assert.NoError(t, os.Mkdir(u.GPGHome(), 0700)) assert.NoError(t, u.initConfig()) assert.NoError(t, u.InitStore("")) diff --git a/tests/tester.go b/tests/tester.go index 7318a24c71..292c7d208e 100644 --- a/tests/tester.go +++ b/tests/tester.go @@ -21,12 +21,16 @@ import ( ) const ( - gopassConfig = `askformore: false -autoimport: true -autosync: false -cliptimeout: 45 -noconfirm: true -safecontent: true` + gopassConfig = `root: + askformore: false + autoimport: true + autosync: false + cliptimeout: 45 + cryptobackend: gpg + noconfirm: true + syncbackend: gitmock + safecontent: true +` keyID = "BE73F104" ) @@ -79,7 +83,7 @@ func newTester(t *testing.T) *tester { assert.NoError(t, os.Setenv("GOPASS_NO_NOTIFY", "true")) // write config - if err := ioutil.WriteFile(ts.gopassConfig(), []byte(gopassConfig+"\npath: "+ts.storeDir("")+"\n"), 0600); err != nil { + if err := ioutil.WriteFile(ts.gopassConfig(), []byte(gopassConfig+"\n path: "+ts.storeDir("")+"\n"), 0600); err != nil { t.Fatalf("Failed to write gopass config to %s: %s", ts.gopassConfig(), err) } diff --git a/tests/uninitialized_test.go b/tests/uninitialized_test.go index b8cb126537..d94dc3a82b 100644 --- a/tests/uninitialized_test.go +++ b/tests/uninitialized_test.go @@ -18,7 +18,6 @@ func TestUninitialized(t *testing.T) { "edit", "find", "generate", - "git", "grep", "insert", "list", diff --git a/utils/agent/agent.go b/utils/agent/agent.go new file mode 100644 index 0000000000..6de2e4904a --- /dev/null +++ b/utils/agent/agent.go @@ -0,0 +1,125 @@ +package agent + +import ( + "fmt" + "net" + "net/http" + "os" + "path/filepath" + "time" + + "github.com/justwatchcom/gopass/utils/agent/client" + "github.com/justwatchcom/gopass/utils/pinentry" +) + +type piner interface { + Close() + Confirm() bool + Set(string, string) error + GetPin() ([]byte, error) +} + +// Agent is a gopass agent +type Agent struct { + socket string + testing bool + server *http.Server + cache *cache + pinentry func() (piner, error) +} + +// New creates a new agent +func New(dir string) *Agent { + a := &Agent{ + socket: filepath.Join(dir, ".gopass-agent.sock"), + cache: &cache{ + ttl: time.Hour, + maxTTL: 24 * time.Hour, + }, + pinentry: func() (piner, error) { + return pinentry.New() + }, + } + mux := http.NewServeMux() + mux.HandleFunc("/ping", a.servePing) + mux.HandleFunc("/passphrase", a.servePassphrase) + mux.HandleFunc("/cache/remove", a.serveRemove) + mux.HandleFunc("/cache/purge", a.servePurge) + a.server = &http.Server{ + Handler: mux, + } + return a +} + +// NewForTesting creates a new agent for testing +func NewForTesting(dir, key, pass string) *Agent { + a := New(dir) + a.cache.set(key, pass) + a.testing = true + return a +} + +// ListenAndServe starts listening and blocks +func (a *Agent) ListenAndServe() error { + lis, err := net.Listen("unix", a.socket) + if err != nil { + if err := client.New(filepath.Dir(a.socket)).Ping(); err == nil { + return fmt.Errorf("agent already running") + } + if err := os.Remove(a.socket); err != nil { + return err + } + lis, err = net.Listen("unix", a.socket) + if err != nil { + return err + } + } + return a.server.Serve(lis) +} + +func (a *Agent) servePing(w http.ResponseWriter, r *http.Request) { + fmt.Fprintf(w, "OK") +} + +func (a *Agent) serveRemove(w http.ResponseWriter, r *http.Request) { + key := r.URL.Query().Get("key") + if !a.testing { + a.cache.remove(key) + } + fmt.Fprintf(w, "OK") +} + +func (a *Agent) servePurge(w http.ResponseWriter, r *http.Request) { + if !a.testing { + a.cache.purge() + } + fmt.Fprintf(w, "OK") +} + +func (a *Agent) servePassphrase(w http.ResponseWriter, r *http.Request) { + key := r.URL.Query().Get("key") + reason := r.URL.Query().Get("reason") + + if pass, found := a.cache.get(key); found || a.testing { + fmt.Fprintf(w, pass) + return + } + + pi, err := a.pinentry() + if err != nil { + http.Error(w, fmt.Sprintf("Pinentry Error: %s", err), http.StatusInternalServerError) + return + } + defer pi.Close() + _ = pi.Set("title", "gopass Agent") + _ = pi.Set("desc", "Need your passphrase "+reason) + _ = pi.Set("prompt", "Please enter your passphrase:") + _ = pi.Set("ok", "OK") + pw, err := pi.GetPin() + if err != nil { + http.Error(w, fmt.Sprintf("Pinentry Error: %s", err), http.StatusInternalServerError) + return + } + a.cache.set(key, string(pw)) + fmt.Fprintf(w, string(pw)) +} diff --git a/utils/agent/agent_test.go b/utils/agent/agent_test.go new file mode 100644 index 0000000000..12db88b42d --- /dev/null +++ b/utils/agent/agent_test.go @@ -0,0 +1,68 @@ +package agent + +import ( + "net/http" + "net/http/httptest" + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +type fakePinentry struct { + pin []byte +} + +func (f *fakePinentry) Close() {} +func (f *fakePinentry) Confirm() bool { + return true +} +func (f *fakePinentry) Set(key, value string) error { + return nil +} +func (f *fakePinentry) GetPin() ([]byte, error) { + return f.pin, nil +} + +func TestServePing(t *testing.T) { + w := httptest.NewRecorder() + r, err := http.NewRequest("GET", "/", nil) + assert.NoError(t, err) + a := New(os.TempDir()) + + a.servePing(w, r) + assert.Equal(t, "OK", w.Body.String()) +} + +func TestServeRemove(t *testing.T) { + w := httptest.NewRecorder() + r, err := http.NewRequest("GET", "/?key=foo", nil) + assert.NoError(t, err) + a := New(os.TempDir()) + + a.serveRemove(w, r) + assert.Equal(t, "OK", w.Body.String()) +} + +func TestServePurge(t *testing.T) { + w := httptest.NewRecorder() + r, err := http.NewRequest("GET", "/", nil) + assert.NoError(t, err) + a := New(os.TempDir()) + + a.serveRemove(w, r) + assert.Equal(t, "OK", w.Body.String()) +} + +func TestServePassphrase(t *testing.T) { + w := httptest.NewRecorder() + r, err := http.NewRequest("GET", "/?key=foo&reason=bar", nil) + assert.NoError(t, err) + a := New(os.TempDir()) + a.pinentry = func() (piner, error) { + return &fakePinentry{[]byte("foobar")}, nil + } + + a.servePassphrase(w, r) + assert.Equal(t, "foobar", w.Body.String()) +} diff --git a/utils/agent/cache.go b/utils/agent/cache.go new file mode 100644 index 0000000000..0cf123fbb5 --- /dev/null +++ b/utils/agent/cache.go @@ -0,0 +1,93 @@ +package agent + +import ( + "sync" + "time" +) + +type cacheEntry struct { + value string + maxExpire time.Time + expire time.Time + created time.Time +} + +func (ce *cacheEntry) isExpired() bool { + if time.Now().After(ce.maxExpire) { + return true + } + if time.Now().After(ce.expire) { + return true + } + return false +} + +type cache struct { + sync.Mutex + ttl time.Duration + maxTTL time.Duration + entries map[string]cacheEntry +} + +func (c *cache) get(key string) (string, bool) { + c.Lock() + defer c.Unlock() + + if c.entries == nil { + return "", false + } + + ce, found := c.entries[key] + if !found { + // not found + return "", false + } + if ce.isExpired() { + // expired + return "", false + } + ce.expire = time.Now().Add(c.ttl) + c.entries[key] = ce + return ce.value, true +} + +func (c *cache) purgeExpired() { + for k, ce := range c.entries { + if ce.isExpired() { + delete(c.entries, k) + } + } +} + +func (c *cache) set(key, value string) { + c.Lock() + defer c.Unlock() + + if c.entries == nil { + c.entries = make(map[string]cacheEntry, 10) + } + + now := time.Now() + c.entries[key] = cacheEntry{ + value: value, + maxExpire: now.Add(c.maxTTL), + expire: now.Add(c.ttl), + created: now, + } + + c.purgeExpired() +} + +func (c *cache) remove(key string) { + c.Lock() + defer c.Unlock() + + delete(c.entries, key) +} + +func (c *cache) purge() { + c.Lock() + defer c.Unlock() + + c.entries = make(map[string]cacheEntry, 10) +} diff --git a/utils/agent/cache_test.go b/utils/agent/cache_test.go new file mode 100644 index 0000000000..9a4a9cbba8 --- /dev/null +++ b/utils/agent/cache_test.go @@ -0,0 +1,55 @@ +package agent + +import ( + "testing" + "time" + + "github.com/stretchr/testify/assert" +) + +func TestCache(t *testing.T) { + c := &cache{ + ttl: 10 * time.Millisecond, + maxTTL: 50 * time.Millisecond, + } + + val, found := c.get("foo") + assert.Equal(t, "", val) + assert.Equal(t, false, found) + + c.set("foo", "bar") + val, found = c.get("foo") + assert.Equal(t, "bar", val) + assert.Equal(t, true, found) + + time.Sleep(5 * time.Millisecond) + val, found = c.get("foo") + assert.Equal(t, "bar", val) + assert.Equal(t, true, found) + + time.Sleep(12 * time.Millisecond) + val, found = c.get("foo") + assert.Equal(t, "", val) + assert.Equal(t, false, found) + + c.set("bar", "baz") + val, found = c.get("bar") + assert.Equal(t, "baz", val) + assert.Equal(t, true, found) + + c.remove("bar") + val, found = c.get("bar") + assert.Equal(t, "", val) + assert.Equal(t, false, found) + + c.set("foo", "bar") + c.set("bar", "baz") + val, found = c.get("bar") + assert.Equal(t, "baz", val) + assert.Equal(t, true, found) + + c.purge() + val, found = c.get("bar") + assert.Equal(t, "", val) + assert.Equal(t, false, found) +} diff --git a/utils/agent/client/client.go b/utils/agent/client/client.go new file mode 100644 index 0000000000..07e8735346 --- /dev/null +++ b/utils/agent/client/client.go @@ -0,0 +1,113 @@ +package client + +import ( + "bytes" + "context" + "fmt" + "io" + "net" + "net/http" + "net/url" + "path/filepath" + "time" + + "github.com/cenk/backoff" + "github.com/pkg/errors" +) + +// Client is a agent client +type Client struct { + http http.Client +} + +// New creates a new client +func New(dir string) *Client { + socket := filepath.Join(dir, ".gopass-agent.sock") + return &Client{ + http: http.Client{ + Transport: &http.Transport{ + DialContext: func(context.Context, string, string) (net.Conn, error) { + return net.Dial("unix", socket) + }, + }, + Timeout: 30 * time.Second, + }, + } +} + +// Ping checks connectivity to the agent +func (c *Client) Ping() error { + resp, err := c.http.Get("http://unix/ping") + if err != nil { + return err + } + _ = resp.Body.Close() + return nil +} + +func (c *Client) waitForAgent() error { + bo := backoff.NewExponentialBackOff() + bo.MaxElapsedTime = 60 * time.Second + return backoff.Retry(c.Ping, bo) +} + +// Remove un-caches a single key +func (c *Client) Remove(key string) error { + u, err := url.Parse("http://unix/cache/remove") + if err != nil { + return errors.Wrapf(err, "failed to build request url") + } + + values := u.Query() + values.Set("key", key) + u.RawQuery = values.Encode() + + resp, err := c.http.Get(u.String()) + if err != nil { + return errors.Wrapf(err, "failed to talk to agent") + } + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode != http.StatusOK { + return fmt.Errorf("request failed: %d", resp.StatusCode) + } + + return nil +} + +// Passphrase asks for a passphrase from the agent +func (c *Client) Passphrase(key, reason string) (string, error) { + if err := c.Ping(); err != nil { + if err := c.startAgent(); err != nil { + return "", errors.Wrapf(err, "failed to start agent") + } + if err := c.waitForAgent(); err != nil { + return "", errors.Wrapf(err, "failed to start agent (expired)") + } + } + + u, err := url.Parse("http://unix/passphrase") + if err != nil { + return "", errors.Wrapf(err, "failed to build request url") + } + values := u.Query() + values.Set("key", key) + values.Set("reason", reason) + u.RawQuery = values.Encode() + + resp, err := c.http.Get(u.String()) + if err != nil { + return "", errors.Wrapf(err, "failed to talk to agent") + } + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode != http.StatusOK { + return "", fmt.Errorf("request failed: %d", resp.StatusCode) + } + + buf := &bytes.Buffer{} + if _, err := io.Copy(buf, resp.Body); err != nil { + return "", errors.Wrapf(err, "failed to talk to agent") + } + return buf.String(), nil +} diff --git a/utils/agent/client/client_others.go b/utils/agent/client/client_others.go new file mode 100644 index 0000000000..9bf194249b --- /dev/null +++ b/utils/agent/client/client_others.go @@ -0,0 +1,24 @@ +// +build !windows + +package client + +import ( + "os" + "os/exec" + "syscall" +) + +func (c *Client) startAgent() error { + path, err := os.Executable() + if err != nil { + return err + } + + cmd := exec.Command(path, "agent") + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + cmd.SysProcAttr = &syscall.SysProcAttr{ + Setpgid: true, + } + return cmd.Start() +} diff --git a/utils/agent/client/client_windows.go b/utils/agent/client/client_windows.go new file mode 100644 index 0000000000..d5828571e7 --- /dev/null +++ b/utils/agent/client/client_windows.go @@ -0,0 +1,33 @@ +// +build windows + +package client + +import ( + "os" + "os/exec" + "syscall" +) + +const ( + // CREATE_NEW_PROCESS_GROUP is like Setpgid on UNIX + // https://msdn.microsoft.com/en-us/library/windows/desktop/ms684863(v=vs.85).aspx + CREATE_NEW_PROCESS_GROUP = 0x00000200 + // DETACHED_PROCESS does not inherit the parent console + DETACHED_PROCESS = 0x00000008 +) + +func (c *Client) startAgent() error { + path, err := os.Executable() + if err != nil { + return err + } + + cmd := exec.Command(path, "agent") + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + cmd.SysProcAttr = &syscall.SysProcAttr{ + HideWindow: true, + CreationFlags: CREATE_NEW_PROCESS_GROUP | DETACHED_PROCESS, + } + return cmd.Start() +} diff --git a/utils/fsutil/umask.go b/utils/fsutil/umask.go new file mode 100644 index 0000000000..1e98af135a --- /dev/null +++ b/utils/fsutil/umask.go @@ -0,0 +1,18 @@ +package fsutil + +import ( + "os" + "strconv" +) + +// Umask extracts the umask from env +func Umask() int { + for _, en := range []string{"GOPASS_UMASK", "PASSWORD_STORE_UMASK"} { + if um := os.Getenv(en); um != "" { + if iv, err := strconv.ParseInt(um, 8, 32); err == nil && iv >= 0 && iv <= 0777 { + return int(iv) + } + } + } + return 077 +} diff --git a/utils/fsutil/umask_test.go b/utils/fsutil/umask_test.go new file mode 100644 index 0000000000..a269512bcb --- /dev/null +++ b/utils/fsutil/umask_test.go @@ -0,0 +1,23 @@ +package fsutil + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestUmask(t *testing.T) { + for _, vn := range []string{"GOPASS_UMASK", "PASSWORD_STORE_UMASK"} { + for in, out := range map[string]int{ + "002": 02, + "0777": 0777, + "000": 0, + "07557575": 077, + } { + assert.NoError(t, os.Setenv(vn, in)) + assert.Equal(t, out, Umask()) + assert.NoError(t, os.Unsetenv(vn)) + } + } +} diff --git a/utils/jsonapi/api_test.go b/utils/jsonapi/api_test.go index 76a8c82872..f5e795eac6 100644 --- a/utils/jsonapi/api_test.go +++ b/utils/jsonapi/api_test.go @@ -12,11 +12,10 @@ import ( "strings" "testing" - gpgmock "github.com/justwatchcom/gopass/backend/crypto/gpg/mock" + "github.com/justwatchcom/gopass/backend" "github.com/justwatchcom/gopass/config" "github.com/justwatchcom/gopass/store/root" "github.com/justwatchcom/gopass/store/secret" - "github.com/justwatchcom/gopass/store/sub" "github.com/stretchr/testify/assert" ) @@ -188,6 +187,8 @@ func runRespondRawMessages(t *testing.T, requests []verifiedRequest, secrets []s _ = os.RemoveAll(tempdir) }() + assert.NoError(t, os.Setenv("GOPASS_DISABLE_ENCRYPTION", "true")) + ctx = backend.WithCryptoBackendString(ctx, "gpgmock") store, err := root.New( ctx, &config.Config{ @@ -195,7 +196,6 @@ func runRespondRawMessages(t *testing.T, requests []verifiedRequest, secrets []s Path: tempdir, }, }, - gpgmock.New(), ) assert.NoError(t, err) @@ -242,7 +242,7 @@ func populateStore(dir string, secrets []storedSecret) error { return err } } - return ioutil.WriteFile(filepath.Join(dir, sub.GPGID), []byte(strings.Join(recipients, "\n")), 0600) + return ioutil.WriteFile(filepath.Join(dir, ".gpg-id"), []byte(strings.Join(recipients, "\n")), 0600) } func readAndVerifyMessageLength(t *testing.T, rawMessage []byte) string { diff --git a/utils/pinentry/pinentry.go b/utils/pinentry/pinentry.go new file mode 100644 index 0000000000..eda9236194 --- /dev/null +++ b/utils/pinentry/pinentry.go @@ -0,0 +1,109 @@ +package pinentry + +import ( + "bufio" + "bytes" + "fmt" + "io" + "os/exec" + "strings" +) + +// Client is a pinentry client +type Client struct { + cmd *exec.Cmd + in io.WriteCloser + out *bufio.Reader +} + +// New creates a new pinentry client +func New() (*Client, error) { + cmd := exec.Command(GetBinary()) + stdin, err := cmd.StdinPipe() + if err != nil { + return nil, err + } + + stdout, err := cmd.StdoutPipe() + if err != nil { + return nil, err + } + + br := bufio.NewReader(stdout) + if err := cmd.Start(); err != nil { + return nil, err + } + + // check welcome message + banner, _, err := br.ReadLine() + if err != nil { + return nil, err + } + if !bytes.HasPrefix(banner, []byte("OK")) { + return nil, fmt.Errorf("wrong banner: %s", banner) + } + + cl := &Client{ + cmd: cmd, + in: stdin, + out: br, + } + + return cl, nil +} + +// Close closes the client +func (c *Client) Close() { + _ = c.in.Close() +} + +// Confirm sends the confirm message +func (c *Client) Confirm() bool { + if err := c.Set("confirm", ""); err == nil { + return true + } + return false +} + +// Set sets a key +func (c *Client) Set(key, value string) error { + key = strings.ToUpper(key) + if value != "" { + value = " " + value + } + val := "SET" + key + value + "\n" + if _, err := c.in.Write([]byte(val)); err != nil { + return err + } + line, _, _ := c.out.ReadLine() + if string(line) != "OK" { + return fmt.Errorf("Error: %s", line) + } + return nil +} + +// GetPin asks for the pin +func (c *Client) GetPin() ([]byte, error) { + if _, err := c.in.Write([]byte("GETPIN\n")); err != nil { + return nil, err + } + pin, _, err := c.out.ReadLine() + if err != nil { + return nil, err + } + if bytes.HasPrefix(pin, []byte("OK")) { + return nil, nil + } + if !bytes.HasPrefix(pin, []byte("D ")) { + return nil, fmt.Errorf("unexpected response: %s", pin) + } + + ok, _, err := c.out.ReadLine() + if err != nil { + return nil, err + } + if !bytes.HasPrefix(ok, []byte("OK")) { + return nil, fmt.Errorf("unexpected response: %s", ok) + } + return pin[2:], nil +} diff --git a/utils/pinentry/pinentry_darwin.go b/utils/pinentry/pinentry_darwin.go new file mode 100644 index 0000000000..377899f3e4 --- /dev/null +++ b/utils/pinentry/pinentry_darwin.go @@ -0,0 +1,8 @@ +// +build darwin + +package pinentry + +// GetBinary always returns pinentry-mac +func GetBinary() string { + return "pinentry-mac" +} diff --git a/utils/pinentry/pinentry_others.go b/utils/pinentry/pinentry_others.go new file mode 100644 index 0000000000..a2290caa9d --- /dev/null +++ b/utils/pinentry/pinentry_others.go @@ -0,0 +1,8 @@ +// +build !darwin,!windows + +package pinentry + +// GetBinary returns the binary name +func GetBinary() string { + return "pinentry" +} diff --git a/utils/pinentry/pinentry_test.go b/utils/pinentry/pinentry_test.go new file mode 100644 index 0000000000..9b508def43 --- /dev/null +++ b/utils/pinentry/pinentry_test.go @@ -0,0 +1,19 @@ +package pinentry + +import "fmt" + +func ExampleClient() { + pi, err := New() + if err != nil { + panic(err) + } + _ = pi.Set("title", "Agent Pinentry") + _ = pi.Set("desc", "Asking for a passphrase") + _ = pi.Set("prompt", "Please enter your passphrase:") + _ = pi.Set("ok", "OK") + pin, err := pi.GetPin() + if err != nil { + panic(err) + } + fmt.Println(string(pin)) +} diff --git a/utils/pinentry/pinentry_windows.go b/utils/pinentry/pinentry_windows.go new file mode 100644 index 0000000000..13ac88058a --- /dev/null +++ b/utils/pinentry/pinentry_windows.go @@ -0,0 +1,8 @@ +// +build windows + +package pinentry + +// GetBinary always returns pinentry.exe +func GetBinary() string { + return "pinentry.exe" +} diff --git a/vendor/github.com/cenk/backoff/LICENSE b/vendor/github.com/cenk/backoff/LICENSE new file mode 100644 index 0000000000..89b8179965 --- /dev/null +++ b/vendor/github.com/cenk/backoff/LICENSE @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2014 Cenk Altı + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/vendor/github.com/cenk/backoff/README.md b/vendor/github.com/cenk/backoff/README.md new file mode 100644 index 0000000000..13b347fb95 --- /dev/null +++ b/vendor/github.com/cenk/backoff/README.md @@ -0,0 +1,30 @@ +# Exponential Backoff [![GoDoc][godoc image]][godoc] [![Build Status][travis image]][travis] [![Coverage Status][coveralls image]][coveralls] + +This is a Go port of the exponential backoff algorithm from [Google's HTTP Client Library for Java][google-http-java-client]. + +[Exponential backoff][exponential backoff wiki] +is an algorithm that uses feedback to multiplicatively decrease the rate of some process, +in order to gradually find an acceptable rate. +The retries exponentially increase and stop increasing when a certain threshold is met. + +## Usage + +See https://godoc.org/github.com/cenkalti/backoff#pkg-examples + +## Contributing + +* I would like to keep this library as small as possible. +* Please don't send a PR without opening an issue and discussing it first. +* If proposed change is not a common use case, I will probably not accept it. + +[godoc]: https://godoc.org/github.com/cenkalti/backoff +[godoc image]: https://godoc.org/github.com/cenkalti/backoff?status.png +[travis]: https://travis-ci.org/cenkalti/backoff +[travis image]: https://travis-ci.org/cenkalti/backoff.png?branch=master +[coveralls]: https://coveralls.io/github/cenkalti/backoff?branch=master +[coveralls image]: https://coveralls.io/repos/github/cenkalti/backoff/badge.svg?branch=master + +[google-http-java-client]: https://github.com/google/google-http-java-client +[exponential backoff wiki]: http://en.wikipedia.org/wiki/Exponential_backoff + +[advanced example]: https://godoc.org/github.com/cenkalti/backoff#example_ diff --git a/vendor/github.com/cenk/backoff/backoff.go b/vendor/github.com/cenk/backoff/backoff.go new file mode 100644 index 0000000000..2102c5f2de --- /dev/null +++ b/vendor/github.com/cenk/backoff/backoff.go @@ -0,0 +1,66 @@ +// Package backoff implements backoff algorithms for retrying operations. +// +// Use Retry function for retrying operations that may fail. +// If Retry does not meet your needs, +// copy/paste the function into your project and modify as you wish. +// +// There is also Ticker type similar to time.Ticker. +// You can use it if you need to work with channels. +// +// See Examples section below for usage examples. +package backoff + +import "time" + +// BackOff is a backoff policy for retrying an operation. +type BackOff interface { + // NextBackOff returns the duration to wait before retrying the operation, + // or backoff.Stop to indicate that no more retries should be made. + // + // Example usage: + // + // duration := backoff.NextBackOff(); + // if (duration == backoff.Stop) { + // // Do not retry operation. + // } else { + // // Sleep for duration and retry operation. + // } + // + NextBackOff() time.Duration + + // Reset to initial state. + Reset() +} + +// Stop indicates that no more retries should be made for use in NextBackOff(). +const Stop time.Duration = -1 + +// ZeroBackOff is a fixed backoff policy whose backoff time is always zero, +// meaning that the operation is retried immediately without waiting, indefinitely. +type ZeroBackOff struct{} + +func (b *ZeroBackOff) Reset() {} + +func (b *ZeroBackOff) NextBackOff() time.Duration { return 0 } + +// StopBackOff is a fixed backoff policy that always returns backoff.Stop for +// NextBackOff(), meaning that the operation should never be retried. +type StopBackOff struct{} + +func (b *StopBackOff) Reset() {} + +func (b *StopBackOff) NextBackOff() time.Duration { return Stop } + +// ConstantBackOff is a backoff policy that always returns the same backoff delay. +// This is in contrast to an exponential backoff policy, +// which returns a delay that grows longer as you call NextBackOff() over and over again. +type ConstantBackOff struct { + Interval time.Duration +} + +func (b *ConstantBackOff) Reset() {} +func (b *ConstantBackOff) NextBackOff() time.Duration { return b.Interval } + +func NewConstantBackOff(d time.Duration) *ConstantBackOff { + return &ConstantBackOff{Interval: d} +} diff --git a/vendor/github.com/cenk/backoff/context.go b/vendor/github.com/cenk/backoff/context.go new file mode 100644 index 0000000000..5d15709254 --- /dev/null +++ b/vendor/github.com/cenk/backoff/context.go @@ -0,0 +1,60 @@ +package backoff + +import ( + "time" + + "golang.org/x/net/context" +) + +// BackOffContext is a backoff policy that stops retrying after the context +// is canceled. +type BackOffContext interface { + BackOff + Context() context.Context +} + +type backOffContext struct { + BackOff + ctx context.Context +} + +// WithContext returns a BackOffContext with context ctx +// +// ctx must not be nil +func WithContext(b BackOff, ctx context.Context) BackOffContext { + if ctx == nil { + panic("nil context") + } + + if b, ok := b.(*backOffContext); ok { + return &backOffContext{ + BackOff: b.BackOff, + ctx: ctx, + } + } + + return &backOffContext{ + BackOff: b, + ctx: ctx, + } +} + +func ensureContext(b BackOff) BackOffContext { + if cb, ok := b.(BackOffContext); ok { + return cb + } + return WithContext(b, context.Background()) +} + +func (b *backOffContext) Context() context.Context { + return b.ctx +} + +func (b *backOffContext) NextBackOff() time.Duration { + select { + case <-b.Context().Done(): + return Stop + default: + return b.BackOff.NextBackOff() + } +} diff --git a/vendor/github.com/cenk/backoff/exponential.go b/vendor/github.com/cenk/backoff/exponential.go new file mode 100644 index 0000000000..9a6addf075 --- /dev/null +++ b/vendor/github.com/cenk/backoff/exponential.go @@ -0,0 +1,156 @@ +package backoff + +import ( + "math/rand" + "time" +) + +/* +ExponentialBackOff is a backoff implementation that increases the backoff +period for each retry attempt using a randomization function that grows exponentially. + +NextBackOff() is calculated using the following formula: + + randomized interval = + RetryInterval * (random value in range [1 - RandomizationFactor, 1 + RandomizationFactor]) + +In other words NextBackOff() will range between the randomization factor +percentage below and above the retry interval. + +For example, given the following parameters: + + RetryInterval = 2 + RandomizationFactor = 0.5 + Multiplier = 2 + +the actual backoff period used in the next retry attempt will range between 1 and 3 seconds, +multiplied by the exponential, that is, between 2 and 6 seconds. + +Note: MaxInterval caps the RetryInterval and not the randomized interval. + +If the time elapsed since an ExponentialBackOff instance is created goes past the +MaxElapsedTime, then the method NextBackOff() starts returning backoff.Stop. + +The elapsed time can be reset by calling Reset(). + +Example: Given the following default arguments, for 10 tries the sequence will be, +and assuming we go over the MaxElapsedTime on the 10th try: + + Request # RetryInterval (seconds) Randomized Interval (seconds) + + 1 0.5 [0.25, 0.75] + 2 0.75 [0.375, 1.125] + 3 1.125 [0.562, 1.687] + 4 1.687 [0.8435, 2.53] + 5 2.53 [1.265, 3.795] + 6 3.795 [1.897, 5.692] + 7 5.692 [2.846, 8.538] + 8 8.538 [4.269, 12.807] + 9 12.807 [6.403, 19.210] + 10 19.210 backoff.Stop + +Note: Implementation is not thread-safe. +*/ +type ExponentialBackOff struct { + InitialInterval time.Duration + RandomizationFactor float64 + Multiplier float64 + MaxInterval time.Duration + // After MaxElapsedTime the ExponentialBackOff stops. + // It never stops if MaxElapsedTime == 0. + MaxElapsedTime time.Duration + Clock Clock + + currentInterval time.Duration + startTime time.Time + random *rand.Rand +} + +// Clock is an interface that returns current time for BackOff. +type Clock interface { + Now() time.Time +} + +// Default values for ExponentialBackOff. +const ( + DefaultInitialInterval = 500 * time.Millisecond + DefaultRandomizationFactor = 0.5 + DefaultMultiplier = 1.5 + DefaultMaxInterval = 60 * time.Second + DefaultMaxElapsedTime = 15 * time.Minute +) + +// NewExponentialBackOff creates an instance of ExponentialBackOff using default values. +func NewExponentialBackOff() *ExponentialBackOff { + b := &ExponentialBackOff{ + InitialInterval: DefaultInitialInterval, + RandomizationFactor: DefaultRandomizationFactor, + Multiplier: DefaultMultiplier, + MaxInterval: DefaultMaxInterval, + MaxElapsedTime: DefaultMaxElapsedTime, + Clock: SystemClock, + random: rand.New(rand.NewSource(time.Now().UnixNano())), + } + b.Reset() + return b +} + +type systemClock struct{} + +func (t systemClock) Now() time.Time { + return time.Now() +} + +// SystemClock implements Clock interface that uses time.Now(). +var SystemClock = systemClock{} + +// Reset the interval back to the initial retry interval and restarts the timer. +func (b *ExponentialBackOff) Reset() { + b.currentInterval = b.InitialInterval + b.startTime = b.Clock.Now() +} + +// NextBackOff calculates the next backoff interval using the formula: +// Randomized interval = RetryInterval +/- (RandomizationFactor * RetryInterval) +func (b *ExponentialBackOff) NextBackOff() time.Duration { + // Make sure we have not gone over the maximum elapsed time. + if b.MaxElapsedTime != 0 && b.GetElapsedTime() > b.MaxElapsedTime { + return Stop + } + defer b.incrementCurrentInterval() + if b.random == nil { + b.random = rand.New(rand.NewSource(time.Now().UnixNano())) + } + return getRandomValueFromInterval(b.RandomizationFactor, b.random.Float64(), b.currentInterval) +} + +// GetElapsedTime returns the elapsed time since an ExponentialBackOff instance +// is created and is reset when Reset() is called. +// +// The elapsed time is computed using time.Now().UnixNano(). +func (b *ExponentialBackOff) GetElapsedTime() time.Duration { + return b.Clock.Now().Sub(b.startTime) +} + +// Increments the current interval by multiplying it with the multiplier. +func (b *ExponentialBackOff) incrementCurrentInterval() { + // Check for overflow, if overflow is detected set the current interval to the max interval. + if float64(b.currentInterval) >= float64(b.MaxInterval)/b.Multiplier { + b.currentInterval = b.MaxInterval + } else { + b.currentInterval = time.Duration(float64(b.currentInterval) * b.Multiplier) + } +} + +// Returns a random value from the following interval: +// [randomizationFactor * currentInterval, randomizationFactor * currentInterval]. +func getRandomValueFromInterval(randomizationFactor, random float64, currentInterval time.Duration) time.Duration { + var delta = randomizationFactor * float64(currentInterval) + var minInterval = float64(currentInterval) - delta + var maxInterval = float64(currentInterval) + delta + + // Get a random value from the range [minInterval, maxInterval]. + // The formula used below has a +1 because if the minInterval is 1 and the maxInterval is 3 then + // we want a 33% chance for selecting either 1, 2 or 3. + return time.Duration(minInterval + (random * (maxInterval - minInterval + 1))) +} diff --git a/vendor/github.com/cenk/backoff/retry.go b/vendor/github.com/cenk/backoff/retry.go new file mode 100644 index 0000000000..5dbd825b5c --- /dev/null +++ b/vendor/github.com/cenk/backoff/retry.go @@ -0,0 +1,78 @@ +package backoff + +import "time" + +// An Operation is executing by Retry() or RetryNotify(). +// The operation will be retried using a backoff policy if it returns an error. +type Operation func() error + +// Notify is a notify-on-error function. It receives an operation error and +// backoff delay if the operation failed (with an error). +// +// NOTE that if the backoff policy stated to stop retrying, +// the notify function isn't called. +type Notify func(error, time.Duration) + +// Retry the operation o until it does not return error or BackOff stops. +// o is guaranteed to be run at least once. +// It is the caller's responsibility to reset b after Retry returns. +// +// If o returns a *PermanentError, the operation is not retried, and the +// wrapped error is returned. +// +// Retry sleeps the goroutine for the duration returned by BackOff after a +// failed operation returns. +func Retry(o Operation, b BackOff) error { return RetryNotify(o, b, nil) } + +// RetryNotify calls notify function with the error and wait duration +// for each failed attempt before sleep. +func RetryNotify(operation Operation, b BackOff, notify Notify) error { + var err error + var next time.Duration + + cb := ensureContext(b) + + b.Reset() + for { + if err = operation(); err == nil { + return nil + } + + if permanent, ok := err.(*PermanentError); ok { + return permanent.Err + } + + if next = b.NextBackOff(); next == Stop { + return err + } + + if notify != nil { + notify(err, next) + } + + t := time.NewTimer(next) + + select { + case <-cb.Context().Done(): + t.Stop() + return err + case <-t.C: + } + } +} + +// PermanentError signals that the operation should not be retried. +type PermanentError struct { + Err error +} + +func (e *PermanentError) Error() string { + return e.Err.Error() +} + +// Permanent wraps the given err in a *PermanentError. +func Permanent(err error) *PermanentError { + return &PermanentError{ + Err: err, + } +} diff --git a/vendor/github.com/cenk/backoff/ticker.go b/vendor/github.com/cenk/backoff/ticker.go new file mode 100644 index 0000000000..49a99718d7 --- /dev/null +++ b/vendor/github.com/cenk/backoff/ticker.go @@ -0,0 +1,81 @@ +package backoff + +import ( + "runtime" + "sync" + "time" +) + +// Ticker holds a channel that delivers `ticks' of a clock at times reported by a BackOff. +// +// Ticks will continue to arrive when the previous operation is still running, +// so operations that take a while to fail could run in quick succession. +type Ticker struct { + C <-chan time.Time + c chan time.Time + b BackOffContext + stop chan struct{} + stopOnce sync.Once +} + +// NewTicker returns a new Ticker containing a channel that will send the time at times +// specified by the BackOff argument. Ticker is guaranteed to tick at least once. +// The channel is closed when Stop method is called or BackOff stops. +func NewTicker(b BackOff) *Ticker { + c := make(chan time.Time) + t := &Ticker{ + C: c, + c: c, + b: ensureContext(b), + stop: make(chan struct{}), + } + go t.run() + runtime.SetFinalizer(t, (*Ticker).Stop) + return t +} + +// Stop turns off a ticker. After Stop, no more ticks will be sent. +func (t *Ticker) Stop() { + t.stopOnce.Do(func() { close(t.stop) }) +} + +func (t *Ticker) run() { + c := t.c + defer close(c) + t.b.Reset() + + // Ticker is guaranteed to tick at least once. + afterC := t.send(time.Now()) + + for { + if afterC == nil { + return + } + + select { + case tick := <-afterC: + afterC = t.send(tick) + case <-t.stop: + t.c = nil // Prevent future ticks from being sent to the channel. + return + case <-t.b.Context().Done(): + return + } + } +} + +func (t *Ticker) send(tick time.Time) <-chan time.Time { + select { + case t.c <- tick: + case <-t.stop: + return nil + } + + next := t.b.NextBackOff() + if next == Stop { + t.Stop() + return nil + } + + return time.After(next) +} diff --git a/vendor/github.com/cenk/backoff/tries.go b/vendor/github.com/cenk/backoff/tries.go new file mode 100644 index 0000000000..d2da7308b6 --- /dev/null +++ b/vendor/github.com/cenk/backoff/tries.go @@ -0,0 +1,35 @@ +package backoff + +import "time" + +/* +WithMaxTries creates a wrapper around another BackOff, which will +return Stop if NextBackOff() has been called too many times since +the last time Reset() was called + +Note: Implementation is not thread-safe. +*/ +func WithMaxTries(b BackOff, max uint64) BackOff { + return &backOffTries{delegate: b, maxTries: max} +} + +type backOffTries struct { + delegate BackOff + maxTries uint64 + numTries uint64 +} + +func (b *backOffTries) NextBackOff() time.Duration { + if b.maxTries > 0 { + if b.maxTries <= b.numTries { + return Stop + } + b.numTries++ + } + return b.delegate.NextBackOff() +} + +func (b *backOffTries) Reset() { + b.numTries = 0 + b.delegate.Reset() +} diff --git a/vendor/github.com/golang/protobuf/LICENSE b/vendor/github.com/golang/protobuf/LICENSE new file mode 100644 index 0000000000..98805ae1ef --- /dev/null +++ b/vendor/github.com/golang/protobuf/LICENSE @@ -0,0 +1,30 @@ +Go support for Protocol Buffers - Google's data interchange format + +Copyright 2010 The Go Authors. All rights reserved. +https://github.com/golang/protobuf + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/golang/protobuf/proto/Makefile b/vendor/github.com/golang/protobuf/proto/Makefile new file mode 100644 index 0000000000..e2e0651a93 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/Makefile @@ -0,0 +1,43 @@ +# Go support for Protocol Buffers - Google's data interchange format +# +# Copyright 2010 The Go Authors. All rights reserved. +# https://github.com/golang/protobuf +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following disclaimer +# in the documentation and/or other materials provided with the +# distribution. +# * Neither the name of Google Inc. nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +install: + go install + +test: install generate-test-pbs + go test + + +generate-test-pbs: + make install + make -C testdata + protoc --go_out=Mtestdata/test.proto=github.com/golang/protobuf/proto/testdata,Mgoogle/protobuf/any.proto=github.com/golang/protobuf/ptypes/any:. proto3_proto/proto3.proto + make diff --git a/vendor/github.com/golang/protobuf/proto/clone.go b/vendor/github.com/golang/protobuf/proto/clone.go new file mode 100644 index 0000000000..e392575b35 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/clone.go @@ -0,0 +1,229 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2011 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// Protocol buffer deep copy and merge. +// TODO: RawMessage. + +package proto + +import ( + "log" + "reflect" + "strings" +) + +// Clone returns a deep copy of a protocol buffer. +func Clone(pb Message) Message { + in := reflect.ValueOf(pb) + if in.IsNil() { + return pb + } + + out := reflect.New(in.Type().Elem()) + // out is empty so a merge is a deep copy. + mergeStruct(out.Elem(), in.Elem()) + return out.Interface().(Message) +} + +// Merge merges src into dst. +// Required and optional fields that are set in src will be set to that value in dst. +// Elements of repeated fields will be appended. +// Merge panics if src and dst are not the same type, or if dst is nil. +func Merge(dst, src Message) { + in := reflect.ValueOf(src) + out := reflect.ValueOf(dst) + if out.IsNil() { + panic("proto: nil destination") + } + if in.Type() != out.Type() { + // Explicit test prior to mergeStruct so that mistyped nils will fail + panic("proto: type mismatch") + } + if in.IsNil() { + // Merging nil into non-nil is a quiet no-op + return + } + mergeStruct(out.Elem(), in.Elem()) +} + +func mergeStruct(out, in reflect.Value) { + sprop := GetProperties(in.Type()) + for i := 0; i < in.NumField(); i++ { + f := in.Type().Field(i) + if strings.HasPrefix(f.Name, "XXX_") { + continue + } + mergeAny(out.Field(i), in.Field(i), false, sprop.Prop[i]) + } + + if emIn, ok := extendable(in.Addr().Interface()); ok { + emOut, _ := extendable(out.Addr().Interface()) + mIn, muIn := emIn.extensionsRead() + if mIn != nil { + mOut := emOut.extensionsWrite() + muIn.Lock() + mergeExtension(mOut, mIn) + muIn.Unlock() + } + } + + uf := in.FieldByName("XXX_unrecognized") + if !uf.IsValid() { + return + } + uin := uf.Bytes() + if len(uin) > 0 { + out.FieldByName("XXX_unrecognized").SetBytes(append([]byte(nil), uin...)) + } +} + +// mergeAny performs a merge between two values of the same type. +// viaPtr indicates whether the values were indirected through a pointer (implying proto2). +// prop is set if this is a struct field (it may be nil). +func mergeAny(out, in reflect.Value, viaPtr bool, prop *Properties) { + if in.Type() == protoMessageType { + if !in.IsNil() { + if out.IsNil() { + out.Set(reflect.ValueOf(Clone(in.Interface().(Message)))) + } else { + Merge(out.Interface().(Message), in.Interface().(Message)) + } + } + return + } + switch in.Kind() { + case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int32, reflect.Int64, + reflect.String, reflect.Uint32, reflect.Uint64: + if !viaPtr && isProto3Zero(in) { + return + } + out.Set(in) + case reflect.Interface: + // Probably a oneof field; copy non-nil values. + if in.IsNil() { + return + } + // Allocate destination if it is not set, or set to a different type. + // Otherwise we will merge as normal. + if out.IsNil() || out.Elem().Type() != in.Elem().Type() { + out.Set(reflect.New(in.Elem().Elem().Type())) // interface -> *T -> T -> new(T) + } + mergeAny(out.Elem(), in.Elem(), false, nil) + case reflect.Map: + if in.Len() == 0 { + return + } + if out.IsNil() { + out.Set(reflect.MakeMap(in.Type())) + } + // For maps with value types of *T or []byte we need to deep copy each value. + elemKind := in.Type().Elem().Kind() + for _, key := range in.MapKeys() { + var val reflect.Value + switch elemKind { + case reflect.Ptr: + val = reflect.New(in.Type().Elem().Elem()) + mergeAny(val, in.MapIndex(key), false, nil) + case reflect.Slice: + val = in.MapIndex(key) + val = reflect.ValueOf(append([]byte{}, val.Bytes()...)) + default: + val = in.MapIndex(key) + } + out.SetMapIndex(key, val) + } + case reflect.Ptr: + if in.IsNil() { + return + } + if out.IsNil() { + out.Set(reflect.New(in.Elem().Type())) + } + mergeAny(out.Elem(), in.Elem(), true, nil) + case reflect.Slice: + if in.IsNil() { + return + } + if in.Type().Elem().Kind() == reflect.Uint8 { + // []byte is a scalar bytes field, not a repeated field. + + // Edge case: if this is in a proto3 message, a zero length + // bytes field is considered the zero value, and should not + // be merged. + if prop != nil && prop.proto3 && in.Len() == 0 { + return + } + + // Make a deep copy. + // Append to []byte{} instead of []byte(nil) so that we never end up + // with a nil result. + out.SetBytes(append([]byte{}, in.Bytes()...)) + return + } + n := in.Len() + if out.IsNil() { + out.Set(reflect.MakeSlice(in.Type(), 0, n)) + } + switch in.Type().Elem().Kind() { + case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int32, reflect.Int64, + reflect.String, reflect.Uint32, reflect.Uint64: + out.Set(reflect.AppendSlice(out, in)) + default: + for i := 0; i < n; i++ { + x := reflect.Indirect(reflect.New(in.Type().Elem())) + mergeAny(x, in.Index(i), false, nil) + out.Set(reflect.Append(out, x)) + } + } + case reflect.Struct: + mergeStruct(out, in) + default: + // unknown type, so not a protocol buffer + log.Printf("proto: don't know how to copy %v", in) + } +} + +func mergeExtension(out, in map[int32]Extension) { + for extNum, eIn := range in { + eOut := Extension{desc: eIn.desc} + if eIn.value != nil { + v := reflect.New(reflect.TypeOf(eIn.value)).Elem() + mergeAny(v, reflect.ValueOf(eIn.value), false, nil) + eOut.value = v.Interface() + } + if eIn.enc != nil { + eOut.enc = make([]byte, len(eIn.enc)) + copy(eOut.enc, eIn.enc) + } + + out[extNum] = eOut + } +} diff --git a/vendor/github.com/golang/protobuf/proto/decode.go b/vendor/github.com/golang/protobuf/proto/decode.go new file mode 100644 index 0000000000..aa207298f9 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/decode.go @@ -0,0 +1,970 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +/* + * Routines for decoding protocol buffer data to construct in-memory representations. + */ + +import ( + "errors" + "fmt" + "io" + "os" + "reflect" +) + +// errOverflow is returned when an integer is too large to be represented. +var errOverflow = errors.New("proto: integer overflow") + +// ErrInternalBadWireType is returned by generated code when an incorrect +// wire type is encountered. It does not get returned to user code. +var ErrInternalBadWireType = errors.New("proto: internal error: bad wiretype for oneof") + +// The fundamental decoders that interpret bytes on the wire. +// Those that take integer types all return uint64 and are +// therefore of type valueDecoder. + +// DecodeVarint reads a varint-encoded integer from the slice. +// It returns the integer and the number of bytes consumed, or +// zero if there is not enough. +// This is the format for the +// int32, int64, uint32, uint64, bool, and enum +// protocol buffer types. +func DecodeVarint(buf []byte) (x uint64, n int) { + for shift := uint(0); shift < 64; shift += 7 { + if n >= len(buf) { + return 0, 0 + } + b := uint64(buf[n]) + n++ + x |= (b & 0x7F) << shift + if (b & 0x80) == 0 { + return x, n + } + } + + // The number is too large to represent in a 64-bit value. + return 0, 0 +} + +func (p *Buffer) decodeVarintSlow() (x uint64, err error) { + i := p.index + l := len(p.buf) + + for shift := uint(0); shift < 64; shift += 7 { + if i >= l { + err = io.ErrUnexpectedEOF + return + } + b := p.buf[i] + i++ + x |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + p.index = i + return + } + } + + // The number is too large to represent in a 64-bit value. + err = errOverflow + return +} + +// DecodeVarint reads a varint-encoded integer from the Buffer. +// This is the format for the +// int32, int64, uint32, uint64, bool, and enum +// protocol buffer types. +func (p *Buffer) DecodeVarint() (x uint64, err error) { + i := p.index + buf := p.buf + + if i >= len(buf) { + return 0, io.ErrUnexpectedEOF + } else if buf[i] < 0x80 { + p.index++ + return uint64(buf[i]), nil + } else if len(buf)-i < 10 { + return p.decodeVarintSlow() + } + + var b uint64 + // we already checked the first byte + x = uint64(buf[i]) - 0x80 + i++ + + b = uint64(buf[i]) + i++ + x += b << 7 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 7 + + b = uint64(buf[i]) + i++ + x += b << 14 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 14 + + b = uint64(buf[i]) + i++ + x += b << 21 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 21 + + b = uint64(buf[i]) + i++ + x += b << 28 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 28 + + b = uint64(buf[i]) + i++ + x += b << 35 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 35 + + b = uint64(buf[i]) + i++ + x += b << 42 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 42 + + b = uint64(buf[i]) + i++ + x += b << 49 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 49 + + b = uint64(buf[i]) + i++ + x += b << 56 + if b&0x80 == 0 { + goto done + } + x -= 0x80 << 56 + + b = uint64(buf[i]) + i++ + x += b << 63 + if b&0x80 == 0 { + goto done + } + // x -= 0x80 << 63 // Always zero. + + return 0, errOverflow + +done: + p.index = i + return x, nil +} + +// DecodeFixed64 reads a 64-bit integer from the Buffer. +// This is the format for the +// fixed64, sfixed64, and double protocol buffer types. +func (p *Buffer) DecodeFixed64() (x uint64, err error) { + // x, err already 0 + i := p.index + 8 + if i < 0 || i > len(p.buf) { + err = io.ErrUnexpectedEOF + return + } + p.index = i + + x = uint64(p.buf[i-8]) + x |= uint64(p.buf[i-7]) << 8 + x |= uint64(p.buf[i-6]) << 16 + x |= uint64(p.buf[i-5]) << 24 + x |= uint64(p.buf[i-4]) << 32 + x |= uint64(p.buf[i-3]) << 40 + x |= uint64(p.buf[i-2]) << 48 + x |= uint64(p.buf[i-1]) << 56 + return +} + +// DecodeFixed32 reads a 32-bit integer from the Buffer. +// This is the format for the +// fixed32, sfixed32, and float protocol buffer types. +func (p *Buffer) DecodeFixed32() (x uint64, err error) { + // x, err already 0 + i := p.index + 4 + if i < 0 || i > len(p.buf) { + err = io.ErrUnexpectedEOF + return + } + p.index = i + + x = uint64(p.buf[i-4]) + x |= uint64(p.buf[i-3]) << 8 + x |= uint64(p.buf[i-2]) << 16 + x |= uint64(p.buf[i-1]) << 24 + return +} + +// DecodeZigzag64 reads a zigzag-encoded 64-bit integer +// from the Buffer. +// This is the format used for the sint64 protocol buffer type. +func (p *Buffer) DecodeZigzag64() (x uint64, err error) { + x, err = p.DecodeVarint() + if err != nil { + return + } + x = (x >> 1) ^ uint64((int64(x&1)<<63)>>63) + return +} + +// DecodeZigzag32 reads a zigzag-encoded 32-bit integer +// from the Buffer. +// This is the format used for the sint32 protocol buffer type. +func (p *Buffer) DecodeZigzag32() (x uint64, err error) { + x, err = p.DecodeVarint() + if err != nil { + return + } + x = uint64((uint32(x) >> 1) ^ uint32((int32(x&1)<<31)>>31)) + return +} + +// These are not ValueDecoders: they produce an array of bytes or a string. +// bytes, embedded messages + +// DecodeRawBytes reads a count-delimited byte buffer from the Buffer. +// This is the format used for the bytes protocol buffer +// type and for embedded messages. +func (p *Buffer) DecodeRawBytes(alloc bool) (buf []byte, err error) { + n, err := p.DecodeVarint() + if err != nil { + return nil, err + } + + nb := int(n) + if nb < 0 { + return nil, fmt.Errorf("proto: bad byte length %d", nb) + } + end := p.index + nb + if end < p.index || end > len(p.buf) { + return nil, io.ErrUnexpectedEOF + } + + if !alloc { + // todo: check if can get more uses of alloc=false + buf = p.buf[p.index:end] + p.index += nb + return + } + + buf = make([]byte, nb) + copy(buf, p.buf[p.index:]) + p.index += nb + return +} + +// DecodeStringBytes reads an encoded string from the Buffer. +// This is the format used for the proto2 string type. +func (p *Buffer) DecodeStringBytes() (s string, err error) { + buf, err := p.DecodeRawBytes(false) + if err != nil { + return + } + return string(buf), nil +} + +// Skip the next item in the buffer. Its wire type is decoded and presented as an argument. +// If the protocol buffer has extensions, and the field matches, add it as an extension. +// Otherwise, if the XXX_unrecognized field exists, append the skipped data there. +func (o *Buffer) skipAndSave(t reflect.Type, tag, wire int, base structPointer, unrecField field) error { + oi := o.index + + err := o.skip(t, tag, wire) + if err != nil { + return err + } + + if !unrecField.IsValid() { + return nil + } + + ptr := structPointer_Bytes(base, unrecField) + + // Add the skipped field to struct field + obuf := o.buf + + o.buf = *ptr + o.EncodeVarint(uint64(tag<<3 | wire)) + *ptr = append(o.buf, obuf[oi:o.index]...) + + o.buf = obuf + + return nil +} + +// Skip the next item in the buffer. Its wire type is decoded and presented as an argument. +func (o *Buffer) skip(t reflect.Type, tag, wire int) error { + + var u uint64 + var err error + + switch wire { + case WireVarint: + _, err = o.DecodeVarint() + case WireFixed64: + _, err = o.DecodeFixed64() + case WireBytes: + _, err = o.DecodeRawBytes(false) + case WireFixed32: + _, err = o.DecodeFixed32() + case WireStartGroup: + for { + u, err = o.DecodeVarint() + if err != nil { + break + } + fwire := int(u & 0x7) + if fwire == WireEndGroup { + break + } + ftag := int(u >> 3) + err = o.skip(t, ftag, fwire) + if err != nil { + break + } + } + default: + err = fmt.Errorf("proto: can't skip unknown wire type %d for %s", wire, t) + } + return err +} + +// Unmarshaler is the interface representing objects that can +// unmarshal themselves. The method should reset the receiver before +// decoding starts. The argument points to data that may be +// overwritten, so implementations should not keep references to the +// buffer. +type Unmarshaler interface { + Unmarshal([]byte) error +} + +// Unmarshal parses the protocol buffer representation in buf and places the +// decoded result in pb. If the struct underlying pb does not match +// the data in buf, the results can be unpredictable. +// +// Unmarshal resets pb before starting to unmarshal, so any +// existing data in pb is always removed. Use UnmarshalMerge +// to preserve and append to existing data. +func Unmarshal(buf []byte, pb Message) error { + pb.Reset() + return UnmarshalMerge(buf, pb) +} + +// UnmarshalMerge parses the protocol buffer representation in buf and +// writes the decoded result to pb. If the struct underlying pb does not match +// the data in buf, the results can be unpredictable. +// +// UnmarshalMerge merges into existing data in pb. +// Most code should use Unmarshal instead. +func UnmarshalMerge(buf []byte, pb Message) error { + // If the object can unmarshal itself, let it. + if u, ok := pb.(Unmarshaler); ok { + return u.Unmarshal(buf) + } + return NewBuffer(buf).Unmarshal(pb) +} + +// DecodeMessage reads a count-delimited message from the Buffer. +func (p *Buffer) DecodeMessage(pb Message) error { + enc, err := p.DecodeRawBytes(false) + if err != nil { + return err + } + return NewBuffer(enc).Unmarshal(pb) +} + +// DecodeGroup reads a tag-delimited group from the Buffer. +func (p *Buffer) DecodeGroup(pb Message) error { + typ, base, err := getbase(pb) + if err != nil { + return err + } + return p.unmarshalType(typ.Elem(), GetProperties(typ.Elem()), true, base) +} + +// Unmarshal parses the protocol buffer representation in the +// Buffer and places the decoded result in pb. If the struct +// underlying pb does not match the data in the buffer, the results can be +// unpredictable. +// +// Unlike proto.Unmarshal, this does not reset pb before starting to unmarshal. +func (p *Buffer) Unmarshal(pb Message) error { + // If the object can unmarshal itself, let it. + if u, ok := pb.(Unmarshaler); ok { + err := u.Unmarshal(p.buf[p.index:]) + p.index = len(p.buf) + return err + } + + typ, base, err := getbase(pb) + if err != nil { + return err + } + + err = p.unmarshalType(typ.Elem(), GetProperties(typ.Elem()), false, base) + + if collectStats { + stats.Decode++ + } + + return err +} + +// unmarshalType does the work of unmarshaling a structure. +func (o *Buffer) unmarshalType(st reflect.Type, prop *StructProperties, is_group bool, base structPointer) error { + var state errorState + required, reqFields := prop.reqCount, uint64(0) + + var err error + for err == nil && o.index < len(o.buf) { + oi := o.index + var u uint64 + u, err = o.DecodeVarint() + if err != nil { + break + } + wire := int(u & 0x7) + if wire == WireEndGroup { + if is_group { + if required > 0 { + // Not enough information to determine the exact field. + // (See below.) + return &RequiredNotSetError{"{Unknown}"} + } + return nil // input is satisfied + } + return fmt.Errorf("proto: %s: wiretype end group for non-group", st) + } + tag := int(u >> 3) + if tag <= 0 { + return fmt.Errorf("proto: %s: illegal tag %d (wire type %d)", st, tag, wire) + } + fieldnum, ok := prop.decoderTags.get(tag) + if !ok { + // Maybe it's an extension? + if prop.extendable { + if e, _ := extendable(structPointer_Interface(base, st)); isExtensionField(e, int32(tag)) { + if err = o.skip(st, tag, wire); err == nil { + extmap := e.extensionsWrite() + ext := extmap[int32(tag)] // may be missing + ext.enc = append(ext.enc, o.buf[oi:o.index]...) + extmap[int32(tag)] = ext + } + continue + } + } + // Maybe it's a oneof? + if prop.oneofUnmarshaler != nil { + m := structPointer_Interface(base, st).(Message) + // First return value indicates whether tag is a oneof field. + ok, err = prop.oneofUnmarshaler(m, tag, wire, o) + if err == ErrInternalBadWireType { + // Map the error to something more descriptive. + // Do the formatting here to save generated code space. + err = fmt.Errorf("bad wiretype for oneof field in %T", m) + } + if ok { + continue + } + } + err = o.skipAndSave(st, tag, wire, base, prop.unrecField) + continue + } + p := prop.Prop[fieldnum] + + if p.dec == nil { + fmt.Fprintf(os.Stderr, "proto: no protobuf decoder for %s.%s\n", st, st.Field(fieldnum).Name) + continue + } + dec := p.dec + if wire != WireStartGroup && wire != p.WireType { + if wire == WireBytes && p.packedDec != nil { + // a packable field + dec = p.packedDec + } else { + err = fmt.Errorf("proto: bad wiretype for field %s.%s: got wiretype %d, want %d", st, st.Field(fieldnum).Name, wire, p.WireType) + continue + } + } + decErr := dec(o, p, base) + if decErr != nil && !state.shouldContinue(decErr, p) { + err = decErr + } + if err == nil && p.Required { + // Successfully decoded a required field. + if tag <= 64 { + // use bitmap for fields 1-64 to catch field reuse. + var mask uint64 = 1 << uint64(tag-1) + if reqFields&mask == 0 { + // new required field + reqFields |= mask + required-- + } + } else { + // This is imprecise. It can be fooled by a required field + // with a tag > 64 that is encoded twice; that's very rare. + // A fully correct implementation would require allocating + // a data structure, which we would like to avoid. + required-- + } + } + } + if err == nil { + if is_group { + return io.ErrUnexpectedEOF + } + if state.err != nil { + return state.err + } + if required > 0 { + // Not enough information to determine the exact field. If we use extra + // CPU, we could determine the field only if the missing required field + // has a tag <= 64 and we check reqFields. + return &RequiredNotSetError{"{Unknown}"} + } + } + return err +} + +// Individual type decoders +// For each, +// u is the decoded value, +// v is a pointer to the field (pointer) in the struct + +// Sizes of the pools to allocate inside the Buffer. +// The goal is modest amortization and allocation +// on at least 16-byte boundaries. +const ( + boolPoolSize = 16 + uint32PoolSize = 8 + uint64PoolSize = 4 +) + +// Decode a bool. +func (o *Buffer) dec_bool(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + if len(o.bools) == 0 { + o.bools = make([]bool, boolPoolSize) + } + o.bools[0] = u != 0 + *structPointer_Bool(base, p.field) = &o.bools[0] + o.bools = o.bools[1:] + return nil +} + +func (o *Buffer) dec_proto3_bool(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + *structPointer_BoolVal(base, p.field) = u != 0 + return nil +} + +// Decode an int32. +func (o *Buffer) dec_int32(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + word32_Set(structPointer_Word32(base, p.field), o, uint32(u)) + return nil +} + +func (o *Buffer) dec_proto3_int32(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + word32Val_Set(structPointer_Word32Val(base, p.field), uint32(u)) + return nil +} + +// Decode an int64. +func (o *Buffer) dec_int64(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + word64_Set(structPointer_Word64(base, p.field), o, u) + return nil +} + +func (o *Buffer) dec_proto3_int64(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + word64Val_Set(structPointer_Word64Val(base, p.field), o, u) + return nil +} + +// Decode a string. +func (o *Buffer) dec_string(p *Properties, base structPointer) error { + s, err := o.DecodeStringBytes() + if err != nil { + return err + } + *structPointer_String(base, p.field) = &s + return nil +} + +func (o *Buffer) dec_proto3_string(p *Properties, base structPointer) error { + s, err := o.DecodeStringBytes() + if err != nil { + return err + } + *structPointer_StringVal(base, p.field) = s + return nil +} + +// Decode a slice of bytes ([]byte). +func (o *Buffer) dec_slice_byte(p *Properties, base structPointer) error { + b, err := o.DecodeRawBytes(true) + if err != nil { + return err + } + *structPointer_Bytes(base, p.field) = b + return nil +} + +// Decode a slice of bools ([]bool). +func (o *Buffer) dec_slice_bool(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + v := structPointer_BoolSlice(base, p.field) + *v = append(*v, u != 0) + return nil +} + +// Decode a slice of bools ([]bool) in packed format. +func (o *Buffer) dec_slice_packed_bool(p *Properties, base structPointer) error { + v := structPointer_BoolSlice(base, p.field) + + nn, err := o.DecodeVarint() + if err != nil { + return err + } + nb := int(nn) // number of bytes of encoded bools + fin := o.index + nb + if fin < o.index { + return errOverflow + } + + y := *v + for o.index < fin { + u, err := p.valDec(o) + if err != nil { + return err + } + y = append(y, u != 0) + } + + *v = y + return nil +} + +// Decode a slice of int32s ([]int32). +func (o *Buffer) dec_slice_int32(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + structPointer_Word32Slice(base, p.field).Append(uint32(u)) + return nil +} + +// Decode a slice of int32s ([]int32) in packed format. +func (o *Buffer) dec_slice_packed_int32(p *Properties, base structPointer) error { + v := structPointer_Word32Slice(base, p.field) + + nn, err := o.DecodeVarint() + if err != nil { + return err + } + nb := int(nn) // number of bytes of encoded int32s + + fin := o.index + nb + if fin < o.index { + return errOverflow + } + for o.index < fin { + u, err := p.valDec(o) + if err != nil { + return err + } + v.Append(uint32(u)) + } + return nil +} + +// Decode a slice of int64s ([]int64). +func (o *Buffer) dec_slice_int64(p *Properties, base structPointer) error { + u, err := p.valDec(o) + if err != nil { + return err + } + + structPointer_Word64Slice(base, p.field).Append(u) + return nil +} + +// Decode a slice of int64s ([]int64) in packed format. +func (o *Buffer) dec_slice_packed_int64(p *Properties, base structPointer) error { + v := structPointer_Word64Slice(base, p.field) + + nn, err := o.DecodeVarint() + if err != nil { + return err + } + nb := int(nn) // number of bytes of encoded int64s + + fin := o.index + nb + if fin < o.index { + return errOverflow + } + for o.index < fin { + u, err := p.valDec(o) + if err != nil { + return err + } + v.Append(u) + } + return nil +} + +// Decode a slice of strings ([]string). +func (o *Buffer) dec_slice_string(p *Properties, base structPointer) error { + s, err := o.DecodeStringBytes() + if err != nil { + return err + } + v := structPointer_StringSlice(base, p.field) + *v = append(*v, s) + return nil +} + +// Decode a slice of slice of bytes ([][]byte). +func (o *Buffer) dec_slice_slice_byte(p *Properties, base structPointer) error { + b, err := o.DecodeRawBytes(true) + if err != nil { + return err + } + v := structPointer_BytesSlice(base, p.field) + *v = append(*v, b) + return nil +} + +// Decode a map field. +func (o *Buffer) dec_new_map(p *Properties, base structPointer) error { + raw, err := o.DecodeRawBytes(false) + if err != nil { + return err + } + oi := o.index // index at the end of this map entry + o.index -= len(raw) // move buffer back to start of map entry + + mptr := structPointer_NewAt(base, p.field, p.mtype) // *map[K]V + if mptr.Elem().IsNil() { + mptr.Elem().Set(reflect.MakeMap(mptr.Type().Elem())) + } + v := mptr.Elem() // map[K]V + + // Prepare addressable doubly-indirect placeholders for the key and value types. + // See enc_new_map for why. + keyptr := reflect.New(reflect.PtrTo(p.mtype.Key())).Elem() // addressable *K + keybase := toStructPointer(keyptr.Addr()) // **K + + var valbase structPointer + var valptr reflect.Value + switch p.mtype.Elem().Kind() { + case reflect.Slice: + // []byte + var dummy []byte + valptr = reflect.ValueOf(&dummy) // *[]byte + valbase = toStructPointer(valptr) // *[]byte + case reflect.Ptr: + // message; valptr is **Msg; need to allocate the intermediate pointer + valptr = reflect.New(reflect.PtrTo(p.mtype.Elem())).Elem() // addressable *V + valptr.Set(reflect.New(valptr.Type().Elem())) + valbase = toStructPointer(valptr) + default: + // everything else + valptr = reflect.New(reflect.PtrTo(p.mtype.Elem())).Elem() // addressable *V + valbase = toStructPointer(valptr.Addr()) // **V + } + + // Decode. + // This parses a restricted wire format, namely the encoding of a message + // with two fields. See enc_new_map for the format. + for o.index < oi { + // tagcode for key and value properties are always a single byte + // because they have tags 1 and 2. + tagcode := o.buf[o.index] + o.index++ + switch tagcode { + case p.mkeyprop.tagcode[0]: + if err := p.mkeyprop.dec(o, p.mkeyprop, keybase); err != nil { + return err + } + case p.mvalprop.tagcode[0]: + if err := p.mvalprop.dec(o, p.mvalprop, valbase); err != nil { + return err + } + default: + // TODO: Should we silently skip this instead? + return fmt.Errorf("proto: bad map data tag %d", raw[0]) + } + } + keyelem, valelem := keyptr.Elem(), valptr.Elem() + if !keyelem.IsValid() { + keyelem = reflect.Zero(p.mtype.Key()) + } + if !valelem.IsValid() { + valelem = reflect.Zero(p.mtype.Elem()) + } + + v.SetMapIndex(keyelem, valelem) + return nil +} + +// Decode a group. +func (o *Buffer) dec_struct_group(p *Properties, base structPointer) error { + bas := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(bas) { + // allocate new nested message + bas = toStructPointer(reflect.New(p.stype)) + structPointer_SetStructPointer(base, p.field, bas) + } + return o.unmarshalType(p.stype, p.sprop, true, bas) +} + +// Decode an embedded message. +func (o *Buffer) dec_struct_message(p *Properties, base structPointer) (err error) { + raw, e := o.DecodeRawBytes(false) + if e != nil { + return e + } + + bas := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(bas) { + // allocate new nested message + bas = toStructPointer(reflect.New(p.stype)) + structPointer_SetStructPointer(base, p.field, bas) + } + + // If the object can unmarshal itself, let it. + if p.isUnmarshaler { + iv := structPointer_Interface(bas, p.stype) + return iv.(Unmarshaler).Unmarshal(raw) + } + + obuf := o.buf + oi := o.index + o.buf = raw + o.index = 0 + + err = o.unmarshalType(p.stype, p.sprop, false, bas) + o.buf = obuf + o.index = oi + + return err +} + +// Decode a slice of embedded messages. +func (o *Buffer) dec_slice_struct_message(p *Properties, base structPointer) error { + return o.dec_slice_struct(p, false, base) +} + +// Decode a slice of embedded groups. +func (o *Buffer) dec_slice_struct_group(p *Properties, base structPointer) error { + return o.dec_slice_struct(p, true, base) +} + +// Decode a slice of structs ([]*struct). +func (o *Buffer) dec_slice_struct(p *Properties, is_group bool, base structPointer) error { + v := reflect.New(p.stype) + bas := toStructPointer(v) + structPointer_StructPointerSlice(base, p.field).Append(bas) + + if is_group { + err := o.unmarshalType(p.stype, p.sprop, is_group, bas) + return err + } + + raw, err := o.DecodeRawBytes(false) + if err != nil { + return err + } + + // If the object can unmarshal itself, let it. + if p.isUnmarshaler { + iv := v.Interface() + return iv.(Unmarshaler).Unmarshal(raw) + } + + obuf := o.buf + oi := o.index + o.buf = raw + o.index = 0 + + err = o.unmarshalType(p.stype, p.sprop, is_group, bas) + + o.buf = obuf + o.index = oi + + return err +} diff --git a/vendor/github.com/golang/protobuf/proto/discard.go b/vendor/github.com/golang/protobuf/proto/discard.go new file mode 100644 index 0000000000..bd0e3bb4c8 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/discard.go @@ -0,0 +1,151 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2017 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +import ( + "fmt" + "reflect" + "strings" +) + +// DiscardUnknown recursively discards all unknown fields from this message +// and all embedded messages. +// +// When unmarshaling a message with unrecognized fields, the tags and values +// of such fields are preserved in the Message. This allows a later call to +// marshal to be able to produce a message that continues to have those +// unrecognized fields. To avoid this, DiscardUnknown is used to +// explicitly clear the unknown fields after unmarshaling. +// +// For proto2 messages, the unknown fields of message extensions are only +// discarded from messages that have been accessed via GetExtension. +func DiscardUnknown(m Message) { + discardLegacy(m) +} + +func discardLegacy(m Message) { + v := reflect.ValueOf(m) + if v.Kind() != reflect.Ptr || v.IsNil() { + return + } + v = v.Elem() + if v.Kind() != reflect.Struct { + return + } + t := v.Type() + + for i := 0; i < v.NumField(); i++ { + f := t.Field(i) + if strings.HasPrefix(f.Name, "XXX_") { + continue + } + vf := v.Field(i) + tf := f.Type + + // Unwrap tf to get its most basic type. + var isPointer, isSlice bool + if tf.Kind() == reflect.Slice && tf.Elem().Kind() != reflect.Uint8 { + isSlice = true + tf = tf.Elem() + } + if tf.Kind() == reflect.Ptr { + isPointer = true + tf = tf.Elem() + } + if isPointer && isSlice && tf.Kind() != reflect.Struct { + panic(fmt.Sprintf("%T.%s cannot be a slice of pointers to primitive types", m, f.Name)) + } + + switch tf.Kind() { + case reflect.Struct: + switch { + case !isPointer: + panic(fmt.Sprintf("%T.%s cannot be a direct struct value", m, f.Name)) + case isSlice: // E.g., []*pb.T + for j := 0; j < vf.Len(); j++ { + discardLegacy(vf.Index(j).Interface().(Message)) + } + default: // E.g., *pb.T + discardLegacy(vf.Interface().(Message)) + } + case reflect.Map: + switch { + case isPointer || isSlice: + panic(fmt.Sprintf("%T.%s cannot be a pointer to a map or a slice of map values", m, f.Name)) + default: // E.g., map[K]V + tv := vf.Type().Elem() + if tv.Kind() == reflect.Ptr && tv.Implements(protoMessageType) { // Proto struct (e.g., *T) + for _, key := range vf.MapKeys() { + val := vf.MapIndex(key) + discardLegacy(val.Interface().(Message)) + } + } + } + case reflect.Interface: + // Must be oneof field. + switch { + case isPointer || isSlice: + panic(fmt.Sprintf("%T.%s cannot be a pointer to a interface or a slice of interface values", m, f.Name)) + default: // E.g., test_proto.isCommunique_Union interface + if !vf.IsNil() && f.Tag.Get("protobuf_oneof") != "" { + vf = vf.Elem() // E.g., *test_proto.Communique_Msg + if !vf.IsNil() { + vf = vf.Elem() // E.g., test_proto.Communique_Msg + vf = vf.Field(0) // E.g., Proto struct (e.g., *T) or primitive value + if vf.Kind() == reflect.Ptr { + discardLegacy(vf.Interface().(Message)) + } + } + } + } + } + } + + if vf := v.FieldByName("XXX_unrecognized"); vf.IsValid() { + if vf.Type() != reflect.TypeOf([]byte{}) { + panic("expected XXX_unrecognized to be of type []byte") + } + vf.Set(reflect.ValueOf([]byte(nil))) + } + + // For proto2 messages, only discard unknown fields in message extensions + // that have been accessed via GetExtension. + if em, ok := extendable(m); ok { + // Ignore lock since discardLegacy is not concurrency safe. + emm, _ := em.extensionsRead() + for _, mx := range emm { + if m, ok := mx.value.(Message); ok { + discardLegacy(m) + } + } + } +} diff --git a/vendor/github.com/golang/protobuf/proto/encode.go b/vendor/github.com/golang/protobuf/proto/encode.go new file mode 100644 index 0000000000..8b84d1b22d --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/encode.go @@ -0,0 +1,1362 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +/* + * Routines for encoding data into the wire format for protocol buffers. + */ + +import ( + "errors" + "fmt" + "reflect" + "sort" +) + +// RequiredNotSetError is the error returned if Marshal is called with +// a protocol buffer struct whose required fields have not +// all been initialized. It is also the error returned if Unmarshal is +// called with an encoded protocol buffer that does not include all the +// required fields. +// +// When printed, RequiredNotSetError reports the first unset required field in a +// message. If the field cannot be precisely determined, it is reported as +// "{Unknown}". +type RequiredNotSetError struct { + field string +} + +func (e *RequiredNotSetError) Error() string { + return fmt.Sprintf("proto: required field %q not set", e.field) +} + +var ( + // errRepeatedHasNil is the error returned if Marshal is called with + // a struct with a repeated field containing a nil element. + errRepeatedHasNil = errors.New("proto: repeated field has nil element") + + // errOneofHasNil is the error returned if Marshal is called with + // a struct with a oneof field containing a nil element. + errOneofHasNil = errors.New("proto: oneof field has nil value") + + // ErrNil is the error returned if Marshal is called with nil. + ErrNil = errors.New("proto: Marshal called with nil") + + // ErrTooLarge is the error returned if Marshal is called with a + // message that encodes to >2GB. + ErrTooLarge = errors.New("proto: message encodes to over 2 GB") +) + +// The fundamental encoders that put bytes on the wire. +// Those that take integer types all accept uint64 and are +// therefore of type valueEncoder. + +const maxVarintBytes = 10 // maximum length of a varint + +// maxMarshalSize is the largest allowed size of an encoded protobuf, +// since C++ and Java use signed int32s for the size. +const maxMarshalSize = 1<<31 - 1 + +// EncodeVarint returns the varint encoding of x. +// This is the format for the +// int32, int64, uint32, uint64, bool, and enum +// protocol buffer types. +// Not used by the package itself, but helpful to clients +// wishing to use the same encoding. +func EncodeVarint(x uint64) []byte { + var buf [maxVarintBytes]byte + var n int + for n = 0; x > 127; n++ { + buf[n] = 0x80 | uint8(x&0x7F) + x >>= 7 + } + buf[n] = uint8(x) + n++ + return buf[0:n] +} + +// EncodeVarint writes a varint-encoded integer to the Buffer. +// This is the format for the +// int32, int64, uint32, uint64, bool, and enum +// protocol buffer types. +func (p *Buffer) EncodeVarint(x uint64) error { + for x >= 1<<7 { + p.buf = append(p.buf, uint8(x&0x7f|0x80)) + x >>= 7 + } + p.buf = append(p.buf, uint8(x)) + return nil +} + +// SizeVarint returns the varint encoding size of an integer. +func SizeVarint(x uint64) int { + return sizeVarint(x) +} + +func sizeVarint(x uint64) (n int) { + for { + n++ + x >>= 7 + if x == 0 { + break + } + } + return n +} + +// EncodeFixed64 writes a 64-bit integer to the Buffer. +// This is the format for the +// fixed64, sfixed64, and double protocol buffer types. +func (p *Buffer) EncodeFixed64(x uint64) error { + p.buf = append(p.buf, + uint8(x), + uint8(x>>8), + uint8(x>>16), + uint8(x>>24), + uint8(x>>32), + uint8(x>>40), + uint8(x>>48), + uint8(x>>56)) + return nil +} + +func sizeFixed64(x uint64) int { + return 8 +} + +// EncodeFixed32 writes a 32-bit integer to the Buffer. +// This is the format for the +// fixed32, sfixed32, and float protocol buffer types. +func (p *Buffer) EncodeFixed32(x uint64) error { + p.buf = append(p.buf, + uint8(x), + uint8(x>>8), + uint8(x>>16), + uint8(x>>24)) + return nil +} + +func sizeFixed32(x uint64) int { + return 4 +} + +// EncodeZigzag64 writes a zigzag-encoded 64-bit integer +// to the Buffer. +// This is the format used for the sint64 protocol buffer type. +func (p *Buffer) EncodeZigzag64(x uint64) error { + // use signed number to get arithmetic right shift. + return p.EncodeVarint((x << 1) ^ uint64((int64(x) >> 63))) +} + +func sizeZigzag64(x uint64) int { + return sizeVarint((x << 1) ^ uint64((int64(x) >> 63))) +} + +// EncodeZigzag32 writes a zigzag-encoded 32-bit integer +// to the Buffer. +// This is the format used for the sint32 protocol buffer type. +func (p *Buffer) EncodeZigzag32(x uint64) error { + // use signed number to get arithmetic right shift. + return p.EncodeVarint(uint64((uint32(x) << 1) ^ uint32((int32(x) >> 31)))) +} + +func sizeZigzag32(x uint64) int { + return sizeVarint(uint64((uint32(x) << 1) ^ uint32((int32(x) >> 31)))) +} + +// EncodeRawBytes writes a count-delimited byte buffer to the Buffer. +// This is the format used for the bytes protocol buffer +// type and for embedded messages. +func (p *Buffer) EncodeRawBytes(b []byte) error { + p.EncodeVarint(uint64(len(b))) + p.buf = append(p.buf, b...) + return nil +} + +func sizeRawBytes(b []byte) int { + return sizeVarint(uint64(len(b))) + + len(b) +} + +// EncodeStringBytes writes an encoded string to the Buffer. +// This is the format used for the proto2 string type. +func (p *Buffer) EncodeStringBytes(s string) error { + p.EncodeVarint(uint64(len(s))) + p.buf = append(p.buf, s...) + return nil +} + +func sizeStringBytes(s string) int { + return sizeVarint(uint64(len(s))) + + len(s) +} + +// Marshaler is the interface representing objects that can marshal themselves. +type Marshaler interface { + Marshal() ([]byte, error) +} + +// Marshal takes the protocol buffer +// and encodes it into the wire format, returning the data. +func Marshal(pb Message) ([]byte, error) { + // Can the object marshal itself? + if m, ok := pb.(Marshaler); ok { + return m.Marshal() + } + p := NewBuffer(nil) + err := p.Marshal(pb) + if p.buf == nil && err == nil { + // Return a non-nil slice on success. + return []byte{}, nil + } + return p.buf, err +} + +// EncodeMessage writes the protocol buffer to the Buffer, +// prefixed by a varint-encoded length. +func (p *Buffer) EncodeMessage(pb Message) error { + t, base, err := getbase(pb) + if structPointer_IsNil(base) { + return ErrNil + } + if err == nil { + var state errorState + err = p.enc_len_struct(GetProperties(t.Elem()), base, &state) + } + return err +} + +// Marshal takes the protocol buffer +// and encodes it into the wire format, writing the result to the +// Buffer. +func (p *Buffer) Marshal(pb Message) error { + // Can the object marshal itself? + if m, ok := pb.(Marshaler); ok { + data, err := m.Marshal() + p.buf = append(p.buf, data...) + return err + } + + t, base, err := getbase(pb) + if structPointer_IsNil(base) { + return ErrNil + } + if err == nil { + err = p.enc_struct(GetProperties(t.Elem()), base) + } + + if collectStats { + (stats).Encode++ // Parens are to work around a goimports bug. + } + + if len(p.buf) > maxMarshalSize { + return ErrTooLarge + } + return err +} + +// Size returns the encoded size of a protocol buffer. +func Size(pb Message) (n int) { + // Can the object marshal itself? If so, Size is slow. + // TODO: add Size to Marshaler, or add a Sizer interface. + if m, ok := pb.(Marshaler); ok { + b, _ := m.Marshal() + return len(b) + } + + t, base, err := getbase(pb) + if structPointer_IsNil(base) { + return 0 + } + if err == nil { + n = size_struct(GetProperties(t.Elem()), base) + } + + if collectStats { + (stats).Size++ // Parens are to work around a goimports bug. + } + + return +} + +// Individual type encoders. + +// Encode a bool. +func (o *Buffer) enc_bool(p *Properties, base structPointer) error { + v := *structPointer_Bool(base, p.field) + if v == nil { + return ErrNil + } + x := 0 + if *v { + x = 1 + } + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, uint64(x)) + return nil +} + +func (o *Buffer) enc_proto3_bool(p *Properties, base structPointer) error { + v := *structPointer_BoolVal(base, p.field) + if !v { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, 1) + return nil +} + +func size_bool(p *Properties, base structPointer) int { + v := *structPointer_Bool(base, p.field) + if v == nil { + return 0 + } + return len(p.tagcode) + 1 // each bool takes exactly one byte +} + +func size_proto3_bool(p *Properties, base structPointer) int { + v := *structPointer_BoolVal(base, p.field) + if !v && !p.oneof { + return 0 + } + return len(p.tagcode) + 1 // each bool takes exactly one byte +} + +// Encode an int32. +func (o *Buffer) enc_int32(p *Properties, base structPointer) error { + v := structPointer_Word32(base, p.field) + if word32_IsNil(v) { + return ErrNil + } + x := int32(word32_Get(v)) // permit sign extension to use full 64-bit range + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, uint64(x)) + return nil +} + +func (o *Buffer) enc_proto3_int32(p *Properties, base structPointer) error { + v := structPointer_Word32Val(base, p.field) + x := int32(word32Val_Get(v)) // permit sign extension to use full 64-bit range + if x == 0 { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, uint64(x)) + return nil +} + +func size_int32(p *Properties, base structPointer) (n int) { + v := structPointer_Word32(base, p.field) + if word32_IsNil(v) { + return 0 + } + x := int32(word32_Get(v)) // permit sign extension to use full 64-bit range + n += len(p.tagcode) + n += p.valSize(uint64(x)) + return +} + +func size_proto3_int32(p *Properties, base structPointer) (n int) { + v := structPointer_Word32Val(base, p.field) + x := int32(word32Val_Get(v)) // permit sign extension to use full 64-bit range + if x == 0 && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += p.valSize(uint64(x)) + return +} + +// Encode a uint32. +// Exactly the same as int32, except for no sign extension. +func (o *Buffer) enc_uint32(p *Properties, base structPointer) error { + v := structPointer_Word32(base, p.field) + if word32_IsNil(v) { + return ErrNil + } + x := word32_Get(v) + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, uint64(x)) + return nil +} + +func (o *Buffer) enc_proto3_uint32(p *Properties, base structPointer) error { + v := structPointer_Word32Val(base, p.field) + x := word32Val_Get(v) + if x == 0 { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, uint64(x)) + return nil +} + +func size_uint32(p *Properties, base structPointer) (n int) { + v := structPointer_Word32(base, p.field) + if word32_IsNil(v) { + return 0 + } + x := word32_Get(v) + n += len(p.tagcode) + n += p.valSize(uint64(x)) + return +} + +func size_proto3_uint32(p *Properties, base structPointer) (n int) { + v := structPointer_Word32Val(base, p.field) + x := word32Val_Get(v) + if x == 0 && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += p.valSize(uint64(x)) + return +} + +// Encode an int64. +func (o *Buffer) enc_int64(p *Properties, base structPointer) error { + v := structPointer_Word64(base, p.field) + if word64_IsNil(v) { + return ErrNil + } + x := word64_Get(v) + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, x) + return nil +} + +func (o *Buffer) enc_proto3_int64(p *Properties, base structPointer) error { + v := structPointer_Word64Val(base, p.field) + x := word64Val_Get(v) + if x == 0 { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, x) + return nil +} + +func size_int64(p *Properties, base structPointer) (n int) { + v := structPointer_Word64(base, p.field) + if word64_IsNil(v) { + return 0 + } + x := word64_Get(v) + n += len(p.tagcode) + n += p.valSize(x) + return +} + +func size_proto3_int64(p *Properties, base structPointer) (n int) { + v := structPointer_Word64Val(base, p.field) + x := word64Val_Get(v) + if x == 0 && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += p.valSize(x) + return +} + +// Encode a string. +func (o *Buffer) enc_string(p *Properties, base structPointer) error { + v := *structPointer_String(base, p.field) + if v == nil { + return ErrNil + } + x := *v + o.buf = append(o.buf, p.tagcode...) + o.EncodeStringBytes(x) + return nil +} + +func (o *Buffer) enc_proto3_string(p *Properties, base structPointer) error { + v := *structPointer_StringVal(base, p.field) + if v == "" { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeStringBytes(v) + return nil +} + +func size_string(p *Properties, base structPointer) (n int) { + v := *structPointer_String(base, p.field) + if v == nil { + return 0 + } + x := *v + n += len(p.tagcode) + n += sizeStringBytes(x) + return +} + +func size_proto3_string(p *Properties, base structPointer) (n int) { + v := *structPointer_StringVal(base, p.field) + if v == "" && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += sizeStringBytes(v) + return +} + +// All protocol buffer fields are nillable, but be careful. +func isNil(v reflect.Value) bool { + switch v.Kind() { + case reflect.Interface, reflect.Map, reflect.Ptr, reflect.Slice: + return v.IsNil() + } + return false +} + +// Encode a message struct. +func (o *Buffer) enc_struct_message(p *Properties, base structPointer) error { + var state errorState + structp := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(structp) { + return ErrNil + } + + // Can the object marshal itself? + if p.isMarshaler { + m := structPointer_Interface(structp, p.stype).(Marshaler) + data, err := m.Marshal() + if err != nil && !state.shouldContinue(err, nil) { + return err + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeRawBytes(data) + return state.err + } + + o.buf = append(o.buf, p.tagcode...) + return o.enc_len_struct(p.sprop, structp, &state) +} + +func size_struct_message(p *Properties, base structPointer) int { + structp := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(structp) { + return 0 + } + + // Can the object marshal itself? + if p.isMarshaler { + m := structPointer_Interface(structp, p.stype).(Marshaler) + data, _ := m.Marshal() + n0 := len(p.tagcode) + n1 := sizeRawBytes(data) + return n0 + n1 + } + + n0 := len(p.tagcode) + n1 := size_struct(p.sprop, structp) + n2 := sizeVarint(uint64(n1)) // size of encoded length + return n0 + n1 + n2 +} + +// Encode a group struct. +func (o *Buffer) enc_struct_group(p *Properties, base structPointer) error { + var state errorState + b := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(b) { + return ErrNil + } + + o.EncodeVarint(uint64((p.Tag << 3) | WireStartGroup)) + err := o.enc_struct(p.sprop, b) + if err != nil && !state.shouldContinue(err, nil) { + return err + } + o.EncodeVarint(uint64((p.Tag << 3) | WireEndGroup)) + return state.err +} + +func size_struct_group(p *Properties, base structPointer) (n int) { + b := structPointer_GetStructPointer(base, p.field) + if structPointer_IsNil(b) { + return 0 + } + + n += sizeVarint(uint64((p.Tag << 3) | WireStartGroup)) + n += size_struct(p.sprop, b) + n += sizeVarint(uint64((p.Tag << 3) | WireEndGroup)) + return +} + +// Encode a slice of bools ([]bool). +func (o *Buffer) enc_slice_bool(p *Properties, base structPointer) error { + s := *structPointer_BoolSlice(base, p.field) + l := len(s) + if l == 0 { + return ErrNil + } + for _, x := range s { + o.buf = append(o.buf, p.tagcode...) + v := uint64(0) + if x { + v = 1 + } + p.valEnc(o, v) + } + return nil +} + +func size_slice_bool(p *Properties, base structPointer) int { + s := *structPointer_BoolSlice(base, p.field) + l := len(s) + if l == 0 { + return 0 + } + return l * (len(p.tagcode) + 1) // each bool takes exactly one byte +} + +// Encode a slice of bools ([]bool) in packed format. +func (o *Buffer) enc_slice_packed_bool(p *Properties, base structPointer) error { + s := *structPointer_BoolSlice(base, p.field) + l := len(s) + if l == 0 { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeVarint(uint64(l)) // each bool takes exactly one byte + for _, x := range s { + v := uint64(0) + if x { + v = 1 + } + p.valEnc(o, v) + } + return nil +} + +func size_slice_packed_bool(p *Properties, base structPointer) (n int) { + s := *structPointer_BoolSlice(base, p.field) + l := len(s) + if l == 0 { + return 0 + } + n += len(p.tagcode) + n += sizeVarint(uint64(l)) + n += l // each bool takes exactly one byte + return +} + +// Encode a slice of bytes ([]byte). +func (o *Buffer) enc_slice_byte(p *Properties, base structPointer) error { + s := *structPointer_Bytes(base, p.field) + if s == nil { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeRawBytes(s) + return nil +} + +func (o *Buffer) enc_proto3_slice_byte(p *Properties, base structPointer) error { + s := *structPointer_Bytes(base, p.field) + if len(s) == 0 { + return ErrNil + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeRawBytes(s) + return nil +} + +func size_slice_byte(p *Properties, base structPointer) (n int) { + s := *structPointer_Bytes(base, p.field) + if s == nil && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += sizeRawBytes(s) + return +} + +func size_proto3_slice_byte(p *Properties, base structPointer) (n int) { + s := *structPointer_Bytes(base, p.field) + if len(s) == 0 && !p.oneof { + return 0 + } + n += len(p.tagcode) + n += sizeRawBytes(s) + return +} + +// Encode a slice of int32s ([]int32). +func (o *Buffer) enc_slice_int32(p *Properties, base structPointer) error { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + for i := 0; i < l; i++ { + o.buf = append(o.buf, p.tagcode...) + x := int32(s.Index(i)) // permit sign extension to use full 64-bit range + p.valEnc(o, uint64(x)) + } + return nil +} + +func size_slice_int32(p *Properties, base structPointer) (n int) { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + for i := 0; i < l; i++ { + n += len(p.tagcode) + x := int32(s.Index(i)) // permit sign extension to use full 64-bit range + n += p.valSize(uint64(x)) + } + return +} + +// Encode a slice of int32s ([]int32) in packed format. +func (o *Buffer) enc_slice_packed_int32(p *Properties, base structPointer) error { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + // TODO: Reuse a Buffer. + buf := NewBuffer(nil) + for i := 0; i < l; i++ { + x := int32(s.Index(i)) // permit sign extension to use full 64-bit range + p.valEnc(buf, uint64(x)) + } + + o.buf = append(o.buf, p.tagcode...) + o.EncodeVarint(uint64(len(buf.buf))) + o.buf = append(o.buf, buf.buf...) + return nil +} + +func size_slice_packed_int32(p *Properties, base structPointer) (n int) { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + var bufSize int + for i := 0; i < l; i++ { + x := int32(s.Index(i)) // permit sign extension to use full 64-bit range + bufSize += p.valSize(uint64(x)) + } + + n += len(p.tagcode) + n += sizeVarint(uint64(bufSize)) + n += bufSize + return +} + +// Encode a slice of uint32s ([]uint32). +// Exactly the same as int32, except for no sign extension. +func (o *Buffer) enc_slice_uint32(p *Properties, base structPointer) error { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + for i := 0; i < l; i++ { + o.buf = append(o.buf, p.tagcode...) + x := s.Index(i) + p.valEnc(o, uint64(x)) + } + return nil +} + +func size_slice_uint32(p *Properties, base structPointer) (n int) { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + for i := 0; i < l; i++ { + n += len(p.tagcode) + x := s.Index(i) + n += p.valSize(uint64(x)) + } + return +} + +// Encode a slice of uint32s ([]uint32) in packed format. +// Exactly the same as int32, except for no sign extension. +func (o *Buffer) enc_slice_packed_uint32(p *Properties, base structPointer) error { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + // TODO: Reuse a Buffer. + buf := NewBuffer(nil) + for i := 0; i < l; i++ { + p.valEnc(buf, uint64(s.Index(i))) + } + + o.buf = append(o.buf, p.tagcode...) + o.EncodeVarint(uint64(len(buf.buf))) + o.buf = append(o.buf, buf.buf...) + return nil +} + +func size_slice_packed_uint32(p *Properties, base structPointer) (n int) { + s := structPointer_Word32Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + var bufSize int + for i := 0; i < l; i++ { + bufSize += p.valSize(uint64(s.Index(i))) + } + + n += len(p.tagcode) + n += sizeVarint(uint64(bufSize)) + n += bufSize + return +} + +// Encode a slice of int64s ([]int64). +func (o *Buffer) enc_slice_int64(p *Properties, base structPointer) error { + s := structPointer_Word64Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + for i := 0; i < l; i++ { + o.buf = append(o.buf, p.tagcode...) + p.valEnc(o, s.Index(i)) + } + return nil +} + +func size_slice_int64(p *Properties, base structPointer) (n int) { + s := structPointer_Word64Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + for i := 0; i < l; i++ { + n += len(p.tagcode) + n += p.valSize(s.Index(i)) + } + return +} + +// Encode a slice of int64s ([]int64) in packed format. +func (o *Buffer) enc_slice_packed_int64(p *Properties, base structPointer) error { + s := structPointer_Word64Slice(base, p.field) + l := s.Len() + if l == 0 { + return ErrNil + } + // TODO: Reuse a Buffer. + buf := NewBuffer(nil) + for i := 0; i < l; i++ { + p.valEnc(buf, s.Index(i)) + } + + o.buf = append(o.buf, p.tagcode...) + o.EncodeVarint(uint64(len(buf.buf))) + o.buf = append(o.buf, buf.buf...) + return nil +} + +func size_slice_packed_int64(p *Properties, base structPointer) (n int) { + s := structPointer_Word64Slice(base, p.field) + l := s.Len() + if l == 0 { + return 0 + } + var bufSize int + for i := 0; i < l; i++ { + bufSize += p.valSize(s.Index(i)) + } + + n += len(p.tagcode) + n += sizeVarint(uint64(bufSize)) + n += bufSize + return +} + +// Encode a slice of slice of bytes ([][]byte). +func (o *Buffer) enc_slice_slice_byte(p *Properties, base structPointer) error { + ss := *structPointer_BytesSlice(base, p.field) + l := len(ss) + if l == 0 { + return ErrNil + } + for i := 0; i < l; i++ { + o.buf = append(o.buf, p.tagcode...) + o.EncodeRawBytes(ss[i]) + } + return nil +} + +func size_slice_slice_byte(p *Properties, base structPointer) (n int) { + ss := *structPointer_BytesSlice(base, p.field) + l := len(ss) + if l == 0 { + return 0 + } + n += l * len(p.tagcode) + for i := 0; i < l; i++ { + n += sizeRawBytes(ss[i]) + } + return +} + +// Encode a slice of strings ([]string). +func (o *Buffer) enc_slice_string(p *Properties, base structPointer) error { + ss := *structPointer_StringSlice(base, p.field) + l := len(ss) + for i := 0; i < l; i++ { + o.buf = append(o.buf, p.tagcode...) + o.EncodeStringBytes(ss[i]) + } + return nil +} + +func size_slice_string(p *Properties, base structPointer) (n int) { + ss := *structPointer_StringSlice(base, p.field) + l := len(ss) + n += l * len(p.tagcode) + for i := 0; i < l; i++ { + n += sizeStringBytes(ss[i]) + } + return +} + +// Encode a slice of message structs ([]*struct). +func (o *Buffer) enc_slice_struct_message(p *Properties, base structPointer) error { + var state errorState + s := structPointer_StructPointerSlice(base, p.field) + l := s.Len() + + for i := 0; i < l; i++ { + structp := s.Index(i) + if structPointer_IsNil(structp) { + return errRepeatedHasNil + } + + // Can the object marshal itself? + if p.isMarshaler { + m := structPointer_Interface(structp, p.stype).(Marshaler) + data, err := m.Marshal() + if err != nil && !state.shouldContinue(err, nil) { + return err + } + o.buf = append(o.buf, p.tagcode...) + o.EncodeRawBytes(data) + continue + } + + o.buf = append(o.buf, p.tagcode...) + err := o.enc_len_struct(p.sprop, structp, &state) + if err != nil && !state.shouldContinue(err, nil) { + if err == ErrNil { + return errRepeatedHasNil + } + return err + } + } + return state.err +} + +func size_slice_struct_message(p *Properties, base structPointer) (n int) { + s := structPointer_StructPointerSlice(base, p.field) + l := s.Len() + n += l * len(p.tagcode) + for i := 0; i < l; i++ { + structp := s.Index(i) + if structPointer_IsNil(structp) { + return // return the size up to this point + } + + // Can the object marshal itself? + if p.isMarshaler { + m := structPointer_Interface(structp, p.stype).(Marshaler) + data, _ := m.Marshal() + n += sizeRawBytes(data) + continue + } + + n0 := size_struct(p.sprop, structp) + n1 := sizeVarint(uint64(n0)) // size of encoded length + n += n0 + n1 + } + return +} + +// Encode a slice of group structs ([]*struct). +func (o *Buffer) enc_slice_struct_group(p *Properties, base structPointer) error { + var state errorState + s := structPointer_StructPointerSlice(base, p.field) + l := s.Len() + + for i := 0; i < l; i++ { + b := s.Index(i) + if structPointer_IsNil(b) { + return errRepeatedHasNil + } + + o.EncodeVarint(uint64((p.Tag << 3) | WireStartGroup)) + + err := o.enc_struct(p.sprop, b) + + if err != nil && !state.shouldContinue(err, nil) { + if err == ErrNil { + return errRepeatedHasNil + } + return err + } + + o.EncodeVarint(uint64((p.Tag << 3) | WireEndGroup)) + } + return state.err +} + +func size_slice_struct_group(p *Properties, base structPointer) (n int) { + s := structPointer_StructPointerSlice(base, p.field) + l := s.Len() + + n += l * sizeVarint(uint64((p.Tag<<3)|WireStartGroup)) + n += l * sizeVarint(uint64((p.Tag<<3)|WireEndGroup)) + for i := 0; i < l; i++ { + b := s.Index(i) + if structPointer_IsNil(b) { + return // return size up to this point + } + + n += size_struct(p.sprop, b) + } + return +} + +// Encode an extension map. +func (o *Buffer) enc_map(p *Properties, base structPointer) error { + exts := structPointer_ExtMap(base, p.field) + if err := encodeExtensionsMap(*exts); err != nil { + return err + } + + return o.enc_map_body(*exts) +} + +func (o *Buffer) enc_exts(p *Properties, base structPointer) error { + exts := structPointer_Extensions(base, p.field) + + v, mu := exts.extensionsRead() + if v == nil { + return nil + } + + mu.Lock() + defer mu.Unlock() + if err := encodeExtensionsMap(v); err != nil { + return err + } + + return o.enc_map_body(v) +} + +func (o *Buffer) enc_map_body(v map[int32]Extension) error { + // Fast-path for common cases: zero or one extensions. + if len(v) <= 1 { + for _, e := range v { + o.buf = append(o.buf, e.enc...) + } + return nil + } + + // Sort keys to provide a deterministic encoding. + keys := make([]int, 0, len(v)) + for k := range v { + keys = append(keys, int(k)) + } + sort.Ints(keys) + + for _, k := range keys { + o.buf = append(o.buf, v[int32(k)].enc...) + } + return nil +} + +func size_map(p *Properties, base structPointer) int { + v := structPointer_ExtMap(base, p.field) + return extensionsMapSize(*v) +} + +func size_exts(p *Properties, base structPointer) int { + v := structPointer_Extensions(base, p.field) + return extensionsSize(v) +} + +// Encode a map field. +func (o *Buffer) enc_new_map(p *Properties, base structPointer) error { + var state errorState // XXX: or do we need to plumb this through? + + /* + A map defined as + map map_field = N; + is encoded in the same way as + message MapFieldEntry { + key_type key = 1; + value_type value = 2; + } + repeated MapFieldEntry map_field = N; + */ + + v := structPointer_NewAt(base, p.field, p.mtype).Elem() // map[K]V + if v.Len() == 0 { + return nil + } + + keycopy, valcopy, keybase, valbase := mapEncodeScratch(p.mtype) + + enc := func() error { + if err := p.mkeyprop.enc(o, p.mkeyprop, keybase); err != nil { + return err + } + if err := p.mvalprop.enc(o, p.mvalprop, valbase); err != nil && err != ErrNil { + return err + } + return nil + } + + // Don't sort map keys. It is not required by the spec, and C++ doesn't do it. + for _, key := range v.MapKeys() { + val := v.MapIndex(key) + + keycopy.Set(key) + valcopy.Set(val) + + o.buf = append(o.buf, p.tagcode...) + if err := o.enc_len_thing(enc, &state); err != nil { + return err + } + } + return nil +} + +func size_new_map(p *Properties, base structPointer) int { + v := structPointer_NewAt(base, p.field, p.mtype).Elem() // map[K]V + + keycopy, valcopy, keybase, valbase := mapEncodeScratch(p.mtype) + + n := 0 + for _, key := range v.MapKeys() { + val := v.MapIndex(key) + keycopy.Set(key) + valcopy.Set(val) + + // Tag codes for key and val are the responsibility of the sub-sizer. + keysize := p.mkeyprop.size(p.mkeyprop, keybase) + valsize := p.mvalprop.size(p.mvalprop, valbase) + entry := keysize + valsize + // Add on tag code and length of map entry itself. + n += len(p.tagcode) + sizeVarint(uint64(entry)) + entry + } + return n +} + +// mapEncodeScratch returns a new reflect.Value matching the map's value type, +// and a structPointer suitable for passing to an encoder or sizer. +func mapEncodeScratch(mapType reflect.Type) (keycopy, valcopy reflect.Value, keybase, valbase structPointer) { + // Prepare addressable doubly-indirect placeholders for the key and value types. + // This is needed because the element-type encoders expect **T, but the map iteration produces T. + + keycopy = reflect.New(mapType.Key()).Elem() // addressable K + keyptr := reflect.New(reflect.PtrTo(keycopy.Type())).Elem() // addressable *K + keyptr.Set(keycopy.Addr()) // + keybase = toStructPointer(keyptr.Addr()) // **K + + // Value types are more varied and require special handling. + switch mapType.Elem().Kind() { + case reflect.Slice: + // []byte + var dummy []byte + valcopy = reflect.ValueOf(&dummy).Elem() // addressable []byte + valbase = toStructPointer(valcopy.Addr()) + case reflect.Ptr: + // message; the generated field type is map[K]*Msg (so V is *Msg), + // so we only need one level of indirection. + valcopy = reflect.New(mapType.Elem()).Elem() // addressable V + valbase = toStructPointer(valcopy.Addr()) + default: + // everything else + valcopy = reflect.New(mapType.Elem()).Elem() // addressable V + valptr := reflect.New(reflect.PtrTo(valcopy.Type())).Elem() // addressable *V + valptr.Set(valcopy.Addr()) // + valbase = toStructPointer(valptr.Addr()) // **V + } + return +} + +// Encode a struct. +func (o *Buffer) enc_struct(prop *StructProperties, base structPointer) error { + var state errorState + // Encode fields in tag order so that decoders may use optimizations + // that depend on the ordering. + // https://developers.google.com/protocol-buffers/docs/encoding#order + for _, i := range prop.order { + p := prop.Prop[i] + if p.enc != nil { + err := p.enc(o, p, base) + if err != nil { + if err == ErrNil { + if p.Required && state.err == nil { + state.err = &RequiredNotSetError{p.Name} + } + } else if err == errRepeatedHasNil { + // Give more context to nil values in repeated fields. + return errors.New("repeated field " + p.OrigName + " has nil element") + } else if !state.shouldContinue(err, p) { + return err + } + } + if len(o.buf) > maxMarshalSize { + return ErrTooLarge + } + } + } + + // Do oneof fields. + if prop.oneofMarshaler != nil { + m := structPointer_Interface(base, prop.stype).(Message) + if err := prop.oneofMarshaler(m, o); err == ErrNil { + return errOneofHasNil + } else if err != nil { + return err + } + } + + // Add unrecognized fields at the end. + if prop.unrecField.IsValid() { + v := *structPointer_Bytes(base, prop.unrecField) + if len(o.buf)+len(v) > maxMarshalSize { + return ErrTooLarge + } + if len(v) > 0 { + o.buf = append(o.buf, v...) + } + } + + return state.err +} + +func size_struct(prop *StructProperties, base structPointer) (n int) { + for _, i := range prop.order { + p := prop.Prop[i] + if p.size != nil { + n += p.size(p, base) + } + } + + // Add unrecognized fields at the end. + if prop.unrecField.IsValid() { + v := *structPointer_Bytes(base, prop.unrecField) + n += len(v) + } + + // Factor in any oneof fields. + if prop.oneofSizer != nil { + m := structPointer_Interface(base, prop.stype).(Message) + n += prop.oneofSizer(m) + } + + return +} + +var zeroes [20]byte // longer than any conceivable sizeVarint + +// Encode a struct, preceded by its encoded length (as a varint). +func (o *Buffer) enc_len_struct(prop *StructProperties, base structPointer, state *errorState) error { + return o.enc_len_thing(func() error { return o.enc_struct(prop, base) }, state) +} + +// Encode something, preceded by its encoded length (as a varint). +func (o *Buffer) enc_len_thing(enc func() error, state *errorState) error { + iLen := len(o.buf) + o.buf = append(o.buf, 0, 0, 0, 0) // reserve four bytes for length + iMsg := len(o.buf) + err := enc() + if err != nil && !state.shouldContinue(err, nil) { + return err + } + lMsg := len(o.buf) - iMsg + lLen := sizeVarint(uint64(lMsg)) + switch x := lLen - (iMsg - iLen); { + case x > 0: // actual length is x bytes larger than the space we reserved + // Move msg x bytes right. + o.buf = append(o.buf, zeroes[:x]...) + copy(o.buf[iMsg+x:], o.buf[iMsg:iMsg+lMsg]) + case x < 0: // actual length is x bytes smaller than the space we reserved + // Move msg x bytes left. + copy(o.buf[iMsg+x:], o.buf[iMsg:iMsg+lMsg]) + o.buf = o.buf[:len(o.buf)+x] // x is negative + } + // Encode the length in the reserved space. + o.buf = o.buf[:iLen] + o.EncodeVarint(uint64(lMsg)) + o.buf = o.buf[:len(o.buf)+lMsg] + return state.err +} + +// errorState maintains the first error that occurs and updates that error +// with additional context. +type errorState struct { + err error +} + +// shouldContinue reports whether encoding should continue upon encountering the +// given error. If the error is RequiredNotSetError, shouldContinue returns true +// and, if this is the first appearance of that error, remembers it for future +// reporting. +// +// If prop is not nil, it may update any error with additional context about the +// field with the error. +func (s *errorState) shouldContinue(err error, prop *Properties) bool { + // Ignore unset required fields. + reqNotSet, ok := err.(*RequiredNotSetError) + if !ok { + return false + } + if s.err == nil { + if prop != nil { + err = &RequiredNotSetError{prop.Name + "." + reqNotSet.field} + } + s.err = err + } + return true +} diff --git a/vendor/github.com/golang/protobuf/proto/equal.go b/vendor/github.com/golang/protobuf/proto/equal.go new file mode 100644 index 0000000000..2ed1cf5966 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/equal.go @@ -0,0 +1,300 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2011 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// Protocol buffer comparison. + +package proto + +import ( + "bytes" + "log" + "reflect" + "strings" +) + +/* +Equal returns true iff protocol buffers a and b are equal. +The arguments must both be pointers to protocol buffer structs. + +Equality is defined in this way: + - Two messages are equal iff they are the same type, + corresponding fields are equal, unknown field sets + are equal, and extensions sets are equal. + - Two set scalar fields are equal iff their values are equal. + If the fields are of a floating-point type, remember that + NaN != x for all x, including NaN. If the message is defined + in a proto3 .proto file, fields are not "set"; specifically, + zero length proto3 "bytes" fields are equal (nil == {}). + - Two repeated fields are equal iff their lengths are the same, + and their corresponding elements are equal. Note a "bytes" field, + although represented by []byte, is not a repeated field and the + rule for the scalar fields described above applies. + - Two unset fields are equal. + - Two unknown field sets are equal if their current + encoded state is equal. + - Two extension sets are equal iff they have corresponding + elements that are pairwise equal. + - Two map fields are equal iff their lengths are the same, + and they contain the same set of elements. Zero-length map + fields are equal. + - Every other combination of things are not equal. + +The return value is undefined if a and b are not protocol buffers. +*/ +func Equal(a, b Message) bool { + if a == nil || b == nil { + return a == b + } + v1, v2 := reflect.ValueOf(a), reflect.ValueOf(b) + if v1.Type() != v2.Type() { + return false + } + if v1.Kind() == reflect.Ptr { + if v1.IsNil() { + return v2.IsNil() + } + if v2.IsNil() { + return false + } + v1, v2 = v1.Elem(), v2.Elem() + } + if v1.Kind() != reflect.Struct { + return false + } + return equalStruct(v1, v2) +} + +// v1 and v2 are known to have the same type. +func equalStruct(v1, v2 reflect.Value) bool { + sprop := GetProperties(v1.Type()) + for i := 0; i < v1.NumField(); i++ { + f := v1.Type().Field(i) + if strings.HasPrefix(f.Name, "XXX_") { + continue + } + f1, f2 := v1.Field(i), v2.Field(i) + if f.Type.Kind() == reflect.Ptr { + if n1, n2 := f1.IsNil(), f2.IsNil(); n1 && n2 { + // both unset + continue + } else if n1 != n2 { + // set/unset mismatch + return false + } + b1, ok := f1.Interface().(raw) + if ok { + b2 := f2.Interface().(raw) + // RawMessage + if !bytes.Equal(b1.Bytes(), b2.Bytes()) { + return false + } + continue + } + f1, f2 = f1.Elem(), f2.Elem() + } + if !equalAny(f1, f2, sprop.Prop[i]) { + return false + } + } + + if em1 := v1.FieldByName("XXX_InternalExtensions"); em1.IsValid() { + em2 := v2.FieldByName("XXX_InternalExtensions") + if !equalExtensions(v1.Type(), em1.Interface().(XXX_InternalExtensions), em2.Interface().(XXX_InternalExtensions)) { + return false + } + } + + if em1 := v1.FieldByName("XXX_extensions"); em1.IsValid() { + em2 := v2.FieldByName("XXX_extensions") + if !equalExtMap(v1.Type(), em1.Interface().(map[int32]Extension), em2.Interface().(map[int32]Extension)) { + return false + } + } + + uf := v1.FieldByName("XXX_unrecognized") + if !uf.IsValid() { + return true + } + + u1 := uf.Bytes() + u2 := v2.FieldByName("XXX_unrecognized").Bytes() + if !bytes.Equal(u1, u2) { + return false + } + + return true +} + +// v1 and v2 are known to have the same type. +// prop may be nil. +func equalAny(v1, v2 reflect.Value, prop *Properties) bool { + if v1.Type() == protoMessageType { + m1, _ := v1.Interface().(Message) + m2, _ := v2.Interface().(Message) + return Equal(m1, m2) + } + switch v1.Kind() { + case reflect.Bool: + return v1.Bool() == v2.Bool() + case reflect.Float32, reflect.Float64: + return v1.Float() == v2.Float() + case reflect.Int32, reflect.Int64: + return v1.Int() == v2.Int() + case reflect.Interface: + // Probably a oneof field; compare the inner values. + n1, n2 := v1.IsNil(), v2.IsNil() + if n1 || n2 { + return n1 == n2 + } + e1, e2 := v1.Elem(), v2.Elem() + if e1.Type() != e2.Type() { + return false + } + return equalAny(e1, e2, nil) + case reflect.Map: + if v1.Len() != v2.Len() { + return false + } + for _, key := range v1.MapKeys() { + val2 := v2.MapIndex(key) + if !val2.IsValid() { + // This key was not found in the second map. + return false + } + if !equalAny(v1.MapIndex(key), val2, nil) { + return false + } + } + return true + case reflect.Ptr: + // Maps may have nil values in them, so check for nil. + if v1.IsNil() && v2.IsNil() { + return true + } + if v1.IsNil() != v2.IsNil() { + return false + } + return equalAny(v1.Elem(), v2.Elem(), prop) + case reflect.Slice: + if v1.Type().Elem().Kind() == reflect.Uint8 { + // short circuit: []byte + + // Edge case: if this is in a proto3 message, a zero length + // bytes field is considered the zero value. + if prop != nil && prop.proto3 && v1.Len() == 0 && v2.Len() == 0 { + return true + } + if v1.IsNil() != v2.IsNil() { + return false + } + return bytes.Equal(v1.Interface().([]byte), v2.Interface().([]byte)) + } + + if v1.Len() != v2.Len() { + return false + } + for i := 0; i < v1.Len(); i++ { + if !equalAny(v1.Index(i), v2.Index(i), prop) { + return false + } + } + return true + case reflect.String: + return v1.Interface().(string) == v2.Interface().(string) + case reflect.Struct: + return equalStruct(v1, v2) + case reflect.Uint32, reflect.Uint64: + return v1.Uint() == v2.Uint() + } + + // unknown type, so not a protocol buffer + log.Printf("proto: don't know how to compare %v", v1) + return false +} + +// base is the struct type that the extensions are based on. +// x1 and x2 are InternalExtensions. +func equalExtensions(base reflect.Type, x1, x2 XXX_InternalExtensions) bool { + em1, _ := x1.extensionsRead() + em2, _ := x2.extensionsRead() + return equalExtMap(base, em1, em2) +} + +func equalExtMap(base reflect.Type, em1, em2 map[int32]Extension) bool { + if len(em1) != len(em2) { + return false + } + + for extNum, e1 := range em1 { + e2, ok := em2[extNum] + if !ok { + return false + } + + m1, m2 := e1.value, e2.value + + if m1 != nil && m2 != nil { + // Both are unencoded. + if !equalAny(reflect.ValueOf(m1), reflect.ValueOf(m2), nil) { + return false + } + continue + } + + // At least one is encoded. To do a semantically correct comparison + // we need to unmarshal them first. + var desc *ExtensionDesc + if m := extensionMaps[base]; m != nil { + desc = m[extNum] + } + if desc == nil { + log.Printf("proto: don't know how to compare extension %d of %v", extNum, base) + continue + } + var err error + if m1 == nil { + m1, err = decodeExtension(e1.enc, desc) + } + if m2 == nil && err == nil { + m2, err = decodeExtension(e2.enc, desc) + } + if err != nil { + // The encoded form is invalid. + log.Printf("proto: badly encoded extension %d of %v: %v", extNum, base, err) + return false + } + if !equalAny(reflect.ValueOf(m1), reflect.ValueOf(m2), nil) { + return false + } + } + + return true +} diff --git a/vendor/github.com/golang/protobuf/proto/extensions.go b/vendor/github.com/golang/protobuf/proto/extensions.go new file mode 100644 index 0000000000..eaad218312 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/extensions.go @@ -0,0 +1,587 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +/* + * Types and routines for supporting protocol buffer extensions. + */ + +import ( + "errors" + "fmt" + "reflect" + "strconv" + "sync" +) + +// ErrMissingExtension is the error returned by GetExtension if the named extension is not in the message. +var ErrMissingExtension = errors.New("proto: missing extension") + +// ExtensionRange represents a range of message extensions for a protocol buffer. +// Used in code generated by the protocol compiler. +type ExtensionRange struct { + Start, End int32 // both inclusive +} + +// extendableProto is an interface implemented by any protocol buffer generated by the current +// proto compiler that may be extended. +type extendableProto interface { + Message + ExtensionRangeArray() []ExtensionRange + extensionsWrite() map[int32]Extension + extensionsRead() (map[int32]Extension, sync.Locker) +} + +// extendableProtoV1 is an interface implemented by a protocol buffer generated by the previous +// version of the proto compiler that may be extended. +type extendableProtoV1 interface { + Message + ExtensionRangeArray() []ExtensionRange + ExtensionMap() map[int32]Extension +} + +// extensionAdapter is a wrapper around extendableProtoV1 that implements extendableProto. +type extensionAdapter struct { + extendableProtoV1 +} + +func (e extensionAdapter) extensionsWrite() map[int32]Extension { + return e.ExtensionMap() +} + +func (e extensionAdapter) extensionsRead() (map[int32]Extension, sync.Locker) { + return e.ExtensionMap(), notLocker{} +} + +// notLocker is a sync.Locker whose Lock and Unlock methods are nops. +type notLocker struct{} + +func (n notLocker) Lock() {} +func (n notLocker) Unlock() {} + +// extendable returns the extendableProto interface for the given generated proto message. +// If the proto message has the old extension format, it returns a wrapper that implements +// the extendableProto interface. +func extendable(p interface{}) (extendableProto, bool) { + if ep, ok := p.(extendableProto); ok { + return ep, ok + } + if ep, ok := p.(extendableProtoV1); ok { + return extensionAdapter{ep}, ok + } + return nil, false +} + +// XXX_InternalExtensions is an internal representation of proto extensions. +// +// Each generated message struct type embeds an anonymous XXX_InternalExtensions field, +// thus gaining the unexported 'extensions' method, which can be called only from the proto package. +// +// The methods of XXX_InternalExtensions are not concurrency safe in general, +// but calls to logically read-only methods such as has and get may be executed concurrently. +type XXX_InternalExtensions struct { + // The struct must be indirect so that if a user inadvertently copies a + // generated message and its embedded XXX_InternalExtensions, they + // avoid the mayhem of a copied mutex. + // + // The mutex serializes all logically read-only operations to p.extensionMap. + // It is up to the client to ensure that write operations to p.extensionMap are + // mutually exclusive with other accesses. + p *struct { + mu sync.Mutex + extensionMap map[int32]Extension + } +} + +// extensionsWrite returns the extension map, creating it on first use. +func (e *XXX_InternalExtensions) extensionsWrite() map[int32]Extension { + if e.p == nil { + e.p = new(struct { + mu sync.Mutex + extensionMap map[int32]Extension + }) + e.p.extensionMap = make(map[int32]Extension) + } + return e.p.extensionMap +} + +// extensionsRead returns the extensions map for read-only use. It may be nil. +// The caller must hold the returned mutex's lock when accessing Elements within the map. +func (e *XXX_InternalExtensions) extensionsRead() (map[int32]Extension, sync.Locker) { + if e.p == nil { + return nil, nil + } + return e.p.extensionMap, &e.p.mu +} + +var extendableProtoType = reflect.TypeOf((*extendableProto)(nil)).Elem() +var extendableProtoV1Type = reflect.TypeOf((*extendableProtoV1)(nil)).Elem() + +// ExtensionDesc represents an extension specification. +// Used in generated code from the protocol compiler. +type ExtensionDesc struct { + ExtendedType Message // nil pointer to the type that is being extended + ExtensionType interface{} // nil pointer to the extension type + Field int32 // field number + Name string // fully-qualified name of extension, for text formatting + Tag string // protobuf tag style + Filename string // name of the file in which the extension is defined +} + +func (ed *ExtensionDesc) repeated() bool { + t := reflect.TypeOf(ed.ExtensionType) + return t.Kind() == reflect.Slice && t.Elem().Kind() != reflect.Uint8 +} + +// Extension represents an extension in a message. +type Extension struct { + // When an extension is stored in a message using SetExtension + // only desc and value are set. When the message is marshaled + // enc will be set to the encoded form of the message. + // + // When a message is unmarshaled and contains extensions, each + // extension will have only enc set. When such an extension is + // accessed using GetExtension (or GetExtensions) desc and value + // will be set. + desc *ExtensionDesc + value interface{} + enc []byte +} + +// SetRawExtension is for testing only. +func SetRawExtension(base Message, id int32, b []byte) { + epb, ok := extendable(base) + if !ok { + return + } + extmap := epb.extensionsWrite() + extmap[id] = Extension{enc: b} +} + +// isExtensionField returns true iff the given field number is in an extension range. +func isExtensionField(pb extendableProto, field int32) bool { + for _, er := range pb.ExtensionRangeArray() { + if er.Start <= field && field <= er.End { + return true + } + } + return false +} + +// checkExtensionTypes checks that the given extension is valid for pb. +func checkExtensionTypes(pb extendableProto, extension *ExtensionDesc) error { + var pbi interface{} = pb + // Check the extended type. + if ea, ok := pbi.(extensionAdapter); ok { + pbi = ea.extendableProtoV1 + } + if a, b := reflect.TypeOf(pbi), reflect.TypeOf(extension.ExtendedType); a != b { + return errors.New("proto: bad extended type; " + b.String() + " does not extend " + a.String()) + } + // Check the range. + if !isExtensionField(pb, extension.Field) { + return errors.New("proto: bad extension number; not in declared ranges") + } + return nil +} + +// extPropKey is sufficient to uniquely identify an extension. +type extPropKey struct { + base reflect.Type + field int32 +} + +var extProp = struct { + sync.RWMutex + m map[extPropKey]*Properties +}{ + m: make(map[extPropKey]*Properties), +} + +func extensionProperties(ed *ExtensionDesc) *Properties { + key := extPropKey{base: reflect.TypeOf(ed.ExtendedType), field: ed.Field} + + extProp.RLock() + if prop, ok := extProp.m[key]; ok { + extProp.RUnlock() + return prop + } + extProp.RUnlock() + + extProp.Lock() + defer extProp.Unlock() + // Check again. + if prop, ok := extProp.m[key]; ok { + return prop + } + + prop := new(Properties) + prop.Init(reflect.TypeOf(ed.ExtensionType), "unknown_name", ed.Tag, nil) + extProp.m[key] = prop + return prop +} + +// encode encodes any unmarshaled (unencoded) extensions in e. +func encodeExtensions(e *XXX_InternalExtensions) error { + m, mu := e.extensionsRead() + if m == nil { + return nil // fast path + } + mu.Lock() + defer mu.Unlock() + return encodeExtensionsMap(m) +} + +// encode encodes any unmarshaled (unencoded) extensions in e. +func encodeExtensionsMap(m map[int32]Extension) error { + for k, e := range m { + if e.value == nil || e.desc == nil { + // Extension is only in its encoded form. + continue + } + + // We don't skip extensions that have an encoded form set, + // because the extension value may have been mutated after + // the last time this function was called. + + et := reflect.TypeOf(e.desc.ExtensionType) + props := extensionProperties(e.desc) + + p := NewBuffer(nil) + // If e.value has type T, the encoder expects a *struct{ X T }. + // Pass a *T with a zero field and hope it all works out. + x := reflect.New(et) + x.Elem().Set(reflect.ValueOf(e.value)) + if err := props.enc(p, props, toStructPointer(x)); err != nil { + return err + } + e.enc = p.buf + m[k] = e + } + return nil +} + +func extensionsSize(e *XXX_InternalExtensions) (n int) { + m, mu := e.extensionsRead() + if m == nil { + return 0 + } + mu.Lock() + defer mu.Unlock() + return extensionsMapSize(m) +} + +func extensionsMapSize(m map[int32]Extension) (n int) { + for _, e := range m { + if e.value == nil || e.desc == nil { + // Extension is only in its encoded form. + n += len(e.enc) + continue + } + + // We don't skip extensions that have an encoded form set, + // because the extension value may have been mutated after + // the last time this function was called. + + et := reflect.TypeOf(e.desc.ExtensionType) + props := extensionProperties(e.desc) + + // If e.value has type T, the encoder expects a *struct{ X T }. + // Pass a *T with a zero field and hope it all works out. + x := reflect.New(et) + x.Elem().Set(reflect.ValueOf(e.value)) + n += props.size(props, toStructPointer(x)) + } + return +} + +// HasExtension returns whether the given extension is present in pb. +func HasExtension(pb Message, extension *ExtensionDesc) bool { + // TODO: Check types, field numbers, etc.? + epb, ok := extendable(pb) + if !ok { + return false + } + extmap, mu := epb.extensionsRead() + if extmap == nil { + return false + } + mu.Lock() + _, ok = extmap[extension.Field] + mu.Unlock() + return ok +} + +// ClearExtension removes the given extension from pb. +func ClearExtension(pb Message, extension *ExtensionDesc) { + epb, ok := extendable(pb) + if !ok { + return + } + // TODO: Check types, field numbers, etc.? + extmap := epb.extensionsWrite() + delete(extmap, extension.Field) +} + +// GetExtension parses and returns the given extension of pb. +// If the extension is not present and has no default value it returns ErrMissingExtension. +func GetExtension(pb Message, extension *ExtensionDesc) (interface{}, error) { + epb, ok := extendable(pb) + if !ok { + return nil, errors.New("proto: not an extendable proto") + } + + if err := checkExtensionTypes(epb, extension); err != nil { + return nil, err + } + + emap, mu := epb.extensionsRead() + if emap == nil { + return defaultExtensionValue(extension) + } + mu.Lock() + defer mu.Unlock() + e, ok := emap[extension.Field] + if !ok { + // defaultExtensionValue returns the default value or + // ErrMissingExtension if there is no default. + return defaultExtensionValue(extension) + } + + if e.value != nil { + // Already decoded. Check the descriptor, though. + if e.desc != extension { + // This shouldn't happen. If it does, it means that + // GetExtension was called twice with two different + // descriptors with the same field number. + return nil, errors.New("proto: descriptor conflict") + } + return e.value, nil + } + + v, err := decodeExtension(e.enc, extension) + if err != nil { + return nil, err + } + + // Remember the decoded version and drop the encoded version. + // That way it is safe to mutate what we return. + e.value = v + e.desc = extension + e.enc = nil + emap[extension.Field] = e + return e.value, nil +} + +// defaultExtensionValue returns the default value for extension. +// If no default for an extension is defined ErrMissingExtension is returned. +func defaultExtensionValue(extension *ExtensionDesc) (interface{}, error) { + t := reflect.TypeOf(extension.ExtensionType) + props := extensionProperties(extension) + + sf, _, err := fieldDefault(t, props) + if err != nil { + return nil, err + } + + if sf == nil || sf.value == nil { + // There is no default value. + return nil, ErrMissingExtension + } + + if t.Kind() != reflect.Ptr { + // We do not need to return a Ptr, we can directly return sf.value. + return sf.value, nil + } + + // We need to return an interface{} that is a pointer to sf.value. + value := reflect.New(t).Elem() + value.Set(reflect.New(value.Type().Elem())) + if sf.kind == reflect.Int32 { + // We may have an int32 or an enum, but the underlying data is int32. + // Since we can't set an int32 into a non int32 reflect.value directly + // set it as a int32. + value.Elem().SetInt(int64(sf.value.(int32))) + } else { + value.Elem().Set(reflect.ValueOf(sf.value)) + } + return value.Interface(), nil +} + +// decodeExtension decodes an extension encoded in b. +func decodeExtension(b []byte, extension *ExtensionDesc) (interface{}, error) { + o := NewBuffer(b) + + t := reflect.TypeOf(extension.ExtensionType) + + props := extensionProperties(extension) + + // t is a pointer to a struct, pointer to basic type or a slice. + // Allocate a "field" to store the pointer/slice itself; the + // pointer/slice will be stored here. We pass + // the address of this field to props.dec. + // This passes a zero field and a *t and lets props.dec + // interpret it as a *struct{ x t }. + value := reflect.New(t).Elem() + + for { + // Discard wire type and field number varint. It isn't needed. + if _, err := o.DecodeVarint(); err != nil { + return nil, err + } + + if err := props.dec(o, props, toStructPointer(value.Addr())); err != nil { + return nil, err + } + + if o.index >= len(o.buf) { + break + } + } + return value.Interface(), nil +} + +// GetExtensions returns a slice of the extensions present in pb that are also listed in es. +// The returned slice has the same length as es; missing extensions will appear as nil elements. +func GetExtensions(pb Message, es []*ExtensionDesc) (extensions []interface{}, err error) { + epb, ok := extendable(pb) + if !ok { + return nil, errors.New("proto: not an extendable proto") + } + extensions = make([]interface{}, len(es)) + for i, e := range es { + extensions[i], err = GetExtension(epb, e) + if err == ErrMissingExtension { + err = nil + } + if err != nil { + return + } + } + return +} + +// ExtensionDescs returns a new slice containing pb's extension descriptors, in undefined order. +// For non-registered extensions, ExtensionDescs returns an incomplete descriptor containing +// just the Field field, which defines the extension's field number. +func ExtensionDescs(pb Message) ([]*ExtensionDesc, error) { + epb, ok := extendable(pb) + if !ok { + return nil, fmt.Errorf("proto: %T is not an extendable proto.Message", pb) + } + registeredExtensions := RegisteredExtensions(pb) + + emap, mu := epb.extensionsRead() + if emap == nil { + return nil, nil + } + mu.Lock() + defer mu.Unlock() + extensions := make([]*ExtensionDesc, 0, len(emap)) + for extid, e := range emap { + desc := e.desc + if desc == nil { + desc = registeredExtensions[extid] + if desc == nil { + desc = &ExtensionDesc{Field: extid} + } + } + + extensions = append(extensions, desc) + } + return extensions, nil +} + +// SetExtension sets the specified extension of pb to the specified value. +func SetExtension(pb Message, extension *ExtensionDesc, value interface{}) error { + epb, ok := extendable(pb) + if !ok { + return errors.New("proto: not an extendable proto") + } + if err := checkExtensionTypes(epb, extension); err != nil { + return err + } + typ := reflect.TypeOf(extension.ExtensionType) + if typ != reflect.TypeOf(value) { + return errors.New("proto: bad extension value type") + } + // nil extension values need to be caught early, because the + // encoder can't distinguish an ErrNil due to a nil extension + // from an ErrNil due to a missing field. Extensions are + // always optional, so the encoder would just swallow the error + // and drop all the extensions from the encoded message. + if reflect.ValueOf(value).IsNil() { + return fmt.Errorf("proto: SetExtension called with nil value of type %T", value) + } + + extmap := epb.extensionsWrite() + extmap[extension.Field] = Extension{desc: extension, value: value} + return nil +} + +// ClearAllExtensions clears all extensions from pb. +func ClearAllExtensions(pb Message) { + epb, ok := extendable(pb) + if !ok { + return + } + m := epb.extensionsWrite() + for k := range m { + delete(m, k) + } +} + +// A global registry of extensions. +// The generated code will register the generated descriptors by calling RegisterExtension. + +var extensionMaps = make(map[reflect.Type]map[int32]*ExtensionDesc) + +// RegisterExtension is called from the generated code. +func RegisterExtension(desc *ExtensionDesc) { + st := reflect.TypeOf(desc.ExtendedType).Elem() + m := extensionMaps[st] + if m == nil { + m = make(map[int32]*ExtensionDesc) + extensionMaps[st] = m + } + if _, ok := m[desc.Field]; ok { + panic("proto: duplicate extension registered: " + st.String() + " " + strconv.Itoa(int(desc.Field))) + } + m[desc.Field] = desc +} + +// RegisteredExtensions returns a map of the registered extensions of a +// protocol buffer struct, indexed by the extension number. +// The argument pb should be a nil pointer to the struct type. +func RegisteredExtensions(pb Message) map[int32]*ExtensionDesc { + return extensionMaps[reflect.TypeOf(pb).Elem()] +} diff --git a/vendor/github.com/golang/protobuf/proto/lib.go b/vendor/github.com/golang/protobuf/proto/lib.go new file mode 100644 index 0000000000..1c225504a0 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/lib.go @@ -0,0 +1,897 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +/* +Package proto converts data structures to and from the wire format of +protocol buffers. It works in concert with the Go source code generated +for .proto files by the protocol compiler. + +A summary of the properties of the protocol buffer interface +for a protocol buffer variable v: + + - Names are turned from camel_case to CamelCase for export. + - There are no methods on v to set fields; just treat + them as structure fields. + - There are getters that return a field's value if set, + and return the field's default value if unset. + The getters work even if the receiver is a nil message. + - The zero value for a struct is its correct initialization state. + All desired fields must be set before marshaling. + - A Reset() method will restore a protobuf struct to its zero state. + - Non-repeated fields are pointers to the values; nil means unset. + That is, optional or required field int32 f becomes F *int32. + - Repeated fields are slices. + - Helper functions are available to aid the setting of fields. + msg.Foo = proto.String("hello") // set field + - Constants are defined to hold the default values of all fields that + have them. They have the form Default_StructName_FieldName. + Because the getter methods handle defaulted values, + direct use of these constants should be rare. + - Enums are given type names and maps from names to values. + Enum values are prefixed by the enclosing message's name, or by the + enum's type name if it is a top-level enum. Enum types have a String + method, and a Enum method to assist in message construction. + - Nested messages, groups and enums have type names prefixed with the name of + the surrounding message type. + - Extensions are given descriptor names that start with E_, + followed by an underscore-delimited list of the nested messages + that contain it (if any) followed by the CamelCased name of the + extension field itself. HasExtension, ClearExtension, GetExtension + and SetExtension are functions for manipulating extensions. + - Oneof field sets are given a single field in their message, + with distinguished wrapper types for each possible field value. + - Marshal and Unmarshal are functions to encode and decode the wire format. + +When the .proto file specifies `syntax="proto3"`, there are some differences: + + - Non-repeated fields of non-message type are values instead of pointers. + - Enum types do not get an Enum method. + +The simplest way to describe this is to see an example. +Given file test.proto, containing + + package example; + + enum FOO { X = 17; } + + message Test { + required string label = 1; + optional int32 type = 2 [default=77]; + repeated int64 reps = 3; + optional group OptionalGroup = 4 { + required string RequiredField = 5; + } + oneof union { + int32 number = 6; + string name = 7; + } + } + +The resulting file, test.pb.go, is: + + package example + + import proto "github.com/golang/protobuf/proto" + import math "math" + + type FOO int32 + const ( + FOO_X FOO = 17 + ) + var FOO_name = map[int32]string{ + 17: "X", + } + var FOO_value = map[string]int32{ + "X": 17, + } + + func (x FOO) Enum() *FOO { + p := new(FOO) + *p = x + return p + } + func (x FOO) String() string { + return proto.EnumName(FOO_name, int32(x)) + } + func (x *FOO) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(FOO_value, data) + if err != nil { + return err + } + *x = FOO(value) + return nil + } + + type Test struct { + Label *string `protobuf:"bytes,1,req,name=label" json:"label,omitempty"` + Type *int32 `protobuf:"varint,2,opt,name=type,def=77" json:"type,omitempty"` + Reps []int64 `protobuf:"varint,3,rep,name=reps" json:"reps,omitempty"` + Optionalgroup *Test_OptionalGroup `protobuf:"group,4,opt,name=OptionalGroup" json:"optionalgroup,omitempty"` + // Types that are valid to be assigned to Union: + // *Test_Number + // *Test_Name + Union isTest_Union `protobuf_oneof:"union"` + XXX_unrecognized []byte `json:"-"` + } + func (m *Test) Reset() { *m = Test{} } + func (m *Test) String() string { return proto.CompactTextString(m) } + func (*Test) ProtoMessage() {} + + type isTest_Union interface { + isTest_Union() + } + + type Test_Number struct { + Number int32 `protobuf:"varint,6,opt,name=number"` + } + type Test_Name struct { + Name string `protobuf:"bytes,7,opt,name=name"` + } + + func (*Test_Number) isTest_Union() {} + func (*Test_Name) isTest_Union() {} + + func (m *Test) GetUnion() isTest_Union { + if m != nil { + return m.Union + } + return nil + } + const Default_Test_Type int32 = 77 + + func (m *Test) GetLabel() string { + if m != nil && m.Label != nil { + return *m.Label + } + return "" + } + + func (m *Test) GetType() int32 { + if m != nil && m.Type != nil { + return *m.Type + } + return Default_Test_Type + } + + func (m *Test) GetOptionalgroup() *Test_OptionalGroup { + if m != nil { + return m.Optionalgroup + } + return nil + } + + type Test_OptionalGroup struct { + RequiredField *string `protobuf:"bytes,5,req" json:"RequiredField,omitempty"` + } + func (m *Test_OptionalGroup) Reset() { *m = Test_OptionalGroup{} } + func (m *Test_OptionalGroup) String() string { return proto.CompactTextString(m) } + + func (m *Test_OptionalGroup) GetRequiredField() string { + if m != nil && m.RequiredField != nil { + return *m.RequiredField + } + return "" + } + + func (m *Test) GetNumber() int32 { + if x, ok := m.GetUnion().(*Test_Number); ok { + return x.Number + } + return 0 + } + + func (m *Test) GetName() string { + if x, ok := m.GetUnion().(*Test_Name); ok { + return x.Name + } + return "" + } + + func init() { + proto.RegisterEnum("example.FOO", FOO_name, FOO_value) + } + +To create and play with a Test object: + + package main + + import ( + "log" + + "github.com/golang/protobuf/proto" + pb "./example.pb" + ) + + func main() { + test := &pb.Test{ + Label: proto.String("hello"), + Type: proto.Int32(17), + Reps: []int64{1, 2, 3}, + Optionalgroup: &pb.Test_OptionalGroup{ + RequiredField: proto.String("good bye"), + }, + Union: &pb.Test_Name{"fred"}, + } + data, err := proto.Marshal(test) + if err != nil { + log.Fatal("marshaling error: ", err) + } + newTest := &pb.Test{} + err = proto.Unmarshal(data, newTest) + if err != nil { + log.Fatal("unmarshaling error: ", err) + } + // Now test and newTest contain the same data. + if test.GetLabel() != newTest.GetLabel() { + log.Fatalf("data mismatch %q != %q", test.GetLabel(), newTest.GetLabel()) + } + // Use a type switch to determine which oneof was set. + switch u := test.Union.(type) { + case *pb.Test_Number: // u.Number contains the number. + case *pb.Test_Name: // u.Name contains the string. + } + // etc. + } +*/ +package proto + +import ( + "encoding/json" + "fmt" + "log" + "reflect" + "sort" + "strconv" + "sync" +) + +// Message is implemented by generated protocol buffer messages. +type Message interface { + Reset() + String() string + ProtoMessage() +} + +// Stats records allocation details about the protocol buffer encoders +// and decoders. Useful for tuning the library itself. +type Stats struct { + Emalloc uint64 // mallocs in encode + Dmalloc uint64 // mallocs in decode + Encode uint64 // number of encodes + Decode uint64 // number of decodes + Chit uint64 // number of cache hits + Cmiss uint64 // number of cache misses + Size uint64 // number of sizes +} + +// Set to true to enable stats collection. +const collectStats = false + +var stats Stats + +// GetStats returns a copy of the global Stats structure. +func GetStats() Stats { return stats } + +// A Buffer is a buffer manager for marshaling and unmarshaling +// protocol buffers. It may be reused between invocations to +// reduce memory usage. It is not necessary to use a Buffer; +// the global functions Marshal and Unmarshal create a +// temporary Buffer and are fine for most applications. +type Buffer struct { + buf []byte // encode/decode byte stream + index int // read point + + // pools of basic types to amortize allocation. + bools []bool + uint32s []uint32 + uint64s []uint64 + + // extra pools, only used with pointer_reflect.go + int32s []int32 + int64s []int64 + float32s []float32 + float64s []float64 +} + +// NewBuffer allocates a new Buffer and initializes its internal data to +// the contents of the argument slice. +func NewBuffer(e []byte) *Buffer { + return &Buffer{buf: e} +} + +// Reset resets the Buffer, ready for marshaling a new protocol buffer. +func (p *Buffer) Reset() { + p.buf = p.buf[0:0] // for reading/writing + p.index = 0 // for reading +} + +// SetBuf replaces the internal buffer with the slice, +// ready for unmarshaling the contents of the slice. +func (p *Buffer) SetBuf(s []byte) { + p.buf = s + p.index = 0 +} + +// Bytes returns the contents of the Buffer. +func (p *Buffer) Bytes() []byte { return p.buf } + +/* + * Helper routines for simplifying the creation of optional fields of basic type. + */ + +// Bool is a helper routine that allocates a new bool value +// to store v and returns a pointer to it. +func Bool(v bool) *bool { + return &v +} + +// Int32 is a helper routine that allocates a new int32 value +// to store v and returns a pointer to it. +func Int32(v int32) *int32 { + return &v +} + +// Int is a helper routine that allocates a new int32 value +// to store v and returns a pointer to it, but unlike Int32 +// its argument value is an int. +func Int(v int) *int32 { + p := new(int32) + *p = int32(v) + return p +} + +// Int64 is a helper routine that allocates a new int64 value +// to store v and returns a pointer to it. +func Int64(v int64) *int64 { + return &v +} + +// Float32 is a helper routine that allocates a new float32 value +// to store v and returns a pointer to it. +func Float32(v float32) *float32 { + return &v +} + +// Float64 is a helper routine that allocates a new float64 value +// to store v and returns a pointer to it. +func Float64(v float64) *float64 { + return &v +} + +// Uint32 is a helper routine that allocates a new uint32 value +// to store v and returns a pointer to it. +func Uint32(v uint32) *uint32 { + return &v +} + +// Uint64 is a helper routine that allocates a new uint64 value +// to store v and returns a pointer to it. +func Uint64(v uint64) *uint64 { + return &v +} + +// String is a helper routine that allocates a new string value +// to store v and returns a pointer to it. +func String(v string) *string { + return &v +} + +// EnumName is a helper function to simplify printing protocol buffer enums +// by name. Given an enum map and a value, it returns a useful string. +func EnumName(m map[int32]string, v int32) string { + s, ok := m[v] + if ok { + return s + } + return strconv.Itoa(int(v)) +} + +// UnmarshalJSONEnum is a helper function to simplify recovering enum int values +// from their JSON-encoded representation. Given a map from the enum's symbolic +// names to its int values, and a byte buffer containing the JSON-encoded +// value, it returns an int32 that can be cast to the enum type by the caller. +// +// The function can deal with both JSON representations, numeric and symbolic. +func UnmarshalJSONEnum(m map[string]int32, data []byte, enumName string) (int32, error) { + if data[0] == '"' { + // New style: enums are strings. + var repr string + if err := json.Unmarshal(data, &repr); err != nil { + return -1, err + } + val, ok := m[repr] + if !ok { + return 0, fmt.Errorf("unrecognized enum %s value %q", enumName, repr) + } + return val, nil + } + // Old style: enums are ints. + var val int32 + if err := json.Unmarshal(data, &val); err != nil { + return 0, fmt.Errorf("cannot unmarshal %#q into enum %s", data, enumName) + } + return val, nil +} + +// DebugPrint dumps the encoded data in b in a debugging format with a header +// including the string s. Used in testing but made available for general debugging. +func (p *Buffer) DebugPrint(s string, b []byte) { + var u uint64 + + obuf := p.buf + index := p.index + p.buf = b + p.index = 0 + depth := 0 + + fmt.Printf("\n--- %s ---\n", s) + +out: + for { + for i := 0; i < depth; i++ { + fmt.Print(" ") + } + + index := p.index + if index == len(p.buf) { + break + } + + op, err := p.DecodeVarint() + if err != nil { + fmt.Printf("%3d: fetching op err %v\n", index, err) + break out + } + tag := op >> 3 + wire := op & 7 + + switch wire { + default: + fmt.Printf("%3d: t=%3d unknown wire=%d\n", + index, tag, wire) + break out + + case WireBytes: + var r []byte + + r, err = p.DecodeRawBytes(false) + if err != nil { + break out + } + fmt.Printf("%3d: t=%3d bytes [%d]", index, tag, len(r)) + if len(r) <= 6 { + for i := 0; i < len(r); i++ { + fmt.Printf(" %.2x", r[i]) + } + } else { + for i := 0; i < 3; i++ { + fmt.Printf(" %.2x", r[i]) + } + fmt.Printf(" ..") + for i := len(r) - 3; i < len(r); i++ { + fmt.Printf(" %.2x", r[i]) + } + } + fmt.Printf("\n") + + case WireFixed32: + u, err = p.DecodeFixed32() + if err != nil { + fmt.Printf("%3d: t=%3d fix32 err %v\n", index, tag, err) + break out + } + fmt.Printf("%3d: t=%3d fix32 %d\n", index, tag, u) + + case WireFixed64: + u, err = p.DecodeFixed64() + if err != nil { + fmt.Printf("%3d: t=%3d fix64 err %v\n", index, tag, err) + break out + } + fmt.Printf("%3d: t=%3d fix64 %d\n", index, tag, u) + + case WireVarint: + u, err = p.DecodeVarint() + if err != nil { + fmt.Printf("%3d: t=%3d varint err %v\n", index, tag, err) + break out + } + fmt.Printf("%3d: t=%3d varint %d\n", index, tag, u) + + case WireStartGroup: + fmt.Printf("%3d: t=%3d start\n", index, tag) + depth++ + + case WireEndGroup: + depth-- + fmt.Printf("%3d: t=%3d end\n", index, tag) + } + } + + if depth != 0 { + fmt.Printf("%3d: start-end not balanced %d\n", p.index, depth) + } + fmt.Printf("\n") + + p.buf = obuf + p.index = index +} + +// SetDefaults sets unset protocol buffer fields to their default values. +// It only modifies fields that are both unset and have defined defaults. +// It recursively sets default values in any non-nil sub-messages. +func SetDefaults(pb Message) { + setDefaults(reflect.ValueOf(pb), true, false) +} + +// v is a pointer to a struct. +func setDefaults(v reflect.Value, recur, zeros bool) { + v = v.Elem() + + defaultMu.RLock() + dm, ok := defaults[v.Type()] + defaultMu.RUnlock() + if !ok { + dm = buildDefaultMessage(v.Type()) + defaultMu.Lock() + defaults[v.Type()] = dm + defaultMu.Unlock() + } + + for _, sf := range dm.scalars { + f := v.Field(sf.index) + if !f.IsNil() { + // field already set + continue + } + dv := sf.value + if dv == nil && !zeros { + // no explicit default, and don't want to set zeros + continue + } + fptr := f.Addr().Interface() // **T + // TODO: Consider batching the allocations we do here. + switch sf.kind { + case reflect.Bool: + b := new(bool) + if dv != nil { + *b = dv.(bool) + } + *(fptr.(**bool)) = b + case reflect.Float32: + f := new(float32) + if dv != nil { + *f = dv.(float32) + } + *(fptr.(**float32)) = f + case reflect.Float64: + f := new(float64) + if dv != nil { + *f = dv.(float64) + } + *(fptr.(**float64)) = f + case reflect.Int32: + // might be an enum + if ft := f.Type(); ft != int32PtrType { + // enum + f.Set(reflect.New(ft.Elem())) + if dv != nil { + f.Elem().SetInt(int64(dv.(int32))) + } + } else { + // int32 field + i := new(int32) + if dv != nil { + *i = dv.(int32) + } + *(fptr.(**int32)) = i + } + case reflect.Int64: + i := new(int64) + if dv != nil { + *i = dv.(int64) + } + *(fptr.(**int64)) = i + case reflect.String: + s := new(string) + if dv != nil { + *s = dv.(string) + } + *(fptr.(**string)) = s + case reflect.Uint8: + // exceptional case: []byte + var b []byte + if dv != nil { + db := dv.([]byte) + b = make([]byte, len(db)) + copy(b, db) + } else { + b = []byte{} + } + *(fptr.(*[]byte)) = b + case reflect.Uint32: + u := new(uint32) + if dv != nil { + *u = dv.(uint32) + } + *(fptr.(**uint32)) = u + case reflect.Uint64: + u := new(uint64) + if dv != nil { + *u = dv.(uint64) + } + *(fptr.(**uint64)) = u + default: + log.Printf("proto: can't set default for field %v (sf.kind=%v)", f, sf.kind) + } + } + + for _, ni := range dm.nested { + f := v.Field(ni) + // f is *T or []*T or map[T]*T + switch f.Kind() { + case reflect.Ptr: + if f.IsNil() { + continue + } + setDefaults(f, recur, zeros) + + case reflect.Slice: + for i := 0; i < f.Len(); i++ { + e := f.Index(i) + if e.IsNil() { + continue + } + setDefaults(e, recur, zeros) + } + + case reflect.Map: + for _, k := range f.MapKeys() { + e := f.MapIndex(k) + if e.IsNil() { + continue + } + setDefaults(e, recur, zeros) + } + } + } +} + +var ( + // defaults maps a protocol buffer struct type to a slice of the fields, + // with its scalar fields set to their proto-declared non-zero default values. + defaultMu sync.RWMutex + defaults = make(map[reflect.Type]defaultMessage) + + int32PtrType = reflect.TypeOf((*int32)(nil)) +) + +// defaultMessage represents information about the default values of a message. +type defaultMessage struct { + scalars []scalarField + nested []int // struct field index of nested messages +} + +type scalarField struct { + index int // struct field index + kind reflect.Kind // element type (the T in *T or []T) + value interface{} // the proto-declared default value, or nil +} + +// t is a struct type. +func buildDefaultMessage(t reflect.Type) (dm defaultMessage) { + sprop := GetProperties(t) + for _, prop := range sprop.Prop { + fi, ok := sprop.decoderTags.get(prop.Tag) + if !ok { + // XXX_unrecognized + continue + } + ft := t.Field(fi).Type + + sf, nested, err := fieldDefault(ft, prop) + switch { + case err != nil: + log.Print(err) + case nested: + dm.nested = append(dm.nested, fi) + case sf != nil: + sf.index = fi + dm.scalars = append(dm.scalars, *sf) + } + } + + return dm +} + +// fieldDefault returns the scalarField for field type ft. +// sf will be nil if the field can not have a default. +// nestedMessage will be true if this is a nested message. +// Note that sf.index is not set on return. +func fieldDefault(ft reflect.Type, prop *Properties) (sf *scalarField, nestedMessage bool, err error) { + var canHaveDefault bool + switch ft.Kind() { + case reflect.Ptr: + if ft.Elem().Kind() == reflect.Struct { + nestedMessage = true + } else { + canHaveDefault = true // proto2 scalar field + } + + case reflect.Slice: + switch ft.Elem().Kind() { + case reflect.Ptr: + nestedMessage = true // repeated message + case reflect.Uint8: + canHaveDefault = true // bytes field + } + + case reflect.Map: + if ft.Elem().Kind() == reflect.Ptr { + nestedMessage = true // map with message values + } + } + + if !canHaveDefault { + if nestedMessage { + return nil, true, nil + } + return nil, false, nil + } + + // We now know that ft is a pointer or slice. + sf = &scalarField{kind: ft.Elem().Kind()} + + // scalar fields without defaults + if !prop.HasDefault { + return sf, false, nil + } + + // a scalar field: either *T or []byte + switch ft.Elem().Kind() { + case reflect.Bool: + x, err := strconv.ParseBool(prop.Default) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default bool %q: %v", prop.Default, err) + } + sf.value = x + case reflect.Float32: + x, err := strconv.ParseFloat(prop.Default, 32) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default float32 %q: %v", prop.Default, err) + } + sf.value = float32(x) + case reflect.Float64: + x, err := strconv.ParseFloat(prop.Default, 64) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default float64 %q: %v", prop.Default, err) + } + sf.value = x + case reflect.Int32: + x, err := strconv.ParseInt(prop.Default, 10, 32) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default int32 %q: %v", prop.Default, err) + } + sf.value = int32(x) + case reflect.Int64: + x, err := strconv.ParseInt(prop.Default, 10, 64) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default int64 %q: %v", prop.Default, err) + } + sf.value = x + case reflect.String: + sf.value = prop.Default + case reflect.Uint8: + // []byte (not *uint8) + sf.value = []byte(prop.Default) + case reflect.Uint32: + x, err := strconv.ParseUint(prop.Default, 10, 32) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default uint32 %q: %v", prop.Default, err) + } + sf.value = uint32(x) + case reflect.Uint64: + x, err := strconv.ParseUint(prop.Default, 10, 64) + if err != nil { + return nil, false, fmt.Errorf("proto: bad default uint64 %q: %v", prop.Default, err) + } + sf.value = x + default: + return nil, false, fmt.Errorf("proto: unhandled def kind %v", ft.Elem().Kind()) + } + + return sf, false, nil +} + +// Map fields may have key types of non-float scalars, strings and enums. +// The easiest way to sort them in some deterministic order is to use fmt. +// If this turns out to be inefficient we can always consider other options, +// such as doing a Schwartzian transform. + +func mapKeys(vs []reflect.Value) sort.Interface { + s := mapKeySorter{ + vs: vs, + // default Less function: textual comparison + less: func(a, b reflect.Value) bool { + return fmt.Sprint(a.Interface()) < fmt.Sprint(b.Interface()) + }, + } + + // Type specialization per https://developers.google.com/protocol-buffers/docs/proto#maps; + // numeric keys are sorted numerically. + if len(vs) == 0 { + return s + } + switch vs[0].Kind() { + case reflect.Int32, reflect.Int64: + s.less = func(a, b reflect.Value) bool { return a.Int() < b.Int() } + case reflect.Uint32, reflect.Uint64: + s.less = func(a, b reflect.Value) bool { return a.Uint() < b.Uint() } + } + + return s +} + +type mapKeySorter struct { + vs []reflect.Value + less func(a, b reflect.Value) bool +} + +func (s mapKeySorter) Len() int { return len(s.vs) } +func (s mapKeySorter) Swap(i, j int) { s.vs[i], s.vs[j] = s.vs[j], s.vs[i] } +func (s mapKeySorter) Less(i, j int) bool { + return s.less(s.vs[i], s.vs[j]) +} + +// isProto3Zero reports whether v is a zero proto3 value. +func isProto3Zero(v reflect.Value) bool { + switch v.Kind() { + case reflect.Bool: + return !v.Bool() + case reflect.Int32, reflect.Int64: + return v.Int() == 0 + case reflect.Uint32, reflect.Uint64: + return v.Uint() == 0 + case reflect.Float32, reflect.Float64: + return v.Float() == 0 + case reflect.String: + return v.String() == "" + } + return false +} + +// ProtoPackageIsVersion2 is referenced from generated protocol buffer files +// to assert that that code is compatible with this version of the proto package. +const ProtoPackageIsVersion2 = true + +// ProtoPackageIsVersion1 is referenced from generated protocol buffer files +// to assert that that code is compatible with this version of the proto package. +const ProtoPackageIsVersion1 = true diff --git a/vendor/github.com/golang/protobuf/proto/message_set.go b/vendor/github.com/golang/protobuf/proto/message_set.go new file mode 100644 index 0000000000..fd982decd6 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/message_set.go @@ -0,0 +1,311 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +/* + * Support for message sets. + */ + +import ( + "bytes" + "encoding/json" + "errors" + "fmt" + "reflect" + "sort" +) + +// errNoMessageTypeID occurs when a protocol buffer does not have a message type ID. +// A message type ID is required for storing a protocol buffer in a message set. +var errNoMessageTypeID = errors.New("proto does not have a message type ID") + +// The first two types (_MessageSet_Item and messageSet) +// model what the protocol compiler produces for the following protocol message: +// message MessageSet { +// repeated group Item = 1 { +// required int32 type_id = 2; +// required string message = 3; +// }; +// } +// That is the MessageSet wire format. We can't use a proto to generate these +// because that would introduce a circular dependency between it and this package. + +type _MessageSet_Item struct { + TypeId *int32 `protobuf:"varint,2,req,name=type_id"` + Message []byte `protobuf:"bytes,3,req,name=message"` +} + +type messageSet struct { + Item []*_MessageSet_Item `protobuf:"group,1,rep"` + XXX_unrecognized []byte + // TODO: caching? +} + +// Make sure messageSet is a Message. +var _ Message = (*messageSet)(nil) + +// messageTypeIder is an interface satisfied by a protocol buffer type +// that may be stored in a MessageSet. +type messageTypeIder interface { + MessageTypeId() int32 +} + +func (ms *messageSet) find(pb Message) *_MessageSet_Item { + mti, ok := pb.(messageTypeIder) + if !ok { + return nil + } + id := mti.MessageTypeId() + for _, item := range ms.Item { + if *item.TypeId == id { + return item + } + } + return nil +} + +func (ms *messageSet) Has(pb Message) bool { + if ms.find(pb) != nil { + return true + } + return false +} + +func (ms *messageSet) Unmarshal(pb Message) error { + if item := ms.find(pb); item != nil { + return Unmarshal(item.Message, pb) + } + if _, ok := pb.(messageTypeIder); !ok { + return errNoMessageTypeID + } + return nil // TODO: return error instead? +} + +func (ms *messageSet) Marshal(pb Message) error { + msg, err := Marshal(pb) + if err != nil { + return err + } + if item := ms.find(pb); item != nil { + // reuse existing item + item.Message = msg + return nil + } + + mti, ok := pb.(messageTypeIder) + if !ok { + return errNoMessageTypeID + } + + mtid := mti.MessageTypeId() + ms.Item = append(ms.Item, &_MessageSet_Item{ + TypeId: &mtid, + Message: msg, + }) + return nil +} + +func (ms *messageSet) Reset() { *ms = messageSet{} } +func (ms *messageSet) String() string { return CompactTextString(ms) } +func (*messageSet) ProtoMessage() {} + +// Support for the message_set_wire_format message option. + +func skipVarint(buf []byte) []byte { + i := 0 + for ; buf[i]&0x80 != 0; i++ { + } + return buf[i+1:] +} + +// MarshalMessageSet encodes the extension map represented by m in the message set wire format. +// It is called by generated Marshal methods on protocol buffer messages with the message_set_wire_format option. +func MarshalMessageSet(exts interface{}) ([]byte, error) { + var m map[int32]Extension + switch exts := exts.(type) { + case *XXX_InternalExtensions: + if err := encodeExtensions(exts); err != nil { + return nil, err + } + m, _ = exts.extensionsRead() + case map[int32]Extension: + if err := encodeExtensionsMap(exts); err != nil { + return nil, err + } + m = exts + default: + return nil, errors.New("proto: not an extension map") + } + + // Sort extension IDs to provide a deterministic encoding. + // See also enc_map in encode.go. + ids := make([]int, 0, len(m)) + for id := range m { + ids = append(ids, int(id)) + } + sort.Ints(ids) + + ms := &messageSet{Item: make([]*_MessageSet_Item, 0, len(m))} + for _, id := range ids { + e := m[int32(id)] + // Remove the wire type and field number varint, as well as the length varint. + msg := skipVarint(skipVarint(e.enc)) + + ms.Item = append(ms.Item, &_MessageSet_Item{ + TypeId: Int32(int32(id)), + Message: msg, + }) + } + return Marshal(ms) +} + +// UnmarshalMessageSet decodes the extension map encoded in buf in the message set wire format. +// It is called by generated Unmarshal methods on protocol buffer messages with the message_set_wire_format option. +func UnmarshalMessageSet(buf []byte, exts interface{}) error { + var m map[int32]Extension + switch exts := exts.(type) { + case *XXX_InternalExtensions: + m = exts.extensionsWrite() + case map[int32]Extension: + m = exts + default: + return errors.New("proto: not an extension map") + } + + ms := new(messageSet) + if err := Unmarshal(buf, ms); err != nil { + return err + } + for _, item := range ms.Item { + id := *item.TypeId + msg := item.Message + + // Restore wire type and field number varint, plus length varint. + // Be careful to preserve duplicate items. + b := EncodeVarint(uint64(id)<<3 | WireBytes) + if ext, ok := m[id]; ok { + // Existing data; rip off the tag and length varint + // so we join the new data correctly. + // We can assume that ext.enc is set because we are unmarshaling. + o := ext.enc[len(b):] // skip wire type and field number + _, n := DecodeVarint(o) // calculate length of length varint + o = o[n:] // skip length varint + msg = append(o, msg...) // join old data and new data + } + b = append(b, EncodeVarint(uint64(len(msg)))...) + b = append(b, msg...) + + m[id] = Extension{enc: b} + } + return nil +} + +// MarshalMessageSetJSON encodes the extension map represented by m in JSON format. +// It is called by generated MarshalJSON methods on protocol buffer messages with the message_set_wire_format option. +func MarshalMessageSetJSON(exts interface{}) ([]byte, error) { + var m map[int32]Extension + switch exts := exts.(type) { + case *XXX_InternalExtensions: + m, _ = exts.extensionsRead() + case map[int32]Extension: + m = exts + default: + return nil, errors.New("proto: not an extension map") + } + var b bytes.Buffer + b.WriteByte('{') + + // Process the map in key order for deterministic output. + ids := make([]int32, 0, len(m)) + for id := range m { + ids = append(ids, id) + } + sort.Sort(int32Slice(ids)) // int32Slice defined in text.go + + for i, id := range ids { + ext := m[id] + if i > 0 { + b.WriteByte(',') + } + + msd, ok := messageSetMap[id] + if !ok { + // Unknown type; we can't render it, so skip it. + continue + } + fmt.Fprintf(&b, `"[%s]":`, msd.name) + + x := ext.value + if x == nil { + x = reflect.New(msd.t.Elem()).Interface() + if err := Unmarshal(ext.enc, x.(Message)); err != nil { + return nil, err + } + } + d, err := json.Marshal(x) + if err != nil { + return nil, err + } + b.Write(d) + } + b.WriteByte('}') + return b.Bytes(), nil +} + +// UnmarshalMessageSetJSON decodes the extension map encoded in buf in JSON format. +// It is called by generated UnmarshalJSON methods on protocol buffer messages with the message_set_wire_format option. +func UnmarshalMessageSetJSON(buf []byte, exts interface{}) error { + // Common-case fast path. + if len(buf) == 0 || bytes.Equal(buf, []byte("{}")) { + return nil + } + + // This is fairly tricky, and it's not clear that it is needed. + return errors.New("TODO: UnmarshalMessageSetJSON not yet implemented") +} + +// A global registry of types that can be used in a MessageSet. + +var messageSetMap = make(map[int32]messageSetDesc) + +type messageSetDesc struct { + t reflect.Type // pointer to struct + name string +} + +// RegisterMessageSetType is called from the generated code. +func RegisterMessageSetType(m Message, fieldNum int32, name string) { + messageSetMap[fieldNum] = messageSetDesc{ + t: reflect.TypeOf(m), + name: name, + } +} diff --git a/vendor/github.com/golang/protobuf/proto/pointer_reflect.go b/vendor/github.com/golang/protobuf/proto/pointer_reflect.go new file mode 100644 index 0000000000..fb512e2e16 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/pointer_reflect.go @@ -0,0 +1,484 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2012 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// +build appengine js + +// This file contains an implementation of proto field accesses using package reflect. +// It is slower than the code in pointer_unsafe.go but it avoids package unsafe and can +// be used on App Engine. + +package proto + +import ( + "math" + "reflect" +) + +// A structPointer is a pointer to a struct. +type structPointer struct { + v reflect.Value +} + +// toStructPointer returns a structPointer equivalent to the given reflect value. +// The reflect value must itself be a pointer to a struct. +func toStructPointer(v reflect.Value) structPointer { + return structPointer{v} +} + +// IsNil reports whether p is nil. +func structPointer_IsNil(p structPointer) bool { + return p.v.IsNil() +} + +// Interface returns the struct pointer as an interface value. +func structPointer_Interface(p structPointer, _ reflect.Type) interface{} { + return p.v.Interface() +} + +// A field identifies a field in a struct, accessible from a structPointer. +// In this implementation, a field is identified by the sequence of field indices +// passed to reflect's FieldByIndex. +type field []int + +// toField returns a field equivalent to the given reflect field. +func toField(f *reflect.StructField) field { + return f.Index +} + +// invalidField is an invalid field identifier. +var invalidField = field(nil) + +// IsValid reports whether the field identifier is valid. +func (f field) IsValid() bool { return f != nil } + +// field returns the given field in the struct as a reflect value. +func structPointer_field(p structPointer, f field) reflect.Value { + // Special case: an extension map entry with a value of type T + // passes a *T to the struct-handling code with a zero field, + // expecting that it will be treated as equivalent to *struct{ X T }, + // which has the same memory layout. We have to handle that case + // specially, because reflect will panic if we call FieldByIndex on a + // non-struct. + if f == nil { + return p.v.Elem() + } + + return p.v.Elem().FieldByIndex(f) +} + +// ifield returns the given field in the struct as an interface value. +func structPointer_ifield(p structPointer, f field) interface{} { + return structPointer_field(p, f).Addr().Interface() +} + +// Bytes returns the address of a []byte field in the struct. +func structPointer_Bytes(p structPointer, f field) *[]byte { + return structPointer_ifield(p, f).(*[]byte) +} + +// BytesSlice returns the address of a [][]byte field in the struct. +func structPointer_BytesSlice(p structPointer, f field) *[][]byte { + return structPointer_ifield(p, f).(*[][]byte) +} + +// Bool returns the address of a *bool field in the struct. +func structPointer_Bool(p structPointer, f field) **bool { + return structPointer_ifield(p, f).(**bool) +} + +// BoolVal returns the address of a bool field in the struct. +func structPointer_BoolVal(p structPointer, f field) *bool { + return structPointer_ifield(p, f).(*bool) +} + +// BoolSlice returns the address of a []bool field in the struct. +func structPointer_BoolSlice(p structPointer, f field) *[]bool { + return structPointer_ifield(p, f).(*[]bool) +} + +// String returns the address of a *string field in the struct. +func structPointer_String(p structPointer, f field) **string { + return structPointer_ifield(p, f).(**string) +} + +// StringVal returns the address of a string field in the struct. +func structPointer_StringVal(p structPointer, f field) *string { + return structPointer_ifield(p, f).(*string) +} + +// StringSlice returns the address of a []string field in the struct. +func structPointer_StringSlice(p structPointer, f field) *[]string { + return structPointer_ifield(p, f).(*[]string) +} + +// Extensions returns the address of an extension map field in the struct. +func structPointer_Extensions(p structPointer, f field) *XXX_InternalExtensions { + return structPointer_ifield(p, f).(*XXX_InternalExtensions) +} + +// ExtMap returns the address of an extension map field in the struct. +func structPointer_ExtMap(p structPointer, f field) *map[int32]Extension { + return structPointer_ifield(p, f).(*map[int32]Extension) +} + +// NewAt returns the reflect.Value for a pointer to a field in the struct. +func structPointer_NewAt(p structPointer, f field, typ reflect.Type) reflect.Value { + return structPointer_field(p, f).Addr() +} + +// SetStructPointer writes a *struct field in the struct. +func structPointer_SetStructPointer(p structPointer, f field, q structPointer) { + structPointer_field(p, f).Set(q.v) +} + +// GetStructPointer reads a *struct field in the struct. +func structPointer_GetStructPointer(p structPointer, f field) structPointer { + return structPointer{structPointer_field(p, f)} +} + +// StructPointerSlice the address of a []*struct field in the struct. +func structPointer_StructPointerSlice(p structPointer, f field) structPointerSlice { + return structPointerSlice{structPointer_field(p, f)} +} + +// A structPointerSlice represents the address of a slice of pointers to structs +// (themselves messages or groups). That is, v.Type() is *[]*struct{...}. +type structPointerSlice struct { + v reflect.Value +} + +func (p structPointerSlice) Len() int { return p.v.Len() } +func (p structPointerSlice) Index(i int) structPointer { return structPointer{p.v.Index(i)} } +func (p structPointerSlice) Append(q structPointer) { + p.v.Set(reflect.Append(p.v, q.v)) +} + +var ( + int32Type = reflect.TypeOf(int32(0)) + uint32Type = reflect.TypeOf(uint32(0)) + float32Type = reflect.TypeOf(float32(0)) + int64Type = reflect.TypeOf(int64(0)) + uint64Type = reflect.TypeOf(uint64(0)) + float64Type = reflect.TypeOf(float64(0)) +) + +// A word32 represents a field of type *int32, *uint32, *float32, or *enum. +// That is, v.Type() is *int32, *uint32, *float32, or *enum and v is assignable. +type word32 struct { + v reflect.Value +} + +// IsNil reports whether p is nil. +func word32_IsNil(p word32) bool { + return p.v.IsNil() +} + +// Set sets p to point at a newly allocated word with bits set to x. +func word32_Set(p word32, o *Buffer, x uint32) { + t := p.v.Type().Elem() + switch t { + case int32Type: + if len(o.int32s) == 0 { + o.int32s = make([]int32, uint32PoolSize) + } + o.int32s[0] = int32(x) + p.v.Set(reflect.ValueOf(&o.int32s[0])) + o.int32s = o.int32s[1:] + return + case uint32Type: + if len(o.uint32s) == 0 { + o.uint32s = make([]uint32, uint32PoolSize) + } + o.uint32s[0] = x + p.v.Set(reflect.ValueOf(&o.uint32s[0])) + o.uint32s = o.uint32s[1:] + return + case float32Type: + if len(o.float32s) == 0 { + o.float32s = make([]float32, uint32PoolSize) + } + o.float32s[0] = math.Float32frombits(x) + p.v.Set(reflect.ValueOf(&o.float32s[0])) + o.float32s = o.float32s[1:] + return + } + + // must be enum + p.v.Set(reflect.New(t)) + p.v.Elem().SetInt(int64(int32(x))) +} + +// Get gets the bits pointed at by p, as a uint32. +func word32_Get(p word32) uint32 { + elem := p.v.Elem() + switch elem.Kind() { + case reflect.Int32: + return uint32(elem.Int()) + case reflect.Uint32: + return uint32(elem.Uint()) + case reflect.Float32: + return math.Float32bits(float32(elem.Float())) + } + panic("unreachable") +} + +// Word32 returns a reference to a *int32, *uint32, *float32, or *enum field in the struct. +func structPointer_Word32(p structPointer, f field) word32 { + return word32{structPointer_field(p, f)} +} + +// A word32Val represents a field of type int32, uint32, float32, or enum. +// That is, v.Type() is int32, uint32, float32, or enum and v is assignable. +type word32Val struct { + v reflect.Value +} + +// Set sets *p to x. +func word32Val_Set(p word32Val, x uint32) { + switch p.v.Type() { + case int32Type: + p.v.SetInt(int64(x)) + return + case uint32Type: + p.v.SetUint(uint64(x)) + return + case float32Type: + p.v.SetFloat(float64(math.Float32frombits(x))) + return + } + + // must be enum + p.v.SetInt(int64(int32(x))) +} + +// Get gets the bits pointed at by p, as a uint32. +func word32Val_Get(p word32Val) uint32 { + elem := p.v + switch elem.Kind() { + case reflect.Int32: + return uint32(elem.Int()) + case reflect.Uint32: + return uint32(elem.Uint()) + case reflect.Float32: + return math.Float32bits(float32(elem.Float())) + } + panic("unreachable") +} + +// Word32Val returns a reference to a int32, uint32, float32, or enum field in the struct. +func structPointer_Word32Val(p structPointer, f field) word32Val { + return word32Val{structPointer_field(p, f)} +} + +// A word32Slice is a slice of 32-bit values. +// That is, v.Type() is []int32, []uint32, []float32, or []enum. +type word32Slice struct { + v reflect.Value +} + +func (p word32Slice) Append(x uint32) { + n, m := p.v.Len(), p.v.Cap() + if n < m { + p.v.SetLen(n + 1) + } else { + t := p.v.Type().Elem() + p.v.Set(reflect.Append(p.v, reflect.Zero(t))) + } + elem := p.v.Index(n) + switch elem.Kind() { + case reflect.Int32: + elem.SetInt(int64(int32(x))) + case reflect.Uint32: + elem.SetUint(uint64(x)) + case reflect.Float32: + elem.SetFloat(float64(math.Float32frombits(x))) + } +} + +func (p word32Slice) Len() int { + return p.v.Len() +} + +func (p word32Slice) Index(i int) uint32 { + elem := p.v.Index(i) + switch elem.Kind() { + case reflect.Int32: + return uint32(elem.Int()) + case reflect.Uint32: + return uint32(elem.Uint()) + case reflect.Float32: + return math.Float32bits(float32(elem.Float())) + } + panic("unreachable") +} + +// Word32Slice returns a reference to a []int32, []uint32, []float32, or []enum field in the struct. +func structPointer_Word32Slice(p structPointer, f field) word32Slice { + return word32Slice{structPointer_field(p, f)} +} + +// word64 is like word32 but for 64-bit values. +type word64 struct { + v reflect.Value +} + +func word64_Set(p word64, o *Buffer, x uint64) { + t := p.v.Type().Elem() + switch t { + case int64Type: + if len(o.int64s) == 0 { + o.int64s = make([]int64, uint64PoolSize) + } + o.int64s[0] = int64(x) + p.v.Set(reflect.ValueOf(&o.int64s[0])) + o.int64s = o.int64s[1:] + return + case uint64Type: + if len(o.uint64s) == 0 { + o.uint64s = make([]uint64, uint64PoolSize) + } + o.uint64s[0] = x + p.v.Set(reflect.ValueOf(&o.uint64s[0])) + o.uint64s = o.uint64s[1:] + return + case float64Type: + if len(o.float64s) == 0 { + o.float64s = make([]float64, uint64PoolSize) + } + o.float64s[0] = math.Float64frombits(x) + p.v.Set(reflect.ValueOf(&o.float64s[0])) + o.float64s = o.float64s[1:] + return + } + panic("unreachable") +} + +func word64_IsNil(p word64) bool { + return p.v.IsNil() +} + +func word64_Get(p word64) uint64 { + elem := p.v.Elem() + switch elem.Kind() { + case reflect.Int64: + return uint64(elem.Int()) + case reflect.Uint64: + return elem.Uint() + case reflect.Float64: + return math.Float64bits(elem.Float()) + } + panic("unreachable") +} + +func structPointer_Word64(p structPointer, f field) word64 { + return word64{structPointer_field(p, f)} +} + +// word64Val is like word32Val but for 64-bit values. +type word64Val struct { + v reflect.Value +} + +func word64Val_Set(p word64Val, o *Buffer, x uint64) { + switch p.v.Type() { + case int64Type: + p.v.SetInt(int64(x)) + return + case uint64Type: + p.v.SetUint(x) + return + case float64Type: + p.v.SetFloat(math.Float64frombits(x)) + return + } + panic("unreachable") +} + +func word64Val_Get(p word64Val) uint64 { + elem := p.v + switch elem.Kind() { + case reflect.Int64: + return uint64(elem.Int()) + case reflect.Uint64: + return elem.Uint() + case reflect.Float64: + return math.Float64bits(elem.Float()) + } + panic("unreachable") +} + +func structPointer_Word64Val(p structPointer, f field) word64Val { + return word64Val{structPointer_field(p, f)} +} + +type word64Slice struct { + v reflect.Value +} + +func (p word64Slice) Append(x uint64) { + n, m := p.v.Len(), p.v.Cap() + if n < m { + p.v.SetLen(n + 1) + } else { + t := p.v.Type().Elem() + p.v.Set(reflect.Append(p.v, reflect.Zero(t))) + } + elem := p.v.Index(n) + switch elem.Kind() { + case reflect.Int64: + elem.SetInt(int64(int64(x))) + case reflect.Uint64: + elem.SetUint(uint64(x)) + case reflect.Float64: + elem.SetFloat(float64(math.Float64frombits(x))) + } +} + +func (p word64Slice) Len() int { + return p.v.Len() +} + +func (p word64Slice) Index(i int) uint64 { + elem := p.v.Index(i) + switch elem.Kind() { + case reflect.Int64: + return uint64(elem.Int()) + case reflect.Uint64: + return uint64(elem.Uint()) + case reflect.Float64: + return math.Float64bits(float64(elem.Float())) + } + panic("unreachable") +} + +func structPointer_Word64Slice(p structPointer, f field) word64Slice { + return word64Slice{structPointer_field(p, f)} +} diff --git a/vendor/github.com/golang/protobuf/proto/pointer_unsafe.go b/vendor/github.com/golang/protobuf/proto/pointer_unsafe.go new file mode 100644 index 0000000000..6b5567d47c --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/pointer_unsafe.go @@ -0,0 +1,270 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2012 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// +build !appengine,!js + +// This file contains the implementation of the proto field accesses using package unsafe. + +package proto + +import ( + "reflect" + "unsafe" +) + +// NOTE: These type_Foo functions would more idiomatically be methods, +// but Go does not allow methods on pointer types, and we must preserve +// some pointer type for the garbage collector. We use these +// funcs with clunky names as our poor approximation to methods. +// +// An alternative would be +// type structPointer struct { p unsafe.Pointer } +// but that does not registerize as well. + +// A structPointer is a pointer to a struct. +type structPointer unsafe.Pointer + +// toStructPointer returns a structPointer equivalent to the given reflect value. +func toStructPointer(v reflect.Value) structPointer { + return structPointer(unsafe.Pointer(v.Pointer())) +} + +// IsNil reports whether p is nil. +func structPointer_IsNil(p structPointer) bool { + return p == nil +} + +// Interface returns the struct pointer, assumed to have element type t, +// as an interface value. +func structPointer_Interface(p structPointer, t reflect.Type) interface{} { + return reflect.NewAt(t, unsafe.Pointer(p)).Interface() +} + +// A field identifies a field in a struct, accessible from a structPointer. +// In this implementation, a field is identified by its byte offset from the start of the struct. +type field uintptr + +// toField returns a field equivalent to the given reflect field. +func toField(f *reflect.StructField) field { + return field(f.Offset) +} + +// invalidField is an invalid field identifier. +const invalidField = ^field(0) + +// IsValid reports whether the field identifier is valid. +func (f field) IsValid() bool { + return f != ^field(0) +} + +// Bytes returns the address of a []byte field in the struct. +func structPointer_Bytes(p structPointer, f field) *[]byte { + return (*[]byte)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// BytesSlice returns the address of a [][]byte field in the struct. +func structPointer_BytesSlice(p structPointer, f field) *[][]byte { + return (*[][]byte)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// Bool returns the address of a *bool field in the struct. +func structPointer_Bool(p structPointer, f field) **bool { + return (**bool)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// BoolVal returns the address of a bool field in the struct. +func structPointer_BoolVal(p structPointer, f field) *bool { + return (*bool)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// BoolSlice returns the address of a []bool field in the struct. +func structPointer_BoolSlice(p structPointer, f field) *[]bool { + return (*[]bool)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// String returns the address of a *string field in the struct. +func structPointer_String(p structPointer, f field) **string { + return (**string)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// StringVal returns the address of a string field in the struct. +func structPointer_StringVal(p structPointer, f field) *string { + return (*string)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// StringSlice returns the address of a []string field in the struct. +func structPointer_StringSlice(p structPointer, f field) *[]string { + return (*[]string)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// ExtMap returns the address of an extension map field in the struct. +func structPointer_Extensions(p structPointer, f field) *XXX_InternalExtensions { + return (*XXX_InternalExtensions)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +func structPointer_ExtMap(p structPointer, f field) *map[int32]Extension { + return (*map[int32]Extension)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// NewAt returns the reflect.Value for a pointer to a field in the struct. +func structPointer_NewAt(p structPointer, f field, typ reflect.Type) reflect.Value { + return reflect.NewAt(typ, unsafe.Pointer(uintptr(p)+uintptr(f))) +} + +// SetStructPointer writes a *struct field in the struct. +func structPointer_SetStructPointer(p structPointer, f field, q structPointer) { + *(*structPointer)(unsafe.Pointer(uintptr(p) + uintptr(f))) = q +} + +// GetStructPointer reads a *struct field in the struct. +func structPointer_GetStructPointer(p structPointer, f field) structPointer { + return *(*structPointer)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// StructPointerSlice the address of a []*struct field in the struct. +func structPointer_StructPointerSlice(p structPointer, f field) *structPointerSlice { + return (*structPointerSlice)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// A structPointerSlice represents a slice of pointers to structs (themselves submessages or groups). +type structPointerSlice []structPointer + +func (v *structPointerSlice) Len() int { return len(*v) } +func (v *structPointerSlice) Index(i int) structPointer { return (*v)[i] } +func (v *structPointerSlice) Append(p structPointer) { *v = append(*v, p) } + +// A word32 is the address of a "pointer to 32-bit value" field. +type word32 **uint32 + +// IsNil reports whether *v is nil. +func word32_IsNil(p word32) bool { + return *p == nil +} + +// Set sets *v to point at a newly allocated word set to x. +func word32_Set(p word32, o *Buffer, x uint32) { + if len(o.uint32s) == 0 { + o.uint32s = make([]uint32, uint32PoolSize) + } + o.uint32s[0] = x + *p = &o.uint32s[0] + o.uint32s = o.uint32s[1:] +} + +// Get gets the value pointed at by *v. +func word32_Get(p word32) uint32 { + return **p +} + +// Word32 returns the address of a *int32, *uint32, *float32, or *enum field in the struct. +func structPointer_Word32(p structPointer, f field) word32 { + return word32((**uint32)(unsafe.Pointer(uintptr(p) + uintptr(f)))) +} + +// A word32Val is the address of a 32-bit value field. +type word32Val *uint32 + +// Set sets *p to x. +func word32Val_Set(p word32Val, x uint32) { + *p = x +} + +// Get gets the value pointed at by p. +func word32Val_Get(p word32Val) uint32 { + return *p +} + +// Word32Val returns the address of a *int32, *uint32, *float32, or *enum field in the struct. +func structPointer_Word32Val(p structPointer, f field) word32Val { + return word32Val((*uint32)(unsafe.Pointer(uintptr(p) + uintptr(f)))) +} + +// A word32Slice is a slice of 32-bit values. +type word32Slice []uint32 + +func (v *word32Slice) Append(x uint32) { *v = append(*v, x) } +func (v *word32Slice) Len() int { return len(*v) } +func (v *word32Slice) Index(i int) uint32 { return (*v)[i] } + +// Word32Slice returns the address of a []int32, []uint32, []float32, or []enum field in the struct. +func structPointer_Word32Slice(p structPointer, f field) *word32Slice { + return (*word32Slice)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} + +// word64 is like word32 but for 64-bit values. +type word64 **uint64 + +func word64_Set(p word64, o *Buffer, x uint64) { + if len(o.uint64s) == 0 { + o.uint64s = make([]uint64, uint64PoolSize) + } + o.uint64s[0] = x + *p = &o.uint64s[0] + o.uint64s = o.uint64s[1:] +} + +func word64_IsNil(p word64) bool { + return *p == nil +} + +func word64_Get(p word64) uint64 { + return **p +} + +func structPointer_Word64(p structPointer, f field) word64 { + return word64((**uint64)(unsafe.Pointer(uintptr(p) + uintptr(f)))) +} + +// word64Val is like word32Val but for 64-bit values. +type word64Val *uint64 + +func word64Val_Set(p word64Val, o *Buffer, x uint64) { + *p = x +} + +func word64Val_Get(p word64Val) uint64 { + return *p +} + +func structPointer_Word64Val(p structPointer, f field) word64Val { + return word64Val((*uint64)(unsafe.Pointer(uintptr(p) + uintptr(f)))) +} + +// word64Slice is like word32Slice but for 64-bit values. +type word64Slice []uint64 + +func (v *word64Slice) Append(x uint64) { *v = append(*v, x) } +func (v *word64Slice) Len() int { return len(*v) } +func (v *word64Slice) Index(i int) uint64 { return (*v)[i] } + +func structPointer_Word64Slice(p structPointer, f field) *word64Slice { + return (*word64Slice)(unsafe.Pointer(uintptr(p) + uintptr(f))) +} diff --git a/vendor/github.com/golang/protobuf/proto/properties.go b/vendor/github.com/golang/protobuf/proto/properties.go new file mode 100644 index 0000000000..ec2289c005 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/properties.go @@ -0,0 +1,872 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +/* + * Routines for encoding data into the wire format for protocol buffers. + */ + +import ( + "fmt" + "log" + "os" + "reflect" + "sort" + "strconv" + "strings" + "sync" +) + +const debug bool = false + +// Constants that identify the encoding of a value on the wire. +const ( + WireVarint = 0 + WireFixed64 = 1 + WireBytes = 2 + WireStartGroup = 3 + WireEndGroup = 4 + WireFixed32 = 5 +) + +const startSize = 10 // initial slice/string sizes + +// Encoders are defined in encode.go +// An encoder outputs the full representation of a field, including its +// tag and encoder type. +type encoder func(p *Buffer, prop *Properties, base structPointer) error + +// A valueEncoder encodes a single integer in a particular encoding. +type valueEncoder func(o *Buffer, x uint64) error + +// Sizers are defined in encode.go +// A sizer returns the encoded size of a field, including its tag and encoder +// type. +type sizer func(prop *Properties, base structPointer) int + +// A valueSizer returns the encoded size of a single integer in a particular +// encoding. +type valueSizer func(x uint64) int + +// Decoders are defined in decode.go +// A decoder creates a value from its wire representation. +// Unrecognized subelements are saved in unrec. +type decoder func(p *Buffer, prop *Properties, base structPointer) error + +// A valueDecoder decodes a single integer in a particular encoding. +type valueDecoder func(o *Buffer) (x uint64, err error) + +// A oneofMarshaler does the marshaling for all oneof fields in a message. +type oneofMarshaler func(Message, *Buffer) error + +// A oneofUnmarshaler does the unmarshaling for a oneof field in a message. +type oneofUnmarshaler func(Message, int, int, *Buffer) (bool, error) + +// A oneofSizer does the sizing for all oneof fields in a message. +type oneofSizer func(Message) int + +// tagMap is an optimization over map[int]int for typical protocol buffer +// use-cases. Encoded protocol buffers are often in tag order with small tag +// numbers. +type tagMap struct { + fastTags []int + slowTags map[int]int +} + +// tagMapFastLimit is the upper bound on the tag number that will be stored in +// the tagMap slice rather than its map. +const tagMapFastLimit = 1024 + +func (p *tagMap) get(t int) (int, bool) { + if t > 0 && t < tagMapFastLimit { + if t >= len(p.fastTags) { + return 0, false + } + fi := p.fastTags[t] + return fi, fi >= 0 + } + fi, ok := p.slowTags[t] + return fi, ok +} + +func (p *tagMap) put(t int, fi int) { + if t > 0 && t < tagMapFastLimit { + for len(p.fastTags) < t+1 { + p.fastTags = append(p.fastTags, -1) + } + p.fastTags[t] = fi + return + } + if p.slowTags == nil { + p.slowTags = make(map[int]int) + } + p.slowTags[t] = fi +} + +// StructProperties represents properties for all the fields of a struct. +// decoderTags and decoderOrigNames should only be used by the decoder. +type StructProperties struct { + Prop []*Properties // properties for each field + reqCount int // required count + decoderTags tagMap // map from proto tag to struct field number + decoderOrigNames map[string]int // map from original name to struct field number + order []int // list of struct field numbers in tag order + unrecField field // field id of the XXX_unrecognized []byte field + extendable bool // is this an extendable proto + + oneofMarshaler oneofMarshaler + oneofUnmarshaler oneofUnmarshaler + oneofSizer oneofSizer + stype reflect.Type + + // OneofTypes contains information about the oneof fields in this message. + // It is keyed by the original name of a field. + OneofTypes map[string]*OneofProperties +} + +// OneofProperties represents information about a specific field in a oneof. +type OneofProperties struct { + Type reflect.Type // pointer to generated struct type for this oneof field + Field int // struct field number of the containing oneof in the message + Prop *Properties +} + +// Implement the sorting interface so we can sort the fields in tag order, as recommended by the spec. +// See encode.go, (*Buffer).enc_struct. + +func (sp *StructProperties) Len() int { return len(sp.order) } +func (sp *StructProperties) Less(i, j int) bool { + return sp.Prop[sp.order[i]].Tag < sp.Prop[sp.order[j]].Tag +} +func (sp *StructProperties) Swap(i, j int) { sp.order[i], sp.order[j] = sp.order[j], sp.order[i] } + +// Properties represents the protocol-specific behavior of a single struct field. +type Properties struct { + Name string // name of the field, for error messages + OrigName string // original name before protocol compiler (always set) + JSONName string // name to use for JSON; determined by protoc + Wire string + WireType int + Tag int + Required bool + Optional bool + Repeated bool + Packed bool // relevant for repeated primitives only + Enum string // set for enum types only + proto3 bool // whether this is known to be a proto3 field; set for []byte only + oneof bool // whether this is a oneof field + + Default string // default value + HasDefault bool // whether an explicit default was provided + def_uint64 uint64 + + enc encoder + valEnc valueEncoder // set for bool and numeric types only + field field + tagcode []byte // encoding of EncodeVarint((Tag<<3)|WireType) + tagbuf [8]byte + stype reflect.Type // set for struct types only + sprop *StructProperties // set for struct types only + isMarshaler bool + isUnmarshaler bool + + mtype reflect.Type // set for map types only + mkeyprop *Properties // set for map types only + mvalprop *Properties // set for map types only + + size sizer + valSize valueSizer // set for bool and numeric types only + + dec decoder + valDec valueDecoder // set for bool and numeric types only + + // If this is a packable field, this will be the decoder for the packed version of the field. + packedDec decoder +} + +// String formats the properties in the protobuf struct field tag style. +func (p *Properties) String() string { + s := p.Wire + s = "," + s += strconv.Itoa(p.Tag) + if p.Required { + s += ",req" + } + if p.Optional { + s += ",opt" + } + if p.Repeated { + s += ",rep" + } + if p.Packed { + s += ",packed" + } + s += ",name=" + p.OrigName + if p.JSONName != p.OrigName { + s += ",json=" + p.JSONName + } + if p.proto3 { + s += ",proto3" + } + if p.oneof { + s += ",oneof" + } + if len(p.Enum) > 0 { + s += ",enum=" + p.Enum + } + if p.HasDefault { + s += ",def=" + p.Default + } + return s +} + +// Parse populates p by parsing a string in the protobuf struct field tag style. +func (p *Properties) Parse(s string) { + // "bytes,49,opt,name=foo,def=hello!" + fields := strings.Split(s, ",") // breaks def=, but handled below. + if len(fields) < 2 { + fmt.Fprintf(os.Stderr, "proto: tag has too few fields: %q\n", s) + return + } + + p.Wire = fields[0] + switch p.Wire { + case "varint": + p.WireType = WireVarint + p.valEnc = (*Buffer).EncodeVarint + p.valDec = (*Buffer).DecodeVarint + p.valSize = sizeVarint + case "fixed32": + p.WireType = WireFixed32 + p.valEnc = (*Buffer).EncodeFixed32 + p.valDec = (*Buffer).DecodeFixed32 + p.valSize = sizeFixed32 + case "fixed64": + p.WireType = WireFixed64 + p.valEnc = (*Buffer).EncodeFixed64 + p.valDec = (*Buffer).DecodeFixed64 + p.valSize = sizeFixed64 + case "zigzag32": + p.WireType = WireVarint + p.valEnc = (*Buffer).EncodeZigzag32 + p.valDec = (*Buffer).DecodeZigzag32 + p.valSize = sizeZigzag32 + case "zigzag64": + p.WireType = WireVarint + p.valEnc = (*Buffer).EncodeZigzag64 + p.valDec = (*Buffer).DecodeZigzag64 + p.valSize = sizeZigzag64 + case "bytes", "group": + p.WireType = WireBytes + // no numeric converter for non-numeric types + default: + fmt.Fprintf(os.Stderr, "proto: tag has unknown wire type: %q\n", s) + return + } + + var err error + p.Tag, err = strconv.Atoi(fields[1]) + if err != nil { + return + } + + for i := 2; i < len(fields); i++ { + f := fields[i] + switch { + case f == "req": + p.Required = true + case f == "opt": + p.Optional = true + case f == "rep": + p.Repeated = true + case f == "packed": + p.Packed = true + case strings.HasPrefix(f, "name="): + p.OrigName = f[5:] + case strings.HasPrefix(f, "json="): + p.JSONName = f[5:] + case strings.HasPrefix(f, "enum="): + p.Enum = f[5:] + case f == "proto3": + p.proto3 = true + case f == "oneof": + p.oneof = true + case strings.HasPrefix(f, "def="): + p.HasDefault = true + p.Default = f[4:] // rest of string + if i+1 < len(fields) { + // Commas aren't escaped, and def is always last. + p.Default += "," + strings.Join(fields[i+1:], ",") + break + } + } + } +} + +func logNoSliceEnc(t1, t2 reflect.Type) { + fmt.Fprintf(os.Stderr, "proto: no slice oenc for %T = []%T\n", t1, t2) +} + +var protoMessageType = reflect.TypeOf((*Message)(nil)).Elem() + +// Initialize the fields for encoding and decoding. +func (p *Properties) setEncAndDec(typ reflect.Type, f *reflect.StructField, lockGetProp bool) { + p.enc = nil + p.dec = nil + p.size = nil + + switch t1 := typ; t1.Kind() { + default: + fmt.Fprintf(os.Stderr, "proto: no coders for %v\n", t1) + + // proto3 scalar types + + case reflect.Bool: + p.enc = (*Buffer).enc_proto3_bool + p.dec = (*Buffer).dec_proto3_bool + p.size = size_proto3_bool + case reflect.Int32: + p.enc = (*Buffer).enc_proto3_int32 + p.dec = (*Buffer).dec_proto3_int32 + p.size = size_proto3_int32 + case reflect.Uint32: + p.enc = (*Buffer).enc_proto3_uint32 + p.dec = (*Buffer).dec_proto3_int32 // can reuse + p.size = size_proto3_uint32 + case reflect.Int64, reflect.Uint64: + p.enc = (*Buffer).enc_proto3_int64 + p.dec = (*Buffer).dec_proto3_int64 + p.size = size_proto3_int64 + case reflect.Float32: + p.enc = (*Buffer).enc_proto3_uint32 // can just treat them as bits + p.dec = (*Buffer).dec_proto3_int32 + p.size = size_proto3_uint32 + case reflect.Float64: + p.enc = (*Buffer).enc_proto3_int64 // can just treat them as bits + p.dec = (*Buffer).dec_proto3_int64 + p.size = size_proto3_int64 + case reflect.String: + p.enc = (*Buffer).enc_proto3_string + p.dec = (*Buffer).dec_proto3_string + p.size = size_proto3_string + + case reflect.Ptr: + switch t2 := t1.Elem(); t2.Kind() { + default: + fmt.Fprintf(os.Stderr, "proto: no encoder function for %v -> %v\n", t1, t2) + break + case reflect.Bool: + p.enc = (*Buffer).enc_bool + p.dec = (*Buffer).dec_bool + p.size = size_bool + case reflect.Int32: + p.enc = (*Buffer).enc_int32 + p.dec = (*Buffer).dec_int32 + p.size = size_int32 + case reflect.Uint32: + p.enc = (*Buffer).enc_uint32 + p.dec = (*Buffer).dec_int32 // can reuse + p.size = size_uint32 + case reflect.Int64, reflect.Uint64: + p.enc = (*Buffer).enc_int64 + p.dec = (*Buffer).dec_int64 + p.size = size_int64 + case reflect.Float32: + p.enc = (*Buffer).enc_uint32 // can just treat them as bits + p.dec = (*Buffer).dec_int32 + p.size = size_uint32 + case reflect.Float64: + p.enc = (*Buffer).enc_int64 // can just treat them as bits + p.dec = (*Buffer).dec_int64 + p.size = size_int64 + case reflect.String: + p.enc = (*Buffer).enc_string + p.dec = (*Buffer).dec_string + p.size = size_string + case reflect.Struct: + p.stype = t1.Elem() + p.isMarshaler = isMarshaler(t1) + p.isUnmarshaler = isUnmarshaler(t1) + if p.Wire == "bytes" { + p.enc = (*Buffer).enc_struct_message + p.dec = (*Buffer).dec_struct_message + p.size = size_struct_message + } else { + p.enc = (*Buffer).enc_struct_group + p.dec = (*Buffer).dec_struct_group + p.size = size_struct_group + } + } + + case reflect.Slice: + switch t2 := t1.Elem(); t2.Kind() { + default: + logNoSliceEnc(t1, t2) + break + case reflect.Bool: + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_bool + p.size = size_slice_packed_bool + } else { + p.enc = (*Buffer).enc_slice_bool + p.size = size_slice_bool + } + p.dec = (*Buffer).dec_slice_bool + p.packedDec = (*Buffer).dec_slice_packed_bool + case reflect.Int32: + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_int32 + p.size = size_slice_packed_int32 + } else { + p.enc = (*Buffer).enc_slice_int32 + p.size = size_slice_int32 + } + p.dec = (*Buffer).dec_slice_int32 + p.packedDec = (*Buffer).dec_slice_packed_int32 + case reflect.Uint32: + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_uint32 + p.size = size_slice_packed_uint32 + } else { + p.enc = (*Buffer).enc_slice_uint32 + p.size = size_slice_uint32 + } + p.dec = (*Buffer).dec_slice_int32 + p.packedDec = (*Buffer).dec_slice_packed_int32 + case reflect.Int64, reflect.Uint64: + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_int64 + p.size = size_slice_packed_int64 + } else { + p.enc = (*Buffer).enc_slice_int64 + p.size = size_slice_int64 + } + p.dec = (*Buffer).dec_slice_int64 + p.packedDec = (*Buffer).dec_slice_packed_int64 + case reflect.Uint8: + p.dec = (*Buffer).dec_slice_byte + if p.proto3 { + p.enc = (*Buffer).enc_proto3_slice_byte + p.size = size_proto3_slice_byte + } else { + p.enc = (*Buffer).enc_slice_byte + p.size = size_slice_byte + } + case reflect.Float32, reflect.Float64: + switch t2.Bits() { + case 32: + // can just treat them as bits + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_uint32 + p.size = size_slice_packed_uint32 + } else { + p.enc = (*Buffer).enc_slice_uint32 + p.size = size_slice_uint32 + } + p.dec = (*Buffer).dec_slice_int32 + p.packedDec = (*Buffer).dec_slice_packed_int32 + case 64: + // can just treat them as bits + if p.Packed { + p.enc = (*Buffer).enc_slice_packed_int64 + p.size = size_slice_packed_int64 + } else { + p.enc = (*Buffer).enc_slice_int64 + p.size = size_slice_int64 + } + p.dec = (*Buffer).dec_slice_int64 + p.packedDec = (*Buffer).dec_slice_packed_int64 + default: + logNoSliceEnc(t1, t2) + break + } + case reflect.String: + p.enc = (*Buffer).enc_slice_string + p.dec = (*Buffer).dec_slice_string + p.size = size_slice_string + case reflect.Ptr: + switch t3 := t2.Elem(); t3.Kind() { + default: + fmt.Fprintf(os.Stderr, "proto: no ptr oenc for %T -> %T -> %T\n", t1, t2, t3) + break + case reflect.Struct: + p.stype = t2.Elem() + p.isMarshaler = isMarshaler(t2) + p.isUnmarshaler = isUnmarshaler(t2) + if p.Wire == "bytes" { + p.enc = (*Buffer).enc_slice_struct_message + p.dec = (*Buffer).dec_slice_struct_message + p.size = size_slice_struct_message + } else { + p.enc = (*Buffer).enc_slice_struct_group + p.dec = (*Buffer).dec_slice_struct_group + p.size = size_slice_struct_group + } + } + case reflect.Slice: + switch t2.Elem().Kind() { + default: + fmt.Fprintf(os.Stderr, "proto: no slice elem oenc for %T -> %T -> %T\n", t1, t2, t2.Elem()) + break + case reflect.Uint8: + p.enc = (*Buffer).enc_slice_slice_byte + p.dec = (*Buffer).dec_slice_slice_byte + p.size = size_slice_slice_byte + } + } + + case reflect.Map: + p.enc = (*Buffer).enc_new_map + p.dec = (*Buffer).dec_new_map + p.size = size_new_map + + p.mtype = t1 + p.mkeyprop = &Properties{} + p.mkeyprop.init(reflect.PtrTo(p.mtype.Key()), "Key", f.Tag.Get("protobuf_key"), nil, lockGetProp) + p.mvalprop = &Properties{} + vtype := p.mtype.Elem() + if vtype.Kind() != reflect.Ptr && vtype.Kind() != reflect.Slice { + // The value type is not a message (*T) or bytes ([]byte), + // so we need encoders for the pointer to this type. + vtype = reflect.PtrTo(vtype) + } + p.mvalprop.init(vtype, "Value", f.Tag.Get("protobuf_val"), nil, lockGetProp) + } + + // precalculate tag code + wire := p.WireType + if p.Packed { + wire = WireBytes + } + x := uint32(p.Tag)<<3 | uint32(wire) + i := 0 + for i = 0; x > 127; i++ { + p.tagbuf[i] = 0x80 | uint8(x&0x7F) + x >>= 7 + } + p.tagbuf[i] = uint8(x) + p.tagcode = p.tagbuf[0 : i+1] + + if p.stype != nil { + if lockGetProp { + p.sprop = GetProperties(p.stype) + } else { + p.sprop = getPropertiesLocked(p.stype) + } + } +} + +var ( + marshalerType = reflect.TypeOf((*Marshaler)(nil)).Elem() + unmarshalerType = reflect.TypeOf((*Unmarshaler)(nil)).Elem() +) + +// isMarshaler reports whether type t implements Marshaler. +func isMarshaler(t reflect.Type) bool { + // We're checking for (likely) pointer-receiver methods + // so if t is not a pointer, something is very wrong. + // The calls above only invoke isMarshaler on pointer types. + if t.Kind() != reflect.Ptr { + panic("proto: misuse of isMarshaler") + } + return t.Implements(marshalerType) +} + +// isUnmarshaler reports whether type t implements Unmarshaler. +func isUnmarshaler(t reflect.Type) bool { + // We're checking for (likely) pointer-receiver methods + // so if t is not a pointer, something is very wrong. + // The calls above only invoke isUnmarshaler on pointer types. + if t.Kind() != reflect.Ptr { + panic("proto: misuse of isUnmarshaler") + } + return t.Implements(unmarshalerType) +} + +// Init populates the properties from a protocol buffer struct tag. +func (p *Properties) Init(typ reflect.Type, name, tag string, f *reflect.StructField) { + p.init(typ, name, tag, f, true) +} + +func (p *Properties) init(typ reflect.Type, name, tag string, f *reflect.StructField, lockGetProp bool) { + // "bytes,49,opt,def=hello!" + p.Name = name + p.OrigName = name + if f != nil { + p.field = toField(f) + } + if tag == "" { + return + } + p.Parse(tag) + p.setEncAndDec(typ, f, lockGetProp) +} + +var ( + propertiesMu sync.RWMutex + propertiesMap = make(map[reflect.Type]*StructProperties) +) + +// GetProperties returns the list of properties for the type represented by t. +// t must represent a generated struct type of a protocol message. +func GetProperties(t reflect.Type) *StructProperties { + if t.Kind() != reflect.Struct { + panic("proto: type must have kind struct") + } + + // Most calls to GetProperties in a long-running program will be + // retrieving details for types we have seen before. + propertiesMu.RLock() + sprop, ok := propertiesMap[t] + propertiesMu.RUnlock() + if ok { + if collectStats { + stats.Chit++ + } + return sprop + } + + propertiesMu.Lock() + sprop = getPropertiesLocked(t) + propertiesMu.Unlock() + return sprop +} + +// getPropertiesLocked requires that propertiesMu is held. +func getPropertiesLocked(t reflect.Type) *StructProperties { + if prop, ok := propertiesMap[t]; ok { + if collectStats { + stats.Chit++ + } + return prop + } + if collectStats { + stats.Cmiss++ + } + + prop := new(StructProperties) + // in case of recursive protos, fill this in now. + propertiesMap[t] = prop + + // build properties + prop.extendable = reflect.PtrTo(t).Implements(extendableProtoType) || + reflect.PtrTo(t).Implements(extendableProtoV1Type) + prop.unrecField = invalidField + prop.Prop = make([]*Properties, t.NumField()) + prop.order = make([]int, t.NumField()) + + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + p := new(Properties) + name := f.Name + p.init(f.Type, name, f.Tag.Get("protobuf"), &f, false) + + if f.Name == "XXX_InternalExtensions" { // special case + p.enc = (*Buffer).enc_exts + p.dec = nil // not needed + p.size = size_exts + } else if f.Name == "XXX_extensions" { // special case + p.enc = (*Buffer).enc_map + p.dec = nil // not needed + p.size = size_map + } else if f.Name == "XXX_unrecognized" { // special case + prop.unrecField = toField(&f) + } + oneof := f.Tag.Get("protobuf_oneof") // special case + if oneof != "" { + // Oneof fields don't use the traditional protobuf tag. + p.OrigName = oneof + } + prop.Prop[i] = p + prop.order[i] = i + if debug { + print(i, " ", f.Name, " ", t.String(), " ") + if p.Tag > 0 { + print(p.String()) + } + print("\n") + } + if p.enc == nil && !strings.HasPrefix(f.Name, "XXX_") && oneof == "" { + fmt.Fprintln(os.Stderr, "proto: no encoder for", f.Name, f.Type.String(), "[GetProperties]") + } + } + + // Re-order prop.order. + sort.Sort(prop) + + type oneofMessage interface { + XXX_OneofFuncs() (func(Message, *Buffer) error, func(Message, int, int, *Buffer) (bool, error), func(Message) int, []interface{}) + } + if om, ok := reflect.Zero(reflect.PtrTo(t)).Interface().(oneofMessage); ok { + var oots []interface{} + prop.oneofMarshaler, prop.oneofUnmarshaler, prop.oneofSizer, oots = om.XXX_OneofFuncs() + prop.stype = t + + // Interpret oneof metadata. + prop.OneofTypes = make(map[string]*OneofProperties) + for _, oot := range oots { + oop := &OneofProperties{ + Type: reflect.ValueOf(oot).Type(), // *T + Prop: new(Properties), + } + sft := oop.Type.Elem().Field(0) + oop.Prop.Name = sft.Name + oop.Prop.Parse(sft.Tag.Get("protobuf")) + // There will be exactly one interface field that + // this new value is assignable to. + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + if f.Type.Kind() != reflect.Interface { + continue + } + if !oop.Type.AssignableTo(f.Type) { + continue + } + oop.Field = i + break + } + prop.OneofTypes[oop.Prop.OrigName] = oop + } + } + + // build required counts + // build tags + reqCount := 0 + prop.decoderOrigNames = make(map[string]int) + for i, p := range prop.Prop { + if strings.HasPrefix(p.Name, "XXX_") { + // Internal fields should not appear in tags/origNames maps. + // They are handled specially when encoding and decoding. + continue + } + if p.Required { + reqCount++ + } + prop.decoderTags.put(p.Tag, i) + prop.decoderOrigNames[p.OrigName] = i + } + prop.reqCount = reqCount + + return prop +} + +// Return the Properties object for the x[0]'th field of the structure. +func propByIndex(t reflect.Type, x []int) *Properties { + if len(x) != 1 { + fmt.Fprintf(os.Stderr, "proto: field index dimension %d (not 1) for type %s\n", len(x), t) + return nil + } + prop := GetProperties(t) + return prop.Prop[x[0]] +} + +// Get the address and type of a pointer to a struct from an interface. +func getbase(pb Message) (t reflect.Type, b structPointer, err error) { + if pb == nil { + err = ErrNil + return + } + // get the reflect type of the pointer to the struct. + t = reflect.TypeOf(pb) + // get the address of the struct. + value := reflect.ValueOf(pb) + b = toStructPointer(value) + return +} + +// A global registry of enum types. +// The generated code will register the generated maps by calling RegisterEnum. + +var enumValueMaps = make(map[string]map[string]int32) + +// RegisterEnum is called from the generated code to install the enum descriptor +// maps into the global table to aid parsing text format protocol buffers. +func RegisterEnum(typeName string, unusedNameMap map[int32]string, valueMap map[string]int32) { + if _, ok := enumValueMaps[typeName]; ok { + panic("proto: duplicate enum registered: " + typeName) + } + enumValueMaps[typeName] = valueMap +} + +// EnumValueMap returns the mapping from names to integers of the +// enum type enumType, or a nil if not found. +func EnumValueMap(enumType string) map[string]int32 { + return enumValueMaps[enumType] +} + +// A registry of all linked message types. +// The string is a fully-qualified proto name ("pkg.Message"). +var ( + protoTypes = make(map[string]reflect.Type) + revProtoTypes = make(map[reflect.Type]string) +) + +// RegisterType is called from generated code and maps from the fully qualified +// proto name to the type (pointer to struct) of the protocol buffer. +func RegisterType(x Message, name string) { + if _, ok := protoTypes[name]; ok { + // TODO: Some day, make this a panic. + log.Printf("proto: duplicate proto type registered: %s", name) + return + } + t := reflect.TypeOf(x) + protoTypes[name] = t + revProtoTypes[t] = name +} + +// MessageName returns the fully-qualified proto name for the given message type. +func MessageName(x Message) string { + type xname interface { + XXX_MessageName() string + } + if m, ok := x.(xname); ok { + return m.XXX_MessageName() + } + return revProtoTypes[reflect.TypeOf(x)] +} + +// MessageType returns the message type (pointer to struct) for a named message. +func MessageType(name string) reflect.Type { return protoTypes[name] } + +// A registry of all linked proto files. +var ( + protoFiles = make(map[string][]byte) // file name => fileDescriptor +) + +// RegisterFile is called from generated code and maps from the +// full file name of a .proto file to its compressed FileDescriptorProto. +func RegisterFile(filename string, fileDescriptor []byte) { + protoFiles[filename] = fileDescriptor +} + +// FileDescriptor returns the compressed FileDescriptorProto for a .proto file. +func FileDescriptor(filename string) []byte { return protoFiles[filename] } diff --git a/vendor/github.com/golang/protobuf/proto/text.go b/vendor/github.com/golang/protobuf/proto/text.go new file mode 100644 index 0000000000..965876bf03 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/text.go @@ -0,0 +1,854 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +// Functions for writing the text protocol buffer format. + +import ( + "bufio" + "bytes" + "encoding" + "errors" + "fmt" + "io" + "log" + "math" + "reflect" + "sort" + "strings" +) + +var ( + newline = []byte("\n") + spaces = []byte(" ") + gtNewline = []byte(">\n") + endBraceNewline = []byte("}\n") + backslashN = []byte{'\\', 'n'} + backslashR = []byte{'\\', 'r'} + backslashT = []byte{'\\', 't'} + backslashDQ = []byte{'\\', '"'} + backslashBS = []byte{'\\', '\\'} + posInf = []byte("inf") + negInf = []byte("-inf") + nan = []byte("nan") +) + +type writer interface { + io.Writer + WriteByte(byte) error +} + +// textWriter is an io.Writer that tracks its indentation level. +type textWriter struct { + ind int + complete bool // if the current position is a complete line + compact bool // whether to write out as a one-liner + w writer +} + +func (w *textWriter) WriteString(s string) (n int, err error) { + if !strings.Contains(s, "\n") { + if !w.compact && w.complete { + w.writeIndent() + } + w.complete = false + return io.WriteString(w.w, s) + } + // WriteString is typically called without newlines, so this + // codepath and its copy are rare. We copy to avoid + // duplicating all of Write's logic here. + return w.Write([]byte(s)) +} + +func (w *textWriter) Write(p []byte) (n int, err error) { + newlines := bytes.Count(p, newline) + if newlines == 0 { + if !w.compact && w.complete { + w.writeIndent() + } + n, err = w.w.Write(p) + w.complete = false + return n, err + } + + frags := bytes.SplitN(p, newline, newlines+1) + if w.compact { + for i, frag := range frags { + if i > 0 { + if err := w.w.WriteByte(' '); err != nil { + return n, err + } + n++ + } + nn, err := w.w.Write(frag) + n += nn + if err != nil { + return n, err + } + } + return n, nil + } + + for i, frag := range frags { + if w.complete { + w.writeIndent() + } + nn, err := w.w.Write(frag) + n += nn + if err != nil { + return n, err + } + if i+1 < len(frags) { + if err := w.w.WriteByte('\n'); err != nil { + return n, err + } + n++ + } + } + w.complete = len(frags[len(frags)-1]) == 0 + return n, nil +} + +func (w *textWriter) WriteByte(c byte) error { + if w.compact && c == '\n' { + c = ' ' + } + if !w.compact && w.complete { + w.writeIndent() + } + err := w.w.WriteByte(c) + w.complete = c == '\n' + return err +} + +func (w *textWriter) indent() { w.ind++ } + +func (w *textWriter) unindent() { + if w.ind == 0 { + log.Print("proto: textWriter unindented too far") + return + } + w.ind-- +} + +func writeName(w *textWriter, props *Properties) error { + if _, err := w.WriteString(props.OrigName); err != nil { + return err + } + if props.Wire != "group" { + return w.WriteByte(':') + } + return nil +} + +// raw is the interface satisfied by RawMessage. +type raw interface { + Bytes() []byte +} + +func requiresQuotes(u string) bool { + // When type URL contains any characters except [0-9A-Za-z./\-]*, it must be quoted. + for _, ch := range u { + switch { + case ch == '.' || ch == '/' || ch == '_': + continue + case '0' <= ch && ch <= '9': + continue + case 'A' <= ch && ch <= 'Z': + continue + case 'a' <= ch && ch <= 'z': + continue + default: + return true + } + } + return false +} + +// isAny reports whether sv is a google.protobuf.Any message +func isAny(sv reflect.Value) bool { + type wkt interface { + XXX_WellKnownType() string + } + t, ok := sv.Addr().Interface().(wkt) + return ok && t.XXX_WellKnownType() == "Any" +} + +// writeProto3Any writes an expanded google.protobuf.Any message. +// +// It returns (false, nil) if sv value can't be unmarshaled (e.g. because +// required messages are not linked in). +// +// It returns (true, error) when sv was written in expanded format or an error +// was encountered. +func (tm *TextMarshaler) writeProto3Any(w *textWriter, sv reflect.Value) (bool, error) { + turl := sv.FieldByName("TypeUrl") + val := sv.FieldByName("Value") + if !turl.IsValid() || !val.IsValid() { + return true, errors.New("proto: invalid google.protobuf.Any message") + } + + b, ok := val.Interface().([]byte) + if !ok { + return true, errors.New("proto: invalid google.protobuf.Any message") + } + + parts := strings.Split(turl.String(), "/") + mt := MessageType(parts[len(parts)-1]) + if mt == nil { + return false, nil + } + m := reflect.New(mt.Elem()) + if err := Unmarshal(b, m.Interface().(Message)); err != nil { + return false, nil + } + w.Write([]byte("[")) + u := turl.String() + if requiresQuotes(u) { + writeString(w, u) + } else { + w.Write([]byte(u)) + } + if w.compact { + w.Write([]byte("]:<")) + } else { + w.Write([]byte("]: <\n")) + w.ind++ + } + if err := tm.writeStruct(w, m.Elem()); err != nil { + return true, err + } + if w.compact { + w.Write([]byte("> ")) + } else { + w.ind-- + w.Write([]byte(">\n")) + } + return true, nil +} + +func (tm *TextMarshaler) writeStruct(w *textWriter, sv reflect.Value) error { + if tm.ExpandAny && isAny(sv) { + if canExpand, err := tm.writeProto3Any(w, sv); canExpand { + return err + } + } + st := sv.Type() + sprops := GetProperties(st) + for i := 0; i < sv.NumField(); i++ { + fv := sv.Field(i) + props := sprops.Prop[i] + name := st.Field(i).Name + + if strings.HasPrefix(name, "XXX_") { + // There are two XXX_ fields: + // XXX_unrecognized []byte + // XXX_extensions map[int32]proto.Extension + // The first is handled here; + // the second is handled at the bottom of this function. + if name == "XXX_unrecognized" && !fv.IsNil() { + if err := writeUnknownStruct(w, fv.Interface().([]byte)); err != nil { + return err + } + } + continue + } + if fv.Kind() == reflect.Ptr && fv.IsNil() { + // Field not filled in. This could be an optional field or + // a required field that wasn't filled in. Either way, there + // isn't anything we can show for it. + continue + } + if fv.Kind() == reflect.Slice && fv.IsNil() { + // Repeated field that is empty, or a bytes field that is unused. + continue + } + + if props.Repeated && fv.Kind() == reflect.Slice { + // Repeated field. + for j := 0; j < fv.Len(); j++ { + if err := writeName(w, props); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + v := fv.Index(j) + if v.Kind() == reflect.Ptr && v.IsNil() { + // A nil message in a repeated field is not valid, + // but we can handle that more gracefully than panicking. + if _, err := w.Write([]byte("\n")); err != nil { + return err + } + continue + } + if err := tm.writeAny(w, v, props); err != nil { + return err + } + if err := w.WriteByte('\n'); err != nil { + return err + } + } + continue + } + if fv.Kind() == reflect.Map { + // Map fields are rendered as a repeated struct with key/value fields. + keys := fv.MapKeys() + sort.Sort(mapKeys(keys)) + for _, key := range keys { + val := fv.MapIndex(key) + if err := writeName(w, props); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + // open struct + if err := w.WriteByte('<'); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte('\n'); err != nil { + return err + } + } + w.indent() + // key + if _, err := w.WriteString("key:"); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + if err := tm.writeAny(w, key, props.mkeyprop); err != nil { + return err + } + if err := w.WriteByte('\n'); err != nil { + return err + } + // nil values aren't legal, but we can avoid panicking because of them. + if val.Kind() != reflect.Ptr || !val.IsNil() { + // value + if _, err := w.WriteString("value:"); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + if err := tm.writeAny(w, val, props.mvalprop); err != nil { + return err + } + if err := w.WriteByte('\n'); err != nil { + return err + } + } + // close struct + w.unindent() + if err := w.WriteByte('>'); err != nil { + return err + } + if err := w.WriteByte('\n'); err != nil { + return err + } + } + continue + } + if props.proto3 && fv.Kind() == reflect.Slice && fv.Len() == 0 { + // empty bytes field + continue + } + if fv.Kind() != reflect.Ptr && fv.Kind() != reflect.Slice { + // proto3 non-repeated scalar field; skip if zero value + if isProto3Zero(fv) { + continue + } + } + + if fv.Kind() == reflect.Interface { + // Check if it is a oneof. + if st.Field(i).Tag.Get("protobuf_oneof") != "" { + // fv is nil, or holds a pointer to generated struct. + // That generated struct has exactly one field, + // which has a protobuf struct tag. + if fv.IsNil() { + continue + } + inner := fv.Elem().Elem() // interface -> *T -> T + tag := inner.Type().Field(0).Tag.Get("protobuf") + props = new(Properties) // Overwrite the outer props var, but not its pointee. + props.Parse(tag) + // Write the value in the oneof, not the oneof itself. + fv = inner.Field(0) + + // Special case to cope with malformed messages gracefully: + // If the value in the oneof is a nil pointer, don't panic + // in writeAny. + if fv.Kind() == reflect.Ptr && fv.IsNil() { + // Use errors.New so writeAny won't render quotes. + msg := errors.New("/* nil */") + fv = reflect.ValueOf(&msg).Elem() + } + } + } + + if err := writeName(w, props); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + if b, ok := fv.Interface().(raw); ok { + if err := writeRaw(w, b.Bytes()); err != nil { + return err + } + continue + } + + // Enums have a String method, so writeAny will work fine. + if err := tm.writeAny(w, fv, props); err != nil { + return err + } + + if err := w.WriteByte('\n'); err != nil { + return err + } + } + + // Extensions (the XXX_extensions field). + pv := sv.Addr() + if _, ok := extendable(pv.Interface()); ok { + if err := tm.writeExtensions(w, pv); err != nil { + return err + } + } + + return nil +} + +// writeRaw writes an uninterpreted raw message. +func writeRaw(w *textWriter, b []byte) error { + if err := w.WriteByte('<'); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte('\n'); err != nil { + return err + } + } + w.indent() + if err := writeUnknownStruct(w, b); err != nil { + return err + } + w.unindent() + if err := w.WriteByte('>'); err != nil { + return err + } + return nil +} + +// writeAny writes an arbitrary field. +func (tm *TextMarshaler) writeAny(w *textWriter, v reflect.Value, props *Properties) error { + v = reflect.Indirect(v) + + // Floats have special cases. + if v.Kind() == reflect.Float32 || v.Kind() == reflect.Float64 { + x := v.Float() + var b []byte + switch { + case math.IsInf(x, 1): + b = posInf + case math.IsInf(x, -1): + b = negInf + case math.IsNaN(x): + b = nan + } + if b != nil { + _, err := w.Write(b) + return err + } + // Other values are handled below. + } + + // We don't attempt to serialise every possible value type; only those + // that can occur in protocol buffers. + switch v.Kind() { + case reflect.Slice: + // Should only be a []byte; repeated fields are handled in writeStruct. + if err := writeString(w, string(v.Bytes())); err != nil { + return err + } + case reflect.String: + if err := writeString(w, v.String()); err != nil { + return err + } + case reflect.Struct: + // Required/optional group/message. + var bra, ket byte = '<', '>' + if props != nil && props.Wire == "group" { + bra, ket = '{', '}' + } + if err := w.WriteByte(bra); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte('\n'); err != nil { + return err + } + } + w.indent() + if etm, ok := v.Interface().(encoding.TextMarshaler); ok { + text, err := etm.MarshalText() + if err != nil { + return err + } + if _, err = w.Write(text); err != nil { + return err + } + } else if err := tm.writeStruct(w, v); err != nil { + return err + } + w.unindent() + if err := w.WriteByte(ket); err != nil { + return err + } + default: + _, err := fmt.Fprint(w, v.Interface()) + return err + } + return nil +} + +// equivalent to C's isprint. +func isprint(c byte) bool { + return c >= 0x20 && c < 0x7f +} + +// writeString writes a string in the protocol buffer text format. +// It is similar to strconv.Quote except we don't use Go escape sequences, +// we treat the string as a byte sequence, and we use octal escapes. +// These differences are to maintain interoperability with the other +// languages' implementations of the text format. +func writeString(w *textWriter, s string) error { + // use WriteByte here to get any needed indent + if err := w.WriteByte('"'); err != nil { + return err + } + // Loop over the bytes, not the runes. + for i := 0; i < len(s); i++ { + var err error + // Divergence from C++: we don't escape apostrophes. + // There's no need to escape them, and the C++ parser + // copes with a naked apostrophe. + switch c := s[i]; c { + case '\n': + _, err = w.w.Write(backslashN) + case '\r': + _, err = w.w.Write(backslashR) + case '\t': + _, err = w.w.Write(backslashT) + case '"': + _, err = w.w.Write(backslashDQ) + case '\\': + _, err = w.w.Write(backslashBS) + default: + if isprint(c) { + err = w.w.WriteByte(c) + } else { + _, err = fmt.Fprintf(w.w, "\\%03o", c) + } + } + if err != nil { + return err + } + } + return w.WriteByte('"') +} + +func writeUnknownStruct(w *textWriter, data []byte) (err error) { + if !w.compact { + if _, err := fmt.Fprintf(w, "/* %d unknown bytes */\n", len(data)); err != nil { + return err + } + } + b := NewBuffer(data) + for b.index < len(b.buf) { + x, err := b.DecodeVarint() + if err != nil { + _, err := fmt.Fprintf(w, "/* %v */\n", err) + return err + } + wire, tag := x&7, x>>3 + if wire == WireEndGroup { + w.unindent() + if _, err := w.Write(endBraceNewline); err != nil { + return err + } + continue + } + if _, err := fmt.Fprint(w, tag); err != nil { + return err + } + if wire != WireStartGroup { + if err := w.WriteByte(':'); err != nil { + return err + } + } + if !w.compact || wire == WireStartGroup { + if err := w.WriteByte(' '); err != nil { + return err + } + } + switch wire { + case WireBytes: + buf, e := b.DecodeRawBytes(false) + if e == nil { + _, err = fmt.Fprintf(w, "%q", buf) + } else { + _, err = fmt.Fprintf(w, "/* %v */", e) + } + case WireFixed32: + x, err = b.DecodeFixed32() + err = writeUnknownInt(w, x, err) + case WireFixed64: + x, err = b.DecodeFixed64() + err = writeUnknownInt(w, x, err) + case WireStartGroup: + err = w.WriteByte('{') + w.indent() + case WireVarint: + x, err = b.DecodeVarint() + err = writeUnknownInt(w, x, err) + default: + _, err = fmt.Fprintf(w, "/* unknown wire type %d */", wire) + } + if err != nil { + return err + } + if err = w.WriteByte('\n'); err != nil { + return err + } + } + return nil +} + +func writeUnknownInt(w *textWriter, x uint64, err error) error { + if err == nil { + _, err = fmt.Fprint(w, x) + } else { + _, err = fmt.Fprintf(w, "/* %v */", err) + } + return err +} + +type int32Slice []int32 + +func (s int32Slice) Len() int { return len(s) } +func (s int32Slice) Less(i, j int) bool { return s[i] < s[j] } +func (s int32Slice) Swap(i, j int) { s[i], s[j] = s[j], s[i] } + +// writeExtensions writes all the extensions in pv. +// pv is assumed to be a pointer to a protocol message struct that is extendable. +func (tm *TextMarshaler) writeExtensions(w *textWriter, pv reflect.Value) error { + emap := extensionMaps[pv.Type().Elem()] + ep, _ := extendable(pv.Interface()) + + // Order the extensions by ID. + // This isn't strictly necessary, but it will give us + // canonical output, which will also make testing easier. + m, mu := ep.extensionsRead() + if m == nil { + return nil + } + mu.Lock() + ids := make([]int32, 0, len(m)) + for id := range m { + ids = append(ids, id) + } + sort.Sort(int32Slice(ids)) + mu.Unlock() + + for _, extNum := range ids { + ext := m[extNum] + var desc *ExtensionDesc + if emap != nil { + desc = emap[extNum] + } + if desc == nil { + // Unknown extension. + if err := writeUnknownStruct(w, ext.enc); err != nil { + return err + } + continue + } + + pb, err := GetExtension(ep, desc) + if err != nil { + return fmt.Errorf("failed getting extension: %v", err) + } + + // Repeated extensions will appear as a slice. + if !desc.repeated() { + if err := tm.writeExtension(w, desc.Name, pb); err != nil { + return err + } + } else { + v := reflect.ValueOf(pb) + for i := 0; i < v.Len(); i++ { + if err := tm.writeExtension(w, desc.Name, v.Index(i).Interface()); err != nil { + return err + } + } + } + } + return nil +} + +func (tm *TextMarshaler) writeExtension(w *textWriter, name string, pb interface{}) error { + if _, err := fmt.Fprintf(w, "[%s]:", name); err != nil { + return err + } + if !w.compact { + if err := w.WriteByte(' '); err != nil { + return err + } + } + if err := tm.writeAny(w, reflect.ValueOf(pb), nil); err != nil { + return err + } + if err := w.WriteByte('\n'); err != nil { + return err + } + return nil +} + +func (w *textWriter) writeIndent() { + if !w.complete { + return + } + remain := w.ind * 2 + for remain > 0 { + n := remain + if n > len(spaces) { + n = len(spaces) + } + w.w.Write(spaces[:n]) + remain -= n + } + w.complete = false +} + +// TextMarshaler is a configurable text format marshaler. +type TextMarshaler struct { + Compact bool // use compact text format (one line). + ExpandAny bool // expand google.protobuf.Any messages of known types +} + +// Marshal writes a given protocol buffer in text format. +// The only errors returned are from w. +func (tm *TextMarshaler) Marshal(w io.Writer, pb Message) error { + val := reflect.ValueOf(pb) + if pb == nil || val.IsNil() { + w.Write([]byte("")) + return nil + } + var bw *bufio.Writer + ww, ok := w.(writer) + if !ok { + bw = bufio.NewWriter(w) + ww = bw + } + aw := &textWriter{ + w: ww, + complete: true, + compact: tm.Compact, + } + + if etm, ok := pb.(encoding.TextMarshaler); ok { + text, err := etm.MarshalText() + if err != nil { + return err + } + if _, err = aw.Write(text); err != nil { + return err + } + if bw != nil { + return bw.Flush() + } + return nil + } + // Dereference the received pointer so we don't have outer < and >. + v := reflect.Indirect(val) + if err := tm.writeStruct(aw, v); err != nil { + return err + } + if bw != nil { + return bw.Flush() + } + return nil +} + +// Text is the same as Marshal, but returns the string directly. +func (tm *TextMarshaler) Text(pb Message) string { + var buf bytes.Buffer + tm.Marshal(&buf, pb) + return buf.String() +} + +var ( + defaultTextMarshaler = TextMarshaler{} + compactTextMarshaler = TextMarshaler{Compact: true} +) + +// TODO: consider removing some of the Marshal functions below. + +// MarshalText writes a given protocol buffer in text format. +// The only errors returned are from w. +func MarshalText(w io.Writer, pb Message) error { return defaultTextMarshaler.Marshal(w, pb) } + +// MarshalTextString is the same as MarshalText, but returns the string directly. +func MarshalTextString(pb Message) string { return defaultTextMarshaler.Text(pb) } + +// CompactText writes a given protocol buffer in compact text format (one line). +func CompactText(w io.Writer, pb Message) error { return compactTextMarshaler.Marshal(w, pb) } + +// CompactTextString is the same as CompactText, but returns the string directly. +func CompactTextString(pb Message) string { return compactTextMarshaler.Text(pb) } diff --git a/vendor/github.com/golang/protobuf/proto/text_parser.go b/vendor/github.com/golang/protobuf/proto/text_parser.go new file mode 100644 index 0000000000..5e14513f28 --- /dev/null +++ b/vendor/github.com/golang/protobuf/proto/text_parser.go @@ -0,0 +1,895 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2010 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package proto + +// Functions for parsing the Text protocol buffer format. +// TODO: message sets. + +import ( + "encoding" + "errors" + "fmt" + "reflect" + "strconv" + "strings" + "unicode/utf8" +) + +// Error string emitted when deserializing Any and fields are already set +const anyRepeatedlyUnpacked = "Any message unpacked multiple times, or %q already set" + +type ParseError struct { + Message string + Line int // 1-based line number + Offset int // 0-based byte offset from start of input +} + +func (p *ParseError) Error() string { + if p.Line == 1 { + // show offset only for first line + return fmt.Sprintf("line 1.%d: %v", p.Offset, p.Message) + } + return fmt.Sprintf("line %d: %v", p.Line, p.Message) +} + +type token struct { + value string + err *ParseError + line int // line number + offset int // byte number from start of input, not start of line + unquoted string // the unquoted version of value, if it was a quoted string +} + +func (t *token) String() string { + if t.err == nil { + return fmt.Sprintf("%q (line=%d, offset=%d)", t.value, t.line, t.offset) + } + return fmt.Sprintf("parse error: %v", t.err) +} + +type textParser struct { + s string // remaining input + done bool // whether the parsing is finished (success or error) + backed bool // whether back() was called + offset, line int + cur token +} + +func newTextParser(s string) *textParser { + p := new(textParser) + p.s = s + p.line = 1 + p.cur.line = 1 + return p +} + +func (p *textParser) errorf(format string, a ...interface{}) *ParseError { + pe := &ParseError{fmt.Sprintf(format, a...), p.cur.line, p.cur.offset} + p.cur.err = pe + p.done = true + return pe +} + +// Numbers and identifiers are matched by [-+._A-Za-z0-9] +func isIdentOrNumberChar(c byte) bool { + switch { + case 'A' <= c && c <= 'Z', 'a' <= c && c <= 'z': + return true + case '0' <= c && c <= '9': + return true + } + switch c { + case '-', '+', '.', '_': + return true + } + return false +} + +func isWhitespace(c byte) bool { + switch c { + case ' ', '\t', '\n', '\r': + return true + } + return false +} + +func isQuote(c byte) bool { + switch c { + case '"', '\'': + return true + } + return false +} + +func (p *textParser) skipWhitespace() { + i := 0 + for i < len(p.s) && (isWhitespace(p.s[i]) || p.s[i] == '#') { + if p.s[i] == '#' { + // comment; skip to end of line or input + for i < len(p.s) && p.s[i] != '\n' { + i++ + } + if i == len(p.s) { + break + } + } + if p.s[i] == '\n' { + p.line++ + } + i++ + } + p.offset += i + p.s = p.s[i:len(p.s)] + if len(p.s) == 0 { + p.done = true + } +} + +func (p *textParser) advance() { + // Skip whitespace + p.skipWhitespace() + if p.done { + return + } + + // Start of non-whitespace + p.cur.err = nil + p.cur.offset, p.cur.line = p.offset, p.line + p.cur.unquoted = "" + switch p.s[0] { + case '<', '>', '{', '}', ':', '[', ']', ';', ',', '/': + // Single symbol + p.cur.value, p.s = p.s[0:1], p.s[1:len(p.s)] + case '"', '\'': + // Quoted string + i := 1 + for i < len(p.s) && p.s[i] != p.s[0] && p.s[i] != '\n' { + if p.s[i] == '\\' && i+1 < len(p.s) { + // skip escaped char + i++ + } + i++ + } + if i >= len(p.s) || p.s[i] != p.s[0] { + p.errorf("unmatched quote") + return + } + unq, err := unquoteC(p.s[1:i], rune(p.s[0])) + if err != nil { + p.errorf("invalid quoted string %s: %v", p.s[0:i+1], err) + return + } + p.cur.value, p.s = p.s[0:i+1], p.s[i+1:len(p.s)] + p.cur.unquoted = unq + default: + i := 0 + for i < len(p.s) && isIdentOrNumberChar(p.s[i]) { + i++ + } + if i == 0 { + p.errorf("unexpected byte %#x", p.s[0]) + return + } + p.cur.value, p.s = p.s[0:i], p.s[i:len(p.s)] + } + p.offset += len(p.cur.value) +} + +var ( + errBadUTF8 = errors.New("proto: bad UTF-8") + errBadHex = errors.New("proto: bad hexadecimal") +) + +func unquoteC(s string, quote rune) (string, error) { + // This is based on C++'s tokenizer.cc. + // Despite its name, this is *not* parsing C syntax. + // For instance, "\0" is an invalid quoted string. + + // Avoid allocation in trivial cases. + simple := true + for _, r := range s { + if r == '\\' || r == quote { + simple = false + break + } + } + if simple { + return s, nil + } + + buf := make([]byte, 0, 3*len(s)/2) + for len(s) > 0 { + r, n := utf8.DecodeRuneInString(s) + if r == utf8.RuneError && n == 1 { + return "", errBadUTF8 + } + s = s[n:] + if r != '\\' { + if r < utf8.RuneSelf { + buf = append(buf, byte(r)) + } else { + buf = append(buf, string(r)...) + } + continue + } + + ch, tail, err := unescape(s) + if err != nil { + return "", err + } + buf = append(buf, ch...) + s = tail + } + return string(buf), nil +} + +func unescape(s string) (ch string, tail string, err error) { + r, n := utf8.DecodeRuneInString(s) + if r == utf8.RuneError && n == 1 { + return "", "", errBadUTF8 + } + s = s[n:] + switch r { + case 'a': + return "\a", s, nil + case 'b': + return "\b", s, nil + case 'f': + return "\f", s, nil + case 'n': + return "\n", s, nil + case 'r': + return "\r", s, nil + case 't': + return "\t", s, nil + case 'v': + return "\v", s, nil + case '?': + return "?", s, nil // trigraph workaround + case '\'', '"', '\\': + return string(r), s, nil + case '0', '1', '2', '3', '4', '5', '6', '7', 'x', 'X': + if len(s) < 2 { + return "", "", fmt.Errorf(`\%c requires 2 following digits`, r) + } + base := 8 + ss := s[:2] + s = s[2:] + if r == 'x' || r == 'X' { + base = 16 + } else { + ss = string(r) + ss + } + i, err := strconv.ParseUint(ss, base, 8) + if err != nil { + return "", "", err + } + return string([]byte{byte(i)}), s, nil + case 'u', 'U': + n := 4 + if r == 'U' { + n = 8 + } + if len(s) < n { + return "", "", fmt.Errorf(`\%c requires %d digits`, r, n) + } + + bs := make([]byte, n/2) + for i := 0; i < n; i += 2 { + a, ok1 := unhex(s[i]) + b, ok2 := unhex(s[i+1]) + if !ok1 || !ok2 { + return "", "", errBadHex + } + bs[i/2] = a<<4 | b + } + s = s[n:] + return string(bs), s, nil + } + return "", "", fmt.Errorf(`unknown escape \%c`, r) +} + +// Adapted from src/pkg/strconv/quote.go. +func unhex(b byte) (v byte, ok bool) { + switch { + case '0' <= b && b <= '9': + return b - '0', true + case 'a' <= b && b <= 'f': + return b - 'a' + 10, true + case 'A' <= b && b <= 'F': + return b - 'A' + 10, true + } + return 0, false +} + +// Back off the parser by one token. Can only be done between calls to next(). +// It makes the next advance() a no-op. +func (p *textParser) back() { p.backed = true } + +// Advances the parser and returns the new current token. +func (p *textParser) next() *token { + if p.backed || p.done { + p.backed = false + return &p.cur + } + p.advance() + if p.done { + p.cur.value = "" + } else if len(p.cur.value) > 0 && isQuote(p.cur.value[0]) { + // Look for multiple quoted strings separated by whitespace, + // and concatenate them. + cat := p.cur + for { + p.skipWhitespace() + if p.done || !isQuote(p.s[0]) { + break + } + p.advance() + if p.cur.err != nil { + return &p.cur + } + cat.value += " " + p.cur.value + cat.unquoted += p.cur.unquoted + } + p.done = false // parser may have seen EOF, but we want to return cat + p.cur = cat + } + return &p.cur +} + +func (p *textParser) consumeToken(s string) error { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value != s { + p.back() + return p.errorf("expected %q, found %q", s, tok.value) + } + return nil +} + +// Return a RequiredNotSetError indicating which required field was not set. +func (p *textParser) missingRequiredFieldError(sv reflect.Value) *RequiredNotSetError { + st := sv.Type() + sprops := GetProperties(st) + for i := 0; i < st.NumField(); i++ { + if !isNil(sv.Field(i)) { + continue + } + + props := sprops.Prop[i] + if props.Required { + return &RequiredNotSetError{fmt.Sprintf("%v.%v", st, props.OrigName)} + } + } + return &RequiredNotSetError{fmt.Sprintf("%v.", st)} // should not happen +} + +// Returns the index in the struct for the named field, as well as the parsed tag properties. +func structFieldByName(sprops *StructProperties, name string) (int, *Properties, bool) { + i, ok := sprops.decoderOrigNames[name] + if ok { + return i, sprops.Prop[i], true + } + return -1, nil, false +} + +// Consume a ':' from the input stream (if the next token is a colon), +// returning an error if a colon is needed but not present. +func (p *textParser) checkForColon(props *Properties, typ reflect.Type) *ParseError { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value != ":" { + // Colon is optional when the field is a group or message. + needColon := true + switch props.Wire { + case "group": + needColon = false + case "bytes": + // A "bytes" field is either a message, a string, or a repeated field; + // those three become *T, *string and []T respectively, so we can check for + // this field being a pointer to a non-string. + if typ.Kind() == reflect.Ptr { + // *T or *string + if typ.Elem().Kind() == reflect.String { + break + } + } else if typ.Kind() == reflect.Slice { + // []T or []*T + if typ.Elem().Kind() != reflect.Ptr { + break + } + } else if typ.Kind() == reflect.String { + // The proto3 exception is for a string field, + // which requires a colon. + break + } + needColon = false + } + if needColon { + return p.errorf("expected ':', found %q", tok.value) + } + p.back() + } + return nil +} + +func (p *textParser) readStruct(sv reflect.Value, terminator string) error { + st := sv.Type() + sprops := GetProperties(st) + reqCount := sprops.reqCount + var reqFieldErr error + fieldSet := make(map[string]bool) + // A struct is a sequence of "name: value", terminated by one of + // '>' or '}', or the end of the input. A name may also be + // "[extension]" or "[type/url]". + // + // The whole struct can also be an expanded Any message, like: + // [type/url] < ... struct contents ... > + for { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value == terminator { + break + } + if tok.value == "[" { + // Looks like an extension or an Any. + // + // TODO: Check whether we need to handle + // namespace rooted names (e.g. ".something.Foo"). + extName, err := p.consumeExtName() + if err != nil { + return err + } + + if s := strings.LastIndex(extName, "/"); s >= 0 { + // If it contains a slash, it's an Any type URL. + messageName := extName[s+1:] + mt := MessageType(messageName) + if mt == nil { + return p.errorf("unrecognized message %q in google.protobuf.Any", messageName) + } + tok = p.next() + if tok.err != nil { + return tok.err + } + // consume an optional colon + if tok.value == ":" { + tok = p.next() + if tok.err != nil { + return tok.err + } + } + var terminator string + switch tok.value { + case "<": + terminator = ">" + case "{": + terminator = "}" + default: + return p.errorf("expected '{' or '<', found %q", tok.value) + } + v := reflect.New(mt.Elem()) + if pe := p.readStruct(v.Elem(), terminator); pe != nil { + return pe + } + b, err := Marshal(v.Interface().(Message)) + if err != nil { + return p.errorf("failed to marshal message of type %q: %v", messageName, err) + } + if fieldSet["type_url"] { + return p.errorf(anyRepeatedlyUnpacked, "type_url") + } + if fieldSet["value"] { + return p.errorf(anyRepeatedlyUnpacked, "value") + } + sv.FieldByName("TypeUrl").SetString(extName) + sv.FieldByName("Value").SetBytes(b) + fieldSet["type_url"] = true + fieldSet["value"] = true + continue + } + + var desc *ExtensionDesc + // This could be faster, but it's functional. + // TODO: Do something smarter than a linear scan. + for _, d := range RegisteredExtensions(reflect.New(st).Interface().(Message)) { + if d.Name == extName { + desc = d + break + } + } + if desc == nil { + return p.errorf("unrecognized extension %q", extName) + } + + props := &Properties{} + props.Parse(desc.Tag) + + typ := reflect.TypeOf(desc.ExtensionType) + if err := p.checkForColon(props, typ); err != nil { + return err + } + + rep := desc.repeated() + + // Read the extension structure, and set it in + // the value we're constructing. + var ext reflect.Value + if !rep { + ext = reflect.New(typ).Elem() + } else { + ext = reflect.New(typ.Elem()).Elem() + } + if err := p.readAny(ext, props); err != nil { + if _, ok := err.(*RequiredNotSetError); !ok { + return err + } + reqFieldErr = err + } + ep := sv.Addr().Interface().(Message) + if !rep { + SetExtension(ep, desc, ext.Interface()) + } else { + old, err := GetExtension(ep, desc) + var sl reflect.Value + if err == nil { + sl = reflect.ValueOf(old) // existing slice + } else { + sl = reflect.MakeSlice(typ, 0, 1) + } + sl = reflect.Append(sl, ext) + SetExtension(ep, desc, sl.Interface()) + } + if err := p.consumeOptionalSeparator(); err != nil { + return err + } + continue + } + + // This is a normal, non-extension field. + name := tok.value + var dst reflect.Value + fi, props, ok := structFieldByName(sprops, name) + if ok { + dst = sv.Field(fi) + } else if oop, ok := sprops.OneofTypes[name]; ok { + // It is a oneof. + props = oop.Prop + nv := reflect.New(oop.Type.Elem()) + dst = nv.Elem().Field(0) + field := sv.Field(oop.Field) + if !field.IsNil() { + return p.errorf("field '%s' would overwrite already parsed oneof '%s'", name, sv.Type().Field(oop.Field).Name) + } + field.Set(nv) + } + if !dst.IsValid() { + return p.errorf("unknown field name %q in %v", name, st) + } + + if dst.Kind() == reflect.Map { + // Consume any colon. + if err := p.checkForColon(props, dst.Type()); err != nil { + return err + } + + // Construct the map if it doesn't already exist. + if dst.IsNil() { + dst.Set(reflect.MakeMap(dst.Type())) + } + key := reflect.New(dst.Type().Key()).Elem() + val := reflect.New(dst.Type().Elem()).Elem() + + // The map entry should be this sequence of tokens: + // < key : KEY value : VALUE > + // However, implementations may omit key or value, and technically + // we should support them in any order. See b/28924776 for a time + // this went wrong. + + tok := p.next() + var terminator string + switch tok.value { + case "<": + terminator = ">" + case "{": + terminator = "}" + default: + return p.errorf("expected '{' or '<', found %q", tok.value) + } + for { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value == terminator { + break + } + switch tok.value { + case "key": + if err := p.consumeToken(":"); err != nil { + return err + } + if err := p.readAny(key, props.mkeyprop); err != nil { + return err + } + if err := p.consumeOptionalSeparator(); err != nil { + return err + } + case "value": + if err := p.checkForColon(props.mvalprop, dst.Type().Elem()); err != nil { + return err + } + if err := p.readAny(val, props.mvalprop); err != nil { + return err + } + if err := p.consumeOptionalSeparator(); err != nil { + return err + } + default: + p.back() + return p.errorf(`expected "key", "value", or %q, found %q`, terminator, tok.value) + } + } + + dst.SetMapIndex(key, val) + continue + } + + // Check that it's not already set if it's not a repeated field. + if !props.Repeated && fieldSet[name] { + return p.errorf("non-repeated field %q was repeated", name) + } + + if err := p.checkForColon(props, dst.Type()); err != nil { + return err + } + + // Parse into the field. + fieldSet[name] = true + if err := p.readAny(dst, props); err != nil { + if _, ok := err.(*RequiredNotSetError); !ok { + return err + } + reqFieldErr = err + } + if props.Required { + reqCount-- + } + + if err := p.consumeOptionalSeparator(); err != nil { + return err + } + + } + + if reqCount > 0 { + return p.missingRequiredFieldError(sv) + } + return reqFieldErr +} + +// consumeExtName consumes extension name or expanded Any type URL and the +// following ']'. It returns the name or URL consumed. +func (p *textParser) consumeExtName() (string, error) { + tok := p.next() + if tok.err != nil { + return "", tok.err + } + + // If extension name or type url is quoted, it's a single token. + if len(tok.value) > 2 && isQuote(tok.value[0]) && tok.value[len(tok.value)-1] == tok.value[0] { + name, err := unquoteC(tok.value[1:len(tok.value)-1], rune(tok.value[0])) + if err != nil { + return "", err + } + return name, p.consumeToken("]") + } + + // Consume everything up to "]" + var parts []string + for tok.value != "]" { + parts = append(parts, tok.value) + tok = p.next() + if tok.err != nil { + return "", p.errorf("unrecognized type_url or extension name: %s", tok.err) + } + } + return strings.Join(parts, ""), nil +} + +// consumeOptionalSeparator consumes an optional semicolon or comma. +// It is used in readStruct to provide backward compatibility. +func (p *textParser) consumeOptionalSeparator() error { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value != ";" && tok.value != "," { + p.back() + } + return nil +} + +func (p *textParser) readAny(v reflect.Value, props *Properties) error { + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value == "" { + return p.errorf("unexpected EOF") + } + + switch fv := v; fv.Kind() { + case reflect.Slice: + at := v.Type() + if at.Elem().Kind() == reflect.Uint8 { + // Special case for []byte + if tok.value[0] != '"' && tok.value[0] != '\'' { + // Deliberately written out here, as the error after + // this switch statement would write "invalid []byte: ...", + // which is not as user-friendly. + return p.errorf("invalid string: %v", tok.value) + } + bytes := []byte(tok.unquoted) + fv.Set(reflect.ValueOf(bytes)) + return nil + } + // Repeated field. + if tok.value == "[" { + // Repeated field with list notation, like [1,2,3]. + for { + fv.Set(reflect.Append(fv, reflect.New(at.Elem()).Elem())) + err := p.readAny(fv.Index(fv.Len()-1), props) + if err != nil { + return err + } + tok := p.next() + if tok.err != nil { + return tok.err + } + if tok.value == "]" { + break + } + if tok.value != "," { + return p.errorf("Expected ']' or ',' found %q", tok.value) + } + } + return nil + } + // One value of the repeated field. + p.back() + fv.Set(reflect.Append(fv, reflect.New(at.Elem()).Elem())) + return p.readAny(fv.Index(fv.Len()-1), props) + case reflect.Bool: + // true/1/t/True or false/f/0/False. + switch tok.value { + case "true", "1", "t", "True": + fv.SetBool(true) + return nil + case "false", "0", "f", "False": + fv.SetBool(false) + return nil + } + case reflect.Float32, reflect.Float64: + v := tok.value + // Ignore 'f' for compatibility with output generated by C++, but don't + // remove 'f' when the value is "-inf" or "inf". + if strings.HasSuffix(v, "f") && tok.value != "-inf" && tok.value != "inf" { + v = v[:len(v)-1] + } + if f, err := strconv.ParseFloat(v, fv.Type().Bits()); err == nil { + fv.SetFloat(f) + return nil + } + case reflect.Int32: + if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil { + fv.SetInt(x) + return nil + } + + if len(props.Enum) == 0 { + break + } + m, ok := enumValueMaps[props.Enum] + if !ok { + break + } + x, ok := m[tok.value] + if !ok { + break + } + fv.SetInt(int64(x)) + return nil + case reflect.Int64: + if x, err := strconv.ParseInt(tok.value, 0, 64); err == nil { + fv.SetInt(x) + return nil + } + + case reflect.Ptr: + // A basic field (indirected through pointer), or a repeated message/group + p.back() + fv.Set(reflect.New(fv.Type().Elem())) + return p.readAny(fv.Elem(), props) + case reflect.String: + if tok.value[0] == '"' || tok.value[0] == '\'' { + fv.SetString(tok.unquoted) + return nil + } + case reflect.Struct: + var terminator string + switch tok.value { + case "{": + terminator = "}" + case "<": + terminator = ">" + default: + return p.errorf("expected '{' or '<', found %q", tok.value) + } + // TODO: Handle nested messages which implement encoding.TextUnmarshaler. + return p.readStruct(fv, terminator) + case reflect.Uint32: + if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil { + fv.SetUint(x) + return nil + } + case reflect.Uint64: + if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil { + fv.SetUint(x) + return nil + } + } + return p.errorf("invalid %v: %v", v.Type(), tok.value) +} + +// UnmarshalText reads a protocol buffer in Text format. UnmarshalText resets pb +// before starting to unmarshal, so any existing data in pb is always removed. +// If a required field is not set and no other error occurs, +// UnmarshalText returns *RequiredNotSetError. +func UnmarshalText(s string, pb Message) error { + if um, ok := pb.(encoding.TextUnmarshaler); ok { + err := um.UnmarshalText([]byte(s)) + return err + } + pb.Reset() + v := reflect.ValueOf(pb) + if pe := newTextParser(s).readStruct(v.Elem(), ""); pe != nil { + return pe + } + return nil +} diff --git a/vendor/golang.org/x/crypto/argon2/argon2.go b/vendor/golang.org/x/crypto/argon2/argon2.go new file mode 100644 index 0000000000..71cf8c556c --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/argon2.go @@ -0,0 +1,228 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package argon2 implements the key derivation function Argon2. +// Argon2 was selected as the winner of the Password Hashing Competition and can +// be used to derive cryptographic keys from passwords. +// Argon2 is specfifed at https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf +package argon2 + +import ( + "encoding/binary" + "sync" + + "golang.org/x/crypto/blake2b" +) + +// The Argon2 version implemented by this package. +const Version = 0x13 + +const ( + argon2d = iota + argon2i + argon2id +) + +// Key derives a key from the password, salt, and cost parameters using Argon2i +// returning a byte slice of length keyLen that can be used as cryptographic key. +// The CPU cost and parallism degree must be greater than zero. +// +// For example, you can get a derived key for e.g. AES-256 (which needs a 32-byte key) by doing: +// `key := argon2.Key([]byte("some password"), salt, 4, 32*1024, 4, 32)` +// +// The recommended parameters for interactive logins as of 2017 are time=4, memory=32*1024. +// The number of threads can be adjusted to the numbers of available CPUs. +// The time parameter specifies the number of passes over the memory and the memory +// parameter specifies the size of the memory in KiB. For example memory=32*1024 sets the +// memory cost to ~32 MB. +// The cost parameters should be increased as memory latency and CPU parallelism increases. +// Remember to get a good random salt. +func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte { + return deriveKey(argon2i, password, salt, nil, nil, time, memory, threads, keyLen) +} + +func deriveKey(mode int, password, salt, secret, data []byte, time, memory uint32, threads uint8, keyLen uint32) []byte { + if time < 1 { + panic("argon2: number of rounds too small") + } + if threads < 1 { + panic("argon2: parallelism degree too low") + } + h0 := initHash(password, salt, secret, data, time, memory, uint32(threads), keyLen, mode) + + memory = memory / (syncPoints * uint32(threads)) * (syncPoints * uint32(threads)) + if memory < 2*syncPoints*uint32(threads) { + memory = 2 * syncPoints * uint32(threads) + } + B := initBlocks(&h0, memory, uint32(threads)) + processBlocks(B, time, memory, uint32(threads), mode) + return extractKey(B, memory, uint32(threads), keyLen) +} + +const ( + blockLength = 128 + syncPoints = 4 +) + +type block [blockLength]uint64 + +func initHash(password, salt, key, data []byte, time, memory, threads, keyLen uint32, mode int) [blake2b.Size + 8]byte { + var ( + h0 [blake2b.Size + 8]byte + params [24]byte + tmp [4]byte + ) + + b2, _ := blake2b.New512(nil) + binary.LittleEndian.PutUint32(params[0:4], threads) + binary.LittleEndian.PutUint32(params[4:8], keyLen) + binary.LittleEndian.PutUint32(params[8:12], memory) + binary.LittleEndian.PutUint32(params[12:16], time) + binary.LittleEndian.PutUint32(params[16:20], uint32(Version)) + binary.LittleEndian.PutUint32(params[20:24], uint32(mode)) + b2.Write(params[:]) + binary.LittleEndian.PutUint32(tmp[:], uint32(len(password))) + b2.Write(tmp[:]) + b2.Write(password) + binary.LittleEndian.PutUint32(tmp[:], uint32(len(salt))) + b2.Write(tmp[:]) + b2.Write(salt) + binary.LittleEndian.PutUint32(tmp[:], uint32(len(key))) + b2.Write(tmp[:]) + b2.Write(key) + binary.LittleEndian.PutUint32(tmp[:], uint32(len(data))) + b2.Write(tmp[:]) + b2.Write(data) + b2.Sum(h0[:0]) + return h0 +} + +func initBlocks(h0 *[blake2b.Size + 8]byte, memory, threads uint32) []block { + var block0 [1024]byte + B := make([]block, memory) + for lane := uint32(0); lane < threads; lane++ { + j := lane * (memory / threads) + binary.LittleEndian.PutUint32(h0[blake2b.Size+4:], lane) + + binary.LittleEndian.PutUint32(h0[blake2b.Size:], 0) + blake2bHash(block0[:], h0[:]) + for i := range B[j+0] { + B[j+0][i] = binary.LittleEndian.Uint64(block0[i*8:]) + } + + binary.LittleEndian.PutUint32(h0[blake2b.Size:], 1) + blake2bHash(block0[:], h0[:]) + for i := range B[j+1] { + B[j+1][i] = binary.LittleEndian.Uint64(block0[i*8:]) + } + } + return B +} + +func processBlocks(B []block, time, memory, threads uint32, mode int) { + lanes := memory / threads + segments := lanes / syncPoints + + processSegment := func(n, slice, lane uint32, wg *sync.WaitGroup) { + var addresses, in, zero block + if mode == argon2i || (mode == argon2id && n == 0 && slice < syncPoints/2) { + in[0] = uint64(n) + in[1] = uint64(lane) + in[2] = uint64(slice) + in[3] = uint64(memory) + in[4] = uint64(time) + in[5] = uint64(mode) + } + + index := uint32(0) + if n == 0 && slice == 0 { + index = 2 // we have already generated the first two blocks + if mode == argon2i || mode == argon2id { + in[6]++ + processBlock(&addresses, &in, &zero) + processBlock(&addresses, &addresses, &zero) + } + } + + offset := lane*lanes + slice*segments + index + var random uint64 + for index < segments { + prev := offset - 1 + if index == 0 && slice == 0 { + prev += lanes // last block in lane + } + if mode == argon2i || (mode == argon2id && n == 0 && slice < syncPoints/2) { + if index%blockLength == 0 { + in[6]++ + processBlock(&addresses, &in, &zero) + processBlock(&addresses, &addresses, &zero) + } + random = addresses[index%blockLength] + } else { + random = B[prev][0] + } + newOffset := indexAlpha(random, lanes, segments, threads, n, slice, lane, index) + processBlockXOR(&B[offset], &B[prev], &B[newOffset]) + index, offset = index+1, offset+1 + } + wg.Done() + } + + for n := uint32(0); n < time; n++ { + for slice := uint32(0); slice < syncPoints; slice++ { + var wg sync.WaitGroup + for lane := uint32(0); lane < threads; lane++ { + wg.Add(1) + go processSegment(n, slice, lane, &wg) + } + wg.Wait() + } + } + +} + +func extractKey(B []block, memory, threads, keyLen uint32) []byte { + lanes := memory / threads + for lane := uint32(0); lane < threads-1; lane++ { + for i, v := range B[(lane*lanes)+lanes-1] { + B[memory-1][i] ^= v + } + } + + var block [1024]byte + for i, v := range B[memory-1] { + binary.LittleEndian.PutUint64(block[i*8:], v) + } + key := make([]byte, keyLen) + blake2bHash(key, block[:]) + return key +} + +func indexAlpha(rand uint64, lanes, segments, threads, n, slice, lane, index uint32) uint32 { + refLane := uint32(rand>>32) % threads + if n == 0 && slice == 0 { + refLane = lane + } + m, s := 3*segments, ((slice+1)%syncPoints)*segments + if lane == refLane { + m += index + } + if n == 0 { + m, s = slice*segments, 0 + if slice == 0 || lane == refLane { + m += index + } + } + if index == 0 || lane == refLane { + m-- + } + return phi(rand, uint64(m), uint64(s), refLane, lanes) +} + +func phi(rand, m, s uint64, lane, lanes uint32) uint32 { + p := rand & 0xFFFFFFFF + p = (p * p) >> 32 + p = (p * m) >> 32 + return lane*lanes + uint32((s+m-(p+1))%uint64(lanes)) +} diff --git a/vendor/golang.org/x/crypto/argon2/blake2b.go b/vendor/golang.org/x/crypto/argon2/blake2b.go new file mode 100644 index 0000000000..10f46948dc --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/blake2b.go @@ -0,0 +1,53 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package argon2 + +import ( + "encoding/binary" + "hash" + + "golang.org/x/crypto/blake2b" +) + +// blake2bHash computes an arbitrary long hash value of in +// and writes the hash to out. +func blake2bHash(out []byte, in []byte) { + var b2 hash.Hash + if n := len(out); n < blake2b.Size { + b2, _ = blake2b.New(n, nil) + } else { + b2, _ = blake2b.New512(nil) + } + + var buffer [blake2b.Size]byte + binary.LittleEndian.PutUint32(buffer[:4], uint32(len(out))) + b2.Write(buffer[:4]) + b2.Write(in) + + if len(out) <= blake2b.Size { + b2.Sum(out[:0]) + return + } + + outLen := len(out) + b2.Sum(buffer[:0]) + b2.Reset() + copy(out, buffer[:32]) + out = out[32:] + for len(out) > blake2b.Size { + b2.Write(buffer[:]) + b2.Sum(buffer[:0]) + copy(out, buffer[:32]) + out = out[32:] + b2.Reset() + } + + if outLen%blake2b.Size > 0 { // outLen > 64 + r := ((outLen + 31) / 32) - 2 // ⌈τ /32⌉-2 + b2, _ = blake2b.New(outLen-32*r, nil) + } + b2.Write(buffer[:]) + b2.Sum(out[:0]) +} diff --git a/vendor/golang.org/x/crypto/argon2/blamka_amd64.go b/vendor/golang.org/x/crypto/argon2/blamka_amd64.go new file mode 100644 index 0000000000..583ac4be2a --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/blamka_amd64.go @@ -0,0 +1,59 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package argon2 + +func init() { + useSSE4 = supportsSSE4() +} + +//go:noescape +func supportsSSE4() bool + +//go:noescape +func mixBlocksSSE2(out, a, b, c *block) + +//go:noescape +func xorBlocksSSE2(out, a, b, c *block) + +//go:noescape +func blamkaSSE4(b *block) + +func processBlockSSE(out, in1, in2 *block, xor bool) { + var t block + mixBlocksSSE2(&t, in1, in2, &t) + if useSSE4 { + blamkaSSE4(&t) + } else { + for i := 0; i < blockLength; i += 16 { + blamkaGeneric( + &t[i+0], &t[i+1], &t[i+2], &t[i+3], + &t[i+4], &t[i+5], &t[i+6], &t[i+7], + &t[i+8], &t[i+9], &t[i+10], &t[i+11], + &t[i+12], &t[i+13], &t[i+14], &t[i+15], + ) + } + for i := 0; i < blockLength/8; i += 2 { + blamkaGeneric( + &t[i], &t[i+1], &t[16+i], &t[16+i+1], + &t[32+i], &t[32+i+1], &t[48+i], &t[48+i+1], + &t[64+i], &t[64+i+1], &t[80+i], &t[80+i+1], + &t[96+i], &t[96+i+1], &t[112+i], &t[112+i+1], + ) + } + } + if xor { + xorBlocksSSE2(out, in1, in2, &t) + } else { + mixBlocksSSE2(out, in1, in2, &t) + } +} + +func processBlock(out, in1, in2 *block) { + processBlockSSE(out, in1, in2, false) +} + +func processBlockXOR(out, in1, in2 *block) { + processBlockSSE(out, in1, in2, true) +} diff --git a/vendor/golang.org/x/crypto/argon2/blamka_amd64.s b/vendor/golang.org/x/crypto/argon2/blamka_amd64.s new file mode 100644 index 0000000000..8a83f7c739 --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/blamka_amd64.s @@ -0,0 +1,252 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!gccgo,!appengine + +#include "textflag.h" + +DATA ·c40<>+0x00(SB)/8, $0x0201000706050403 +DATA ·c40<>+0x08(SB)/8, $0x0a09080f0e0d0c0b +GLOBL ·c40<>(SB), (NOPTR+RODATA), $16 + +DATA ·c48<>+0x00(SB)/8, $0x0100070605040302 +DATA ·c48<>+0x08(SB)/8, $0x09080f0e0d0c0b0a +GLOBL ·c48<>(SB), (NOPTR+RODATA), $16 + +#define SHUFFLE(v2, v3, v4, v5, v6, v7, t1, t2) \ + MOVO v4, t1; \ + MOVO v5, v4; \ + MOVO t1, v5; \ + MOVO v6, t1; \ + PUNPCKLQDQ v6, t2; \ + PUNPCKHQDQ v7, v6; \ + PUNPCKHQDQ t2, v6; \ + PUNPCKLQDQ v7, t2; \ + MOVO t1, v7; \ + MOVO v2, t1; \ + PUNPCKHQDQ t2, v7; \ + PUNPCKLQDQ v3, t2; \ + PUNPCKHQDQ t2, v2; \ + PUNPCKLQDQ t1, t2; \ + PUNPCKHQDQ t2, v3 + +#define SHUFFLE_INV(v2, v3, v4, v5, v6, v7, t1, t2) \ + MOVO v4, t1; \ + MOVO v5, v4; \ + MOVO t1, v5; \ + MOVO v2, t1; \ + PUNPCKLQDQ v2, t2; \ + PUNPCKHQDQ v3, v2; \ + PUNPCKHQDQ t2, v2; \ + PUNPCKLQDQ v3, t2; \ + MOVO t1, v3; \ + MOVO v6, t1; \ + PUNPCKHQDQ t2, v3; \ + PUNPCKLQDQ v7, t2; \ + PUNPCKHQDQ t2, v6; \ + PUNPCKLQDQ t1, t2; \ + PUNPCKHQDQ t2, v7 + +#define HALF_ROUND(v0, v1, v2, v3, v4, v5, v6, v7, t0, c40, c48) \ + MOVO v0, t0; \ + PMULULQ v2, t0; \ + PADDQ v2, v0; \ + PADDQ t0, v0; \ + PADDQ t0, v0; \ + PXOR v0, v6; \ + PSHUFD $0xB1, v6, v6; \ + MOVO v4, t0; \ + PMULULQ v6, t0; \ + PADDQ v6, v4; \ + PADDQ t0, v4; \ + PADDQ t0, v4; \ + PXOR v4, v2; \ + PSHUFB c40, v2; \ + MOVO v0, t0; \ + PMULULQ v2, t0; \ + PADDQ v2, v0; \ + PADDQ t0, v0; \ + PADDQ t0, v0; \ + PXOR v0, v6; \ + PSHUFB c48, v6; \ + MOVO v4, t0; \ + PMULULQ v6, t0; \ + PADDQ v6, v4; \ + PADDQ t0, v4; \ + PADDQ t0, v4; \ + PXOR v4, v2; \ + MOVO v2, t0; \ + PADDQ v2, t0; \ + PSRLQ $63, v2; \ + PXOR t0, v2; \ + MOVO v1, t0; \ + PMULULQ v3, t0; \ + PADDQ v3, v1; \ + PADDQ t0, v1; \ + PADDQ t0, v1; \ + PXOR v1, v7; \ + PSHUFD $0xB1, v7, v7; \ + MOVO v5, t0; \ + PMULULQ v7, t0; \ + PADDQ v7, v5; \ + PADDQ t0, v5; \ + PADDQ t0, v5; \ + PXOR v5, v3; \ + PSHUFB c40, v3; \ + MOVO v1, t0; \ + PMULULQ v3, t0; \ + PADDQ v3, v1; \ + PADDQ t0, v1; \ + PADDQ t0, v1; \ + PXOR v1, v7; \ + PSHUFB c48, v7; \ + MOVO v5, t0; \ + PMULULQ v7, t0; \ + PADDQ v7, v5; \ + PADDQ t0, v5; \ + PADDQ t0, v5; \ + PXOR v5, v3; \ + MOVO v3, t0; \ + PADDQ v3, t0; \ + PSRLQ $63, v3; \ + PXOR t0, v3 + +#define LOAD_MSG_0(block, off) \ + MOVOU 8*(off+0)(block), X0; \ + MOVOU 8*(off+2)(block), X1; \ + MOVOU 8*(off+4)(block), X2; \ + MOVOU 8*(off+6)(block), X3; \ + MOVOU 8*(off+8)(block), X4; \ + MOVOU 8*(off+10)(block), X5; \ + MOVOU 8*(off+12)(block), X6; \ + MOVOU 8*(off+14)(block), X7 + +#define STORE_MSG_0(block, off) \ + MOVOU X0, 8*(off+0)(block); \ + MOVOU X1, 8*(off+2)(block); \ + MOVOU X2, 8*(off+4)(block); \ + MOVOU X3, 8*(off+6)(block); \ + MOVOU X4, 8*(off+8)(block); \ + MOVOU X5, 8*(off+10)(block); \ + MOVOU X6, 8*(off+12)(block); \ + MOVOU X7, 8*(off+14)(block) + +#define LOAD_MSG_1(block, off) \ + MOVOU 8*off+0*8(block), X0; \ + MOVOU 8*off+16*8(block), X1; \ + MOVOU 8*off+32*8(block), X2; \ + MOVOU 8*off+48*8(block), X3; \ + MOVOU 8*off+64*8(block), X4; \ + MOVOU 8*off+80*8(block), X5; \ + MOVOU 8*off+96*8(block), X6; \ + MOVOU 8*off+112*8(block), X7 + +#define STORE_MSG_1(block, off) \ + MOVOU X0, 8*off+0*8(block); \ + MOVOU X1, 8*off+16*8(block); \ + MOVOU X2, 8*off+32*8(block); \ + MOVOU X3, 8*off+48*8(block); \ + MOVOU X4, 8*off+64*8(block); \ + MOVOU X5, 8*off+80*8(block); \ + MOVOU X6, 8*off+96*8(block); \ + MOVOU X7, 8*off+112*8(block) + +#define BLAMKA_ROUND_0(block, off, t0, t1, c40, c48) \ + LOAD_MSG_0(block, off); \ + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, t0, c40, c48); \ + SHUFFLE(X2, X3, X4, X5, X6, X7, t0, t1); \ + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, t0, c40, c48); \ + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, t0, t1); \ + STORE_MSG_0(block, off) + +#define BLAMKA_ROUND_1(block, off, t0, t1, c40, c48) \ + LOAD_MSG_1(block, off); \ + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, t0, c40, c48); \ + SHUFFLE(X2, X3, X4, X5, X6, X7, t0, t1); \ + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, t0, c40, c48); \ + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, t0, t1); \ + STORE_MSG_1(block, off) + +// func blamkaSSE4(b *block) +TEXT ·blamkaSSE4(SB), 4, $0-8 + MOVQ b+0(FP), AX + + MOVOU ·c40<>(SB), X10 + MOVOU ·c48<>(SB), X11 + + BLAMKA_ROUND_0(AX, 0, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 16, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 32, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 48, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 64, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 80, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 96, X8, X9, X10, X11) + BLAMKA_ROUND_0(AX, 112, X8, X9, X10, X11) + + BLAMKA_ROUND_1(AX, 0, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 2, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 4, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 6, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 8, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 10, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 12, X8, X9, X10, X11) + BLAMKA_ROUND_1(AX, 14, X8, X9, X10, X11) + RET + +// func mixBlocksSSE2(out, a, b, c *block) +TEXT ·mixBlocksSSE2(SB), 4, $0-32 + MOVQ out+0(FP), DX + MOVQ a+8(FP), AX + MOVQ b+16(FP), BX + MOVQ a+24(FP), CX + MOVQ $128, BP + +loop: + MOVOU 0(AX), X0 + MOVOU 0(BX), X1 + MOVOU 0(CX), X2 + PXOR X1, X0 + PXOR X2, X0 + MOVOU X0, 0(DX) + ADDQ $16, AX + ADDQ $16, BX + ADDQ $16, CX + ADDQ $16, DX + SUBQ $2, BP + JA loop + RET + +// func xorBlocksSSE2(out, a, b, c *block) +TEXT ·xorBlocksSSE2(SB), 4, $0-32 + MOVQ out+0(FP), DX + MOVQ a+8(FP), AX + MOVQ b+16(FP), BX + MOVQ a+24(FP), CX + MOVQ $128, BP + +loop: + MOVOU 0(AX), X0 + MOVOU 0(BX), X1 + MOVOU 0(CX), X2 + MOVOU 0(DX), X3 + PXOR X1, X0 + PXOR X2, X0 + PXOR X3, X0 + MOVOU X0, 0(DX) + ADDQ $16, AX + ADDQ $16, BX + ADDQ $16, CX + ADDQ $16, DX + SUBQ $2, BP + JA loop + RET + +// func supportsSSE4() bool +TEXT ·supportsSSE4(SB), 4, $0-1 + MOVL $1, AX + CPUID + SHRL $19, CX // Bit 19 indicates SSE4 support + ANDL $1, CX // CX != 0 if support SSE4 + MOVB CX, ret+0(FP) + RET diff --git a/vendor/golang.org/x/crypto/argon2/blamka_generic.go b/vendor/golang.org/x/crypto/argon2/blamka_generic.go new file mode 100644 index 0000000000..a481b2243f --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/blamka_generic.go @@ -0,0 +1,163 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package argon2 + +var useSSE4 bool + +func processBlockGeneric(out, in1, in2 *block, xor bool) { + var t block + for i := range t { + t[i] = in1[i] ^ in2[i] + } + for i := 0; i < blockLength; i += 16 { + blamkaGeneric( + &t[i+0], &t[i+1], &t[i+2], &t[i+3], + &t[i+4], &t[i+5], &t[i+6], &t[i+7], + &t[i+8], &t[i+9], &t[i+10], &t[i+11], + &t[i+12], &t[i+13], &t[i+14], &t[i+15], + ) + } + for i := 0; i < blockLength/8; i += 2 { + blamkaGeneric( + &t[i], &t[i+1], &t[16+i], &t[16+i+1], + &t[32+i], &t[32+i+1], &t[48+i], &t[48+i+1], + &t[64+i], &t[64+i+1], &t[80+i], &t[80+i+1], + &t[96+i], &t[96+i+1], &t[112+i], &t[112+i+1], + ) + } + if xor { + for i := range t { + out[i] ^= in1[i] ^ in2[i] ^ t[i] + } + } else { + for i := range t { + out[i] = in1[i] ^ in2[i] ^ t[i] + } + } +} + +func blamkaGeneric(t00, t01, t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t12, t13, t14, t15 *uint64) { + v00, v01, v02, v03 := *t00, *t01, *t02, *t03 + v04, v05, v06, v07 := *t04, *t05, *t06, *t07 + v08, v09, v10, v11 := *t08, *t09, *t10, *t11 + v12, v13, v14, v15 := *t12, *t13, *t14, *t15 + + v00 += v04 + 2*uint64(uint32(v00))*uint64(uint32(v04)) + v12 ^= v00 + v12 = v12>>32 | v12<<32 + v08 += v12 + 2*uint64(uint32(v08))*uint64(uint32(v12)) + v04 ^= v08 + v04 = v04>>24 | v04<<40 + + v00 += v04 + 2*uint64(uint32(v00))*uint64(uint32(v04)) + v12 ^= v00 + v12 = v12>>16 | v12<<48 + v08 += v12 + 2*uint64(uint32(v08))*uint64(uint32(v12)) + v04 ^= v08 + v04 = v04>>63 | v04<<1 + + v01 += v05 + 2*uint64(uint32(v01))*uint64(uint32(v05)) + v13 ^= v01 + v13 = v13>>32 | v13<<32 + v09 += v13 + 2*uint64(uint32(v09))*uint64(uint32(v13)) + v05 ^= v09 + v05 = v05>>24 | v05<<40 + + v01 += v05 + 2*uint64(uint32(v01))*uint64(uint32(v05)) + v13 ^= v01 + v13 = v13>>16 | v13<<48 + v09 += v13 + 2*uint64(uint32(v09))*uint64(uint32(v13)) + v05 ^= v09 + v05 = v05>>63 | v05<<1 + + v02 += v06 + 2*uint64(uint32(v02))*uint64(uint32(v06)) + v14 ^= v02 + v14 = v14>>32 | v14<<32 + v10 += v14 + 2*uint64(uint32(v10))*uint64(uint32(v14)) + v06 ^= v10 + v06 = v06>>24 | v06<<40 + + v02 += v06 + 2*uint64(uint32(v02))*uint64(uint32(v06)) + v14 ^= v02 + v14 = v14>>16 | v14<<48 + v10 += v14 + 2*uint64(uint32(v10))*uint64(uint32(v14)) + v06 ^= v10 + v06 = v06>>63 | v06<<1 + + v03 += v07 + 2*uint64(uint32(v03))*uint64(uint32(v07)) + v15 ^= v03 + v15 = v15>>32 | v15<<32 + v11 += v15 + 2*uint64(uint32(v11))*uint64(uint32(v15)) + v07 ^= v11 + v07 = v07>>24 | v07<<40 + + v03 += v07 + 2*uint64(uint32(v03))*uint64(uint32(v07)) + v15 ^= v03 + v15 = v15>>16 | v15<<48 + v11 += v15 + 2*uint64(uint32(v11))*uint64(uint32(v15)) + v07 ^= v11 + v07 = v07>>63 | v07<<1 + + v00 += v05 + 2*uint64(uint32(v00))*uint64(uint32(v05)) + v15 ^= v00 + v15 = v15>>32 | v15<<32 + v10 += v15 + 2*uint64(uint32(v10))*uint64(uint32(v15)) + v05 ^= v10 + v05 = v05>>24 | v05<<40 + + v00 += v05 + 2*uint64(uint32(v00))*uint64(uint32(v05)) + v15 ^= v00 + v15 = v15>>16 | v15<<48 + v10 += v15 + 2*uint64(uint32(v10))*uint64(uint32(v15)) + v05 ^= v10 + v05 = v05>>63 | v05<<1 + + v01 += v06 + 2*uint64(uint32(v01))*uint64(uint32(v06)) + v12 ^= v01 + v12 = v12>>32 | v12<<32 + v11 += v12 + 2*uint64(uint32(v11))*uint64(uint32(v12)) + v06 ^= v11 + v06 = v06>>24 | v06<<40 + + v01 += v06 + 2*uint64(uint32(v01))*uint64(uint32(v06)) + v12 ^= v01 + v12 = v12>>16 | v12<<48 + v11 += v12 + 2*uint64(uint32(v11))*uint64(uint32(v12)) + v06 ^= v11 + v06 = v06>>63 | v06<<1 + + v02 += v07 + 2*uint64(uint32(v02))*uint64(uint32(v07)) + v13 ^= v02 + v13 = v13>>32 | v13<<32 + v08 += v13 + 2*uint64(uint32(v08))*uint64(uint32(v13)) + v07 ^= v08 + v07 = v07>>24 | v07<<40 + + v02 += v07 + 2*uint64(uint32(v02))*uint64(uint32(v07)) + v13 ^= v02 + v13 = v13>>16 | v13<<48 + v08 += v13 + 2*uint64(uint32(v08))*uint64(uint32(v13)) + v07 ^= v08 + v07 = v07>>63 | v07<<1 + + v03 += v04 + 2*uint64(uint32(v03))*uint64(uint32(v04)) + v14 ^= v03 + v14 = v14>>32 | v14<<32 + v09 += v14 + 2*uint64(uint32(v09))*uint64(uint32(v14)) + v04 ^= v09 + v04 = v04>>24 | v04<<40 + + v03 += v04 + 2*uint64(uint32(v03))*uint64(uint32(v04)) + v14 ^= v03 + v14 = v14>>16 | v14<<48 + v09 += v14 + 2*uint64(uint32(v09))*uint64(uint32(v14)) + v04 ^= v09 + v04 = v04>>63 | v04<<1 + + *t00, *t01, *t02, *t03 = v00, v01, v02, v03 + *t04, *t05, *t06, *t07 = v04, v05, v06, v07 + *t08, *t09, *t10, *t11 = v08, v09, v10, v11 + *t12, *t13, *t14, *t15 = v12, v13, v14, v15 +} diff --git a/vendor/golang.org/x/crypto/argon2/blamka_ref.go b/vendor/golang.org/x/crypto/argon2/blamka_ref.go new file mode 100644 index 0000000000..baf7b551da --- /dev/null +++ b/vendor/golang.org/x/crypto/argon2/blamka_ref.go @@ -0,0 +1,15 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64 appengine gccgo + +package argon2 + +func processBlock(out, in1, in2 *block) { + processBlockGeneric(out, in1, in2, false) +} + +func processBlockXOR(out, in1, in2 *block) { + processBlockGeneric(out, in1, in2, true) +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2b.go b/vendor/golang.org/x/crypto/blake2b/blake2b.go new file mode 100644 index 0000000000..6dedb89467 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2b.go @@ -0,0 +1,221 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 +// and the extendable output function (XOF) BLAKE2Xb. +// +// For a detailed specification of BLAKE2b see https://blake2.net/blake2.pdf +// and for BLAKE2Xb see https://blake2.net/blake2x.pdf +// +// If you aren't sure which function you need, use BLAKE2b (Sum512 or New512). +// If you need a secret-key MAC (message authentication code), use the New512 +// function with a non-nil key. +// +// BLAKE2X is a construction to compute hash values larger than 64 bytes. It +// can produce hash values between 0 and 4 GiB. +package blake2b + +import ( + "encoding/binary" + "errors" + "hash" +) + +const ( + // The blocksize of BLAKE2b in bytes. + BlockSize = 128 + // The hash size of BLAKE2b-512 in bytes. + Size = 64 + // The hash size of BLAKE2b-384 in bytes. + Size384 = 48 + // The hash size of BLAKE2b-256 in bytes. + Size256 = 32 +) + +var ( + useAVX2 bool + useAVX bool + useSSE4 bool +) + +var ( + errKeySize = errors.New("blake2b: invalid key size") + errHashSize = errors.New("blake2b: invalid hash size") +) + +var iv = [8]uint64{ + 0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1, + 0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179, +} + +// Sum512 returns the BLAKE2b-512 checksum of the data. +func Sum512(data []byte) [Size]byte { + var sum [Size]byte + checkSum(&sum, Size, data) + return sum +} + +// Sum384 returns the BLAKE2b-384 checksum of the data. +func Sum384(data []byte) [Size384]byte { + var sum [Size]byte + var sum384 [Size384]byte + checkSum(&sum, Size384, data) + copy(sum384[:], sum[:Size384]) + return sum384 +} + +// Sum256 returns the BLAKE2b-256 checksum of the data. +func Sum256(data []byte) [Size256]byte { + var sum [Size]byte + var sum256 [Size256]byte + checkSum(&sum, Size256, data) + copy(sum256[:], sum[:Size256]) + return sum256 +} + +// New512 returns a new hash.Hash computing the BLAKE2b-512 checksum. A non-nil +// key turns the hash into a MAC. The key must between zero and 64 bytes long. +func New512(key []byte) (hash.Hash, error) { return newDigest(Size, key) } + +// New384 returns a new hash.Hash computing the BLAKE2b-384 checksum. A non-nil +// key turns the hash into a MAC. The key must between zero and 64 bytes long. +func New384(key []byte) (hash.Hash, error) { return newDigest(Size384, key) } + +// New256 returns a new hash.Hash computing the BLAKE2b-256 checksum. A non-nil +// key turns the hash into a MAC. The key must between zero and 64 bytes long. +func New256(key []byte) (hash.Hash, error) { return newDigest(Size256, key) } + +// New returns a new hash.Hash computing the BLAKE2b checksum with a custom length. +// A non-nil key turns the hash into a MAC. The key must between zero and 64 bytes long. +// The hash size can be a value between 1 and 64 but it is highly recommended to use +// values equal or greater than: +// - 32 if BLAKE2b is used as a hash function (The key is zero bytes long). +// - 16 if BLAKE2b is used as a MAC function (The key is at least 16 bytes long). +func New(size int, key []byte) (hash.Hash, error) { return newDigest(size, key) } + +func newDigest(hashSize int, key []byte) (*digest, error) { + if hashSize < 1 || hashSize > Size { + return nil, errHashSize + } + if len(key) > Size { + return nil, errKeySize + } + d := &digest{ + size: hashSize, + keyLen: len(key), + } + copy(d.key[:], key) + d.Reset() + return d, nil +} + +func checkSum(sum *[Size]byte, hashSize int, data []byte) { + h := iv + h[0] ^= uint64(hashSize) | (1 << 16) | (1 << 24) + var c [2]uint64 + + if length := len(data); length > BlockSize { + n := length &^ (BlockSize - 1) + if length == n { + n -= BlockSize + } + hashBlocks(&h, &c, 0, data[:n]) + data = data[n:] + } + + var block [BlockSize]byte + offset := copy(block[:], data) + remaining := uint64(BlockSize - offset) + if c[0] < remaining { + c[1]-- + } + c[0] -= remaining + + hashBlocks(&h, &c, 0xFFFFFFFFFFFFFFFF, block[:]) + + for i, v := range h[:(hashSize+7)/8] { + binary.LittleEndian.PutUint64(sum[8*i:], v) + } +} + +type digest struct { + h [8]uint64 + c [2]uint64 + size int + block [BlockSize]byte + offset int + + key [BlockSize]byte + keyLen int +} + +func (d *digest) BlockSize() int { return BlockSize } + +func (d *digest) Size() int { return d.size } + +func (d *digest) Reset() { + d.h = iv + d.h[0] ^= uint64(d.size) | (uint64(d.keyLen) << 8) | (1 << 16) | (1 << 24) + d.offset, d.c[0], d.c[1] = 0, 0, 0 + if d.keyLen > 0 { + d.block = d.key + d.offset = BlockSize + } +} + +func (d *digest) Write(p []byte) (n int, err error) { + n = len(p) + + if d.offset > 0 { + remaining := BlockSize - d.offset + if n <= remaining { + d.offset += copy(d.block[d.offset:], p) + return + } + copy(d.block[d.offset:], p[:remaining]) + hashBlocks(&d.h, &d.c, 0, d.block[:]) + d.offset = 0 + p = p[remaining:] + } + + if length := len(p); length > BlockSize { + nn := length &^ (BlockSize - 1) + if length == nn { + nn -= BlockSize + } + hashBlocks(&d.h, &d.c, 0, p[:nn]) + p = p[nn:] + } + + if len(p) > 0 { + d.offset += copy(d.block[:], p) + } + + return +} + +func (d *digest) Sum(sum []byte) []byte { + var hash [Size]byte + d.finalize(&hash) + return append(sum, hash[:d.size]...) +} + +func (d *digest) finalize(hash *[Size]byte) { + var block [BlockSize]byte + copy(block[:], d.block[:d.offset]) + remaining := uint64(BlockSize - d.offset) + + c := d.c + if c[0] < remaining { + c[1]-- + } + c[0] -= remaining + + h := d.h + hashBlocks(&h, &c, 0xFFFFFFFFFFFFFFFF, block[:]) + + for i, v := range h { + binary.LittleEndian.PutUint64(hash[8*i:], v) + } +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.go b/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.go new file mode 100644 index 0000000000..8c41cf6c79 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.go @@ -0,0 +1,43 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build go1.7,amd64,!gccgo,!appengine + +package blake2b + +func init() { + useAVX2 = supportsAVX2() + useAVX = supportsAVX() + useSSE4 = supportsSSE4() +} + +//go:noescape +func supportsSSE4() bool + +//go:noescape +func supportsAVX() bool + +//go:noescape +func supportsAVX2() bool + +//go:noescape +func hashBlocksAVX2(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) + +//go:noescape +func hashBlocksAVX(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) + +//go:noescape +func hashBlocksSSE4(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) + +func hashBlocks(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) { + if useAVX2 { + hashBlocksAVX2(h, c, flag, blocks) + } else if useAVX { + hashBlocksAVX(h, c, flag, blocks) + } else if useSSE4 { + hashBlocksSSE4(h, c, flag, blocks) + } else { + hashBlocksGeneric(h, c, flag, blocks) + } +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.s b/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.s new file mode 100644 index 0000000000..784bce6a9c --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2bAVX2_amd64.s @@ -0,0 +1,762 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build go1.7,amd64,!gccgo,!appengine + +#include "textflag.h" + +DATA ·AVX2_iv0<>+0x00(SB)/8, $0x6a09e667f3bcc908 +DATA ·AVX2_iv0<>+0x08(SB)/8, $0xbb67ae8584caa73b +DATA ·AVX2_iv0<>+0x10(SB)/8, $0x3c6ef372fe94f82b +DATA ·AVX2_iv0<>+0x18(SB)/8, $0xa54ff53a5f1d36f1 +GLOBL ·AVX2_iv0<>(SB), (NOPTR+RODATA), $32 + +DATA ·AVX2_iv1<>+0x00(SB)/8, $0x510e527fade682d1 +DATA ·AVX2_iv1<>+0x08(SB)/8, $0x9b05688c2b3e6c1f +DATA ·AVX2_iv1<>+0x10(SB)/8, $0x1f83d9abfb41bd6b +DATA ·AVX2_iv1<>+0x18(SB)/8, $0x5be0cd19137e2179 +GLOBL ·AVX2_iv1<>(SB), (NOPTR+RODATA), $32 + +DATA ·AVX2_c40<>+0x00(SB)/8, $0x0201000706050403 +DATA ·AVX2_c40<>+0x08(SB)/8, $0x0a09080f0e0d0c0b +DATA ·AVX2_c40<>+0x10(SB)/8, $0x0201000706050403 +DATA ·AVX2_c40<>+0x18(SB)/8, $0x0a09080f0e0d0c0b +GLOBL ·AVX2_c40<>(SB), (NOPTR+RODATA), $32 + +DATA ·AVX2_c48<>+0x00(SB)/8, $0x0100070605040302 +DATA ·AVX2_c48<>+0x08(SB)/8, $0x09080f0e0d0c0b0a +DATA ·AVX2_c48<>+0x10(SB)/8, $0x0100070605040302 +DATA ·AVX2_c48<>+0x18(SB)/8, $0x09080f0e0d0c0b0a +GLOBL ·AVX2_c48<>(SB), (NOPTR+RODATA), $32 + +DATA ·AVX_iv0<>+0x00(SB)/8, $0x6a09e667f3bcc908 +DATA ·AVX_iv0<>+0x08(SB)/8, $0xbb67ae8584caa73b +GLOBL ·AVX_iv0<>(SB), (NOPTR+RODATA), $16 + +DATA ·AVX_iv1<>+0x00(SB)/8, $0x3c6ef372fe94f82b +DATA ·AVX_iv1<>+0x08(SB)/8, $0xa54ff53a5f1d36f1 +GLOBL ·AVX_iv1<>(SB), (NOPTR+RODATA), $16 + +DATA ·AVX_iv2<>+0x00(SB)/8, $0x510e527fade682d1 +DATA ·AVX_iv2<>+0x08(SB)/8, $0x9b05688c2b3e6c1f +GLOBL ·AVX_iv2<>(SB), (NOPTR+RODATA), $16 + +DATA ·AVX_iv3<>+0x00(SB)/8, $0x1f83d9abfb41bd6b +DATA ·AVX_iv3<>+0x08(SB)/8, $0x5be0cd19137e2179 +GLOBL ·AVX_iv3<>(SB), (NOPTR+RODATA), $16 + +DATA ·AVX_c40<>+0x00(SB)/8, $0x0201000706050403 +DATA ·AVX_c40<>+0x08(SB)/8, $0x0a09080f0e0d0c0b +GLOBL ·AVX_c40<>(SB), (NOPTR+RODATA), $16 + +DATA ·AVX_c48<>+0x00(SB)/8, $0x0100070605040302 +DATA ·AVX_c48<>+0x08(SB)/8, $0x09080f0e0d0c0b0a +GLOBL ·AVX_c48<>(SB), (NOPTR+RODATA), $16 + +#define VPERMQ_0x39_Y1_Y1 BYTE $0xc4; BYTE $0xe3; BYTE $0xfd; BYTE $0x00; BYTE $0xc9; BYTE $0x39 +#define VPERMQ_0x93_Y1_Y1 BYTE $0xc4; BYTE $0xe3; BYTE $0xfd; BYTE $0x00; BYTE $0xc9; BYTE $0x93 +#define VPERMQ_0x4E_Y2_Y2 BYTE $0xc4; BYTE $0xe3; BYTE $0xfd; BYTE $0x00; BYTE $0xd2; BYTE $0x4e +#define VPERMQ_0x93_Y3_Y3 BYTE $0xc4; BYTE $0xe3; BYTE $0xfd; BYTE $0x00; BYTE $0xdb; BYTE $0x93 +#define VPERMQ_0x39_Y3_Y3 BYTE $0xc4; BYTE $0xe3; BYTE $0xfd; BYTE $0x00; BYTE $0xdb; BYTE $0x39 + +#define ROUND_AVX2(m0, m1, m2, m3, t, c40, c48) \ + VPADDQ m0, Y0, Y0; \ + VPADDQ Y1, Y0, Y0; \ + VPXOR Y0, Y3, Y3; \ + VPSHUFD $-79, Y3, Y3; \ + VPADDQ Y3, Y2, Y2; \ + VPXOR Y2, Y1, Y1; \ + VPSHUFB c40, Y1, Y1; \ + VPADDQ m1, Y0, Y0; \ + VPADDQ Y1, Y0, Y0; \ + VPXOR Y0, Y3, Y3; \ + VPSHUFB c48, Y3, Y3; \ + VPADDQ Y3, Y2, Y2; \ + VPXOR Y2, Y1, Y1; \ + VPADDQ Y1, Y1, t; \ + VPSRLQ $63, Y1, Y1; \ + VPXOR t, Y1, Y1; \ + VPERMQ_0x39_Y1_Y1; \ + VPERMQ_0x4E_Y2_Y2; \ + VPERMQ_0x93_Y3_Y3; \ + VPADDQ m2, Y0, Y0; \ + VPADDQ Y1, Y0, Y0; \ + VPXOR Y0, Y3, Y3; \ + VPSHUFD $-79, Y3, Y3; \ + VPADDQ Y3, Y2, Y2; \ + VPXOR Y2, Y1, Y1; \ + VPSHUFB c40, Y1, Y1; \ + VPADDQ m3, Y0, Y0; \ + VPADDQ Y1, Y0, Y0; \ + VPXOR Y0, Y3, Y3; \ + VPSHUFB c48, Y3, Y3; \ + VPADDQ Y3, Y2, Y2; \ + VPXOR Y2, Y1, Y1; \ + VPADDQ Y1, Y1, t; \ + VPSRLQ $63, Y1, Y1; \ + VPXOR t, Y1, Y1; \ + VPERMQ_0x39_Y3_Y3; \ + VPERMQ_0x4E_Y2_Y2; \ + VPERMQ_0x93_Y1_Y1 + +#define VMOVQ_SI_X11_0 BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x1E +#define VMOVQ_SI_X12_0 BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x26 +#define VMOVQ_SI_X13_0 BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x2E +#define VMOVQ_SI_X14_0 BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x36 +#define VMOVQ_SI_X15_0 BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x3E + +#define VMOVQ_SI_X11(n) BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x5E; BYTE $n +#define VMOVQ_SI_X12(n) BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x66; BYTE $n +#define VMOVQ_SI_X13(n) BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x6E; BYTE $n +#define VMOVQ_SI_X14(n) BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x76; BYTE $n +#define VMOVQ_SI_X15(n) BYTE $0xC5; BYTE $0x7A; BYTE $0x7E; BYTE $0x7E; BYTE $n + +#define VPINSRQ_1_SI_X11_0 BYTE $0xC4; BYTE $0x63; BYTE $0xA1; BYTE $0x22; BYTE $0x1E; BYTE $0x01 +#define VPINSRQ_1_SI_X12_0 BYTE $0xC4; BYTE $0x63; BYTE $0x99; BYTE $0x22; BYTE $0x26; BYTE $0x01 +#define VPINSRQ_1_SI_X13_0 BYTE $0xC4; BYTE $0x63; BYTE $0x91; BYTE $0x22; BYTE $0x2E; BYTE $0x01 +#define VPINSRQ_1_SI_X14_0 BYTE $0xC4; BYTE $0x63; BYTE $0x89; BYTE $0x22; BYTE $0x36; BYTE $0x01 +#define VPINSRQ_1_SI_X15_0 BYTE $0xC4; BYTE $0x63; BYTE $0x81; BYTE $0x22; BYTE $0x3E; BYTE $0x01 + +#define VPINSRQ_1_SI_X11(n) BYTE $0xC4; BYTE $0x63; BYTE $0xA1; BYTE $0x22; BYTE $0x5E; BYTE $n; BYTE $0x01 +#define VPINSRQ_1_SI_X12(n) BYTE $0xC4; BYTE $0x63; BYTE $0x99; BYTE $0x22; BYTE $0x66; BYTE $n; BYTE $0x01 +#define VPINSRQ_1_SI_X13(n) BYTE $0xC4; BYTE $0x63; BYTE $0x91; BYTE $0x22; BYTE $0x6E; BYTE $n; BYTE $0x01 +#define VPINSRQ_1_SI_X14(n) BYTE $0xC4; BYTE $0x63; BYTE $0x89; BYTE $0x22; BYTE $0x76; BYTE $n; BYTE $0x01 +#define VPINSRQ_1_SI_X15(n) BYTE $0xC4; BYTE $0x63; BYTE $0x81; BYTE $0x22; BYTE $0x7E; BYTE $n; BYTE $0x01 + +#define VMOVQ_R8_X15 BYTE $0xC4; BYTE $0x41; BYTE $0xF9; BYTE $0x6E; BYTE $0xF8 +#define VPINSRQ_1_R9_X15 BYTE $0xC4; BYTE $0x43; BYTE $0x81; BYTE $0x22; BYTE $0xF9; BYTE $0x01 + +// load msg: Y12 = (i0, i1, i2, i3) +// i0, i1, i2, i3 must not be 0 +#define LOAD_MSG_AVX2_Y12(i0, i1, i2, i3) \ + VMOVQ_SI_X12(i0*8); \ + VMOVQ_SI_X11(i2*8); \ + VPINSRQ_1_SI_X12(i1*8); \ + VPINSRQ_1_SI_X11(i3*8); \ + VINSERTI128 $1, X11, Y12, Y12 + +// load msg: Y13 = (i0, i1, i2, i3) +// i0, i1, i2, i3 must not be 0 +#define LOAD_MSG_AVX2_Y13(i0, i1, i2, i3) \ + VMOVQ_SI_X13(i0*8); \ + VMOVQ_SI_X11(i2*8); \ + VPINSRQ_1_SI_X13(i1*8); \ + VPINSRQ_1_SI_X11(i3*8); \ + VINSERTI128 $1, X11, Y13, Y13 + +// load msg: Y14 = (i0, i1, i2, i3) +// i0, i1, i2, i3 must not be 0 +#define LOAD_MSG_AVX2_Y14(i0, i1, i2, i3) \ + VMOVQ_SI_X14(i0*8); \ + VMOVQ_SI_X11(i2*8); \ + VPINSRQ_1_SI_X14(i1*8); \ + VPINSRQ_1_SI_X11(i3*8); \ + VINSERTI128 $1, X11, Y14, Y14 + +// load msg: Y15 = (i0, i1, i2, i3) +// i0, i1, i2, i3 must not be 0 +#define LOAD_MSG_AVX2_Y15(i0, i1, i2, i3) \ + VMOVQ_SI_X15(i0*8); \ + VMOVQ_SI_X11(i2*8); \ + VPINSRQ_1_SI_X15(i1*8); \ + VPINSRQ_1_SI_X11(i3*8); \ + VINSERTI128 $1, X11, Y15, Y15 + +#define LOAD_MSG_AVX2_0_2_4_6_1_3_5_7_8_10_12_14_9_11_13_15() \ + VMOVQ_SI_X12_0; \ + VMOVQ_SI_X11(4*8); \ + VPINSRQ_1_SI_X12(2*8); \ + VPINSRQ_1_SI_X11(6*8); \ + VINSERTI128 $1, X11, Y12, Y12; \ + LOAD_MSG_AVX2_Y13(1, 3, 5, 7); \ + LOAD_MSG_AVX2_Y14(8, 10, 12, 14); \ + LOAD_MSG_AVX2_Y15(9, 11, 13, 15) + +#define LOAD_MSG_AVX2_14_4_9_13_10_8_15_6_1_0_11_5_12_2_7_3() \ + LOAD_MSG_AVX2_Y12(14, 4, 9, 13); \ + LOAD_MSG_AVX2_Y13(10, 8, 15, 6); \ + VMOVQ_SI_X11(11*8); \ + VPSHUFD $0x4E, 0*8(SI), X14; \ + VPINSRQ_1_SI_X11(5*8); \ + VINSERTI128 $1, X11, Y14, Y14; \ + LOAD_MSG_AVX2_Y15(12, 2, 7, 3) + +#define LOAD_MSG_AVX2_11_12_5_15_8_0_2_13_10_3_7_9_14_6_1_4() \ + VMOVQ_SI_X11(5*8); \ + VMOVDQU 11*8(SI), X12; \ + VPINSRQ_1_SI_X11(15*8); \ + VINSERTI128 $1, X11, Y12, Y12; \ + VMOVQ_SI_X13(8*8); \ + VMOVQ_SI_X11(2*8); \ + VPINSRQ_1_SI_X13_0; \ + VPINSRQ_1_SI_X11(13*8); \ + VINSERTI128 $1, X11, Y13, Y13; \ + LOAD_MSG_AVX2_Y14(10, 3, 7, 9); \ + LOAD_MSG_AVX2_Y15(14, 6, 1, 4) + +#define LOAD_MSG_AVX2_7_3_13_11_9_1_12_14_2_5_4_15_6_10_0_8() \ + LOAD_MSG_AVX2_Y12(7, 3, 13, 11); \ + LOAD_MSG_AVX2_Y13(9, 1, 12, 14); \ + LOAD_MSG_AVX2_Y14(2, 5, 4, 15); \ + VMOVQ_SI_X15(6*8); \ + VMOVQ_SI_X11_0; \ + VPINSRQ_1_SI_X15(10*8); \ + VPINSRQ_1_SI_X11(8*8); \ + VINSERTI128 $1, X11, Y15, Y15 + +#define LOAD_MSG_AVX2_9_5_2_10_0_7_4_15_14_11_6_3_1_12_8_13() \ + LOAD_MSG_AVX2_Y12(9, 5, 2, 10); \ + VMOVQ_SI_X13_0; \ + VMOVQ_SI_X11(4*8); \ + VPINSRQ_1_SI_X13(7*8); \ + VPINSRQ_1_SI_X11(15*8); \ + VINSERTI128 $1, X11, Y13, Y13; \ + LOAD_MSG_AVX2_Y14(14, 11, 6, 3); \ + LOAD_MSG_AVX2_Y15(1, 12, 8, 13) + +#define LOAD_MSG_AVX2_2_6_0_8_12_10_11_3_4_7_15_1_13_5_14_9() \ + VMOVQ_SI_X12(2*8); \ + VMOVQ_SI_X11_0; \ + VPINSRQ_1_SI_X12(6*8); \ + VPINSRQ_1_SI_X11(8*8); \ + VINSERTI128 $1, X11, Y12, Y12; \ + LOAD_MSG_AVX2_Y13(12, 10, 11, 3); \ + LOAD_MSG_AVX2_Y14(4, 7, 15, 1); \ + LOAD_MSG_AVX2_Y15(13, 5, 14, 9) + +#define LOAD_MSG_AVX2_12_1_14_4_5_15_13_10_0_6_9_8_7_3_2_11() \ + LOAD_MSG_AVX2_Y12(12, 1, 14, 4); \ + LOAD_MSG_AVX2_Y13(5, 15, 13, 10); \ + VMOVQ_SI_X14_0; \ + VPSHUFD $0x4E, 8*8(SI), X11; \ + VPINSRQ_1_SI_X14(6*8); \ + VINSERTI128 $1, X11, Y14, Y14; \ + LOAD_MSG_AVX2_Y15(7, 3, 2, 11) + +#define LOAD_MSG_AVX2_13_7_12_3_11_14_1_9_5_15_8_2_0_4_6_10() \ + LOAD_MSG_AVX2_Y12(13, 7, 12, 3); \ + LOAD_MSG_AVX2_Y13(11, 14, 1, 9); \ + LOAD_MSG_AVX2_Y14(5, 15, 8, 2); \ + VMOVQ_SI_X15_0; \ + VMOVQ_SI_X11(6*8); \ + VPINSRQ_1_SI_X15(4*8); \ + VPINSRQ_1_SI_X11(10*8); \ + VINSERTI128 $1, X11, Y15, Y15 + +#define LOAD_MSG_AVX2_6_14_11_0_15_9_3_8_12_13_1_10_2_7_4_5() \ + VMOVQ_SI_X12(6*8); \ + VMOVQ_SI_X11(11*8); \ + VPINSRQ_1_SI_X12(14*8); \ + VPINSRQ_1_SI_X11_0; \ + VINSERTI128 $1, X11, Y12, Y12; \ + LOAD_MSG_AVX2_Y13(15, 9, 3, 8); \ + VMOVQ_SI_X11(1*8); \ + VMOVDQU 12*8(SI), X14; \ + VPINSRQ_1_SI_X11(10*8); \ + VINSERTI128 $1, X11, Y14, Y14; \ + VMOVQ_SI_X15(2*8); \ + VMOVDQU 4*8(SI), X11; \ + VPINSRQ_1_SI_X15(7*8); \ + VINSERTI128 $1, X11, Y15, Y15 + +#define LOAD_MSG_AVX2_10_8_7_1_2_4_6_5_15_9_3_13_11_14_12_0() \ + LOAD_MSG_AVX2_Y12(10, 8, 7, 1); \ + VMOVQ_SI_X13(2*8); \ + VPSHUFD $0x4E, 5*8(SI), X11; \ + VPINSRQ_1_SI_X13(4*8); \ + VINSERTI128 $1, X11, Y13, Y13; \ + LOAD_MSG_AVX2_Y14(15, 9, 3, 13); \ + VMOVQ_SI_X15(11*8); \ + VMOVQ_SI_X11(12*8); \ + VPINSRQ_1_SI_X15(14*8); \ + VPINSRQ_1_SI_X11_0; \ + VINSERTI128 $1, X11, Y15, Y15 + +// func hashBlocksAVX2(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) +TEXT ·hashBlocksAVX2(SB), 4, $320-48 // frame size = 288 + 32 byte alignment + MOVQ h+0(FP), AX + MOVQ c+8(FP), BX + MOVQ flag+16(FP), CX + MOVQ blocks_base+24(FP), SI + MOVQ blocks_len+32(FP), DI + + MOVQ SP, DX + MOVQ SP, R9 + ADDQ $31, R9 + ANDQ $~31, R9 + MOVQ R9, SP + + MOVQ CX, 16(SP) + XORQ CX, CX + MOVQ CX, 24(SP) + + VMOVDQU ·AVX2_c40<>(SB), Y4 + VMOVDQU ·AVX2_c48<>(SB), Y5 + + VMOVDQU 0(AX), Y8 + VMOVDQU 32(AX), Y9 + VMOVDQU ·AVX2_iv0<>(SB), Y6 + VMOVDQU ·AVX2_iv1<>(SB), Y7 + + MOVQ 0(BX), R8 + MOVQ 8(BX), R9 + MOVQ R9, 8(SP) + +loop: + ADDQ $128, R8 + MOVQ R8, 0(SP) + CMPQ R8, $128 + JGE noinc + INCQ R9 + MOVQ R9, 8(SP) + +noinc: + VMOVDQA Y8, Y0 + VMOVDQA Y9, Y1 + VMOVDQA Y6, Y2 + VPXOR 0(SP), Y7, Y3 + + LOAD_MSG_AVX2_0_2_4_6_1_3_5_7_8_10_12_14_9_11_13_15() + VMOVDQA Y12, 32(SP) + VMOVDQA Y13, 64(SP) + VMOVDQA Y14, 96(SP) + VMOVDQA Y15, 128(SP) + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_14_4_9_13_10_8_15_6_1_0_11_5_12_2_7_3() + VMOVDQA Y12, 160(SP) + VMOVDQA Y13, 192(SP) + VMOVDQA Y14, 224(SP) + VMOVDQA Y15, 256(SP) + + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_11_12_5_15_8_0_2_13_10_3_7_9_14_6_1_4() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_7_3_13_11_9_1_12_14_2_5_4_15_6_10_0_8() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_9_5_2_10_0_7_4_15_14_11_6_3_1_12_8_13() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_2_6_0_8_12_10_11_3_4_7_15_1_13_5_14_9() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_12_1_14_4_5_15_13_10_0_6_9_8_7_3_2_11() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_13_7_12_3_11_14_1_9_5_15_8_2_0_4_6_10() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_6_14_11_0_15_9_3_8_12_13_1_10_2_7_4_5() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + LOAD_MSG_AVX2_10_8_7_1_2_4_6_5_15_9_3_13_11_14_12_0() + ROUND_AVX2(Y12, Y13, Y14, Y15, Y10, Y4, Y5) + + ROUND_AVX2(32(SP), 64(SP), 96(SP), 128(SP), Y10, Y4, Y5) + ROUND_AVX2(160(SP), 192(SP), 224(SP), 256(SP), Y10, Y4, Y5) + + VPXOR Y0, Y8, Y8 + VPXOR Y1, Y9, Y9 + VPXOR Y2, Y8, Y8 + VPXOR Y3, Y9, Y9 + + LEAQ 128(SI), SI + SUBQ $128, DI + JNE loop + + MOVQ R8, 0(BX) + MOVQ R9, 8(BX) + + VMOVDQU Y8, 0(AX) + VMOVDQU Y9, 32(AX) + VZEROUPPER + + MOVQ DX, SP + RET + +#define VPUNPCKLQDQ_X2_X2_X15 BYTE $0xC5; BYTE $0x69; BYTE $0x6C; BYTE $0xFA +#define VPUNPCKLQDQ_X3_X3_X15 BYTE $0xC5; BYTE $0x61; BYTE $0x6C; BYTE $0xFB +#define VPUNPCKLQDQ_X7_X7_X15 BYTE $0xC5; BYTE $0x41; BYTE $0x6C; BYTE $0xFF +#define VPUNPCKLQDQ_X13_X13_X15 BYTE $0xC4; BYTE $0x41; BYTE $0x11; BYTE $0x6C; BYTE $0xFD +#define VPUNPCKLQDQ_X14_X14_X15 BYTE $0xC4; BYTE $0x41; BYTE $0x09; BYTE $0x6C; BYTE $0xFE + +#define VPUNPCKHQDQ_X15_X2_X2 BYTE $0xC4; BYTE $0xC1; BYTE $0x69; BYTE $0x6D; BYTE $0xD7 +#define VPUNPCKHQDQ_X15_X3_X3 BYTE $0xC4; BYTE $0xC1; BYTE $0x61; BYTE $0x6D; BYTE $0xDF +#define VPUNPCKHQDQ_X15_X6_X6 BYTE $0xC4; BYTE $0xC1; BYTE $0x49; BYTE $0x6D; BYTE $0xF7 +#define VPUNPCKHQDQ_X15_X7_X7 BYTE $0xC4; BYTE $0xC1; BYTE $0x41; BYTE $0x6D; BYTE $0xFF +#define VPUNPCKHQDQ_X15_X3_X2 BYTE $0xC4; BYTE $0xC1; BYTE $0x61; BYTE $0x6D; BYTE $0xD7 +#define VPUNPCKHQDQ_X15_X7_X6 BYTE $0xC4; BYTE $0xC1; BYTE $0x41; BYTE $0x6D; BYTE $0xF7 +#define VPUNPCKHQDQ_X15_X13_X3 BYTE $0xC4; BYTE $0xC1; BYTE $0x11; BYTE $0x6D; BYTE $0xDF +#define VPUNPCKHQDQ_X15_X13_X7 BYTE $0xC4; BYTE $0xC1; BYTE $0x11; BYTE $0x6D; BYTE $0xFF + +#define SHUFFLE_AVX() \ + VMOVDQA X6, X13; \ + VMOVDQA X2, X14; \ + VMOVDQA X4, X6; \ + VPUNPCKLQDQ_X13_X13_X15; \ + VMOVDQA X5, X4; \ + VMOVDQA X6, X5; \ + VPUNPCKHQDQ_X15_X7_X6; \ + VPUNPCKLQDQ_X7_X7_X15; \ + VPUNPCKHQDQ_X15_X13_X7; \ + VPUNPCKLQDQ_X3_X3_X15; \ + VPUNPCKHQDQ_X15_X2_X2; \ + VPUNPCKLQDQ_X14_X14_X15; \ + VPUNPCKHQDQ_X15_X3_X3; \ + +#define SHUFFLE_AVX_INV() \ + VMOVDQA X2, X13; \ + VMOVDQA X4, X14; \ + VPUNPCKLQDQ_X2_X2_X15; \ + VMOVDQA X5, X4; \ + VPUNPCKHQDQ_X15_X3_X2; \ + VMOVDQA X14, X5; \ + VPUNPCKLQDQ_X3_X3_X15; \ + VMOVDQA X6, X14; \ + VPUNPCKHQDQ_X15_X13_X3; \ + VPUNPCKLQDQ_X7_X7_X15; \ + VPUNPCKHQDQ_X15_X6_X6; \ + VPUNPCKLQDQ_X14_X14_X15; \ + VPUNPCKHQDQ_X15_X7_X7; \ + +#define HALF_ROUND_AVX(v0, v1, v2, v3, v4, v5, v6, v7, m0, m1, m2, m3, t0, c40, c48) \ + VPADDQ m0, v0, v0; \ + VPADDQ v2, v0, v0; \ + VPADDQ m1, v1, v1; \ + VPADDQ v3, v1, v1; \ + VPXOR v0, v6, v6; \ + VPXOR v1, v7, v7; \ + VPSHUFD $-79, v6, v6; \ + VPSHUFD $-79, v7, v7; \ + VPADDQ v6, v4, v4; \ + VPADDQ v7, v5, v5; \ + VPXOR v4, v2, v2; \ + VPXOR v5, v3, v3; \ + VPSHUFB c40, v2, v2; \ + VPSHUFB c40, v3, v3; \ + VPADDQ m2, v0, v0; \ + VPADDQ v2, v0, v0; \ + VPADDQ m3, v1, v1; \ + VPADDQ v3, v1, v1; \ + VPXOR v0, v6, v6; \ + VPXOR v1, v7, v7; \ + VPSHUFB c48, v6, v6; \ + VPSHUFB c48, v7, v7; \ + VPADDQ v6, v4, v4; \ + VPADDQ v7, v5, v5; \ + VPXOR v4, v2, v2; \ + VPXOR v5, v3, v3; \ + VPADDQ v2, v2, t0; \ + VPSRLQ $63, v2, v2; \ + VPXOR t0, v2, v2; \ + VPADDQ v3, v3, t0; \ + VPSRLQ $63, v3, v3; \ + VPXOR t0, v3, v3 + +// load msg: X12 = (i0, i1), X13 = (i2, i3), X14 = (i4, i5), X15 = (i6, i7) +// i0, i1, i2, i3, i4, i5, i6, i7 must not be 0 +#define LOAD_MSG_AVX(i0, i1, i2, i3, i4, i5, i6, i7) \ + VMOVQ_SI_X12(i0*8); \ + VMOVQ_SI_X13(i2*8); \ + VMOVQ_SI_X14(i4*8); \ + VMOVQ_SI_X15(i6*8); \ + VPINSRQ_1_SI_X12(i1*8); \ + VPINSRQ_1_SI_X13(i3*8); \ + VPINSRQ_1_SI_X14(i5*8); \ + VPINSRQ_1_SI_X15(i7*8) + +// load msg: X12 = (0, 2), X13 = (4, 6), X14 = (1, 3), X15 = (5, 7) +#define LOAD_MSG_AVX_0_2_4_6_1_3_5_7() \ + VMOVQ_SI_X12_0; \ + VMOVQ_SI_X13(4*8); \ + VMOVQ_SI_X14(1*8); \ + VMOVQ_SI_X15(5*8); \ + VPINSRQ_1_SI_X12(2*8); \ + VPINSRQ_1_SI_X13(6*8); \ + VPINSRQ_1_SI_X14(3*8); \ + VPINSRQ_1_SI_X15(7*8) + +// load msg: X12 = (1, 0), X13 = (11, 5), X14 = (12, 2), X15 = (7, 3) +#define LOAD_MSG_AVX_1_0_11_5_12_2_7_3() \ + VPSHUFD $0x4E, 0*8(SI), X12; \ + VMOVQ_SI_X13(11*8); \ + VMOVQ_SI_X14(12*8); \ + VMOVQ_SI_X15(7*8); \ + VPINSRQ_1_SI_X13(5*8); \ + VPINSRQ_1_SI_X14(2*8); \ + VPINSRQ_1_SI_X15(3*8) + +// load msg: X12 = (11, 12), X13 = (5, 15), X14 = (8, 0), X15 = (2, 13) +#define LOAD_MSG_AVX_11_12_5_15_8_0_2_13() \ + VMOVDQU 11*8(SI), X12; \ + VMOVQ_SI_X13(5*8); \ + VMOVQ_SI_X14(8*8); \ + VMOVQ_SI_X15(2*8); \ + VPINSRQ_1_SI_X13(15*8); \ + VPINSRQ_1_SI_X14_0; \ + VPINSRQ_1_SI_X15(13*8) + +// load msg: X12 = (2, 5), X13 = (4, 15), X14 = (6, 10), X15 = (0, 8) +#define LOAD_MSG_AVX_2_5_4_15_6_10_0_8() \ + VMOVQ_SI_X12(2*8); \ + VMOVQ_SI_X13(4*8); \ + VMOVQ_SI_X14(6*8); \ + VMOVQ_SI_X15_0; \ + VPINSRQ_1_SI_X12(5*8); \ + VPINSRQ_1_SI_X13(15*8); \ + VPINSRQ_1_SI_X14(10*8); \ + VPINSRQ_1_SI_X15(8*8) + +// load msg: X12 = (9, 5), X13 = (2, 10), X14 = (0, 7), X15 = (4, 15) +#define LOAD_MSG_AVX_9_5_2_10_0_7_4_15() \ + VMOVQ_SI_X12(9*8); \ + VMOVQ_SI_X13(2*8); \ + VMOVQ_SI_X14_0; \ + VMOVQ_SI_X15(4*8); \ + VPINSRQ_1_SI_X12(5*8); \ + VPINSRQ_1_SI_X13(10*8); \ + VPINSRQ_1_SI_X14(7*8); \ + VPINSRQ_1_SI_X15(15*8) + +// load msg: X12 = (2, 6), X13 = (0, 8), X14 = (12, 10), X15 = (11, 3) +#define LOAD_MSG_AVX_2_6_0_8_12_10_11_3() \ + VMOVQ_SI_X12(2*8); \ + VMOVQ_SI_X13_0; \ + VMOVQ_SI_X14(12*8); \ + VMOVQ_SI_X15(11*8); \ + VPINSRQ_1_SI_X12(6*8); \ + VPINSRQ_1_SI_X13(8*8); \ + VPINSRQ_1_SI_X14(10*8); \ + VPINSRQ_1_SI_X15(3*8) + +// load msg: X12 = (0, 6), X13 = (9, 8), X14 = (7, 3), X15 = (2, 11) +#define LOAD_MSG_AVX_0_6_9_8_7_3_2_11() \ + MOVQ 0*8(SI), X12; \ + VPSHUFD $0x4E, 8*8(SI), X13; \ + MOVQ 7*8(SI), X14; \ + MOVQ 2*8(SI), X15; \ + VPINSRQ_1_SI_X12(6*8); \ + VPINSRQ_1_SI_X14(3*8); \ + VPINSRQ_1_SI_X15(11*8) + +// load msg: X12 = (6, 14), X13 = (11, 0), X14 = (15, 9), X15 = (3, 8) +#define LOAD_MSG_AVX_6_14_11_0_15_9_3_8() \ + MOVQ 6*8(SI), X12; \ + MOVQ 11*8(SI), X13; \ + MOVQ 15*8(SI), X14; \ + MOVQ 3*8(SI), X15; \ + VPINSRQ_1_SI_X12(14*8); \ + VPINSRQ_1_SI_X13_0; \ + VPINSRQ_1_SI_X14(9*8); \ + VPINSRQ_1_SI_X15(8*8) + +// load msg: X12 = (5, 15), X13 = (8, 2), X14 = (0, 4), X15 = (6, 10) +#define LOAD_MSG_AVX_5_15_8_2_0_4_6_10() \ + MOVQ 5*8(SI), X12; \ + MOVQ 8*8(SI), X13; \ + MOVQ 0*8(SI), X14; \ + MOVQ 6*8(SI), X15; \ + VPINSRQ_1_SI_X12(15*8); \ + VPINSRQ_1_SI_X13(2*8); \ + VPINSRQ_1_SI_X14(4*8); \ + VPINSRQ_1_SI_X15(10*8) + +// load msg: X12 = (12, 13), X13 = (1, 10), X14 = (2, 7), X15 = (4, 5) +#define LOAD_MSG_AVX_12_13_1_10_2_7_4_5() \ + VMOVDQU 12*8(SI), X12; \ + MOVQ 1*8(SI), X13; \ + MOVQ 2*8(SI), X14; \ + VPINSRQ_1_SI_X13(10*8); \ + VPINSRQ_1_SI_X14(7*8); \ + VMOVDQU 4*8(SI), X15 + +// load msg: X12 = (15, 9), X13 = (3, 13), X14 = (11, 14), X15 = (12, 0) +#define LOAD_MSG_AVX_15_9_3_13_11_14_12_0() \ + MOVQ 15*8(SI), X12; \ + MOVQ 3*8(SI), X13; \ + MOVQ 11*8(SI), X14; \ + MOVQ 12*8(SI), X15; \ + VPINSRQ_1_SI_X12(9*8); \ + VPINSRQ_1_SI_X13(13*8); \ + VPINSRQ_1_SI_X14(14*8); \ + VPINSRQ_1_SI_X15_0 + +// func hashBlocksAVX(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) +TEXT ·hashBlocksAVX(SB), 4, $288-48 // frame size = 272 + 16 byte alignment + MOVQ h+0(FP), AX + MOVQ c+8(FP), BX + MOVQ flag+16(FP), CX + MOVQ blocks_base+24(FP), SI + MOVQ blocks_len+32(FP), DI + + MOVQ SP, BP + MOVQ SP, R9 + ADDQ $15, R9 + ANDQ $~15, R9 + MOVQ R9, SP + + VMOVDQU ·AVX_c40<>(SB), X0 + VMOVDQU ·AVX_c48<>(SB), X1 + VMOVDQA X0, X8 + VMOVDQA X1, X9 + + VMOVDQU ·AVX_iv3<>(SB), X0 + VMOVDQA X0, 0(SP) + XORQ CX, 0(SP) // 0(SP) = ·AVX_iv3 ^ (CX || 0) + + VMOVDQU 0(AX), X10 + VMOVDQU 16(AX), X11 + VMOVDQU 32(AX), X2 + VMOVDQU 48(AX), X3 + + MOVQ 0(BX), R8 + MOVQ 8(BX), R9 + +loop: + ADDQ $128, R8 + CMPQ R8, $128 + JGE noinc + INCQ R9 + +noinc: + VMOVQ_R8_X15 + VPINSRQ_1_R9_X15 + + VMOVDQA X10, X0 + VMOVDQA X11, X1 + VMOVDQU ·AVX_iv0<>(SB), X4 + VMOVDQU ·AVX_iv1<>(SB), X5 + VMOVDQU ·AVX_iv2<>(SB), X6 + + VPXOR X15, X6, X6 + VMOVDQA 0(SP), X7 + + LOAD_MSG_AVX_0_2_4_6_1_3_5_7() + VMOVDQA X12, 16(SP) + VMOVDQA X13, 32(SP) + VMOVDQA X14, 48(SP) + VMOVDQA X15, 64(SP) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX(8, 10, 12, 14, 9, 11, 13, 15) + VMOVDQA X12, 80(SP) + VMOVDQA X13, 96(SP) + VMOVDQA X14, 112(SP) + VMOVDQA X15, 128(SP) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX(14, 4, 9, 13, 10, 8, 15, 6) + VMOVDQA X12, 144(SP) + VMOVDQA X13, 160(SP) + VMOVDQA X14, 176(SP) + VMOVDQA X15, 192(SP) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_1_0_11_5_12_2_7_3() + VMOVDQA X12, 208(SP) + VMOVDQA X13, 224(SP) + VMOVDQA X14, 240(SP) + VMOVDQA X15, 256(SP) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX_11_12_5_15_8_0_2_13() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX(10, 3, 7, 9, 14, 6, 1, 4) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX(7, 3, 13, 11, 9, 1, 12, 14) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_2_5_4_15_6_10_0_8() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX_9_5_2_10_0_7_4_15() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX(14, 11, 6, 3, 1, 12, 8, 13) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX_2_6_0_8_12_10_11_3() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX(4, 7, 15, 1, 13, 5, 14, 9) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX(12, 1, 14, 4, 5, 15, 13, 10) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_0_6_9_8_7_3_2_11() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX(13, 7, 12, 3, 11, 14, 1, 9) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_5_15_8_2_0_4_6_10() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX_6_14_11_0_15_9_3_8() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_12_13_1_10_2_7_4_5() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + LOAD_MSG_AVX(10, 8, 7, 1, 2, 4, 6, 5) + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX() + LOAD_MSG_AVX_15_9_3_13_11_14_12_0() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, X12, X13, X14, X15, X15, X8, X9) + SHUFFLE_AVX_INV() + + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, 16(SP), 32(SP), 48(SP), 64(SP), X15, X8, X9) + SHUFFLE_AVX() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, 80(SP), 96(SP), 112(SP), 128(SP), X15, X8, X9) + SHUFFLE_AVX_INV() + + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, 144(SP), 160(SP), 176(SP), 192(SP), X15, X8, X9) + SHUFFLE_AVX() + HALF_ROUND_AVX(X0, X1, X2, X3, X4, X5, X6, X7, 208(SP), 224(SP), 240(SP), 256(SP), X15, X8, X9) + SHUFFLE_AVX_INV() + + VMOVDQU 32(AX), X14 + VMOVDQU 48(AX), X15 + VPXOR X0, X10, X10 + VPXOR X1, X11, X11 + VPXOR X2, X14, X14 + VPXOR X3, X15, X15 + VPXOR X4, X10, X10 + VPXOR X5, X11, X11 + VPXOR X6, X14, X2 + VPXOR X7, X15, X3 + VMOVDQU X2, 32(AX) + VMOVDQU X3, 48(AX) + + LEAQ 128(SI), SI + SUBQ $128, DI + JNE loop + + VMOVDQU X10, 0(AX) + VMOVDQU X11, 16(AX) + + MOVQ R8, 0(BX) + MOVQ R9, 8(BX) + VZEROUPPER + + MOVQ BP, SP + RET + +// func supportsAVX2() bool +TEXT ·supportsAVX2(SB), 4, $0-1 + MOVQ runtime·support_avx2(SB), AX + MOVB AX, ret+0(FP) + RET + +// func supportsAVX() bool +TEXT ·supportsAVX(SB), 4, $0-1 + MOVQ runtime·support_avx(SB), AX + MOVB AX, ret+0(FP) + RET diff --git a/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.go b/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.go new file mode 100644 index 0000000000..2ab7c30fc2 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.go @@ -0,0 +1,25 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !go1.7,amd64,!gccgo,!appengine + +package blake2b + +func init() { + useSSE4 = supportsSSE4() +} + +//go:noescape +func supportsSSE4() bool + +//go:noescape +func hashBlocksSSE4(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) + +func hashBlocks(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) { + if useSSE4 { + hashBlocksSSE4(h, c, flag, blocks) + } else { + hashBlocksGeneric(h, c, flag, blocks) + } +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.s b/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.s new file mode 100644 index 0000000000..64530740b4 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2b_amd64.s @@ -0,0 +1,290 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!gccgo,!appengine + +#include "textflag.h" + +DATA ·iv0<>+0x00(SB)/8, $0x6a09e667f3bcc908 +DATA ·iv0<>+0x08(SB)/8, $0xbb67ae8584caa73b +GLOBL ·iv0<>(SB), (NOPTR+RODATA), $16 + +DATA ·iv1<>+0x00(SB)/8, $0x3c6ef372fe94f82b +DATA ·iv1<>+0x08(SB)/8, $0xa54ff53a5f1d36f1 +GLOBL ·iv1<>(SB), (NOPTR+RODATA), $16 + +DATA ·iv2<>+0x00(SB)/8, $0x510e527fade682d1 +DATA ·iv2<>+0x08(SB)/8, $0x9b05688c2b3e6c1f +GLOBL ·iv2<>(SB), (NOPTR+RODATA), $16 + +DATA ·iv3<>+0x00(SB)/8, $0x1f83d9abfb41bd6b +DATA ·iv3<>+0x08(SB)/8, $0x5be0cd19137e2179 +GLOBL ·iv3<>(SB), (NOPTR+RODATA), $16 + +DATA ·c40<>+0x00(SB)/8, $0x0201000706050403 +DATA ·c40<>+0x08(SB)/8, $0x0a09080f0e0d0c0b +GLOBL ·c40<>(SB), (NOPTR+RODATA), $16 + +DATA ·c48<>+0x00(SB)/8, $0x0100070605040302 +DATA ·c48<>+0x08(SB)/8, $0x09080f0e0d0c0b0a +GLOBL ·c48<>(SB), (NOPTR+RODATA), $16 + +#define SHUFFLE(v2, v3, v4, v5, v6, v7, t1, t2) \ + MOVO v4, t1; \ + MOVO v5, v4; \ + MOVO t1, v5; \ + MOVO v6, t1; \ + PUNPCKLQDQ v6, t2; \ + PUNPCKHQDQ v7, v6; \ + PUNPCKHQDQ t2, v6; \ + PUNPCKLQDQ v7, t2; \ + MOVO t1, v7; \ + MOVO v2, t1; \ + PUNPCKHQDQ t2, v7; \ + PUNPCKLQDQ v3, t2; \ + PUNPCKHQDQ t2, v2; \ + PUNPCKLQDQ t1, t2; \ + PUNPCKHQDQ t2, v3 + +#define SHUFFLE_INV(v2, v3, v4, v5, v6, v7, t1, t2) \ + MOVO v4, t1; \ + MOVO v5, v4; \ + MOVO t1, v5; \ + MOVO v2, t1; \ + PUNPCKLQDQ v2, t2; \ + PUNPCKHQDQ v3, v2; \ + PUNPCKHQDQ t2, v2; \ + PUNPCKLQDQ v3, t2; \ + MOVO t1, v3; \ + MOVO v6, t1; \ + PUNPCKHQDQ t2, v3; \ + PUNPCKLQDQ v7, t2; \ + PUNPCKHQDQ t2, v6; \ + PUNPCKLQDQ t1, t2; \ + PUNPCKHQDQ t2, v7 + +#define HALF_ROUND(v0, v1, v2, v3, v4, v5, v6, v7, m0, m1, m2, m3, t0, c40, c48) \ + PADDQ m0, v0; \ + PADDQ m1, v1; \ + PADDQ v2, v0; \ + PADDQ v3, v1; \ + PXOR v0, v6; \ + PXOR v1, v7; \ + PSHUFD $0xB1, v6, v6; \ + PSHUFD $0xB1, v7, v7; \ + PADDQ v6, v4; \ + PADDQ v7, v5; \ + PXOR v4, v2; \ + PXOR v5, v3; \ + PSHUFB c40, v2; \ + PSHUFB c40, v3; \ + PADDQ m2, v0; \ + PADDQ m3, v1; \ + PADDQ v2, v0; \ + PADDQ v3, v1; \ + PXOR v0, v6; \ + PXOR v1, v7; \ + PSHUFB c48, v6; \ + PSHUFB c48, v7; \ + PADDQ v6, v4; \ + PADDQ v7, v5; \ + PXOR v4, v2; \ + PXOR v5, v3; \ + MOVOU v2, t0; \ + PADDQ v2, t0; \ + PSRLQ $63, v2; \ + PXOR t0, v2; \ + MOVOU v3, t0; \ + PADDQ v3, t0; \ + PSRLQ $63, v3; \ + PXOR t0, v3 + +#define LOAD_MSG(m0, m1, m2, m3, src, i0, i1, i2, i3, i4, i5, i6, i7) \ + MOVQ i0*8(src), m0; \ + PINSRQ $1, i1*8(src), m0; \ + MOVQ i2*8(src), m1; \ + PINSRQ $1, i3*8(src), m1; \ + MOVQ i4*8(src), m2; \ + PINSRQ $1, i5*8(src), m2; \ + MOVQ i6*8(src), m3; \ + PINSRQ $1, i7*8(src), m3 + +// func hashBlocksSSE4(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) +TEXT ·hashBlocksSSE4(SB), 4, $288-48 // frame size = 272 + 16 byte alignment + MOVQ h+0(FP), AX + MOVQ c+8(FP), BX + MOVQ flag+16(FP), CX + MOVQ blocks_base+24(FP), SI + MOVQ blocks_len+32(FP), DI + + MOVQ SP, BP + MOVQ SP, R9 + ADDQ $15, R9 + ANDQ $~15, R9 + MOVQ R9, SP + + MOVOU ·iv3<>(SB), X0 + MOVO X0, 0(SP) + XORQ CX, 0(SP) // 0(SP) = ·iv3 ^ (CX || 0) + + MOVOU ·c40<>(SB), X13 + MOVOU ·c48<>(SB), X14 + + MOVOU 0(AX), X12 + MOVOU 16(AX), X15 + + MOVQ 0(BX), R8 + MOVQ 8(BX), R9 + +loop: + ADDQ $128, R8 + CMPQ R8, $128 + JGE noinc + INCQ R9 + +noinc: + MOVQ R8, X8 + PINSRQ $1, R9, X8 + + MOVO X12, X0 + MOVO X15, X1 + MOVOU 32(AX), X2 + MOVOU 48(AX), X3 + MOVOU ·iv0<>(SB), X4 + MOVOU ·iv1<>(SB), X5 + MOVOU ·iv2<>(SB), X6 + + PXOR X8, X6 + MOVO 0(SP), X7 + + LOAD_MSG(X8, X9, X10, X11, SI, 0, 2, 4, 6, 1, 3, 5, 7) + MOVO X8, 16(SP) + MOVO X9, 32(SP) + MOVO X10, 48(SP) + MOVO X11, 64(SP) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 8, 10, 12, 14, 9, 11, 13, 15) + MOVO X8, 80(SP) + MOVO X9, 96(SP) + MOVO X10, 112(SP) + MOVO X11, 128(SP) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 14, 4, 9, 13, 10, 8, 15, 6) + MOVO X8, 144(SP) + MOVO X9, 160(SP) + MOVO X10, 176(SP) + MOVO X11, 192(SP) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 1, 0, 11, 5, 12, 2, 7, 3) + MOVO X8, 208(SP) + MOVO X9, 224(SP) + MOVO X10, 240(SP) + MOVO X11, 256(SP) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 11, 12, 5, 15, 8, 0, 2, 13) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 10, 3, 7, 9, 14, 6, 1, 4) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 7, 3, 13, 11, 9, 1, 12, 14) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 2, 5, 4, 15, 6, 10, 0, 8) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 9, 5, 2, 10, 0, 7, 4, 15) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 14, 11, 6, 3, 1, 12, 8, 13) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 2, 6, 0, 8, 12, 10, 11, 3) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 4, 7, 15, 1, 13, 5, 14, 9) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 12, 1, 14, 4, 5, 15, 13, 10) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 0, 6, 9, 8, 7, 3, 2, 11) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 13, 7, 12, 3, 11, 14, 1, 9) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 5, 15, 8, 2, 0, 4, 6, 10) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 6, 14, 11, 0, 15, 9, 3, 8) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 12, 13, 1, 10, 2, 7, 4, 5) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + LOAD_MSG(X8, X9, X10, X11, SI, 10, 8, 7, 1, 2, 4, 6, 5) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + LOAD_MSG(X8, X9, X10, X11, SI, 15, 9, 3, 13, 11, 14, 12, 0) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, 16(SP), 32(SP), 48(SP), 64(SP), X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, 80(SP), 96(SP), 112(SP), 128(SP), X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, 144(SP), 160(SP), 176(SP), 192(SP), X11, X13, X14) + SHUFFLE(X2, X3, X4, X5, X6, X7, X8, X9) + HALF_ROUND(X0, X1, X2, X3, X4, X5, X6, X7, 208(SP), 224(SP), 240(SP), 256(SP), X11, X13, X14) + SHUFFLE_INV(X2, X3, X4, X5, X6, X7, X8, X9) + + MOVOU 32(AX), X10 + MOVOU 48(AX), X11 + PXOR X0, X12 + PXOR X1, X15 + PXOR X2, X10 + PXOR X3, X11 + PXOR X4, X12 + PXOR X5, X15 + PXOR X6, X10 + PXOR X7, X11 + MOVOU X10, 32(AX) + MOVOU X11, 48(AX) + + LEAQ 128(SI), SI + SUBQ $128, DI + JNE loop + + MOVOU X12, 0(AX) + MOVOU X15, 16(AX) + + MOVQ R8, 0(BX) + MOVQ R9, 8(BX) + + MOVQ BP, SP + RET + +// func supportsSSE4() bool +TEXT ·supportsSSE4(SB), 4, $0-1 + MOVL $1, AX + CPUID + SHRL $19, CX // Bit 19 indicates SSE4 support + ANDL $1, CX // CX != 0 if support SSE4 + MOVB CX, ret+0(FP) + RET diff --git a/vendor/golang.org/x/crypto/blake2b/blake2b_generic.go b/vendor/golang.org/x/crypto/blake2b/blake2b_generic.go new file mode 100644 index 0000000000..4bd2abc916 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2b_generic.go @@ -0,0 +1,179 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package blake2b + +import "encoding/binary" + +// the precomputed values for BLAKE2b +// there are 12 16-byte arrays - one for each round +// the entries are calculated from the sigma constants. +var precomputed = [12][16]byte{ + {0, 2, 4, 6, 1, 3, 5, 7, 8, 10, 12, 14, 9, 11, 13, 15}, + {14, 4, 9, 13, 10, 8, 15, 6, 1, 0, 11, 5, 12, 2, 7, 3}, + {11, 12, 5, 15, 8, 0, 2, 13, 10, 3, 7, 9, 14, 6, 1, 4}, + {7, 3, 13, 11, 9, 1, 12, 14, 2, 5, 4, 15, 6, 10, 0, 8}, + {9, 5, 2, 10, 0, 7, 4, 15, 14, 11, 6, 3, 1, 12, 8, 13}, + {2, 6, 0, 8, 12, 10, 11, 3, 4, 7, 15, 1, 13, 5, 14, 9}, + {12, 1, 14, 4, 5, 15, 13, 10, 0, 6, 9, 8, 7, 3, 2, 11}, + {13, 7, 12, 3, 11, 14, 1, 9, 5, 15, 8, 2, 0, 4, 6, 10}, + {6, 14, 11, 0, 15, 9, 3, 8, 12, 13, 1, 10, 2, 7, 4, 5}, + {10, 8, 7, 1, 2, 4, 6, 5, 15, 9, 3, 13, 11, 14, 12, 0}, + {0, 2, 4, 6, 1, 3, 5, 7, 8, 10, 12, 14, 9, 11, 13, 15}, // equal to the first + {14, 4, 9, 13, 10, 8, 15, 6, 1, 0, 11, 5, 12, 2, 7, 3}, // equal to the second +} + +func hashBlocksGeneric(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) { + var m [16]uint64 + c0, c1 := c[0], c[1] + + for i := 0; i < len(blocks); { + c0 += BlockSize + if c0 < BlockSize { + c1++ + } + + v0, v1, v2, v3, v4, v5, v6, v7 := h[0], h[1], h[2], h[3], h[4], h[5], h[6], h[7] + v8, v9, v10, v11, v12, v13, v14, v15 := iv[0], iv[1], iv[2], iv[3], iv[4], iv[5], iv[6], iv[7] + v12 ^= c0 + v13 ^= c1 + v14 ^= flag + + for j := range m { + m[j] = binary.LittleEndian.Uint64(blocks[i:]) + i += 8 + } + + for j := range precomputed { + s := &(precomputed[j]) + + v0 += m[s[0]] + v0 += v4 + v12 ^= v0 + v12 = v12<<(64-32) | v12>>32 + v8 += v12 + v4 ^= v8 + v4 = v4<<(64-24) | v4>>24 + v1 += m[s[1]] + v1 += v5 + v13 ^= v1 + v13 = v13<<(64-32) | v13>>32 + v9 += v13 + v5 ^= v9 + v5 = v5<<(64-24) | v5>>24 + v2 += m[s[2]] + v2 += v6 + v14 ^= v2 + v14 = v14<<(64-32) | v14>>32 + v10 += v14 + v6 ^= v10 + v6 = v6<<(64-24) | v6>>24 + v3 += m[s[3]] + v3 += v7 + v15 ^= v3 + v15 = v15<<(64-32) | v15>>32 + v11 += v15 + v7 ^= v11 + v7 = v7<<(64-24) | v7>>24 + + v0 += m[s[4]] + v0 += v4 + v12 ^= v0 + v12 = v12<<(64-16) | v12>>16 + v8 += v12 + v4 ^= v8 + v4 = v4<<(64-63) | v4>>63 + v1 += m[s[5]] + v1 += v5 + v13 ^= v1 + v13 = v13<<(64-16) | v13>>16 + v9 += v13 + v5 ^= v9 + v5 = v5<<(64-63) | v5>>63 + v2 += m[s[6]] + v2 += v6 + v14 ^= v2 + v14 = v14<<(64-16) | v14>>16 + v10 += v14 + v6 ^= v10 + v6 = v6<<(64-63) | v6>>63 + v3 += m[s[7]] + v3 += v7 + v15 ^= v3 + v15 = v15<<(64-16) | v15>>16 + v11 += v15 + v7 ^= v11 + v7 = v7<<(64-63) | v7>>63 + + v0 += m[s[8]] + v0 += v5 + v15 ^= v0 + v15 = v15<<(64-32) | v15>>32 + v10 += v15 + v5 ^= v10 + v5 = v5<<(64-24) | v5>>24 + v1 += m[s[9]] + v1 += v6 + v12 ^= v1 + v12 = v12<<(64-32) | v12>>32 + v11 += v12 + v6 ^= v11 + v6 = v6<<(64-24) | v6>>24 + v2 += m[s[10]] + v2 += v7 + v13 ^= v2 + v13 = v13<<(64-32) | v13>>32 + v8 += v13 + v7 ^= v8 + v7 = v7<<(64-24) | v7>>24 + v3 += m[s[11]] + v3 += v4 + v14 ^= v3 + v14 = v14<<(64-32) | v14>>32 + v9 += v14 + v4 ^= v9 + v4 = v4<<(64-24) | v4>>24 + + v0 += m[s[12]] + v0 += v5 + v15 ^= v0 + v15 = v15<<(64-16) | v15>>16 + v10 += v15 + v5 ^= v10 + v5 = v5<<(64-63) | v5>>63 + v1 += m[s[13]] + v1 += v6 + v12 ^= v1 + v12 = v12<<(64-16) | v12>>16 + v11 += v12 + v6 ^= v11 + v6 = v6<<(64-63) | v6>>63 + v2 += m[s[14]] + v2 += v7 + v13 ^= v2 + v13 = v13<<(64-16) | v13>>16 + v8 += v13 + v7 ^= v8 + v7 = v7<<(64-63) | v7>>63 + v3 += m[s[15]] + v3 += v4 + v14 ^= v3 + v14 = v14<<(64-16) | v14>>16 + v9 += v14 + v4 ^= v9 + v4 = v4<<(64-63) | v4>>63 + + } + + h[0] ^= v0 ^ v8 + h[1] ^= v1 ^ v9 + h[2] ^= v2 ^ v10 + h[3] ^= v3 ^ v11 + h[4] ^= v4 ^ v12 + h[5] ^= v5 ^ v13 + h[6] ^= v6 ^ v14 + h[7] ^= v7 ^ v15 + } + c[0], c[1] = c0, c1 +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2b_ref.go b/vendor/golang.org/x/crypto/blake2b/blake2b_ref.go new file mode 100644 index 0000000000..da156a1ba6 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2b_ref.go @@ -0,0 +1,11 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64 appengine gccgo + +package blake2b + +func hashBlocks(h *[8]uint64, c *[2]uint64, flag uint64, blocks []byte) { + hashBlocksGeneric(h, c, flag, blocks) +} diff --git a/vendor/golang.org/x/crypto/blake2b/blake2x.go b/vendor/golang.org/x/crypto/blake2b/blake2x.go new file mode 100644 index 0000000000..c814496a76 --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/blake2x.go @@ -0,0 +1,177 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package blake2b + +import ( + "encoding/binary" + "errors" + "io" +) + +// XOF defines the interface to hash functions that +// support arbitrary-length output. +type XOF interface { + // Write absorbs more data into the hash's state. It panics if called + // after Read. + io.Writer + + // Read reads more output from the hash. It returns io.EOF if the limit + // has been reached. + io.Reader + + // Clone returns a copy of the XOF in its current state. + Clone() XOF + + // Reset resets the XOF to its initial state. + Reset() +} + +// OutputLengthUnknown can be used as the size argument to NewXOF to indicate +// the the length of the output is not known in advance. +const OutputLengthUnknown = 0 + +// magicUnknownOutputLength is a magic value for the output size that indicates +// an unknown number of output bytes. +const magicUnknownOutputLength = (1 << 32) - 1 + +// maxOutputLength is the absolute maximum number of bytes to produce when the +// number of output bytes is unknown. +const maxOutputLength = (1 << 32) * 64 + +// NewXOF creates a new variable-output-length hash. The hash either produce a +// known number of bytes (1 <= size < 2**32-1), or an unknown number of bytes +// (size == OutputLengthUnknown). In the latter case, an absolute limit of +// 256GiB applies. +// +// A non-nil key turns the hash into a MAC. The key must between +// zero and 32 bytes long. +func NewXOF(size uint32, key []byte) (XOF, error) { + if len(key) > Size { + return nil, errKeySize + } + if size == magicUnknownOutputLength { + // 2^32-1 indicates an unknown number of bytes and thus isn't a + // valid length. + return nil, errors.New("blake2b: XOF length too large") + } + if size == OutputLengthUnknown { + size = magicUnknownOutputLength + } + x := &xof{ + d: digest{ + size: Size, + keyLen: len(key), + }, + length: size, + } + copy(x.d.key[:], key) + x.Reset() + return x, nil +} + +type xof struct { + d digest + length uint32 + remaining uint64 + cfg, root, block [Size]byte + offset int + nodeOffset uint32 + readMode bool +} + +func (x *xof) Write(p []byte) (n int, err error) { + if x.readMode { + panic("blake2b: write to XOF after read") + } + return x.d.Write(p) +} + +func (x *xof) Clone() XOF { + clone := *x + return &clone +} + +func (x *xof) Reset() { + x.cfg[0] = byte(Size) + binary.LittleEndian.PutUint32(x.cfg[4:], uint32(Size)) // leaf length + binary.LittleEndian.PutUint32(x.cfg[12:], x.length) // XOF length + x.cfg[17] = byte(Size) // inner hash size + + x.d.Reset() + x.d.h[1] ^= uint64(x.length) << 32 + + x.remaining = uint64(x.length) + if x.remaining == magicUnknownOutputLength { + x.remaining = maxOutputLength + } + x.offset, x.nodeOffset = 0, 0 + x.readMode = false +} + +func (x *xof) Read(p []byte) (n int, err error) { + if !x.readMode { + x.d.finalize(&x.root) + x.readMode = true + } + + if x.remaining == 0 { + return 0, io.EOF + } + + n = len(p) + if uint64(n) > x.remaining { + n = int(x.remaining) + p = p[:n] + } + + if x.offset > 0 { + blockRemaining := Size - x.offset + if n < blockRemaining { + x.offset += copy(p, x.block[x.offset:]) + x.remaining -= uint64(n) + return + } + copy(p, x.block[x.offset:]) + p = p[blockRemaining:] + x.offset = 0 + x.remaining -= uint64(blockRemaining) + } + + for len(p) >= Size { + binary.LittleEndian.PutUint32(x.cfg[8:], x.nodeOffset) + x.nodeOffset++ + + x.d.initConfig(&x.cfg) + x.d.Write(x.root[:]) + x.d.finalize(&x.block) + + copy(p, x.block[:]) + p = p[Size:] + x.remaining -= uint64(Size) + } + + if todo := len(p); todo > 0 { + if x.remaining < uint64(Size) { + x.cfg[0] = byte(x.remaining) + } + binary.LittleEndian.PutUint32(x.cfg[8:], x.nodeOffset) + x.nodeOffset++ + + x.d.initConfig(&x.cfg) + x.d.Write(x.root[:]) + x.d.finalize(&x.block) + + x.offset = copy(p, x.block[:todo]) + x.remaining -= uint64(todo) + } + return +} + +func (d *digest) initConfig(cfg *[Size]byte) { + d.offset, d.c[0], d.c[1] = 0, 0, 0 + for i := range d.h { + d.h[i] = iv[i] ^ binary.LittleEndian.Uint64(cfg[i*8:]) + } +} diff --git a/vendor/golang.org/x/crypto/blake2b/register.go b/vendor/golang.org/x/crypto/blake2b/register.go new file mode 100644 index 0000000000..efd689af4b --- /dev/null +++ b/vendor/golang.org/x/crypto/blake2b/register.go @@ -0,0 +1,32 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build go1.9 + +package blake2b + +import ( + "crypto" + "hash" +) + +func init() { + newHash256 := func() hash.Hash { + h, _ := New256(nil) + return h + } + newHash384 := func() hash.Hash { + h, _ := New384(nil) + return h + } + + newHash512 := func() hash.Hash { + h, _ := New512(nil) + return h + } + + crypto.RegisterHash(crypto.BLAKE2b_256, newHash256) + crypto.RegisterHash(crypto.BLAKE2b_384, newHash384) + crypto.RegisterHash(crypto.BLAKE2b_512, newHash512) +} diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go new file mode 100644 index 0000000000..3f0dcb9d8c --- /dev/null +++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go @@ -0,0 +1,83 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539. +package chacha20poly1305 // import "golang.org/x/crypto/chacha20poly1305" + +import ( + "crypto/cipher" + "errors" +) + +const ( + // KeySize is the size of the key used by this AEAD, in bytes. + KeySize = 32 + // NonceSize is the size of the nonce used with this AEAD, in bytes. + NonceSize = 12 +) + +type chacha20poly1305 struct { + key [32]byte +} + +// New returns a ChaCha20-Poly1305 AEAD that uses the given, 256-bit key. +func New(key []byte) (cipher.AEAD, error) { + if len(key) != KeySize { + return nil, errors.New("chacha20poly1305: bad key length") + } + ret := new(chacha20poly1305) + copy(ret.key[:], key) + return ret, nil +} + +func (c *chacha20poly1305) NonceSize() int { + return NonceSize +} + +func (c *chacha20poly1305) Overhead() int { + return 16 +} + +func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte { + if len(nonce) != NonceSize { + panic("chacha20poly1305: bad nonce length passed to Seal") + } + + if uint64(len(plaintext)) > (1<<38)-64 { + panic("chacha20poly1305: plaintext too large") + } + + return c.seal(dst, nonce, plaintext, additionalData) +} + +var errOpen = errors.New("chacha20poly1305: message authentication failed") + +func (c *chacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { + if len(nonce) != NonceSize { + panic("chacha20poly1305: bad nonce length passed to Open") + } + if len(ciphertext) < 16 { + return nil, errOpen + } + if uint64(len(ciphertext)) > (1<<38)-48 { + panic("chacha20poly1305: ciphertext too large") + } + + return c.open(dst, nonce, ciphertext, additionalData) +} + +// sliceForAppend takes a slice and a requested number of bytes. It returns a +// slice with the contents of the given slice followed by that many bytes and a +// second slice that aliases into it and contains only the extra bytes. If the +// original slice has sufficient capacity then no allocation is performed. +func sliceForAppend(in []byte, n int) (head, tail []byte) { + if total := len(in) + n; cap(in) >= total { + head = in[:total] + } else { + head = make([]byte, total) + copy(head, in) + } + tail = head[len(in):] + return +} diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go new file mode 100644 index 0000000000..7cd7ad834f --- /dev/null +++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go @@ -0,0 +1,127 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build go1.7,amd64,!gccgo,!appengine + +package chacha20poly1305 + +import "encoding/binary" + +//go:noescape +func chacha20Poly1305Open(dst []byte, key []uint32, src, ad []byte) bool + +//go:noescape +func chacha20Poly1305Seal(dst []byte, key []uint32, src, ad []byte) + +// cpuid is implemented in chacha20poly1305_amd64.s. +func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) + +// xgetbv with ecx = 0 is implemented in chacha20poly1305_amd64.s. +func xgetbv() (eax, edx uint32) + +var ( + useASM bool + useAVX2 bool +) + +func init() { + detectCPUFeatures() +} + +// detectCPUFeatures is used to detect if cpu instructions +// used by the functions implemented in assembler in +// chacha20poly1305_amd64.s are supported. +func detectCPUFeatures() { + maxID, _, _, _ := cpuid(0, 0) + if maxID < 1 { + return + } + + _, _, ecx1, _ := cpuid(1, 0) + + haveSSSE3 := isSet(9, ecx1) + useASM = haveSSSE3 + + haveOSXSAVE := isSet(27, ecx1) + + osSupportsAVX := false + // For XGETBV, OSXSAVE bit is required and sufficient. + if haveOSXSAVE { + eax, _ := xgetbv() + // Check if XMM and YMM registers have OS support. + osSupportsAVX = isSet(1, eax) && isSet(2, eax) + } + haveAVX := isSet(28, ecx1) && osSupportsAVX + + if maxID < 7 { + return + } + + _, ebx7, _, _ := cpuid(7, 0) + haveAVX2 := isSet(5, ebx7) && haveAVX + haveBMI2 := isSet(8, ebx7) + + useAVX2 = haveAVX2 && haveBMI2 +} + +// isSet checks if bit at bitpos is set in value. +func isSet(bitpos uint, value uint32) bool { + return value&(1<+0x00(SB)/4, $0x61707865 +DATA ·chacha20Constants<>+0x04(SB)/4, $0x3320646e +DATA ·chacha20Constants<>+0x08(SB)/4, $0x79622d32 +DATA ·chacha20Constants<>+0x0c(SB)/4, $0x6b206574 +DATA ·chacha20Constants<>+0x10(SB)/4, $0x61707865 +DATA ·chacha20Constants<>+0x14(SB)/4, $0x3320646e +DATA ·chacha20Constants<>+0x18(SB)/4, $0x79622d32 +DATA ·chacha20Constants<>+0x1c(SB)/4, $0x6b206574 +// <<< 16 with PSHUFB +DATA ·rol16<>+0x00(SB)/8, $0x0504070601000302 +DATA ·rol16<>+0x08(SB)/8, $0x0D0C0F0E09080B0A +DATA ·rol16<>+0x10(SB)/8, $0x0504070601000302 +DATA ·rol16<>+0x18(SB)/8, $0x0D0C0F0E09080B0A +// <<< 8 with PSHUFB +DATA ·rol8<>+0x00(SB)/8, $0x0605040702010003 +DATA ·rol8<>+0x08(SB)/8, $0x0E0D0C0F0A09080B +DATA ·rol8<>+0x10(SB)/8, $0x0605040702010003 +DATA ·rol8<>+0x18(SB)/8, $0x0E0D0C0F0A09080B + +DATA ·avx2InitMask<>+0x00(SB)/8, $0x0 +DATA ·avx2InitMask<>+0x08(SB)/8, $0x0 +DATA ·avx2InitMask<>+0x10(SB)/8, $0x1 +DATA ·avx2InitMask<>+0x18(SB)/8, $0x0 + +DATA ·avx2IncMask<>+0x00(SB)/8, $0x2 +DATA ·avx2IncMask<>+0x08(SB)/8, $0x0 +DATA ·avx2IncMask<>+0x10(SB)/8, $0x2 +DATA ·avx2IncMask<>+0x18(SB)/8, $0x0 +// Poly1305 key clamp +DATA ·polyClampMask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF +DATA ·polyClampMask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC +DATA ·polyClampMask<>+0x10(SB)/8, $0xFFFFFFFFFFFFFFFF +DATA ·polyClampMask<>+0x18(SB)/8, $0xFFFFFFFFFFFFFFFF + +DATA ·sseIncMask<>+0x00(SB)/8, $0x1 +DATA ·sseIncMask<>+0x08(SB)/8, $0x0 +// To load/store the last < 16 bytes in a buffer +DATA ·andMask<>+0x00(SB)/8, $0x00000000000000ff +DATA ·andMask<>+0x08(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x10(SB)/8, $0x000000000000ffff +DATA ·andMask<>+0x18(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x20(SB)/8, $0x0000000000ffffff +DATA ·andMask<>+0x28(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x30(SB)/8, $0x00000000ffffffff +DATA ·andMask<>+0x38(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x40(SB)/8, $0x000000ffffffffff +DATA ·andMask<>+0x48(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x50(SB)/8, $0x0000ffffffffffff +DATA ·andMask<>+0x58(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x60(SB)/8, $0x00ffffffffffffff +DATA ·andMask<>+0x68(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x70(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0x78(SB)/8, $0x0000000000000000 +DATA ·andMask<>+0x80(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0x88(SB)/8, $0x00000000000000ff +DATA ·andMask<>+0x90(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0x98(SB)/8, $0x000000000000ffff +DATA ·andMask<>+0xa0(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0xa8(SB)/8, $0x0000000000ffffff +DATA ·andMask<>+0xb0(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0xb8(SB)/8, $0x00000000ffffffff +DATA ·andMask<>+0xc0(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0xc8(SB)/8, $0x000000ffffffffff +DATA ·andMask<>+0xd0(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0xd8(SB)/8, $0x0000ffffffffffff +DATA ·andMask<>+0xe0(SB)/8, $0xffffffffffffffff +DATA ·andMask<>+0xe8(SB)/8, $0x00ffffffffffffff + +GLOBL ·chacha20Constants<>(SB), (NOPTR+RODATA), $32 +GLOBL ·rol16<>(SB), (NOPTR+RODATA), $32 +GLOBL ·rol8<>(SB), (NOPTR+RODATA), $32 +GLOBL ·sseIncMask<>(SB), (NOPTR+RODATA), $16 +GLOBL ·avx2IncMask<>(SB), (NOPTR+RODATA), $32 +GLOBL ·avx2InitMask<>(SB), (NOPTR+RODATA), $32 +GLOBL ·polyClampMask<>(SB), (NOPTR+RODATA), $32 +GLOBL ·andMask<>(SB), (NOPTR+RODATA), $240 +// No PALIGNR in Go ASM yet (but VPALIGNR is present). +#define shiftB0Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x04 // PALIGNR $4, X3, X3 +#define shiftB1Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xe4; BYTE $0x04 // PALIGNR $4, X4, X4 +#define shiftB2Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x04 // PALIGNR $4, X5, X5 +#define shiftB3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x04 // PALIGNR $4, X13, X13 +#define shiftC0Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xf6; BYTE $0x08 // PALIGNR $8, X6, X6 +#define shiftC1Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x08 // PALIGNR $8, X7, X7 +#define shiftC2Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc0; BYTE $0x08 // PALIGNR $8, X8, X8 +#define shiftC3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xf6; BYTE $0x08 // PALIGNR $8, X14, X14 +#define shiftD0Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc9; BYTE $0x0c // PALIGNR $12, X9, X9 +#define shiftD1Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xd2; BYTE $0x0c // PALIGNR $12, X10, X10 +#define shiftD2Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x0c // PALIGNR $12, X11, X11 +#define shiftD3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x0c // PALIGNR $12, X15, X15 +#define shiftB0Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x0c // PALIGNR $12, X3, X3 +#define shiftB1Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xe4; BYTE $0x0c // PALIGNR $12, X4, X4 +#define shiftB2Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x0c // PALIGNR $12, X5, X5 +#define shiftB3Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x0c // PALIGNR $12, X13, X13 +#define shiftC0Right shiftC0Left +#define shiftC1Right shiftC1Left +#define shiftC2Right shiftC2Left +#define shiftC3Right shiftC3Left +#define shiftD0Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc9; BYTE $0x04 // PALIGNR $4, X9, X9 +#define shiftD1Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xd2; BYTE $0x04 // PALIGNR $4, X10, X10 +#define shiftD2Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x04 // PALIGNR $4, X11, X11 +#define shiftD3Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x04 // PALIGNR $4, X15, X15 +// Some macros +#define chachaQR(A, B, C, D, T) \ + PADDD B, A; PXOR A, D; PSHUFB ·rol16<>(SB), D \ + PADDD D, C; PXOR C, B; MOVO B, T; PSLLL $12, T; PSRLL $20, B; PXOR T, B \ + PADDD B, A; PXOR A, D; PSHUFB ·rol8<>(SB), D \ + PADDD D, C; PXOR C, B; MOVO B, T; PSLLL $7, T; PSRLL $25, B; PXOR T, B + +#define chachaQR_AVX2(A, B, C, D, T) \ + VPADDD B, A, A; VPXOR A, D, D; VPSHUFB ·rol16<>(SB), D, D \ + VPADDD D, C, C; VPXOR C, B, B; VPSLLD $12, B, T; VPSRLD $20, B, B; VPXOR T, B, B \ + VPADDD B, A, A; VPXOR A, D, D; VPSHUFB ·rol8<>(SB), D, D \ + VPADDD D, C, C; VPXOR C, B, B; VPSLLD $7, B, T; VPSRLD $25, B, B; VPXOR T, B, B + +#define polyAdd(S) ADDQ S, acc0; ADCQ 8+S, acc1; ADCQ $1, acc2 +#define polyMulStage1 MOVQ (0*8)(BP), AX; MOVQ AX, t2; MULQ acc0; MOVQ AX, t0; MOVQ DX, t1; MOVQ (0*8)(BP), AX; MULQ acc1; IMULQ acc2, t2; ADDQ AX, t1; ADCQ DX, t2 +#define polyMulStage2 MOVQ (1*8)(BP), AX; MOVQ AX, t3; MULQ acc0; ADDQ AX, t1; ADCQ $0, DX; MOVQ DX, acc0; MOVQ (1*8)(BP), AX; MULQ acc1; ADDQ AX, t2; ADCQ $0, DX +#define polyMulStage3 IMULQ acc2, t3; ADDQ acc0, t2; ADCQ DX, t3 +#define polyMulReduceStage MOVQ t0, acc0; MOVQ t1, acc1; MOVQ t2, acc2; ANDQ $3, acc2; MOVQ t2, t0; ANDQ $-4, t0; MOVQ t3, t1; SHRQ $2, t2:t3; SHRQ $2, t3; ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $0, acc2; ADDQ t2, acc0; ADCQ t3, acc1; ADCQ $0, acc2 + +#define polyMulStage1_AVX2 MOVQ (0*8)(BP), DX; MOVQ DX, t2; MULXQ acc0, t0, t1; IMULQ acc2, t2; MULXQ acc1, AX, DX; ADDQ AX, t1; ADCQ DX, t2 +#define polyMulStage2_AVX2 MOVQ (1*8)(BP), DX; MULXQ acc0, acc0, AX; ADDQ acc0, t1; MULXQ acc1, acc1, t3; ADCQ acc1, t2; ADCQ $0, t3 +#define polyMulStage3_AVX2 IMULQ acc2, DX; ADDQ AX, t2; ADCQ DX, t3 + +#define polyMul polyMulStage1; polyMulStage2; polyMulStage3; polyMulReduceStage +#define polyMulAVX2 polyMulStage1_AVX2; polyMulStage2_AVX2; polyMulStage3_AVX2; polyMulReduceStage +// ---------------------------------------------------------------------------- +TEXT polyHashADInternal<>(SB), NOSPLIT, $0 + // adp points to beginning of additional data + // itr2 holds ad length + XORQ acc0, acc0 + XORQ acc1, acc1 + XORQ acc2, acc2 + CMPQ itr2, $13 + JNE hashADLoop + +openFastTLSAD: + // Special treatment for the TLS case of 13 bytes + MOVQ (adp), acc0 + MOVQ 5(adp), acc1 + SHRQ $24, acc1 + MOVQ $1, acc2 + polyMul + RET + +hashADLoop: + // Hash in 16 byte chunks + CMPQ itr2, $16 + JB hashADTail + polyAdd(0(adp)) + LEAQ (1*16)(adp), adp + SUBQ $16, itr2 + polyMul + JMP hashADLoop + +hashADTail: + CMPQ itr2, $0 + JE hashADDone + + // Hash last < 16 byte tail + XORQ t0, t0 + XORQ t1, t1 + XORQ t2, t2 + ADDQ itr2, adp + +hashADTailLoop: + SHLQ $8, t1:t0 + SHLQ $8, t0 + MOVB -1(adp), t2 + XORQ t2, t0 + DECQ adp + DECQ itr2 + JNE hashADTailLoop + +hashADTailFinish: + ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2 + polyMul + + // Finished AD +hashADDone: + RET + +// ---------------------------------------------------------------------------- +// func chacha20Poly1305Open(dst, key, src, ad []byte) bool +TEXT ·chacha20Poly1305Open(SB), 0, $288-97 + // For aligned stack access + MOVQ SP, BP + ADDQ $32, BP + ANDQ $-32, BP + MOVQ dst+0(FP), oup + MOVQ key+24(FP), keyp + MOVQ src+48(FP), inp + MOVQ src_len+56(FP), inl + MOVQ ad+72(FP), adp + + // Check for AVX2 support + CMPB ·useAVX2(SB), $1 + JE chacha20Poly1305Open_AVX2 + + // Special optimization, for very short buffers + CMPQ inl, $128 + JBE openSSE128 // About 16% faster + + // For long buffers, prepare the poly key first + MOVOU ·chacha20Constants<>(SB), A0 + MOVOU (1*16)(keyp), B0 + MOVOU (2*16)(keyp), C0 + MOVOU (3*16)(keyp), D0 + MOVO D0, T1 + + // Store state on stack for future use + MOVO B0, state1Store + MOVO C0, state2Store + MOVO D0, ctr3Store + MOVQ $10, itr2 + +openSSEPreparePolyKey: + chachaQR(A0, B0, C0, D0, T0) + shiftB0Left; shiftC0Left; shiftD0Left + chachaQR(A0, B0, C0, D0, T0) + shiftB0Right; shiftC0Right; shiftD0Right + DECQ itr2 + JNE openSSEPreparePolyKey + + // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded + PADDL ·chacha20Constants<>(SB), A0; PADDL state1Store, B0 + + // Clamp and store the key + PAND ·polyClampMask<>(SB), A0 + MOVO A0, rStore; MOVO B0, sStore + + // Hash AAD + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + +openSSEMainLoop: + CMPQ inl, $256 + JB openSSEMainLoopDone + + // Load state, increment counter blocks + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0 + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3 + + // Store counters + MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store + + // There are 10 ChaCha20 iterations of 2QR each, so for 6 iterations we hash 2 blocks, and for the remaining 4 only 1 block - for a total of 16 + MOVQ $4, itr1 + MOVQ inp, itr2 + +openSSEInternalLoop: + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + polyAdd(0(itr2)) + shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left + shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left + shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left + polyMulStage1 + polyMulStage2 + LEAQ (2*8)(itr2), itr2 + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + polyMulStage3 + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + polyMulReduceStage + shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right + shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right + shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right + DECQ itr1 + JGE openSSEInternalLoop + + polyAdd(0(itr2)) + polyMul + LEAQ (2*8)(itr2), itr2 + + CMPQ itr1, $-6 + JG openSSEInternalLoop + + // Add in the state + PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3 + PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3 + PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3 + PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3 + + // Load - xor - store + MOVO D3, tmpStore + MOVOU (0*16)(inp), D3; PXOR D3, A0; MOVOU A0, (0*16)(oup) + MOVOU (1*16)(inp), D3; PXOR D3, B0; MOVOU B0, (1*16)(oup) + MOVOU (2*16)(inp), D3; PXOR D3, C0; MOVOU C0, (2*16)(oup) + MOVOU (3*16)(inp), D3; PXOR D3, D0; MOVOU D0, (3*16)(oup) + MOVOU (4*16)(inp), D0; PXOR D0, A1; MOVOU A1, (4*16)(oup) + MOVOU (5*16)(inp), D0; PXOR D0, B1; MOVOU B1, (5*16)(oup) + MOVOU (6*16)(inp), D0; PXOR D0, C1; MOVOU C1, (6*16)(oup) + MOVOU (7*16)(inp), D0; PXOR D0, D1; MOVOU D1, (7*16)(oup) + MOVOU (8*16)(inp), D0; PXOR D0, A2; MOVOU A2, (8*16)(oup) + MOVOU (9*16)(inp), D0; PXOR D0, B2; MOVOU B2, (9*16)(oup) + MOVOU (10*16)(inp), D0; PXOR D0, C2; MOVOU C2, (10*16)(oup) + MOVOU (11*16)(inp), D0; PXOR D0, D2; MOVOU D2, (11*16)(oup) + MOVOU (12*16)(inp), D0; PXOR D0, A3; MOVOU A3, (12*16)(oup) + MOVOU (13*16)(inp), D0; PXOR D0, B3; MOVOU B3, (13*16)(oup) + MOVOU (14*16)(inp), D0; PXOR D0, C3; MOVOU C3, (14*16)(oup) + MOVOU (15*16)(inp), D0; PXOR tmpStore, D0; MOVOU D0, (15*16)(oup) + LEAQ 256(inp), inp + LEAQ 256(oup), oup + SUBQ $256, inl + JMP openSSEMainLoop + +openSSEMainLoopDone: + // Handle the various tail sizes efficiently + TESTQ inl, inl + JE openSSEFinalize + CMPQ inl, $64 + JBE openSSETail64 + CMPQ inl, $128 + JBE openSSETail128 + CMPQ inl, $192 + JBE openSSETail192 + JMP openSSETail256 + +openSSEFinalize: + // Hash in the PT, AAD lengths + ADDQ ad_len+80(FP), acc0; ADCQ src_len+56(FP), acc1; ADCQ $1, acc2 + polyMul + + // Final reduce + MOVQ acc0, t0 + MOVQ acc1, t1 + MOVQ acc2, t2 + SUBQ $-5, acc0 + SBBQ $-1, acc1 + SBBQ $3, acc2 + CMOVQCS t0, acc0 + CMOVQCS t1, acc1 + CMOVQCS t2, acc2 + + // Add in the "s" part of the key + ADDQ 0+sStore, acc0 + ADCQ 8+sStore, acc1 + + // Finally, constant time compare to the tag at the end of the message + XORQ AX, AX + MOVQ $1, DX + XORQ (0*8)(inp), acc0 + XORQ (1*8)(inp), acc1 + ORQ acc1, acc0 + CMOVQEQ DX, AX + + // Return true iff tags are equal + MOVB AX, ret+96(FP) + RET + +// ---------------------------------------------------------------------------- +// Special optimization for buffers smaller than 129 bytes +openSSE128: + // For up to 128 bytes of ciphertext and 64 bytes for the poly key, we require to process three blocks + MOVOU ·chacha20Constants<>(SB), A0; MOVOU (1*16)(keyp), B0; MOVOU (2*16)(keyp), C0; MOVOU (3*16)(keyp), D0 + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO B0, T1; MOVO C0, T2; MOVO D1, T3 + MOVQ $10, itr2 + +openSSE128InnerCipherLoop: + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Left; shiftB1Left; shiftB2Left + shiftC0Left; shiftC1Left; shiftC2Left + shiftD0Left; shiftD1Left; shiftD2Left + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Right; shiftB1Right; shiftB2Right + shiftC0Right; shiftC1Right; shiftC2Right + shiftD0Right; shiftD1Right; shiftD2Right + DECQ itr2 + JNE openSSE128InnerCipherLoop + + // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2 + PADDL T1, B0; PADDL T1, B1; PADDL T1, B2 + PADDL T2, C1; PADDL T2, C2 + PADDL T3, D1; PADDL ·sseIncMask<>(SB), T3; PADDL T3, D2 + + // Clamp and store the key + PAND ·polyClampMask<>(SB), A0 + MOVOU A0, rStore; MOVOU B0, sStore + + // Hash + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + +openSSE128Open: + CMPQ inl, $16 + JB openSSETail16 + SUBQ $16, inl + + // Load for hashing + polyAdd(0(inp)) + + // Load for decryption + MOVOU (inp), T0; PXOR T0, A1; MOVOU A1, (oup) + LEAQ (1*16)(inp), inp + LEAQ (1*16)(oup), oup + polyMul + + // Shift the stream "left" + MOVO B1, A1 + MOVO C1, B1 + MOVO D1, C1 + MOVO A2, D1 + MOVO B2, A2 + MOVO C2, B2 + MOVO D2, C2 + JMP openSSE128Open + +openSSETail16: + TESTQ inl, inl + JE openSSEFinalize + + // We can safely load the CT from the end, because it is padded with the MAC + MOVQ inl, itr2 + SHLQ $4, itr2 + LEAQ ·andMask<>(SB), t0 + MOVOU (inp), T0 + ADDQ inl, inp + PAND -16(t0)(itr2*1), T0 + MOVO T0, 0+tmpStore + MOVQ T0, t0 + MOVQ 8+tmpStore, t1 + PXOR A1, T0 + + // We can only store one byte at a time, since plaintext can be shorter than 16 bytes +openSSETail16Store: + MOVQ T0, t3 + MOVB t3, (oup) + PSRLDQ $1, T0 + INCQ oup + DECQ inl + JNE openSSETail16Store + ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2 + polyMul + JMP openSSEFinalize + +// ---------------------------------------------------------------------------- +// Special optimization for the last 64 bytes of ciphertext +openSSETail64: + // Need to decrypt up to 64 bytes - prepare single block + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store + XORQ itr2, itr2 + MOVQ inl, itr1 + CMPQ itr1, $16 + JB openSSETail64LoopB + +openSSETail64LoopA: + // Perform ChaCha rounds, while hashing the remaining input + polyAdd(0(inp)(itr2*1)) + polyMul + SUBQ $16, itr1 + +openSSETail64LoopB: + ADDQ $16, itr2 + chachaQR(A0, B0, C0, D0, T0) + shiftB0Left; shiftC0Left; shiftD0Left + chachaQR(A0, B0, C0, D0, T0) + shiftB0Right; shiftC0Right; shiftD0Right + + CMPQ itr1, $16 + JAE openSSETail64LoopA + + CMPQ itr2, $160 + JNE openSSETail64LoopB + + PADDL ·chacha20Constants<>(SB), A0; PADDL state1Store, B0; PADDL state2Store, C0; PADDL ctr0Store, D0 + +openSSETail64DecLoop: + CMPQ inl, $16 + JB openSSETail64DecLoopDone + SUBQ $16, inl + MOVOU (inp), T0 + PXOR T0, A0 + MOVOU A0, (oup) + LEAQ 16(inp), inp + LEAQ 16(oup), oup + MOVO B0, A0 + MOVO C0, B0 + MOVO D0, C0 + JMP openSSETail64DecLoop + +openSSETail64DecLoopDone: + MOVO A0, A1 + JMP openSSETail16 + +// ---------------------------------------------------------------------------- +// Special optimization for the last 128 bytes of ciphertext +openSSETail128: + // Need to decrypt up to 128 bytes - prepare two blocks + MOVO ·chacha20Constants<>(SB), A1; MOVO state1Store, B1; MOVO state2Store, C1; MOVO ctr3Store, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr0Store + MOVO A1, A0; MOVO B1, B0; MOVO C1, C0; MOVO D1, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr1Store + XORQ itr2, itr2 + MOVQ inl, itr1 + ANDQ $-16, itr1 + +openSSETail128LoopA: + // Perform ChaCha rounds, while hashing the remaining input + polyAdd(0(inp)(itr2*1)) + polyMul + +openSSETail128LoopB: + ADDQ $16, itr2 + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0) + shiftB0Left; shiftC0Left; shiftD0Left + shiftB1Left; shiftC1Left; shiftD1Left + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0) + shiftB0Right; shiftC0Right; shiftD0Right + shiftB1Right; shiftC1Right; shiftD1Right + + CMPQ itr2, itr1 + JB openSSETail128LoopA + + CMPQ itr2, $160 + JNE openSSETail128LoopB + + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1 + PADDL state1Store, B0; PADDL state1Store, B1 + PADDL state2Store, C0; PADDL state2Store, C1 + PADDL ctr1Store, D0; PADDL ctr0Store, D1 + + MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3 + PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1 + MOVOU A1, (0*16)(oup); MOVOU B1, (1*16)(oup); MOVOU C1, (2*16)(oup); MOVOU D1, (3*16)(oup) + + SUBQ $64, inl + LEAQ 64(inp), inp + LEAQ 64(oup), oup + JMP openSSETail64DecLoop + +// ---------------------------------------------------------------------------- +// Special optimization for the last 192 bytes of ciphertext +openSSETail192: + // Need to decrypt up to 192 bytes - prepare three blocks + MOVO ·chacha20Constants<>(SB), A2; MOVO state1Store, B2; MOVO state2Store, C2; MOVO ctr3Store, D2; PADDL ·sseIncMask<>(SB), D2; MOVO D2, ctr0Store + MOVO A2, A1; MOVO B2, B1; MOVO C2, C1; MOVO D2, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store + MOVO A1, A0; MOVO B1, B0; MOVO C1, C0; MOVO D1, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr2Store + + MOVQ inl, itr1 + MOVQ $160, itr2 + CMPQ itr1, $160 + CMOVQGT itr2, itr1 + ANDQ $-16, itr1 + XORQ itr2, itr2 + +openSSLTail192LoopA: + // Perform ChaCha rounds, while hashing the remaining input + polyAdd(0(inp)(itr2*1)) + polyMul + +openSSLTail192LoopB: + ADDQ $16, itr2 + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Left; shiftC0Left; shiftD0Left + shiftB1Left; shiftC1Left; shiftD1Left + shiftB2Left; shiftC2Left; shiftD2Left + + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Right; shiftC0Right; shiftD0Right + shiftB1Right; shiftC1Right; shiftD1Right + shiftB2Right; shiftC2Right; shiftD2Right + + CMPQ itr2, itr1 + JB openSSLTail192LoopA + + CMPQ itr2, $160 + JNE openSSLTail192LoopB + + CMPQ inl, $176 + JB openSSLTail192Store + + polyAdd(160(inp)) + polyMul + + CMPQ inl, $192 + JB openSSLTail192Store + + polyAdd(176(inp)) + polyMul + +openSSLTail192Store: + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2 + PADDL state1Store, B0; PADDL state1Store, B1; PADDL state1Store, B2 + PADDL state2Store, C0; PADDL state2Store, C1; PADDL state2Store, C2 + PADDL ctr2Store, D0; PADDL ctr1Store, D1; PADDL ctr0Store, D2 + + MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3 + PXOR T0, A2; PXOR T1, B2; PXOR T2, C2; PXOR T3, D2 + MOVOU A2, (0*16)(oup); MOVOU B2, (1*16)(oup); MOVOU C2, (2*16)(oup); MOVOU D2, (3*16)(oup) + + MOVOU (4*16)(inp), T0; MOVOU (5*16)(inp), T1; MOVOU (6*16)(inp), T2; MOVOU (7*16)(inp), T3 + PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1 + MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup) + + SUBQ $128, inl + LEAQ 128(inp), inp + LEAQ 128(oup), oup + JMP openSSETail64DecLoop + +// ---------------------------------------------------------------------------- +// Special optimization for the last 256 bytes of ciphertext +openSSETail256: + // Need to decrypt up to 256 bytes - prepare four blocks + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0 + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3 + + // Store counters + MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store + XORQ itr2, itr2 + +openSSETail256Loop: + // This loop inteleaves 8 ChaCha quarter rounds with 1 poly multiplication + polyAdd(0(inp)(itr2*1)) + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left + shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left + shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left + polyMulStage1 + polyMulStage2 + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + polyMulStage3 + polyMulReduceStage + shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right + shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right + shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right + ADDQ $2*8, itr2 + CMPQ itr2, $160 + JB openSSETail256Loop + MOVQ inl, itr1 + ANDQ $-16, itr1 + +openSSETail256HashLoop: + polyAdd(0(inp)(itr2*1)) + polyMul + ADDQ $2*8, itr2 + CMPQ itr2, itr1 + JB openSSETail256HashLoop + + // Add in the state + PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3 + PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3 + PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3 + PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3 + MOVO D3, tmpStore + + // Load - xor - store + MOVOU (0*16)(inp), D3; PXOR D3, A0 + MOVOU (1*16)(inp), D3; PXOR D3, B0 + MOVOU (2*16)(inp), D3; PXOR D3, C0 + MOVOU (3*16)(inp), D3; PXOR D3, D0 + MOVOU A0, (0*16)(oup) + MOVOU B0, (1*16)(oup) + MOVOU C0, (2*16)(oup) + MOVOU D0, (3*16)(oup) + MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0 + PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1 + MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup) + MOVOU (8*16)(inp), A0; MOVOU (9*16)(inp), B0; MOVOU (10*16)(inp), C0; MOVOU (11*16)(inp), D0 + PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2 + MOVOU A2, (8*16)(oup); MOVOU B2, (9*16)(oup); MOVOU C2, (10*16)(oup); MOVOU D2, (11*16)(oup) + LEAQ 192(inp), inp + LEAQ 192(oup), oup + SUBQ $192, inl + MOVO A3, A0 + MOVO B3, B0 + MOVO C3, C0 + MOVO tmpStore, D0 + + JMP openSSETail64DecLoop + +// ---------------------------------------------------------------------------- +// ------------------------- AVX2 Code ---------------------------------------- +chacha20Poly1305Open_AVX2: + VZEROUPPER + VMOVDQU ·chacha20Constants<>(SB), AA0 + BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x70; BYTE $0x10 // broadcasti128 16(r8), ymm14 + BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x20 // broadcasti128 32(r8), ymm12 + BYTE $0xc4; BYTE $0xc2; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x30 // broadcasti128 48(r8), ymm4 + VPADDD ·avx2InitMask<>(SB), DD0, DD0 + + // Special optimization, for very short buffers + CMPQ inl, $192 + JBE openAVX2192 + CMPQ inl, $320 + JBE openAVX2320 + + // For the general key prepare the key first - as a byproduct we have 64 bytes of cipher stream + VMOVDQA BB0, state1StoreAVX2 + VMOVDQA CC0, state2StoreAVX2 + VMOVDQA DD0, ctr3StoreAVX2 + MOVQ $10, itr2 + +openAVX2PreparePolyKey: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0 + DECQ itr2 + JNE openAVX2PreparePolyKey + + VPADDD ·chacha20Constants<>(SB), AA0, AA0 + VPADDD state1StoreAVX2, BB0, BB0 + VPADDD state2StoreAVX2, CC0, CC0 + VPADDD ctr3StoreAVX2, DD0, DD0 + + VPERM2I128 $0x02, AA0, BB0, TT0 + + // Clamp and store poly key + VPAND ·polyClampMask<>(SB), TT0, TT0 + VMOVDQA TT0, rsStoreAVX2 + + // Stream for the first 64 bytes + VPERM2I128 $0x13, AA0, BB0, AA0 + VPERM2I128 $0x13, CC0, DD0, BB0 + + // Hash AD + first 64 bytes + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + XORQ itr1, itr1 + +openAVX2InitialHash64: + polyAdd(0(inp)(itr1*1)) + polyMulAVX2 + ADDQ $16, itr1 + CMPQ itr1, $64 + JNE openAVX2InitialHash64 + + // Decrypt the first 64 bytes + VPXOR (0*32)(inp), AA0, AA0 + VPXOR (1*32)(inp), BB0, BB0 + VMOVDQU AA0, (0*32)(oup) + VMOVDQU BB0, (1*32)(oup) + LEAQ (2*32)(inp), inp + LEAQ (2*32)(oup), oup + SUBQ $64, inl + +openAVX2MainLoop: + CMPQ inl, $512 + JB openAVX2MainLoopDone + + // Load state, increment counter blocks, store the incremented counters + VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3 + VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3 + VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2 + XORQ itr1, itr1 + +openAVX2InternalLoop: + // Lets just say this spaghetti loop interleaves 2 quarter rounds with 3 poly multiplications + // Effectively per 512 bytes of stream we hash 480 bytes of ciphertext + polyAdd(0*8(inp)(itr1*1)) + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + polyMulStage1_AVX2 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + polyMulStage2_AVX2 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyMulStage3_AVX2 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulReduceStage + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + polyAdd(2*8(inp)(itr1*1)) + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + polyMulStage1_AVX2 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulStage2_AVX2 + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + polyMulStage3_AVX2 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + polyMulReduceStage + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyAdd(4*8(inp)(itr1*1)) + LEAQ (6*8)(itr1), itr1 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulStage1_AVX2 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + polyMulStage2_AVX2 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + polyMulStage3_AVX2 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulReduceStage + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3 + CMPQ itr1, $480 + JNE openAVX2InternalLoop + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3 + VMOVDQA CC3, tmpStoreAVX2 + + // We only hashed 480 of the 512 bytes available - hash the remaining 32 here + polyAdd(480(inp)) + polyMulAVX2 + VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0 + VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0 + VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup) + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0 + VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup) + + // and here + polyAdd(496(inp)) + polyMulAVX2 + VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0 + VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0 + VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup) + VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0 + VPXOR (12*32)(inp), AA0, AA0; VPXOR (13*32)(inp), BB0, BB0; VPXOR (14*32)(inp), CC0, CC0; VPXOR (15*32)(inp), DD0, DD0 + VMOVDQU AA0, (12*32)(oup); VMOVDQU BB0, (13*32)(oup); VMOVDQU CC0, (14*32)(oup); VMOVDQU DD0, (15*32)(oup) + LEAQ (32*16)(inp), inp + LEAQ (32*16)(oup), oup + SUBQ $(32*16), inl + JMP openAVX2MainLoop + +openAVX2MainLoopDone: + // Handle the various tail sizes efficiently + TESTQ inl, inl + JE openSSEFinalize + CMPQ inl, $128 + JBE openAVX2Tail128 + CMPQ inl, $256 + JBE openAVX2Tail256 + CMPQ inl, $384 + JBE openAVX2Tail384 + JMP openAVX2Tail512 + +// ---------------------------------------------------------------------------- +// Special optimization for buffers smaller than 193 bytes +openAVX2192: + // For up to 192 bytes of ciphertext and 64 bytes for the poly key, we process four blocks + VMOVDQA AA0, AA1 + VMOVDQA BB0, BB1 + VMOVDQA CC0, CC1 + VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA AA0, AA2 + VMOVDQA BB0, BB2 + VMOVDQA CC0, CC2 + VMOVDQA DD0, DD2 + VMOVDQA DD1, TT3 + MOVQ $10, itr2 + +openAVX2192InnerCipherLoop: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1 + DECQ itr2 + JNE openAVX2192InnerCipherLoop + VPADDD AA2, AA0, AA0; VPADDD AA2, AA1, AA1 + VPADDD BB2, BB0, BB0; VPADDD BB2, BB1, BB1 + VPADDD CC2, CC0, CC0; VPADDD CC2, CC1, CC1 + VPADDD DD2, DD0, DD0; VPADDD TT3, DD1, DD1 + VPERM2I128 $0x02, AA0, BB0, TT0 + + // Clamp and store poly key + VPAND ·polyClampMask<>(SB), TT0, TT0 + VMOVDQA TT0, rsStoreAVX2 + + // Stream for up to 192 bytes + VPERM2I128 $0x13, AA0, BB0, AA0 + VPERM2I128 $0x13, CC0, DD0, BB0 + VPERM2I128 $0x02, AA1, BB1, CC0 + VPERM2I128 $0x02, CC1, DD1, DD0 + VPERM2I128 $0x13, AA1, BB1, AA1 + VPERM2I128 $0x13, CC1, DD1, BB1 + +openAVX2ShortOpen: + // Hash + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + +openAVX2ShortOpenLoop: + CMPQ inl, $32 + JB openAVX2ShortTail32 + SUBQ $32, inl + + // Load for hashing + polyAdd(0*8(inp)) + polyMulAVX2 + polyAdd(2*8(inp)) + polyMulAVX2 + + // Load for decryption + VPXOR (inp), AA0, AA0 + VMOVDQU AA0, (oup) + LEAQ (1*32)(inp), inp + LEAQ (1*32)(oup), oup + + // Shift stream left + VMOVDQA BB0, AA0 + VMOVDQA CC0, BB0 + VMOVDQA DD0, CC0 + VMOVDQA AA1, DD0 + VMOVDQA BB1, AA1 + VMOVDQA CC1, BB1 + VMOVDQA DD1, CC1 + VMOVDQA AA2, DD1 + VMOVDQA BB2, AA2 + JMP openAVX2ShortOpenLoop + +openAVX2ShortTail32: + CMPQ inl, $16 + VMOVDQA A0, A1 + JB openAVX2ShortDone + + SUBQ $16, inl + + // Load for hashing + polyAdd(0*8(inp)) + polyMulAVX2 + + // Load for decryption + VPXOR (inp), A0, T0 + VMOVDQU T0, (oup) + LEAQ (1*16)(inp), inp + LEAQ (1*16)(oup), oup + VPERM2I128 $0x11, AA0, AA0, AA0 + VMOVDQA A0, A1 + +openAVX2ShortDone: + VZEROUPPER + JMP openSSETail16 + +// ---------------------------------------------------------------------------- +// Special optimization for buffers smaller than 321 bytes +openAVX2320: + // For up to 320 bytes of ciphertext and 64 bytes for the poly key, we process six blocks + VMOVDQA AA0, AA1; VMOVDQA BB0, BB1; VMOVDQA CC0, CC1; VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA AA0, AA2; VMOVDQA BB0, BB2; VMOVDQA CC0, CC2; VPADDD ·avx2IncMask<>(SB), DD1, DD2 + VMOVDQA BB0, TT1; VMOVDQA CC0, TT2; VMOVDQA DD0, TT3 + MOVQ $10, itr2 + +openAVX2320InnerCipherLoop: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2 + DECQ itr2 + JNE openAVX2320InnerCipherLoop + + VMOVDQA ·chacha20Constants<>(SB), TT0 + VPADDD TT0, AA0, AA0; VPADDD TT0, AA1, AA1; VPADDD TT0, AA2, AA2 + VPADDD TT1, BB0, BB0; VPADDD TT1, BB1, BB1; VPADDD TT1, BB2, BB2 + VPADDD TT2, CC0, CC0; VPADDD TT2, CC1, CC1; VPADDD TT2, CC2, CC2 + VMOVDQA ·avx2IncMask<>(SB), TT0 + VPADDD TT3, DD0, DD0; VPADDD TT0, TT3, TT3 + VPADDD TT3, DD1, DD1; VPADDD TT0, TT3, TT3 + VPADDD TT3, DD2, DD2 + + // Clamp and store poly key + VPERM2I128 $0x02, AA0, BB0, TT0 + VPAND ·polyClampMask<>(SB), TT0, TT0 + VMOVDQA TT0, rsStoreAVX2 + + // Stream for up to 320 bytes + VPERM2I128 $0x13, AA0, BB0, AA0 + VPERM2I128 $0x13, CC0, DD0, BB0 + VPERM2I128 $0x02, AA1, BB1, CC0 + VPERM2I128 $0x02, CC1, DD1, DD0 + VPERM2I128 $0x13, AA1, BB1, AA1 + VPERM2I128 $0x13, CC1, DD1, BB1 + VPERM2I128 $0x02, AA2, BB2, CC1 + VPERM2I128 $0x02, CC2, DD2, DD1 + VPERM2I128 $0x13, AA2, BB2, AA2 + VPERM2I128 $0x13, CC2, DD2, BB2 + JMP openAVX2ShortOpen + +// ---------------------------------------------------------------------------- +// Special optimization for the last 128 bytes of ciphertext +openAVX2Tail128: + // Need to decrypt up to 128 bytes - prepare two blocks + VMOVDQA ·chacha20Constants<>(SB), AA1 + VMOVDQA state1StoreAVX2, BB1 + VMOVDQA state2StoreAVX2, CC1 + VMOVDQA ctr3StoreAVX2, DD1 + VPADDD ·avx2IncMask<>(SB), DD1, DD1 + VMOVDQA DD1, DD0 + + XORQ itr2, itr2 + MOVQ inl, itr1 + ANDQ $-16, itr1 + TESTQ itr1, itr1 + JE openAVX2Tail128LoopB + +openAVX2Tail128LoopA: + // Perform ChaCha rounds, while hashing the remaining input + polyAdd(0(inp)(itr2*1)) + polyMulAVX2 + +openAVX2Tail128LoopB: + ADDQ $16, itr2 + chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $4, BB1, BB1, BB1 + VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $12, DD1, DD1, DD1 + chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $12, BB1, BB1, BB1 + VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $4, DD1, DD1, DD1 + CMPQ itr2, itr1 + JB openAVX2Tail128LoopA + CMPQ itr2, $160 + JNE openAVX2Tail128LoopB + + VPADDD ·chacha20Constants<>(SB), AA1, AA1 + VPADDD state1StoreAVX2, BB1, BB1 + VPADDD state2StoreAVX2, CC1, CC1 + VPADDD DD0, DD1, DD1 + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + +openAVX2TailLoop: + CMPQ inl, $32 + JB openAVX2Tail + SUBQ $32, inl + + // Load for decryption + VPXOR (inp), AA0, AA0 + VMOVDQU AA0, (oup) + LEAQ (1*32)(inp), inp + LEAQ (1*32)(oup), oup + VMOVDQA BB0, AA0 + VMOVDQA CC0, BB0 + VMOVDQA DD0, CC0 + JMP openAVX2TailLoop + +openAVX2Tail: + CMPQ inl, $16 + VMOVDQA A0, A1 + JB openAVX2TailDone + SUBQ $16, inl + + // Load for decryption + VPXOR (inp), A0, T0 + VMOVDQU T0, (oup) + LEAQ (1*16)(inp), inp + LEAQ (1*16)(oup), oup + VPERM2I128 $0x11, AA0, AA0, AA0 + VMOVDQA A0, A1 + +openAVX2TailDone: + VZEROUPPER + JMP openSSETail16 + +// ---------------------------------------------------------------------------- +// Special optimization for the last 256 bytes of ciphertext +openAVX2Tail256: + // Need to decrypt up to 256 bytes - prepare four blocks + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA DD0, TT1 + VMOVDQA DD1, TT2 + + // Compute the number of iterations that will hash data + MOVQ inl, tmpStoreAVX2 + MOVQ inl, itr1 + SUBQ $128, itr1 + SHRQ $4, itr1 + MOVQ $10, itr2 + CMPQ itr1, $10 + CMOVQGT itr2, itr1 + MOVQ inp, inl + XORQ itr2, itr2 + +openAVX2Tail256LoopA: + polyAdd(0(inl)) + polyMulAVX2 + LEAQ 16(inl), inl + + // Perform ChaCha rounds, while hashing the remaining input +openAVX2Tail256LoopB: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1 + INCQ itr2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1 + CMPQ itr2, itr1 + JB openAVX2Tail256LoopA + + CMPQ itr2, $10 + JNE openAVX2Tail256LoopB + + MOVQ inl, itr2 + SUBQ inp, inl + MOVQ inl, itr1 + MOVQ tmpStoreAVX2, inl + + // Hash the remainder of data (if any) +openAVX2Tail256Hash: + ADDQ $16, itr1 + CMPQ itr1, inl + JGT openAVX2Tail256HashEnd + polyAdd (0(itr2)) + polyMulAVX2 + LEAQ 16(itr2), itr2 + JMP openAVX2Tail256Hash + +// Store 128 bytes safely, then go to store loop +openAVX2Tail256HashEnd: + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1 + VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1 + VPERM2I128 $0x02, AA0, BB0, AA2; VPERM2I128 $0x02, CC0, DD0, BB2; VPERM2I128 $0x13, AA0, BB0, CC2; VPERM2I128 $0x13, CC0, DD0, DD2 + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + + VPXOR (0*32)(inp), AA2, AA2; VPXOR (1*32)(inp), BB2, BB2; VPXOR (2*32)(inp), CC2, CC2; VPXOR (3*32)(inp), DD2, DD2 + VMOVDQU AA2, (0*32)(oup); VMOVDQU BB2, (1*32)(oup); VMOVDQU CC2, (2*32)(oup); VMOVDQU DD2, (3*32)(oup) + LEAQ (4*32)(inp), inp + LEAQ (4*32)(oup), oup + SUBQ $4*32, inl + + JMP openAVX2TailLoop + +// ---------------------------------------------------------------------------- +// Special optimization for the last 384 bytes of ciphertext +openAVX2Tail384: + // Need to decrypt up to 384 bytes - prepare six blocks + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VPADDD ·avx2IncMask<>(SB), DD1, DD2 + VMOVDQA DD0, ctr0StoreAVX2 + VMOVDQA DD1, ctr1StoreAVX2 + VMOVDQA DD2, ctr2StoreAVX2 + + // Compute the number of iterations that will hash two blocks of data + MOVQ inl, tmpStoreAVX2 + MOVQ inl, itr1 + SUBQ $256, itr1 + SHRQ $4, itr1 + ADDQ $6, itr1 + MOVQ $10, itr2 + CMPQ itr1, $10 + CMOVQGT itr2, itr1 + MOVQ inp, inl + XORQ itr2, itr2 + + // Perform ChaCha rounds, while hashing the remaining input +openAVX2Tail384LoopB: + polyAdd(0(inl)) + polyMulAVX2 + LEAQ 16(inl), inl + +openAVX2Tail384LoopA: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2 + polyAdd(0(inl)) + polyMulAVX2 + LEAQ 16(inl), inl + INCQ itr2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2 + + CMPQ itr2, itr1 + JB openAVX2Tail384LoopB + + CMPQ itr2, $10 + JNE openAVX2Tail384LoopA + + MOVQ inl, itr2 + SUBQ inp, inl + MOVQ inl, itr1 + MOVQ tmpStoreAVX2, inl + +openAVX2Tail384Hash: + ADDQ $16, itr1 + CMPQ itr1, inl + JGT openAVX2Tail384HashEnd + polyAdd(0(itr2)) + polyMulAVX2 + LEAQ 16(itr2), itr2 + JMP openAVX2Tail384Hash + +// Store 256 bytes safely, then go to store loop +openAVX2Tail384HashEnd: + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2 + VPERM2I128 $0x02, AA0, BB0, TT0; VPERM2I128 $0x02, CC0, DD0, TT1; VPERM2I128 $0x13, AA0, BB0, TT2; VPERM2I128 $0x13, CC0, DD0, TT3 + VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3 + VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup) + VPERM2I128 $0x02, AA1, BB1, TT0; VPERM2I128 $0x02, CC1, DD1, TT1; VPERM2I128 $0x13, AA1, BB1, TT2; VPERM2I128 $0x13, CC1, DD1, TT3 + VPXOR (4*32)(inp), TT0, TT0; VPXOR (5*32)(inp), TT1, TT1; VPXOR (6*32)(inp), TT2, TT2; VPXOR (7*32)(inp), TT3, TT3 + VMOVDQU TT0, (4*32)(oup); VMOVDQU TT1, (5*32)(oup); VMOVDQU TT2, (6*32)(oup); VMOVDQU TT3, (7*32)(oup) + VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0 + LEAQ (8*32)(inp), inp + LEAQ (8*32)(oup), oup + SUBQ $8*32, inl + JMP openAVX2TailLoop + +// ---------------------------------------------------------------------------- +// Special optimization for the last 512 bytes of ciphertext +openAVX2Tail512: + VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3 + VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3 + VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2 + XORQ itr1, itr1 + MOVQ inp, itr2 + +openAVX2Tail512LoopB: + polyAdd(0(itr2)) + polyMulAVX2 + LEAQ (2*8)(itr2), itr2 + +openAVX2Tail512LoopA: + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyAdd(0*8(itr2)) + polyMulAVX2 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyAdd(2*8(itr2)) + polyMulAVX2 + LEAQ (4*8)(itr2), itr2 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3 + INCQ itr1 + CMPQ itr1, $4 + JLT openAVX2Tail512LoopB + + CMPQ itr1, $10 + JNE openAVX2Tail512LoopA + + MOVQ inl, itr1 + SUBQ $384, itr1 + ANDQ $-16, itr1 + +openAVX2Tail512HashLoop: + TESTQ itr1, itr1 + JE openAVX2Tail512HashEnd + polyAdd(0(itr2)) + polyMulAVX2 + LEAQ 16(itr2), itr2 + SUBQ $16, itr1 + JMP openAVX2Tail512HashLoop + +openAVX2Tail512HashEnd: + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3 + VMOVDQA CC3, tmpStoreAVX2 + VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0 + VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0 + VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup) + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0 + VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup) + VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0 + VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0 + VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup) + VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0 + + LEAQ (12*32)(inp), inp + LEAQ (12*32)(oup), oup + SUBQ $12*32, inl + + JMP openAVX2TailLoop + +// ---------------------------------------------------------------------------- +// ---------------------------------------------------------------------------- +// func chacha20Poly1305Seal(dst, key, src, ad []byte) +TEXT ·chacha20Poly1305Seal(SB), 0, $288-96 + // For aligned stack access + MOVQ SP, BP + ADDQ $32, BP + ANDQ $-32, BP + MOVQ dst+0(FP), oup + MOVQ key+24(FP), keyp + MOVQ src+48(FP), inp + MOVQ src_len+56(FP), inl + MOVQ ad+72(FP), adp + + CMPB ·useAVX2(SB), $1 + JE chacha20Poly1305Seal_AVX2 + + // Special optimization, for very short buffers + CMPQ inl, $128 + JBE sealSSE128 // About 15% faster + + // In the seal case - prepare the poly key + 3 blocks of stream in the first iteration + MOVOU ·chacha20Constants<>(SB), A0 + MOVOU (1*16)(keyp), B0 + MOVOU (2*16)(keyp), C0 + MOVOU (3*16)(keyp), D0 + + // Store state on stack for future use + MOVO B0, state1Store + MOVO C0, state2Store + + // Load state, increment counter blocks + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3 + + // Store counters + MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store + MOVQ $10, itr2 + +sealSSEIntroLoop: + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left + shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left + shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left + + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right + shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right + shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right + DECQ itr2 + JNE sealSSEIntroLoop + + // Add in the state + PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3 + PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3 + PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3 + PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3 + + // Clamp and store the key + PAND ·polyClampMask<>(SB), A0 + MOVO A0, rStore + MOVO B0, sStore + + // Hash AAD + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + + MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0 + PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1 + MOVOU A1, (0*16)(oup); MOVOU B1, (1*16)(oup); MOVOU C1, (2*16)(oup); MOVOU D1, (3*16)(oup) + MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0 + PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2 + MOVOU A2, (4*16)(oup); MOVOU B2, (5*16)(oup); MOVOU C2, (6*16)(oup); MOVOU D2, (7*16)(oup) + + MOVQ $128, itr1 + SUBQ $128, inl + LEAQ 128(inp), inp + + MOVO A3, A1; MOVO B3, B1; MOVO C3, C1; MOVO D3, D1 + + CMPQ inl, $64 + JBE sealSSE128SealHash + + MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0 + PXOR A0, A3; PXOR B0, B3; PXOR C0, C3; PXOR D0, D3 + MOVOU A3, (8*16)(oup); MOVOU B3, (9*16)(oup); MOVOU C3, (10*16)(oup); MOVOU D3, (11*16)(oup) + + ADDQ $64, itr1 + SUBQ $64, inl + LEAQ 64(inp), inp + + MOVQ $2, itr1 + MOVQ $8, itr2 + + CMPQ inl, $64 + JBE sealSSETail64 + CMPQ inl, $128 + JBE sealSSETail128 + CMPQ inl, $192 + JBE sealSSETail192 + +sealSSEMainLoop: + // Load state, increment counter blocks + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0 + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3 + + // Store counters + MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store + +sealSSEInnerLoop: + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + polyAdd(0(oup)) + shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left + shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left + shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left + polyMulStage1 + polyMulStage2 + LEAQ (2*8)(oup), oup + MOVO C3, tmpStore + chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3) + MOVO tmpStore, C3 + MOVO C1, tmpStore + polyMulStage3 + chachaQR(A3, B3, C3, D3, C1) + MOVO tmpStore, C1 + polyMulReduceStage + shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right + shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right + shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right + DECQ itr2 + JGE sealSSEInnerLoop + polyAdd(0(oup)) + polyMul + LEAQ (2*8)(oup), oup + DECQ itr1 + JG sealSSEInnerLoop + + // Add in the state + PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3 + PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3 + PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3 + PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3 + MOVO D3, tmpStore + + // Load - xor - store + MOVOU (0*16)(inp), D3; PXOR D3, A0 + MOVOU (1*16)(inp), D3; PXOR D3, B0 + MOVOU (2*16)(inp), D3; PXOR D3, C0 + MOVOU (3*16)(inp), D3; PXOR D3, D0 + MOVOU A0, (0*16)(oup) + MOVOU B0, (1*16)(oup) + MOVOU C0, (2*16)(oup) + MOVOU D0, (3*16)(oup) + MOVO tmpStore, D3 + + MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0 + PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1 + MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup) + MOVOU (8*16)(inp), A0; MOVOU (9*16)(inp), B0; MOVOU (10*16)(inp), C0; MOVOU (11*16)(inp), D0 + PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2 + MOVOU A2, (8*16)(oup); MOVOU B2, (9*16)(oup); MOVOU C2, (10*16)(oup); MOVOU D2, (11*16)(oup) + ADDQ $192, inp + MOVQ $192, itr1 + SUBQ $192, inl + MOVO A3, A1 + MOVO B3, B1 + MOVO C3, C1 + MOVO D3, D1 + CMPQ inl, $64 + JBE sealSSE128SealHash + MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0 + PXOR A0, A3; PXOR B0, B3; PXOR C0, C3; PXOR D0, D3 + MOVOU A3, (12*16)(oup); MOVOU B3, (13*16)(oup); MOVOU C3, (14*16)(oup); MOVOU D3, (15*16)(oup) + LEAQ 64(inp), inp + SUBQ $64, inl + MOVQ $6, itr1 + MOVQ $4, itr2 + CMPQ inl, $192 + JG sealSSEMainLoop + + MOVQ inl, itr1 + TESTQ inl, inl + JE sealSSE128SealHash + MOVQ $6, itr1 + CMPQ inl, $64 + JBE sealSSETail64 + CMPQ inl, $128 + JBE sealSSETail128 + JMP sealSSETail192 + +// ---------------------------------------------------------------------------- +// Special optimization for the last 64 bytes of plaintext +sealSSETail64: + // Need to encrypt up to 64 bytes - prepare single block, hash 192 or 256 bytes + MOVO ·chacha20Constants<>(SB), A1 + MOVO state1Store, B1 + MOVO state2Store, C1 + MOVO ctr3Store, D1 + PADDL ·sseIncMask<>(SB), D1 + MOVO D1, ctr0Store + +sealSSETail64LoopA: + // Perform ChaCha rounds, while hashing the previously encrypted ciphertext + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealSSETail64LoopB: + chachaQR(A1, B1, C1, D1, T1) + shiftB1Left; shiftC1Left; shiftD1Left + chachaQR(A1, B1, C1, D1, T1) + shiftB1Right; shiftC1Right; shiftD1Right + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + + DECQ itr1 + JG sealSSETail64LoopA + + DECQ itr2 + JGE sealSSETail64LoopB + PADDL ·chacha20Constants<>(SB), A1 + PADDL state1Store, B1 + PADDL state2Store, C1 + PADDL ctr0Store, D1 + + JMP sealSSE128Seal + +// ---------------------------------------------------------------------------- +// Special optimization for the last 128 bytes of plaintext +sealSSETail128: + // Need to encrypt up to 128 bytes - prepare two blocks, hash 192 or 256 bytes + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store + +sealSSETail128LoopA: + // Perform ChaCha rounds, while hashing the previously encrypted ciphertext + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealSSETail128LoopB: + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0) + shiftB0Left; shiftC0Left; shiftD0Left + shiftB1Left; shiftC1Left; shiftD1Left + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0) + shiftB0Right; shiftC0Right; shiftD0Right + shiftB1Right; shiftC1Right; shiftD1Right + + DECQ itr1 + JG sealSSETail128LoopA + + DECQ itr2 + JGE sealSSETail128LoopB + + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1 + PADDL state1Store, B0; PADDL state1Store, B1 + PADDL state2Store, C0; PADDL state2Store, C1 + PADDL ctr0Store, D0; PADDL ctr1Store, D1 + + MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3 + PXOR T0, A0; PXOR T1, B0; PXOR T2, C0; PXOR T3, D0 + MOVOU A0, (0*16)(oup); MOVOU B0, (1*16)(oup); MOVOU C0, (2*16)(oup); MOVOU D0, (3*16)(oup) + + MOVQ $64, itr1 + LEAQ 64(inp), inp + SUBQ $64, inl + + JMP sealSSE128SealHash + +// ---------------------------------------------------------------------------- +// Special optimization for the last 192 bytes of plaintext +sealSSETail192: + // Need to encrypt up to 192 bytes - prepare three blocks, hash 192 or 256 bytes + MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2; MOVO D2, ctr2Store + +sealSSETail192LoopA: + // Perform ChaCha rounds, while hashing the previously encrypted ciphertext + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealSSETail192LoopB: + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Left; shiftC0Left; shiftD0Left + shiftB1Left; shiftC1Left; shiftD1Left + shiftB2Left; shiftC2Left; shiftD2Left + + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Right; shiftC0Right; shiftD0Right + shiftB1Right; shiftC1Right; shiftD1Right + shiftB2Right; shiftC2Right; shiftD2Right + + DECQ itr1 + JG sealSSETail192LoopA + + DECQ itr2 + JGE sealSSETail192LoopB + + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2 + PADDL state1Store, B0; PADDL state1Store, B1; PADDL state1Store, B2 + PADDL state2Store, C0; PADDL state2Store, C1; PADDL state2Store, C2 + PADDL ctr0Store, D0; PADDL ctr1Store, D1; PADDL ctr2Store, D2 + + MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3 + PXOR T0, A0; PXOR T1, B0; PXOR T2, C0; PXOR T3, D0 + MOVOU A0, (0*16)(oup); MOVOU B0, (1*16)(oup); MOVOU C0, (2*16)(oup); MOVOU D0, (3*16)(oup) + MOVOU (4*16)(inp), T0; MOVOU (5*16)(inp), T1; MOVOU (6*16)(inp), T2; MOVOU (7*16)(inp), T3 + PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1 + MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup) + + MOVO A2, A1 + MOVO B2, B1 + MOVO C2, C1 + MOVO D2, D1 + MOVQ $128, itr1 + LEAQ 128(inp), inp + SUBQ $128, inl + + JMP sealSSE128SealHash + +// ---------------------------------------------------------------------------- +// Special seal optimization for buffers smaller than 129 bytes +sealSSE128: + // For up to 128 bytes of ciphertext and 64 bytes for the poly key, we require to process three blocks + MOVOU ·chacha20Constants<>(SB), A0; MOVOU (1*16)(keyp), B0; MOVOU (2*16)(keyp), C0; MOVOU (3*16)(keyp), D0 + MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1 + MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2 + MOVO B0, T1; MOVO C0, T2; MOVO D1, T3 + MOVQ $10, itr2 + +sealSSE128InnerCipherLoop: + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Left; shiftB1Left; shiftB2Left + shiftC0Left; shiftC1Left; shiftC2Left + shiftD0Left; shiftD1Left; shiftD2Left + chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0) + shiftB0Right; shiftB1Right; shiftB2Right + shiftC0Right; shiftC1Right; shiftC2Right + shiftD0Right; shiftD1Right; shiftD2Right + DECQ itr2 + JNE sealSSE128InnerCipherLoop + + // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded + PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2 + PADDL T1, B0; PADDL T1, B1; PADDL T1, B2 + PADDL T2, C1; PADDL T2, C2 + PADDL T3, D1; PADDL ·sseIncMask<>(SB), T3; PADDL T3, D2 + PAND ·polyClampMask<>(SB), A0 + MOVOU A0, rStore + MOVOU B0, sStore + + // Hash + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + XORQ itr1, itr1 + +sealSSE128SealHash: + // itr1 holds the number of bytes encrypted but not yet hashed + CMPQ itr1, $16 + JB sealSSE128Seal + polyAdd(0(oup)) + polyMul + + SUBQ $16, itr1 + ADDQ $16, oup + + JMP sealSSE128SealHash + +sealSSE128Seal: + CMPQ inl, $16 + JB sealSSETail + SUBQ $16, inl + + // Load for decryption + MOVOU (inp), T0 + PXOR T0, A1 + MOVOU A1, (oup) + LEAQ (1*16)(inp), inp + LEAQ (1*16)(oup), oup + + // Extract for hashing + MOVQ A1, t0 + PSRLDQ $8, A1 + MOVQ A1, t1 + ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2 + polyMul + + // Shift the stream "left" + MOVO B1, A1 + MOVO C1, B1 + MOVO D1, C1 + MOVO A2, D1 + MOVO B2, A2 + MOVO C2, B2 + MOVO D2, C2 + JMP sealSSE128Seal + +sealSSETail: + TESTQ inl, inl + JE sealSSEFinalize + + // We can only load the PT one byte at a time to avoid read after end of buffer + MOVQ inl, itr2 + SHLQ $4, itr2 + LEAQ ·andMask<>(SB), t0 + MOVQ inl, itr1 + LEAQ -1(inp)(inl*1), inp + XORQ t2, t2 + XORQ t3, t3 + XORQ AX, AX + +sealSSETailLoadLoop: + SHLQ $8, t2, t3 + SHLQ $8, t2 + MOVB (inp), AX + XORQ AX, t2 + LEAQ -1(inp), inp + DECQ itr1 + JNE sealSSETailLoadLoop + MOVQ t2, 0+tmpStore + MOVQ t3, 8+tmpStore + PXOR 0+tmpStore, A1 + MOVOU A1, (oup) + MOVOU -16(t0)(itr2*1), T0 + PAND T0, A1 + MOVQ A1, t0 + PSRLDQ $8, A1 + MOVQ A1, t1 + ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2 + polyMul + + ADDQ inl, oup + +sealSSEFinalize: + // Hash in the buffer lengths + ADDQ ad_len+80(FP), acc0 + ADCQ src_len+56(FP), acc1 + ADCQ $1, acc2 + polyMul + + // Final reduce + MOVQ acc0, t0 + MOVQ acc1, t1 + MOVQ acc2, t2 + SUBQ $-5, acc0 + SBBQ $-1, acc1 + SBBQ $3, acc2 + CMOVQCS t0, acc0 + CMOVQCS t1, acc1 + CMOVQCS t2, acc2 + + // Add in the "s" part of the key + ADDQ 0+sStore, acc0 + ADCQ 8+sStore, acc1 + + // Finally store the tag at the end of the message + MOVQ acc0, (0*8)(oup) + MOVQ acc1, (1*8)(oup) + RET + +// ---------------------------------------------------------------------------- +// ------------------------- AVX2 Code ---------------------------------------- +chacha20Poly1305Seal_AVX2: + VZEROUPPER + VMOVDQU ·chacha20Constants<>(SB), AA0 + BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x70; BYTE $0x10 // broadcasti128 16(r8), ymm14 + BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x20 // broadcasti128 32(r8), ymm12 + BYTE $0xc4; BYTE $0xc2; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x30 // broadcasti128 48(r8), ymm4 + VPADDD ·avx2InitMask<>(SB), DD0, DD0 + + // Special optimizations, for very short buffers + CMPQ inl, $192 + JBE seal192AVX2 // 33% faster + CMPQ inl, $320 + JBE seal320AVX2 // 17% faster + + // For the general key prepare the key first - as a byproduct we have 64 bytes of cipher stream + VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3; VMOVDQA BB0, state1StoreAVX2 + VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3; VMOVDQA CC0, state2StoreAVX2 + VPADDD ·avx2IncMask<>(SB), DD0, DD1; VMOVDQA DD0, ctr0StoreAVX2 + VPADDD ·avx2IncMask<>(SB), DD1, DD2; VMOVDQA DD1, ctr1StoreAVX2 + VPADDD ·avx2IncMask<>(SB), DD2, DD3; VMOVDQA DD2, ctr2StoreAVX2 + VMOVDQA DD3, ctr3StoreAVX2 + MOVQ $10, itr2 + +sealAVX2IntroLoop: + VMOVDQA CC3, tmpStoreAVX2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3) + VMOVDQA tmpStoreAVX2, CC3 + VMOVDQA CC1, tmpStoreAVX2 + chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1) + VMOVDQA tmpStoreAVX2, CC1 + + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0 + VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $12, DD1, DD1, DD1 + VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $12, DD2, DD2, DD2 + VPALIGNR $4, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $12, DD3, DD3, DD3 + + VMOVDQA CC3, tmpStoreAVX2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3) + VMOVDQA tmpStoreAVX2, CC3 + VMOVDQA CC1, tmpStoreAVX2 + chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1) + VMOVDQA tmpStoreAVX2, CC1 + + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0 + VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $4, DD1, DD1, DD1 + VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $4, DD2, DD2, DD2 + VPALIGNR $12, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $4, DD3, DD3, DD3 + DECQ itr2 + JNE sealAVX2IntroLoop + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3 + + VPERM2I128 $0x13, CC0, DD0, CC0 // Stream bytes 96 - 127 + VPERM2I128 $0x02, AA0, BB0, DD0 // The Poly1305 key + VPERM2I128 $0x13, AA0, BB0, AA0 // Stream bytes 64 - 95 + + // Clamp and store poly key + VPAND ·polyClampMask<>(SB), DD0, DD0 + VMOVDQA DD0, rsStoreAVX2 + + // Hash AD + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + + // Can store at least 320 bytes + VPXOR (0*32)(inp), AA0, AA0 + VPXOR (1*32)(inp), CC0, CC0 + VMOVDQU AA0, (0*32)(oup) + VMOVDQU CC0, (1*32)(oup) + + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + VPXOR (2*32)(inp), AA0, AA0; VPXOR (3*32)(inp), BB0, BB0; VPXOR (4*32)(inp), CC0, CC0; VPXOR (5*32)(inp), DD0, DD0 + VMOVDQU AA0, (2*32)(oup); VMOVDQU BB0, (3*32)(oup); VMOVDQU CC0, (4*32)(oup); VMOVDQU DD0, (5*32)(oup) + VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0 + VPXOR (6*32)(inp), AA0, AA0; VPXOR (7*32)(inp), BB0, BB0; VPXOR (8*32)(inp), CC0, CC0; VPXOR (9*32)(inp), DD0, DD0 + VMOVDQU AA0, (6*32)(oup); VMOVDQU BB0, (7*32)(oup); VMOVDQU CC0, (8*32)(oup); VMOVDQU DD0, (9*32)(oup) + + MOVQ $320, itr1 + SUBQ $320, inl + LEAQ 320(inp), inp + + VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, CC3, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, CC3, DD3, DD0 + CMPQ inl, $128 + JBE sealAVX2SealHash + + VPXOR (0*32)(inp), AA0, AA0; VPXOR (1*32)(inp), BB0, BB0; VPXOR (2*32)(inp), CC0, CC0; VPXOR (3*32)(inp), DD0, DD0 + VMOVDQU AA0, (10*32)(oup); VMOVDQU BB0, (11*32)(oup); VMOVDQU CC0, (12*32)(oup); VMOVDQU DD0, (13*32)(oup) + SUBQ $128, inl + LEAQ 128(inp), inp + + MOVQ $8, itr1 + MOVQ $2, itr2 + + CMPQ inl, $128 + JBE sealAVX2Tail128 + CMPQ inl, $256 + JBE sealAVX2Tail256 + CMPQ inl, $384 + JBE sealAVX2Tail384 + CMPQ inl, $512 + JBE sealAVX2Tail512 + + // We have 448 bytes to hash, but main loop hashes 512 bytes at a time - perform some rounds, before the main loop + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3 + VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2 + + VMOVDQA CC3, tmpStoreAVX2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3) + VMOVDQA tmpStoreAVX2, CC3 + VMOVDQA CC1, tmpStoreAVX2 + chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1) + VMOVDQA tmpStoreAVX2, CC1 + + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0 + VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $12, DD1, DD1, DD1 + VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $12, DD2, DD2, DD2 + VPALIGNR $4, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $12, DD3, DD3, DD3 + + VMOVDQA CC3, tmpStoreAVX2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3) + VMOVDQA tmpStoreAVX2, CC3 + VMOVDQA CC1, tmpStoreAVX2 + chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1) + VMOVDQA tmpStoreAVX2, CC1 + + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0 + VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $4, DD1, DD1, DD1 + VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $4, DD2, DD2, DD2 + VPALIGNR $12, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $4, DD3, DD3, DD3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + + SUBQ $16, oup // Adjust the pointer + MOVQ $9, itr1 + JMP sealAVX2InternalLoopStart + +sealAVX2MainLoop: + // Load state, increment counter blocks, store the incremented counters + VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3 + VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3 + VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2 + MOVQ $10, itr1 + +sealAVX2InternalLoop: + polyAdd(0*8(oup)) + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + polyMulStage1_AVX2 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + polyMulStage2_AVX2 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyMulStage3_AVX2 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulReduceStage + +sealAVX2InternalLoopStart: + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + polyAdd(2*8(oup)) + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + polyMulStage1_AVX2 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulStage2_AVX2 + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + polyMulStage3_AVX2 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + polyMulReduceStage + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyAdd(4*8(oup)) + LEAQ (6*8)(oup), oup + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulStage1_AVX2 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + polyMulStage2_AVX2 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + polyMulStage3_AVX2 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyMulReduceStage + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3 + DECQ itr1 + JNE sealAVX2InternalLoop + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3 + VMOVDQA CC3, tmpStoreAVX2 + + // We only hashed 480 of the 512 bytes available - hash the remaining 32 here + polyAdd(0*8(oup)) + polyMulAVX2 + LEAQ (4*8)(oup), oup + VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0 + VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0 + VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup) + VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0 + VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0 + VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup) + + // and here + polyAdd(-2*8(oup)) + polyMulAVX2 + VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0 + VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0 + VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup) + VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0 + VPXOR (12*32)(inp), AA0, AA0; VPXOR (13*32)(inp), BB0, BB0; VPXOR (14*32)(inp), CC0, CC0; VPXOR (15*32)(inp), DD0, DD0 + VMOVDQU AA0, (12*32)(oup); VMOVDQU BB0, (13*32)(oup); VMOVDQU CC0, (14*32)(oup); VMOVDQU DD0, (15*32)(oup) + LEAQ (32*16)(inp), inp + SUBQ $(32*16), inl + CMPQ inl, $512 + JG sealAVX2MainLoop + + // Tail can only hash 480 bytes + polyAdd(0*8(oup)) + polyMulAVX2 + polyAdd(2*8(oup)) + polyMulAVX2 + LEAQ 32(oup), oup + + MOVQ $10, itr1 + MOVQ $0, itr2 + CMPQ inl, $128 + JBE sealAVX2Tail128 + CMPQ inl, $256 + JBE sealAVX2Tail256 + CMPQ inl, $384 + JBE sealAVX2Tail384 + JMP sealAVX2Tail512 + +// ---------------------------------------------------------------------------- +// Special optimization for buffers smaller than 193 bytes +seal192AVX2: + // For up to 192 bytes of ciphertext and 64 bytes for the poly key, we process four blocks + VMOVDQA AA0, AA1 + VMOVDQA BB0, BB1 + VMOVDQA CC0, CC1 + VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA AA0, AA2 + VMOVDQA BB0, BB2 + VMOVDQA CC0, CC2 + VMOVDQA DD0, DD2 + VMOVDQA DD1, TT3 + MOVQ $10, itr2 + +sealAVX2192InnerCipherLoop: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1 + DECQ itr2 + JNE sealAVX2192InnerCipherLoop + VPADDD AA2, AA0, AA0; VPADDD AA2, AA1, AA1 + VPADDD BB2, BB0, BB0; VPADDD BB2, BB1, BB1 + VPADDD CC2, CC0, CC0; VPADDD CC2, CC1, CC1 + VPADDD DD2, DD0, DD0; VPADDD TT3, DD1, DD1 + VPERM2I128 $0x02, AA0, BB0, TT0 + + // Clamp and store poly key + VPAND ·polyClampMask<>(SB), TT0, TT0 + VMOVDQA TT0, rsStoreAVX2 + + // Stream for up to 192 bytes + VPERM2I128 $0x13, AA0, BB0, AA0 + VPERM2I128 $0x13, CC0, DD0, BB0 + VPERM2I128 $0x02, AA1, BB1, CC0 + VPERM2I128 $0x02, CC1, DD1, DD0 + VPERM2I128 $0x13, AA1, BB1, AA1 + VPERM2I128 $0x13, CC1, DD1, BB1 + +sealAVX2ShortSeal: + // Hash aad + MOVQ ad_len+80(FP), itr2 + CALL polyHashADInternal<>(SB) + XORQ itr1, itr1 + +sealAVX2SealHash: + // itr1 holds the number of bytes encrypted but not yet hashed + CMPQ itr1, $16 + JB sealAVX2ShortSealLoop + polyAdd(0(oup)) + polyMul + SUBQ $16, itr1 + ADDQ $16, oup + JMP sealAVX2SealHash + +sealAVX2ShortSealLoop: + CMPQ inl, $32 + JB sealAVX2ShortTail32 + SUBQ $32, inl + + // Load for encryption + VPXOR (inp), AA0, AA0 + VMOVDQU AA0, (oup) + LEAQ (1*32)(inp), inp + + // Now can hash + polyAdd(0*8(oup)) + polyMulAVX2 + polyAdd(2*8(oup)) + polyMulAVX2 + LEAQ (1*32)(oup), oup + + // Shift stream left + VMOVDQA BB0, AA0 + VMOVDQA CC0, BB0 + VMOVDQA DD0, CC0 + VMOVDQA AA1, DD0 + VMOVDQA BB1, AA1 + VMOVDQA CC1, BB1 + VMOVDQA DD1, CC1 + VMOVDQA AA2, DD1 + VMOVDQA BB2, AA2 + JMP sealAVX2ShortSealLoop + +sealAVX2ShortTail32: + CMPQ inl, $16 + VMOVDQA A0, A1 + JB sealAVX2ShortDone + + SUBQ $16, inl + + // Load for encryption + VPXOR (inp), A0, T0 + VMOVDQU T0, (oup) + LEAQ (1*16)(inp), inp + + // Hash + polyAdd(0*8(oup)) + polyMulAVX2 + LEAQ (1*16)(oup), oup + VPERM2I128 $0x11, AA0, AA0, AA0 + VMOVDQA A0, A1 + +sealAVX2ShortDone: + VZEROUPPER + JMP sealSSETail + +// ---------------------------------------------------------------------------- +// Special optimization for buffers smaller than 321 bytes +seal320AVX2: + // For up to 320 bytes of ciphertext and 64 bytes for the poly key, we process six blocks + VMOVDQA AA0, AA1; VMOVDQA BB0, BB1; VMOVDQA CC0, CC1; VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA AA0, AA2; VMOVDQA BB0, BB2; VMOVDQA CC0, CC2; VPADDD ·avx2IncMask<>(SB), DD1, DD2 + VMOVDQA BB0, TT1; VMOVDQA CC0, TT2; VMOVDQA DD0, TT3 + MOVQ $10, itr2 + +sealAVX2320InnerCipherLoop: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2 + DECQ itr2 + JNE sealAVX2320InnerCipherLoop + + VMOVDQA ·chacha20Constants<>(SB), TT0 + VPADDD TT0, AA0, AA0; VPADDD TT0, AA1, AA1; VPADDD TT0, AA2, AA2 + VPADDD TT1, BB0, BB0; VPADDD TT1, BB1, BB1; VPADDD TT1, BB2, BB2 + VPADDD TT2, CC0, CC0; VPADDD TT2, CC1, CC1; VPADDD TT2, CC2, CC2 + VMOVDQA ·avx2IncMask<>(SB), TT0 + VPADDD TT3, DD0, DD0; VPADDD TT0, TT3, TT3 + VPADDD TT3, DD1, DD1; VPADDD TT0, TT3, TT3 + VPADDD TT3, DD2, DD2 + + // Clamp and store poly key + VPERM2I128 $0x02, AA0, BB0, TT0 + VPAND ·polyClampMask<>(SB), TT0, TT0 + VMOVDQA TT0, rsStoreAVX2 + + // Stream for up to 320 bytes + VPERM2I128 $0x13, AA0, BB0, AA0 + VPERM2I128 $0x13, CC0, DD0, BB0 + VPERM2I128 $0x02, AA1, BB1, CC0 + VPERM2I128 $0x02, CC1, DD1, DD0 + VPERM2I128 $0x13, AA1, BB1, AA1 + VPERM2I128 $0x13, CC1, DD1, BB1 + VPERM2I128 $0x02, AA2, BB2, CC1 + VPERM2I128 $0x02, CC2, DD2, DD1 + VPERM2I128 $0x13, AA2, BB2, AA2 + VPERM2I128 $0x13, CC2, DD2, BB2 + JMP sealAVX2ShortSeal + +// ---------------------------------------------------------------------------- +// Special optimization for the last 128 bytes of ciphertext +sealAVX2Tail128: + // Need to decrypt up to 128 bytes - prepare two blocks + // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed + // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed + VMOVDQA ·chacha20Constants<>(SB), AA0 + VMOVDQA state1StoreAVX2, BB0 + VMOVDQA state2StoreAVX2, CC0 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0 + VMOVDQA DD0, DD1 + +sealAVX2Tail128LoopA: + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealAVX2Tail128LoopB: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0) + polyAdd(0(oup)) + polyMul + VPALIGNR $4, BB0, BB0, BB0 + VPALIGNR $8, CC0, CC0, CC0 + VPALIGNR $12, DD0, DD0, DD0 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0) + polyAdd(16(oup)) + polyMul + LEAQ 32(oup), oup + VPALIGNR $12, BB0, BB0, BB0 + VPALIGNR $8, CC0, CC0, CC0 + VPALIGNR $4, DD0, DD0, DD0 + DECQ itr1 + JG sealAVX2Tail128LoopA + DECQ itr2 + JGE sealAVX2Tail128LoopB + + VPADDD ·chacha20Constants<>(SB), AA0, AA1 + VPADDD state1StoreAVX2, BB0, BB1 + VPADDD state2StoreAVX2, CC0, CC1 + VPADDD DD1, DD0, DD1 + + VPERM2I128 $0x02, AA1, BB1, AA0 + VPERM2I128 $0x02, CC1, DD1, BB0 + VPERM2I128 $0x13, AA1, BB1, CC0 + VPERM2I128 $0x13, CC1, DD1, DD0 + JMP sealAVX2ShortSealLoop + +// ---------------------------------------------------------------------------- +// Special optimization for the last 256 bytes of ciphertext +sealAVX2Tail256: + // Need to decrypt up to 256 bytes - prepare two blocks + // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed + // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA ·chacha20Constants<>(SB), AA1 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA state1StoreAVX2, BB1 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA state2StoreAVX2, CC1 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD1 + VMOVDQA DD0, TT1 + VMOVDQA DD1, TT2 + +sealAVX2Tail256LoopA: + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealAVX2Tail256LoopB: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + polyAdd(0(oup)) + polyMul + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0) + polyAdd(16(oup)) + polyMul + LEAQ 32(oup), oup + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1 + DECQ itr1 + JG sealAVX2Tail256LoopA + DECQ itr2 + JGE sealAVX2Tail256LoopB + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1 + VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1 + VPERM2I128 $0x02, AA0, BB0, TT0 + VPERM2I128 $0x02, CC0, DD0, TT1 + VPERM2I128 $0x13, AA0, BB0, TT2 + VPERM2I128 $0x13, CC0, DD0, TT3 + VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3 + VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup) + MOVQ $128, itr1 + LEAQ 128(inp), inp + SUBQ $128, inl + VPERM2I128 $0x02, AA1, BB1, AA0 + VPERM2I128 $0x02, CC1, DD1, BB0 + VPERM2I128 $0x13, AA1, BB1, CC0 + VPERM2I128 $0x13, CC1, DD1, DD0 + + JMP sealAVX2SealHash + +// ---------------------------------------------------------------------------- +// Special optimization for the last 384 bytes of ciphertext +sealAVX2Tail384: + // Need to decrypt up to 384 bytes - prepare two blocks + // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed + // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2 + VMOVDQA DD0, TT1; VMOVDQA DD1, TT2; VMOVDQA DD2, TT3 + +sealAVX2Tail384LoopA: + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealAVX2Tail384LoopB: + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + polyAdd(0(oup)) + polyMul + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2 + chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0) + polyAdd(16(oup)) + polyMul + LEAQ 32(oup), oup + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2 + DECQ itr1 + JG sealAVX2Tail384LoopA + DECQ itr2 + JGE sealAVX2Tail384LoopB + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2 + VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1; VPADDD TT3, DD2, DD2 + VPERM2I128 $0x02, AA0, BB0, TT0 + VPERM2I128 $0x02, CC0, DD0, TT1 + VPERM2I128 $0x13, AA0, BB0, TT2 + VPERM2I128 $0x13, CC0, DD0, TT3 + VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3 + VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup) + VPERM2I128 $0x02, AA1, BB1, TT0 + VPERM2I128 $0x02, CC1, DD1, TT1 + VPERM2I128 $0x13, AA1, BB1, TT2 + VPERM2I128 $0x13, CC1, DD1, TT3 + VPXOR (4*32)(inp), TT0, TT0; VPXOR (5*32)(inp), TT1, TT1; VPXOR (6*32)(inp), TT2, TT2; VPXOR (7*32)(inp), TT3, TT3 + VMOVDQU TT0, (4*32)(oup); VMOVDQU TT1, (5*32)(oup); VMOVDQU TT2, (6*32)(oup); VMOVDQU TT3, (7*32)(oup) + MOVQ $256, itr1 + LEAQ 256(inp), inp + SUBQ $256, inl + VPERM2I128 $0x02, AA2, BB2, AA0 + VPERM2I128 $0x02, CC2, DD2, BB0 + VPERM2I128 $0x13, AA2, BB2, CC0 + VPERM2I128 $0x13, CC2, DD2, DD0 + + JMP sealAVX2SealHash + +// ---------------------------------------------------------------------------- +// Special optimization for the last 512 bytes of ciphertext +sealAVX2Tail512: + // Need to decrypt up to 512 bytes - prepare two blocks + // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed + // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed + VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3 + VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3 + VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3 + VMOVDQA ctr3StoreAVX2, DD0 + VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3 + VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2 + +sealAVX2Tail512LoopA: + polyAdd(0(oup)) + polyMul + LEAQ 16(oup), oup + +sealAVX2Tail512LoopB: + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + polyAdd(0*8(oup)) + polyMulAVX2 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + polyAdd(2*8(oup)) + polyMulAVX2 + LEAQ (4*8)(oup), oup + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 + VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 + VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3 + VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 + VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 + VMOVDQA CC3, tmpStoreAVX2 + VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 + VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 + VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 + VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 + VMOVDQA tmpStoreAVX2, CC3 + VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3 + VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3 + VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3 + + DECQ itr1 + JG sealAVX2Tail512LoopA + DECQ itr2 + JGE sealAVX2Tail512LoopB + + VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3 + VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3 + VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3 + VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3 + VMOVDQA CC3, tmpStoreAVX2 + VPERM2I128 $0x02, AA0, BB0, CC3 + VPXOR (0*32)(inp), CC3, CC3 + VMOVDQU CC3, (0*32)(oup) + VPERM2I128 $0x02, CC0, DD0, CC3 + VPXOR (1*32)(inp), CC3, CC3 + VMOVDQU CC3, (1*32)(oup) + VPERM2I128 $0x13, AA0, BB0, CC3 + VPXOR (2*32)(inp), CC3, CC3 + VMOVDQU CC3, (2*32)(oup) + VPERM2I128 $0x13, CC0, DD0, CC3 + VPXOR (3*32)(inp), CC3, CC3 + VMOVDQU CC3, (3*32)(oup) + + VPERM2I128 $0x02, AA1, BB1, AA0 + VPERM2I128 $0x02, CC1, DD1, BB0 + VPERM2I128 $0x13, AA1, BB1, CC0 + VPERM2I128 $0x13, CC1, DD1, DD0 + VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0 + VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup) + + VPERM2I128 $0x02, AA2, BB2, AA0 + VPERM2I128 $0x02, CC2, DD2, BB0 + VPERM2I128 $0x13, AA2, BB2, CC0 + VPERM2I128 $0x13, CC2, DD2, DD0 + VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0 + VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup) + + MOVQ $384, itr1 + LEAQ 384(inp), inp + SUBQ $384, inl + VPERM2I128 $0x02, AA3, BB3, AA0 + VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0 + VPERM2I128 $0x13, AA3, BB3, CC0 + VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0 + + JMP sealAVX2SealHash + +// func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) +TEXT ·cpuid(SB), NOSPLIT, $0-24 + MOVL eaxArg+0(FP), AX + MOVL ecxArg+4(FP), CX + CPUID + MOVL AX, eax+8(FP) + MOVL BX, ebx+12(FP) + MOVL CX, ecx+16(FP) + MOVL DX, edx+20(FP) + RET + +// func xgetbv() (eax, edx uint32) +TEXT ·xgetbv(SB),NOSPLIT,$0-8 + MOVL $0, CX + XGETBV + MOVL AX, eax+0(FP) + MOVL DX, edx+4(FP) + RET diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go new file mode 100644 index 0000000000..4ac014f525 --- /dev/null +++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go @@ -0,0 +1,70 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package chacha20poly1305 + +import ( + "encoding/binary" + + "golang.org/x/crypto/internal/chacha20" + "golang.org/x/crypto/poly1305" +) + +func roundTo16(n int) int { + return 16 * ((n + 15) / 16) +} + +func (c *chacha20poly1305) sealGeneric(dst, nonce, plaintext, additionalData []byte) []byte { + var counter [16]byte + copy(counter[4:], nonce) + + var polyKey [32]byte + chacha20.XORKeyStream(polyKey[:], polyKey[:], &counter, &c.key) + + ret, out := sliceForAppend(dst, len(plaintext)+poly1305.TagSize) + counter[0] = 1 + chacha20.XORKeyStream(out, plaintext, &counter, &c.key) + + polyInput := make([]byte, roundTo16(len(additionalData))+roundTo16(len(plaintext))+8+8) + copy(polyInput, additionalData) + copy(polyInput[roundTo16(len(additionalData)):], out[:len(plaintext)]) + binary.LittleEndian.PutUint64(polyInput[len(polyInput)-16:], uint64(len(additionalData))) + binary.LittleEndian.PutUint64(polyInput[len(polyInput)-8:], uint64(len(plaintext))) + + var tag [poly1305.TagSize]byte + poly1305.Sum(&tag, polyInput, &polyKey) + copy(out[len(plaintext):], tag[:]) + + return ret +} + +func (c *chacha20poly1305) openGeneric(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { + var tag [poly1305.TagSize]byte + copy(tag[:], ciphertext[len(ciphertext)-16:]) + ciphertext = ciphertext[:len(ciphertext)-16] + + var counter [16]byte + copy(counter[4:], nonce) + + var polyKey [32]byte + chacha20.XORKeyStream(polyKey[:], polyKey[:], &counter, &c.key) + + polyInput := make([]byte, roundTo16(len(additionalData))+roundTo16(len(ciphertext))+8+8) + copy(polyInput, additionalData) + copy(polyInput[roundTo16(len(additionalData)):], ciphertext) + binary.LittleEndian.PutUint64(polyInput[len(polyInput)-16:], uint64(len(additionalData))) + binary.LittleEndian.PutUint64(polyInput[len(polyInput)-8:], uint64(len(ciphertext))) + + ret, out := sliceForAppend(dst, len(ciphertext)) + if !poly1305.Verify(&tag, polyInput, &polyKey) { + for i := range out { + out[i] = 0 + } + return nil, errOpen + } + + counter[0] = 1 + chacha20.XORKeyStream(out, ciphertext, &counter, &c.key) + return ret, nil +} diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go new file mode 100644 index 0000000000..4c2eb703c3 --- /dev/null +++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go @@ -0,0 +1,15 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64 !go1.7 gccgo appengine + +package chacha20poly1305 + +func (c *chacha20poly1305) seal(dst, nonce, plaintext, additionalData []byte) []byte { + return c.sealGeneric(dst, nonce, plaintext, additionalData) +} + +func (c *chacha20poly1305) open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { + return c.openGeneric(dst, nonce, ciphertext, additionalData) +} diff --git a/vendor/golang.org/x/crypto/internal/chacha20/chacha_generic.go b/vendor/golang.org/x/crypto/internal/chacha20/chacha_generic.go new file mode 100644 index 0000000000..0f8efdbaa4 --- /dev/null +++ b/vendor/golang.org/x/crypto/internal/chacha20/chacha_generic.go @@ -0,0 +1,198 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3. +package chacha20 + +import "encoding/binary" + +const rounds = 20 + +// core applies the ChaCha20 core function to 16-byte input in, 32-byte key k, +// and 16-byte constant c, and puts the result into 64-byte array out. +func core(out *[64]byte, in *[16]byte, k *[32]byte) { + j0 := uint32(0x61707865) + j1 := uint32(0x3320646e) + j2 := uint32(0x79622d32) + j3 := uint32(0x6b206574) + j4 := binary.LittleEndian.Uint32(k[0:4]) + j5 := binary.LittleEndian.Uint32(k[4:8]) + j6 := binary.LittleEndian.Uint32(k[8:12]) + j7 := binary.LittleEndian.Uint32(k[12:16]) + j8 := binary.LittleEndian.Uint32(k[16:20]) + j9 := binary.LittleEndian.Uint32(k[20:24]) + j10 := binary.LittleEndian.Uint32(k[24:28]) + j11 := binary.LittleEndian.Uint32(k[28:32]) + j12 := binary.LittleEndian.Uint32(in[0:4]) + j13 := binary.LittleEndian.Uint32(in[4:8]) + j14 := binary.LittleEndian.Uint32(in[8:12]) + j15 := binary.LittleEndian.Uint32(in[12:16]) + + x0, x1, x2, x3, x4, x5, x6, x7 := j0, j1, j2, j3, j4, j5, j6, j7 + x8, x9, x10, x11, x12, x13, x14, x15 := j8, j9, j10, j11, j12, j13, j14, j15 + + for i := 0; i < rounds; i += 2 { + x0 += x4 + x12 ^= x0 + x12 = (x12 << 16) | (x12 >> (16)) + x8 += x12 + x4 ^= x8 + x4 = (x4 << 12) | (x4 >> (20)) + x0 += x4 + x12 ^= x0 + x12 = (x12 << 8) | (x12 >> (24)) + x8 += x12 + x4 ^= x8 + x4 = (x4 << 7) | (x4 >> (25)) + x1 += x5 + x13 ^= x1 + x13 = (x13 << 16) | (x13 >> 16) + x9 += x13 + x5 ^= x9 + x5 = (x5 << 12) | (x5 >> 20) + x1 += x5 + x13 ^= x1 + x13 = (x13 << 8) | (x13 >> 24) + x9 += x13 + x5 ^= x9 + x5 = (x5 << 7) | (x5 >> 25) + x2 += x6 + x14 ^= x2 + x14 = (x14 << 16) | (x14 >> 16) + x10 += x14 + x6 ^= x10 + x6 = (x6 << 12) | (x6 >> 20) + x2 += x6 + x14 ^= x2 + x14 = (x14 << 8) | (x14 >> 24) + x10 += x14 + x6 ^= x10 + x6 = (x6 << 7) | (x6 >> 25) + x3 += x7 + x15 ^= x3 + x15 = (x15 << 16) | (x15 >> 16) + x11 += x15 + x7 ^= x11 + x7 = (x7 << 12) | (x7 >> 20) + x3 += x7 + x15 ^= x3 + x15 = (x15 << 8) | (x15 >> 24) + x11 += x15 + x7 ^= x11 + x7 = (x7 << 7) | (x7 >> 25) + x0 += x5 + x15 ^= x0 + x15 = (x15 << 16) | (x15 >> 16) + x10 += x15 + x5 ^= x10 + x5 = (x5 << 12) | (x5 >> 20) + x0 += x5 + x15 ^= x0 + x15 = (x15 << 8) | (x15 >> 24) + x10 += x15 + x5 ^= x10 + x5 = (x5 << 7) | (x5 >> 25) + x1 += x6 + x12 ^= x1 + x12 = (x12 << 16) | (x12 >> 16) + x11 += x12 + x6 ^= x11 + x6 = (x6 << 12) | (x6 >> 20) + x1 += x6 + x12 ^= x1 + x12 = (x12 << 8) | (x12 >> 24) + x11 += x12 + x6 ^= x11 + x6 = (x6 << 7) | (x6 >> 25) + x2 += x7 + x13 ^= x2 + x13 = (x13 << 16) | (x13 >> 16) + x8 += x13 + x7 ^= x8 + x7 = (x7 << 12) | (x7 >> 20) + x2 += x7 + x13 ^= x2 + x13 = (x13 << 8) | (x13 >> 24) + x8 += x13 + x7 ^= x8 + x7 = (x7 << 7) | (x7 >> 25) + x3 += x4 + x14 ^= x3 + x14 = (x14 << 16) | (x14 >> 16) + x9 += x14 + x4 ^= x9 + x4 = (x4 << 12) | (x4 >> 20) + x3 += x4 + x14 ^= x3 + x14 = (x14 << 8) | (x14 >> 24) + x9 += x14 + x4 ^= x9 + x4 = (x4 << 7) | (x4 >> 25) + } + + x0 += j0 + x1 += j1 + x2 += j2 + x3 += j3 + x4 += j4 + x5 += j5 + x6 += j6 + x7 += j7 + x8 += j8 + x9 += j9 + x10 += j10 + x11 += j11 + x12 += j12 + x13 += j13 + x14 += j14 + x15 += j15 + + binary.LittleEndian.PutUint32(out[0:4], x0) + binary.LittleEndian.PutUint32(out[4:8], x1) + binary.LittleEndian.PutUint32(out[8:12], x2) + binary.LittleEndian.PutUint32(out[12:16], x3) + binary.LittleEndian.PutUint32(out[16:20], x4) + binary.LittleEndian.PutUint32(out[20:24], x5) + binary.LittleEndian.PutUint32(out[24:28], x6) + binary.LittleEndian.PutUint32(out[28:32], x7) + binary.LittleEndian.PutUint32(out[32:36], x8) + binary.LittleEndian.PutUint32(out[36:40], x9) + binary.LittleEndian.PutUint32(out[40:44], x10) + binary.LittleEndian.PutUint32(out[44:48], x11) + binary.LittleEndian.PutUint32(out[48:52], x12) + binary.LittleEndian.PutUint32(out[52:56], x13) + binary.LittleEndian.PutUint32(out[56:60], x14) + binary.LittleEndian.PutUint32(out[60:64], x15) +} + +// XORKeyStream crypts bytes from in to out using the given key and counters. +// In and out must overlap entirely or not at all. Counter contains the raw +// ChaCha20 counter bytes (i.e. block counter followed by nonce). +func XORKeyStream(out, in []byte, counter *[16]byte, key *[32]byte) { + var block [64]byte + var counterCopy [16]byte + copy(counterCopy[:], counter[:]) + + for len(in) >= 64 { + core(&block, &counterCopy, key) + for i, x := range block { + out[i] = in[i] ^ x + } + u := uint32(1) + for i := 0; i < 4; i++ { + u += uint32(counterCopy[i]) + counterCopy[i] = byte(u) + u >>= 8 + } + in = in[64:] + out = out[64:] + } + + if len(in) > 0 { + core(&block, &counterCopy, key) + for i, v := range in { + out[i] = v ^ block[i] + } + } +} diff --git a/vendor/golang.org/x/crypto/nacl/auth/auth.go b/vendor/golang.org/x/crypto/nacl/auth/auth.go new file mode 100644 index 0000000000..ec1d6ebe4a --- /dev/null +++ b/vendor/golang.org/x/crypto/nacl/auth/auth.go @@ -0,0 +1,58 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package auth authenticates a message using a secret key. + +The Sum function, viewed as a function of the message for a uniform random +key, is designed to meet the standard notion of unforgeability. This means +that an attacker cannot find authenticators for any messages not authenticated +by the sender, even if the attacker has adaptively influenced the messages +authenticated by the sender. For a formal definition see, e.g., Section 2.4 +of Bellare, Kilian, and Rogaway, "The security of the cipher block chaining +message authentication code," Journal of Computer and System Sciences 61 (2000), +362–399; http://www-cse.ucsd.edu/~mihir/papers/cbc.html. + +auth does not make any promises regarding "strong" unforgeability; perhaps +one valid authenticator can be converted into another valid authenticator for +the same message. NaCl also does not make any promises regarding "truncated +unforgeability." + +This package is interoperable with NaCl: https://nacl.cr.yp.to/auth.html. +*/ +package auth + +import ( + "crypto/hmac" + "crypto/sha512" +) + +const ( + // Size is the size, in bytes, of an authenticated digest. + Size = 32 + // KeySize is the size, in bytes, of an authentication key. + KeySize = 32 +) + +// Sum generates an authenticator for m using a secret key and returns the +// 32-byte digest. +func Sum(m []byte, key *[KeySize]byte) *[Size]byte { + mac := hmac.New(sha512.New, key[:]) + mac.Write(m) + out := new([KeySize]byte) + copy(out[:], mac.Sum(nil)[:Size]) + return out +} + +// Verify checks that digest is a valid authenticator of message m under the +// given secret key. Verify does not leak timing information. +func Verify(digest []byte, m []byte, key *[KeySize]byte) bool { + if len(digest) != Size { + return false + } + mac := hmac.New(sha512.New, key[:]) + mac.Write(m) + expectedMAC := mac.Sum(nil) // first 256 bits of 512-bit sum + return hmac.Equal(digest, expectedMAC[:Size]) +} diff --git a/vendor/golang.org/x/crypto/nacl/box/box.go b/vendor/golang.org/x/crypto/nacl/box/box.go new file mode 100644 index 0000000000..31b697be44 --- /dev/null +++ b/vendor/golang.org/x/crypto/nacl/box/box.go @@ -0,0 +1,103 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package box authenticates and encrypts small messages using public-key cryptography. + +Box uses Curve25519, XSalsa20 and Poly1305 to encrypt and authenticate +messages. The length of messages is not hidden. + +It is the caller's responsibility to ensure the uniqueness of nonces—for +example, by using nonce 1 for the first message, nonce 2 for the second +message, etc. Nonces are long enough that randomly generated nonces have +negligible risk of collision. + +Messages should be small because: + +1. The whole message needs to be held in memory to be processed. + +2. Using large messages pressures implementations on small machines to decrypt +and process plaintext before authenticating it. This is very dangerous, and +this API does not allow it, but a protocol that uses excessive message sizes +might present some implementations with no other choice. + +3. Fixed overheads will be sufficiently amortised by messages as small as 8KB. + +4. Performance may be improved by working with messages that fit into data caches. + +Thus large amounts of data should be chunked so that each message is small. +(Each message still needs a unique nonce.) If in doubt, 16KB is a reasonable +chunk size. + +This package is interoperable with NaCl: https://nacl.cr.yp.to/box.html. +*/ +package box // import "golang.org/x/crypto/nacl/box" + +import ( + "io" + + "golang.org/x/crypto/curve25519" + "golang.org/x/crypto/nacl/secretbox" + "golang.org/x/crypto/salsa20/salsa" +) + +// Overhead is the number of bytes of overhead when boxing a message. +const Overhead = secretbox.Overhead + +// GenerateKey generates a new public/private key pair suitable for use with +// Seal and Open. +func GenerateKey(rand io.Reader) (publicKey, privateKey *[32]byte, err error) { + publicKey = new([32]byte) + privateKey = new([32]byte) + _, err = io.ReadFull(rand, privateKey[:]) + if err != nil { + publicKey = nil + privateKey = nil + return + } + + curve25519.ScalarBaseMult(publicKey, privateKey) + return +} + +var zeros [16]byte + +// Precompute calculates the shared key between peersPublicKey and privateKey +// and writes it to sharedKey. The shared key can be used with +// OpenAfterPrecomputation and SealAfterPrecomputation to speed up processing +// when using the same pair of keys repeatedly. +func Precompute(sharedKey, peersPublicKey, privateKey *[32]byte) { + curve25519.ScalarMult(sharedKey, privateKey, peersPublicKey) + salsa.HSalsa20(sharedKey, &zeros, sharedKey, &salsa.Sigma) +} + +// Seal appends an encrypted and authenticated copy of message to out, which +// will be Overhead bytes longer than the original and must not overlap it. The +// nonce must be unique for each distinct message for a given pair of keys. +func Seal(out, message []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) []byte { + var sharedKey [32]byte + Precompute(&sharedKey, peersPublicKey, privateKey) + return secretbox.Seal(out, message, nonce, &sharedKey) +} + +// SealAfterPrecomputation performs the same actions as Seal, but takes a +// shared key as generated by Precompute. +func SealAfterPrecomputation(out, message []byte, nonce *[24]byte, sharedKey *[32]byte) []byte { + return secretbox.Seal(out, message, nonce, sharedKey) +} + +// Open authenticates and decrypts a box produced by Seal and appends the +// message to out, which must not overlap box. The output will be Overhead +// bytes smaller than box. +func Open(out, box []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) ([]byte, bool) { + var sharedKey [32]byte + Precompute(&sharedKey, peersPublicKey, privateKey) + return secretbox.Open(out, box, nonce, &sharedKey) +} + +// OpenAfterPrecomputation performs the same actions as Open, but takes a +// shared key as generated by Precompute. +func OpenAfterPrecomputation(out, box []byte, nonce *[24]byte, sharedKey *[32]byte) ([]byte, bool) { + return secretbox.Open(out, box, nonce, sharedKey) +} diff --git a/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go b/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go new file mode 100644 index 0000000000..53ee83cfb7 --- /dev/null +++ b/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go @@ -0,0 +1,166 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package secretbox encrypts and authenticates small messages. + +Secretbox uses XSalsa20 and Poly1305 to encrypt and authenticate messages with +secret-key cryptography. The length of messages is not hidden. + +It is the caller's responsibility to ensure the uniqueness of nonces—for +example, by using nonce 1 for the first message, nonce 2 for the second +message, etc. Nonces are long enough that randomly generated nonces have +negligible risk of collision. + +Messages should be small because: + +1. The whole message needs to be held in memory to be processed. + +2. Using large messages pressures implementations on small machines to decrypt +and process plaintext before authenticating it. This is very dangerous, and +this API does not allow it, but a protocol that uses excessive message sizes +might present some implementations with no other choice. + +3. Fixed overheads will be sufficiently amortised by messages as small as 8KB. + +4. Performance may be improved by working with messages that fit into data caches. + +Thus large amounts of data should be chunked so that each message is small. +(Each message still needs a unique nonce.) If in doubt, 16KB is a reasonable +chunk size. + +This package is interoperable with NaCl: https://nacl.cr.yp.to/secretbox.html. +*/ +package secretbox // import "golang.org/x/crypto/nacl/secretbox" + +import ( + "golang.org/x/crypto/poly1305" + "golang.org/x/crypto/salsa20/salsa" +) + +// Overhead is the number of bytes of overhead when boxing a message. +const Overhead = poly1305.TagSize + +// setup produces a sub-key and Salsa20 counter given a nonce and key. +func setup(subKey *[32]byte, counter *[16]byte, nonce *[24]byte, key *[32]byte) { + // We use XSalsa20 for encryption so first we need to generate a + // key and nonce with HSalsa20. + var hNonce [16]byte + copy(hNonce[:], nonce[:]) + salsa.HSalsa20(subKey, &hNonce, key, &salsa.Sigma) + + // The final 8 bytes of the original nonce form the new nonce. + copy(counter[:], nonce[16:]) +} + +// sliceForAppend takes a slice and a requested number of bytes. It returns a +// slice with the contents of the given slice followed by that many bytes and a +// second slice that aliases into it and contains only the extra bytes. If the +// original slice has sufficient capacity then no allocation is performed. +func sliceForAppend(in []byte, n int) (head, tail []byte) { + if total := len(in) + n; cap(in) >= total { + head = in[:total] + } else { + head = make([]byte, total) + copy(head, in) + } + tail = head[len(in):] + return +} + +// Seal appends an encrypted and authenticated copy of message to out, which +// must not overlap message. The key and nonce pair must be unique for each +// distinct message and the output will be Overhead bytes longer than message. +func Seal(out, message []byte, nonce *[24]byte, key *[32]byte) []byte { + var subKey [32]byte + var counter [16]byte + setup(&subKey, &counter, nonce, key) + + // The Poly1305 key is generated by encrypting 32 bytes of zeros. Since + // Salsa20 works with 64-byte blocks, we also generate 32 bytes of + // keystream as a side effect. + var firstBlock [64]byte + salsa.XORKeyStream(firstBlock[:], firstBlock[:], &counter, &subKey) + + var poly1305Key [32]byte + copy(poly1305Key[:], firstBlock[:]) + + ret, out := sliceForAppend(out, len(message)+poly1305.TagSize) + + // We XOR up to 32 bytes of message with the keystream generated from + // the first block. + firstMessageBlock := message + if len(firstMessageBlock) > 32 { + firstMessageBlock = firstMessageBlock[:32] + } + + tagOut := out + out = out[poly1305.TagSize:] + for i, x := range firstMessageBlock { + out[i] = firstBlock[32+i] ^ x + } + message = message[len(firstMessageBlock):] + ciphertext := out + out = out[len(firstMessageBlock):] + + // Now encrypt the rest. + counter[8] = 1 + salsa.XORKeyStream(out, message, &counter, &subKey) + + var tag [poly1305.TagSize]byte + poly1305.Sum(&tag, ciphertext, &poly1305Key) + copy(tagOut, tag[:]) + + return ret +} + +// Open authenticates and decrypts a box produced by Seal and appends the +// message to out, which must not overlap box. The output will be Overhead +// bytes smaller than box. +func Open(out []byte, box []byte, nonce *[24]byte, key *[32]byte) ([]byte, bool) { + if len(box) < Overhead { + return nil, false + } + + var subKey [32]byte + var counter [16]byte + setup(&subKey, &counter, nonce, key) + + // The Poly1305 key is generated by encrypting 32 bytes of zeros. Since + // Salsa20 works with 64-byte blocks, we also generate 32 bytes of + // keystream as a side effect. + var firstBlock [64]byte + salsa.XORKeyStream(firstBlock[:], firstBlock[:], &counter, &subKey) + + var poly1305Key [32]byte + copy(poly1305Key[:], firstBlock[:]) + var tag [poly1305.TagSize]byte + copy(tag[:], box) + + if !poly1305.Verify(&tag, box[poly1305.TagSize:], &poly1305Key) { + return nil, false + } + + ret, out := sliceForAppend(out, len(box)-Overhead) + + // We XOR up to 32 bytes of box with the keystream generated from + // the first block. + box = box[Overhead:] + firstMessageBlock := box + if len(firstMessageBlock) > 32 { + firstMessageBlock = firstMessageBlock[:32] + } + for i, x := range firstMessageBlock { + out[i] = firstBlock[32+i] ^ x + } + + box = box[len(firstMessageBlock):] + out = out[len(firstMessageBlock):] + + // Now decrypt the rest. + counter[8] = 1 + salsa.XORKeyStream(out, box, &counter, &subKey) + + return ret, true +} diff --git a/vendor/golang.org/x/crypto/poly1305/poly1305.go b/vendor/golang.org/x/crypto/poly1305/poly1305.go new file mode 100644 index 0000000000..f562fa5712 --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/poly1305.go @@ -0,0 +1,33 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package poly1305 implements Poly1305 one-time message authentication code as +specified in https://cr.yp.to/mac/poly1305-20050329.pdf. + +Poly1305 is a fast, one-time authentication function. It is infeasible for an +attacker to generate an authenticator for a message without the key. However, a +key must only be used for a single message. Authenticating two different +messages with the same key allows an attacker to forge authenticators for other +messages with the same key. + +Poly1305 was originally coupled with AES in order to make Poly1305-AES. AES was +used with a fixed key in order to generate one-time keys from an nonce. +However, in this package AES isn't used and the one-time key is specified +directly. +*/ +package poly1305 // import "golang.org/x/crypto/poly1305" + +import "crypto/subtle" + +// TagSize is the size, in bytes, of a poly1305 authenticator. +const TagSize = 16 + +// Verify returns true if mac is a valid authenticator for m with the given +// key. +func Verify(mac *[16]byte, m []byte, key *[32]byte) bool { + var tmp [16]byte + Sum(&tmp, m, key) + return subtle.ConstantTimeCompare(tmp[:], mac[:]) == 1 +} diff --git a/vendor/golang.org/x/crypto/poly1305/sum_amd64.go b/vendor/golang.org/x/crypto/poly1305/sum_amd64.go new file mode 100644 index 0000000000..4dd72fe799 --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/sum_amd64.go @@ -0,0 +1,22 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!gccgo,!appengine + +package poly1305 + +// This function is implemented in sum_amd64.s +//go:noescape +func poly1305(out *[16]byte, m *byte, mlen uint64, key *[32]byte) + +// Sum generates an authenticator for m using a one-time key and puts the +// 16-byte result into out. Authenticating two different messages with the same +// key allows an attacker to forge messages at will. +func Sum(out *[16]byte, m []byte, key *[32]byte) { + var mPtr *byte + if len(m) > 0 { + mPtr = &m[0] + } + poly1305(out, mPtr, uint64(len(m)), key) +} diff --git a/vendor/golang.org/x/crypto/poly1305/sum_amd64.s b/vendor/golang.org/x/crypto/poly1305/sum_amd64.s new file mode 100644 index 0000000000..c9d129260b --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/sum_amd64.s @@ -0,0 +1,125 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!gccgo,!appengine + +#include "textflag.h" + +#define POLY1305_ADD(msg, h0, h1, h2) \ + ADDQ 0(msg), h0; \ + ADCQ 8(msg), h1; \ + ADCQ $1, h2; \ + LEAQ 16(msg), msg + +#define POLY1305_MUL(h0, h1, h2, r0, r1, t0, t1, t2, t3) \ + MOVQ r0, AX; \ + MULQ h0; \ + MOVQ AX, t0; \ + MOVQ DX, t1; \ + MOVQ r0, AX; \ + MULQ h1; \ + ADDQ AX, t1; \ + ADCQ $0, DX; \ + MOVQ r0, t2; \ + IMULQ h2, t2; \ + ADDQ DX, t2; \ + \ + MOVQ r1, AX; \ + MULQ h0; \ + ADDQ AX, t1; \ + ADCQ $0, DX; \ + MOVQ DX, h0; \ + MOVQ r1, t3; \ + IMULQ h2, t3; \ + MOVQ r1, AX; \ + MULQ h1; \ + ADDQ AX, t2; \ + ADCQ DX, t3; \ + ADDQ h0, t2; \ + ADCQ $0, t3; \ + \ + MOVQ t0, h0; \ + MOVQ t1, h1; \ + MOVQ t2, h2; \ + ANDQ $3, h2; \ + MOVQ t2, t0; \ + ANDQ $0xFFFFFFFFFFFFFFFC, t0; \ + ADDQ t0, h0; \ + ADCQ t3, h1; \ + ADCQ $0, h2; \ + SHRQ $2, t3, t2; \ + SHRQ $2, t3; \ + ADDQ t2, h0; \ + ADCQ t3, h1; \ + ADCQ $0, h2 + +DATA ·poly1305Mask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF +DATA ·poly1305Mask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC +GLOBL ·poly1305Mask<>(SB), RODATA, $16 + +// func poly1305(out *[16]byte, m *byte, mlen uint64, key *[32]key) +TEXT ·poly1305(SB), $0-32 + MOVQ out+0(FP), DI + MOVQ m+8(FP), SI + MOVQ mlen+16(FP), R15 + MOVQ key+24(FP), AX + + MOVQ 0(AX), R11 + MOVQ 8(AX), R12 + ANDQ ·poly1305Mask<>(SB), R11 // r0 + ANDQ ·poly1305Mask<>+8(SB), R12 // r1 + XORQ R8, R8 // h0 + XORQ R9, R9 // h1 + XORQ R10, R10 // h2 + + CMPQ R15, $16 + JB bytes_between_0_and_15 + +loop: + POLY1305_ADD(SI, R8, R9, R10) + +multiply: + POLY1305_MUL(R8, R9, R10, R11, R12, BX, CX, R13, R14) + SUBQ $16, R15 + CMPQ R15, $16 + JAE loop + +bytes_between_0_and_15: + TESTQ R15, R15 + JZ done + MOVQ $1, BX + XORQ CX, CX + XORQ R13, R13 + ADDQ R15, SI + +flush_buffer: + SHLQ $8, BX, CX + SHLQ $8, BX + MOVB -1(SI), R13 + XORQ R13, BX + DECQ SI + DECQ R15 + JNZ flush_buffer + + ADDQ BX, R8 + ADCQ CX, R9 + ADCQ $0, R10 + MOVQ $16, R15 + JMP multiply + +done: + MOVQ R8, AX + MOVQ R9, BX + SUBQ $0xFFFFFFFFFFFFFFFB, AX + SBBQ $0xFFFFFFFFFFFFFFFF, BX + SBBQ $3, R10 + CMOVQCS R8, AX + CMOVQCS R9, BX + MOVQ key+24(FP), R8 + ADDQ 16(R8), AX + ADCQ 24(R8), BX + + MOVQ AX, 0(DI) + MOVQ BX, 8(DI) + RET diff --git a/vendor/golang.org/x/crypto/poly1305/sum_arm.go b/vendor/golang.org/x/crypto/poly1305/sum_arm.go new file mode 100644 index 0000000000..5dc321c2f3 --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/sum_arm.go @@ -0,0 +1,22 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build arm,!gccgo,!appengine,!nacl + +package poly1305 + +// This function is implemented in sum_arm.s +//go:noescape +func poly1305_auth_armv6(out *[16]byte, m *byte, mlen uint32, key *[32]byte) + +// Sum generates an authenticator for m using a one-time key and puts the +// 16-byte result into out. Authenticating two different messages with the same +// key allows an attacker to forge messages at will. +func Sum(out *[16]byte, m []byte, key *[32]byte) { + var mPtr *byte + if len(m) > 0 { + mPtr = &m[0] + } + poly1305_auth_armv6(out, mPtr, uint32(len(m)), key) +} diff --git a/vendor/golang.org/x/crypto/poly1305/sum_arm.s b/vendor/golang.org/x/crypto/poly1305/sum_arm.s new file mode 100644 index 0000000000..f70b4ac484 --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/sum_arm.s @@ -0,0 +1,427 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build arm,!gccgo,!appengine,!nacl + +#include "textflag.h" + +// This code was translated into a form compatible with 5a from the public +// domain source by Andrew Moon: github.com/floodyberry/poly1305-opt/blob/master/app/extensions/poly1305. + +DATA ·poly1305_init_constants_armv6<>+0x00(SB)/4, $0x3ffffff +DATA ·poly1305_init_constants_armv6<>+0x04(SB)/4, $0x3ffff03 +DATA ·poly1305_init_constants_armv6<>+0x08(SB)/4, $0x3ffc0ff +DATA ·poly1305_init_constants_armv6<>+0x0c(SB)/4, $0x3f03fff +DATA ·poly1305_init_constants_armv6<>+0x10(SB)/4, $0x00fffff +GLOBL ·poly1305_init_constants_armv6<>(SB), 8, $20 + +// Warning: the linker may use R11 to synthesize certain instructions. Please +// take care and verify that no synthetic instructions use it. + +TEXT poly1305_init_ext_armv6<>(SB), NOSPLIT, $0 + // Needs 16 bytes of stack and 64 bytes of space pointed to by R0. (It + // might look like it's only 60 bytes of space but the final four bytes + // will be written by another function.) We need to skip over four + // bytes of stack because that's saving the value of 'g'. + ADD $4, R13, R8 + MOVM.IB [R4-R7], (R8) + MOVM.IA.W (R1), [R2-R5] + MOVW $·poly1305_init_constants_armv6<>(SB), R7 + MOVW R2, R8 + MOVW R2>>26, R9 + MOVW R3>>20, g + MOVW R4>>14, R11 + MOVW R5>>8, R12 + ORR R3<<6, R9, R9 + ORR R4<<12, g, g + ORR R5<<18, R11, R11 + MOVM.IA (R7), [R2-R6] + AND R8, R2, R2 + AND R9, R3, R3 + AND g, R4, R4 + AND R11, R5, R5 + AND R12, R6, R6 + MOVM.IA.W [R2-R6], (R0) + EOR R2, R2, R2 + EOR R3, R3, R3 + EOR R4, R4, R4 + EOR R5, R5, R5 + EOR R6, R6, R6 + MOVM.IA.W [R2-R6], (R0) + MOVM.IA.W (R1), [R2-R5] + MOVM.IA [R2-R6], (R0) + ADD $20, R13, R0 + MOVM.DA (R0), [R4-R7] + RET + +#define MOVW_UNALIGNED(Rsrc, Rdst, Rtmp, offset) \ + MOVBU (offset+0)(Rsrc), Rtmp; \ + MOVBU Rtmp, (offset+0)(Rdst); \ + MOVBU (offset+1)(Rsrc), Rtmp; \ + MOVBU Rtmp, (offset+1)(Rdst); \ + MOVBU (offset+2)(Rsrc), Rtmp; \ + MOVBU Rtmp, (offset+2)(Rdst); \ + MOVBU (offset+3)(Rsrc), Rtmp; \ + MOVBU Rtmp, (offset+3)(Rdst) + +TEXT poly1305_blocks_armv6<>(SB), NOSPLIT, $0 + // Needs 24 bytes of stack for saved registers and then 88 bytes of + // scratch space after that. We assume that 24 bytes at (R13) have + // already been used: four bytes for the link register saved in the + // prelude of poly1305_auth_armv6, four bytes for saving the value of g + // in that function and 16 bytes of scratch space used around + // poly1305_finish_ext_armv6_skip1. + ADD $24, R13, R12 + MOVM.IB [R4-R8, R14], (R12) + MOVW R0, 88(R13) + MOVW R1, 92(R13) + MOVW R2, 96(R13) + MOVW R1, R14 + MOVW R2, R12 + MOVW 56(R0), R8 + WORD $0xe1180008 // TST R8, R8 not working see issue 5921 + EOR R6, R6, R6 + MOVW.EQ $(1<<24), R6 + MOVW R6, 84(R13) + ADD $116, R13, g + MOVM.IA (R0), [R0-R9] + MOVM.IA [R0-R4], (g) + CMP $16, R12 + BLO poly1305_blocks_armv6_done + +poly1305_blocks_armv6_mainloop: + WORD $0xe31e0003 // TST R14, #3 not working see issue 5921 + BEQ poly1305_blocks_armv6_mainloop_aligned + ADD $100, R13, g + MOVW_UNALIGNED(R14, g, R0, 0) + MOVW_UNALIGNED(R14, g, R0, 4) + MOVW_UNALIGNED(R14, g, R0, 8) + MOVW_UNALIGNED(R14, g, R0, 12) + MOVM.IA (g), [R0-R3] + ADD $16, R14 + B poly1305_blocks_armv6_mainloop_loaded + +poly1305_blocks_armv6_mainloop_aligned: + MOVM.IA.W (R14), [R0-R3] + +poly1305_blocks_armv6_mainloop_loaded: + MOVW R0>>26, g + MOVW R1>>20, R11 + MOVW R2>>14, R12 + MOVW R14, 92(R13) + MOVW R3>>8, R4 + ORR R1<<6, g, g + ORR R2<<12, R11, R11 + ORR R3<<18, R12, R12 + BIC $0xfc000000, R0, R0 + BIC $0xfc000000, g, g + MOVW 84(R13), R3 + BIC $0xfc000000, R11, R11 + BIC $0xfc000000, R12, R12 + ADD R0, R5, R5 + ADD g, R6, R6 + ORR R3, R4, R4 + ADD R11, R7, R7 + ADD $116, R13, R14 + ADD R12, R8, R8 + ADD R4, R9, R9 + MOVM.IA (R14), [R0-R4] + MULLU R4, R5, (R11, g) + MULLU R3, R5, (R14, R12) + MULALU R3, R6, (R11, g) + MULALU R2, R6, (R14, R12) + MULALU R2, R7, (R11, g) + MULALU R1, R7, (R14, R12) + ADD R4<<2, R4, R4 + ADD R3<<2, R3, R3 + MULALU R1, R8, (R11, g) + MULALU R0, R8, (R14, R12) + MULALU R0, R9, (R11, g) + MULALU R4, R9, (R14, R12) + MOVW g, 76(R13) + MOVW R11, 80(R13) + MOVW R12, 68(R13) + MOVW R14, 72(R13) + MULLU R2, R5, (R11, g) + MULLU R1, R5, (R14, R12) + MULALU R1, R6, (R11, g) + MULALU R0, R6, (R14, R12) + MULALU R0, R7, (R11, g) + MULALU R4, R7, (R14, R12) + ADD R2<<2, R2, R2 + ADD R1<<2, R1, R1 + MULALU R4, R8, (R11, g) + MULALU R3, R8, (R14, R12) + MULALU R3, R9, (R11, g) + MULALU R2, R9, (R14, R12) + MOVW g, 60(R13) + MOVW R11, 64(R13) + MOVW R12, 52(R13) + MOVW R14, 56(R13) + MULLU R0, R5, (R11, g) + MULALU R4, R6, (R11, g) + MULALU R3, R7, (R11, g) + MULALU R2, R8, (R11, g) + MULALU R1, R9, (R11, g) + ADD $52, R13, R0 + MOVM.IA (R0), [R0-R7] + MOVW g>>26, R12 + MOVW R4>>26, R14 + ORR R11<<6, R12, R12 + ORR R5<<6, R14, R14 + BIC $0xfc000000, g, g + BIC $0xfc000000, R4, R4 + ADD.S R12, R0, R0 + ADC $0, R1, R1 + ADD.S R14, R6, R6 + ADC $0, R7, R7 + MOVW R0>>26, R12 + MOVW R6>>26, R14 + ORR R1<<6, R12, R12 + ORR R7<<6, R14, R14 + BIC $0xfc000000, R0, R0 + BIC $0xfc000000, R6, R6 + ADD R14<<2, R14, R14 + ADD.S R12, R2, R2 + ADC $0, R3, R3 + ADD R14, g, g + MOVW R2>>26, R12 + MOVW g>>26, R14 + ORR R3<<6, R12, R12 + BIC $0xfc000000, g, R5 + BIC $0xfc000000, R2, R7 + ADD R12, R4, R4 + ADD R14, R0, R0 + MOVW R4>>26, R12 + BIC $0xfc000000, R4, R8 + ADD R12, R6, R9 + MOVW 96(R13), R12 + MOVW 92(R13), R14 + MOVW R0, R6 + CMP $32, R12 + SUB $16, R12, R12 + MOVW R12, 96(R13) + BHS poly1305_blocks_armv6_mainloop + +poly1305_blocks_armv6_done: + MOVW 88(R13), R12 + MOVW R5, 20(R12) + MOVW R6, 24(R12) + MOVW R7, 28(R12) + MOVW R8, 32(R12) + MOVW R9, 36(R12) + ADD $48, R13, R0 + MOVM.DA (R0), [R4-R8, R14] + RET + +#define MOVHUP_UNALIGNED(Rsrc, Rdst, Rtmp) \ + MOVBU.P 1(Rsrc), Rtmp; \ + MOVBU.P Rtmp, 1(Rdst); \ + MOVBU.P 1(Rsrc), Rtmp; \ + MOVBU.P Rtmp, 1(Rdst) + +#define MOVWP_UNALIGNED(Rsrc, Rdst, Rtmp) \ + MOVHUP_UNALIGNED(Rsrc, Rdst, Rtmp); \ + MOVHUP_UNALIGNED(Rsrc, Rdst, Rtmp) + +// func poly1305_auth_armv6(out *[16]byte, m *byte, mlen uint32, key *[32]key) +TEXT ·poly1305_auth_armv6(SB), $196-16 + // The value 196, just above, is the sum of 64 (the size of the context + // structure) and 132 (the amount of stack needed). + // + // At this point, the stack pointer (R13) has been moved down. It + // points to the saved link register and there's 196 bytes of free + // space above it. + // + // The stack for this function looks like: + // + // +--------------------- + // | + // | 64 bytes of context structure + // | + // +--------------------- + // | + // | 112 bytes for poly1305_blocks_armv6 + // | + // +--------------------- + // | 16 bytes of final block, constructed at + // | poly1305_finish_ext_armv6_skip8 + // +--------------------- + // | four bytes of saved 'g' + // +--------------------- + // | lr, saved by prelude <- R13 points here + // +--------------------- + MOVW g, 4(R13) + + MOVW out+0(FP), R4 + MOVW m+4(FP), R5 + MOVW mlen+8(FP), R6 + MOVW key+12(FP), R7 + + ADD $136, R13, R0 // 136 = 4 + 4 + 16 + 112 + MOVW R7, R1 + + // poly1305_init_ext_armv6 will write to the stack from R13+4, but + // that's ok because none of the other values have been written yet. + BL poly1305_init_ext_armv6<>(SB) + BIC.S $15, R6, R2 + BEQ poly1305_auth_armv6_noblocks + ADD $136, R13, R0 + MOVW R5, R1 + ADD R2, R5, R5 + SUB R2, R6, R6 + BL poly1305_blocks_armv6<>(SB) + +poly1305_auth_armv6_noblocks: + ADD $136, R13, R0 + MOVW R5, R1 + MOVW R6, R2 + MOVW R4, R3 + + MOVW R0, R5 + MOVW R1, R6 + MOVW R2, R7 + MOVW R3, R8 + AND.S R2, R2, R2 + BEQ poly1305_finish_ext_armv6_noremaining + EOR R0, R0 + ADD $8, R13, R9 // 8 = offset to 16 byte scratch space + MOVW R0, (R9) + MOVW R0, 4(R9) + MOVW R0, 8(R9) + MOVW R0, 12(R9) + WORD $0xe3110003 // TST R1, #3 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_aligned + WORD $0xe3120008 // TST R2, #8 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip8 + MOVWP_UNALIGNED(R1, R9, g) + MOVWP_UNALIGNED(R1, R9, g) + +poly1305_finish_ext_armv6_skip8: + WORD $0xe3120004 // TST $4, R2 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip4 + MOVWP_UNALIGNED(R1, R9, g) + +poly1305_finish_ext_armv6_skip4: + WORD $0xe3120002 // TST $2, R2 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip2 + MOVHUP_UNALIGNED(R1, R9, g) + B poly1305_finish_ext_armv6_skip2 + +poly1305_finish_ext_armv6_aligned: + WORD $0xe3120008 // TST R2, #8 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip8_aligned + MOVM.IA.W (R1), [g-R11] + MOVM.IA.W [g-R11], (R9) + +poly1305_finish_ext_armv6_skip8_aligned: + WORD $0xe3120004 // TST $4, R2 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip4_aligned + MOVW.P 4(R1), g + MOVW.P g, 4(R9) + +poly1305_finish_ext_armv6_skip4_aligned: + WORD $0xe3120002 // TST $2, R2 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip2 + MOVHU.P 2(R1), g + MOVH.P g, 2(R9) + +poly1305_finish_ext_armv6_skip2: + WORD $0xe3120001 // TST $1, R2 not working see issue 5921 + BEQ poly1305_finish_ext_armv6_skip1 + MOVBU.P 1(R1), g + MOVBU.P g, 1(R9) + +poly1305_finish_ext_armv6_skip1: + MOVW $1, R11 + MOVBU R11, 0(R9) + MOVW R11, 56(R5) + MOVW R5, R0 + ADD $8, R13, R1 + MOVW $16, R2 + BL poly1305_blocks_armv6<>(SB) + +poly1305_finish_ext_armv6_noremaining: + MOVW 20(R5), R0 + MOVW 24(R5), R1 + MOVW 28(R5), R2 + MOVW 32(R5), R3 + MOVW 36(R5), R4 + MOVW R4>>26, R12 + BIC $0xfc000000, R4, R4 + ADD R12<<2, R12, R12 + ADD R12, R0, R0 + MOVW R0>>26, R12 + BIC $0xfc000000, R0, R0 + ADD R12, R1, R1 + MOVW R1>>26, R12 + BIC $0xfc000000, R1, R1 + ADD R12, R2, R2 + MOVW R2>>26, R12 + BIC $0xfc000000, R2, R2 + ADD R12, R3, R3 + MOVW R3>>26, R12 + BIC $0xfc000000, R3, R3 + ADD R12, R4, R4 + ADD $5, R0, R6 + MOVW R6>>26, R12 + BIC $0xfc000000, R6, R6 + ADD R12, R1, R7 + MOVW R7>>26, R12 + BIC $0xfc000000, R7, R7 + ADD R12, R2, g + MOVW g>>26, R12 + BIC $0xfc000000, g, g + ADD R12, R3, R11 + MOVW $-(1<<26), R12 + ADD R11>>26, R12, R12 + BIC $0xfc000000, R11, R11 + ADD R12, R4, R9 + MOVW R9>>31, R12 + SUB $1, R12 + AND R12, R6, R6 + AND R12, R7, R7 + AND R12, g, g + AND R12, R11, R11 + AND R12, R9, R9 + MVN R12, R12 + AND R12, R0, R0 + AND R12, R1, R1 + AND R12, R2, R2 + AND R12, R3, R3 + AND R12, R4, R4 + ORR R6, R0, R0 + ORR R7, R1, R1 + ORR g, R2, R2 + ORR R11, R3, R3 + ORR R9, R4, R4 + ORR R1<<26, R0, R0 + MOVW R1>>6, R1 + ORR R2<<20, R1, R1 + MOVW R2>>12, R2 + ORR R3<<14, R2, R2 + MOVW R3>>18, R3 + ORR R4<<8, R3, R3 + MOVW 40(R5), R6 + MOVW 44(R5), R7 + MOVW 48(R5), g + MOVW 52(R5), R11 + ADD.S R6, R0, R0 + ADC.S R7, R1, R1 + ADC.S g, R2, R2 + ADC.S R11, R3, R3 + MOVM.IA [R0-R3], (R8) + MOVW R5, R12 + EOR R0, R0, R0 + EOR R1, R1, R1 + EOR R2, R2, R2 + EOR R3, R3, R3 + EOR R4, R4, R4 + EOR R5, R5, R5 + EOR R6, R6, R6 + EOR R7, R7, R7 + MOVM.IA.W [R0-R7], (R12) + MOVM.IA [R0-R7], (R12) + MOVW 4(R13), g + RET diff --git a/vendor/golang.org/x/crypto/poly1305/sum_ref.go b/vendor/golang.org/x/crypto/poly1305/sum_ref.go new file mode 100644 index 0000000000..b2805a5ca1 --- /dev/null +++ b/vendor/golang.org/x/crypto/poly1305/sum_ref.go @@ -0,0 +1,141 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64,!arm gccgo appengine nacl + +package poly1305 + +import "encoding/binary" + +// Sum generates an authenticator for msg using a one-time key and puts the +// 16-byte result into out. Authenticating two different messages with the same +// key allows an attacker to forge messages at will. +func Sum(out *[TagSize]byte, msg []byte, key *[32]byte) { + var ( + h0, h1, h2, h3, h4 uint32 // the hash accumulators + r0, r1, r2, r3, r4 uint64 // the r part of the key + ) + + r0 = uint64(binary.LittleEndian.Uint32(key[0:]) & 0x3ffffff) + r1 = uint64((binary.LittleEndian.Uint32(key[3:]) >> 2) & 0x3ffff03) + r2 = uint64((binary.LittleEndian.Uint32(key[6:]) >> 4) & 0x3ffc0ff) + r3 = uint64((binary.LittleEndian.Uint32(key[9:]) >> 6) & 0x3f03fff) + r4 = uint64((binary.LittleEndian.Uint32(key[12:]) >> 8) & 0x00fffff) + + R1, R2, R3, R4 := r1*5, r2*5, r3*5, r4*5 + + for len(msg) >= TagSize { + // h += msg + h0 += binary.LittleEndian.Uint32(msg[0:]) & 0x3ffffff + h1 += (binary.LittleEndian.Uint32(msg[3:]) >> 2) & 0x3ffffff + h2 += (binary.LittleEndian.Uint32(msg[6:]) >> 4) & 0x3ffffff + h3 += (binary.LittleEndian.Uint32(msg[9:]) >> 6) & 0x3ffffff + h4 += (binary.LittleEndian.Uint32(msg[12:]) >> 8) | (1 << 24) + + // h *= r + d0 := (uint64(h0) * r0) + (uint64(h1) * R4) + (uint64(h2) * R3) + (uint64(h3) * R2) + (uint64(h4) * R1) + d1 := (d0 >> 26) + (uint64(h0) * r1) + (uint64(h1) * r0) + (uint64(h2) * R4) + (uint64(h3) * R3) + (uint64(h4) * R2) + d2 := (d1 >> 26) + (uint64(h0) * r2) + (uint64(h1) * r1) + (uint64(h2) * r0) + (uint64(h3) * R4) + (uint64(h4) * R3) + d3 := (d2 >> 26) + (uint64(h0) * r3) + (uint64(h1) * r2) + (uint64(h2) * r1) + (uint64(h3) * r0) + (uint64(h4) * R4) + d4 := (d3 >> 26) + (uint64(h0) * r4) + (uint64(h1) * r3) + (uint64(h2) * r2) + (uint64(h3) * r1) + (uint64(h4) * r0) + + // h %= p + h0 = uint32(d0) & 0x3ffffff + h1 = uint32(d1) & 0x3ffffff + h2 = uint32(d2) & 0x3ffffff + h3 = uint32(d3) & 0x3ffffff + h4 = uint32(d4) & 0x3ffffff + + h0 += uint32(d4>>26) * 5 + h1 += h0 >> 26 + h0 = h0 & 0x3ffffff + + msg = msg[TagSize:] + } + + if len(msg) > 0 { + var block [TagSize]byte + off := copy(block[:], msg) + block[off] = 0x01 + + // h += msg + h0 += binary.LittleEndian.Uint32(block[0:]) & 0x3ffffff + h1 += (binary.LittleEndian.Uint32(block[3:]) >> 2) & 0x3ffffff + h2 += (binary.LittleEndian.Uint32(block[6:]) >> 4) & 0x3ffffff + h3 += (binary.LittleEndian.Uint32(block[9:]) >> 6) & 0x3ffffff + h4 += (binary.LittleEndian.Uint32(block[12:]) >> 8) + + // h *= r + d0 := (uint64(h0) * r0) + (uint64(h1) * R4) + (uint64(h2) * R3) + (uint64(h3) * R2) + (uint64(h4) * R1) + d1 := (d0 >> 26) + (uint64(h0) * r1) + (uint64(h1) * r0) + (uint64(h2) * R4) + (uint64(h3) * R3) + (uint64(h4) * R2) + d2 := (d1 >> 26) + (uint64(h0) * r2) + (uint64(h1) * r1) + (uint64(h2) * r0) + (uint64(h3) * R4) + (uint64(h4) * R3) + d3 := (d2 >> 26) + (uint64(h0) * r3) + (uint64(h1) * r2) + (uint64(h2) * r1) + (uint64(h3) * r0) + (uint64(h4) * R4) + d4 := (d3 >> 26) + (uint64(h0) * r4) + (uint64(h1) * r3) + (uint64(h2) * r2) + (uint64(h3) * r1) + (uint64(h4) * r0) + + // h %= p + h0 = uint32(d0) & 0x3ffffff + h1 = uint32(d1) & 0x3ffffff + h2 = uint32(d2) & 0x3ffffff + h3 = uint32(d3) & 0x3ffffff + h4 = uint32(d4) & 0x3ffffff + + h0 += uint32(d4>>26) * 5 + h1 += h0 >> 26 + h0 = h0 & 0x3ffffff + } + + // h %= p reduction + h2 += h1 >> 26 + h1 &= 0x3ffffff + h3 += h2 >> 26 + h2 &= 0x3ffffff + h4 += h3 >> 26 + h3 &= 0x3ffffff + h0 += 5 * (h4 >> 26) + h4 &= 0x3ffffff + h1 += h0 >> 26 + h0 &= 0x3ffffff + + // h - p + t0 := h0 + 5 + t1 := h1 + (t0 >> 26) + t2 := h2 + (t1 >> 26) + t3 := h3 + (t2 >> 26) + t4 := h4 + (t3 >> 26) - (1 << 26) + t0 &= 0x3ffffff + t1 &= 0x3ffffff + t2 &= 0x3ffffff + t3 &= 0x3ffffff + + // select h if h < p else h - p + t_mask := (t4 >> 31) - 1 + h_mask := ^t_mask + h0 = (h0 & h_mask) | (t0 & t_mask) + h1 = (h1 & h_mask) | (t1 & t_mask) + h2 = (h2 & h_mask) | (t2 & t_mask) + h3 = (h3 & h_mask) | (t3 & t_mask) + h4 = (h4 & h_mask) | (t4 & t_mask) + + // h %= 2^128 + h0 |= h1 << 26 + h1 = ((h1 >> 6) | (h2 << 20)) + h2 = ((h2 >> 12) | (h3 << 14)) + h3 = ((h3 >> 18) | (h4 << 8)) + + // s: the s part of the key + // tag = (h + s) % (2^128) + t := uint64(h0) + uint64(binary.LittleEndian.Uint32(key[16:])) + h0 = uint32(t) + t = uint64(h1) + uint64(binary.LittleEndian.Uint32(key[20:])) + (t >> 32) + h1 = uint32(t) + t = uint64(h2) + uint64(binary.LittleEndian.Uint32(key[24:])) + (t >> 32) + h2 = uint32(t) + t = uint64(h3) + uint64(binary.LittleEndian.Uint32(key[28:])) + (t >> 32) + h3 = uint32(t) + + binary.LittleEndian.PutUint32(out[0:], h0) + binary.LittleEndian.PutUint32(out[4:], h1) + binary.LittleEndian.PutUint32(out[8:], h2) + binary.LittleEndian.PutUint32(out[12:], h3) +} diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go b/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go new file mode 100644 index 0000000000..4c96147c86 --- /dev/null +++ b/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go @@ -0,0 +1,144 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package salsa provides low-level access to functions in the Salsa family. +package salsa // import "golang.org/x/crypto/salsa20/salsa" + +// Sigma is the Salsa20 constant for 256-bit keys. +var Sigma = [16]byte{'e', 'x', 'p', 'a', 'n', 'd', ' ', '3', '2', '-', 'b', 'y', 't', 'e', ' ', 'k'} + +// HSalsa20 applies the HSalsa20 core function to a 16-byte input in, 32-byte +// key k, and 16-byte constant c, and puts the result into the 32-byte array +// out. +func HSalsa20(out *[32]byte, in *[16]byte, k *[32]byte, c *[16]byte) { + x0 := uint32(c[0]) | uint32(c[1])<<8 | uint32(c[2])<<16 | uint32(c[3])<<24 + x1 := uint32(k[0]) | uint32(k[1])<<8 | uint32(k[2])<<16 | uint32(k[3])<<24 + x2 := uint32(k[4]) | uint32(k[5])<<8 | uint32(k[6])<<16 | uint32(k[7])<<24 + x3 := uint32(k[8]) | uint32(k[9])<<8 | uint32(k[10])<<16 | uint32(k[11])<<24 + x4 := uint32(k[12]) | uint32(k[13])<<8 | uint32(k[14])<<16 | uint32(k[15])<<24 + x5 := uint32(c[4]) | uint32(c[5])<<8 | uint32(c[6])<<16 | uint32(c[7])<<24 + x6 := uint32(in[0]) | uint32(in[1])<<8 | uint32(in[2])<<16 | uint32(in[3])<<24 + x7 := uint32(in[4]) | uint32(in[5])<<8 | uint32(in[6])<<16 | uint32(in[7])<<24 + x8 := uint32(in[8]) | uint32(in[9])<<8 | uint32(in[10])<<16 | uint32(in[11])<<24 + x9 := uint32(in[12]) | uint32(in[13])<<8 | uint32(in[14])<<16 | uint32(in[15])<<24 + x10 := uint32(c[8]) | uint32(c[9])<<8 | uint32(c[10])<<16 | uint32(c[11])<<24 + x11 := uint32(k[16]) | uint32(k[17])<<8 | uint32(k[18])<<16 | uint32(k[19])<<24 + x12 := uint32(k[20]) | uint32(k[21])<<8 | uint32(k[22])<<16 | uint32(k[23])<<24 + x13 := uint32(k[24]) | uint32(k[25])<<8 | uint32(k[26])<<16 | uint32(k[27])<<24 + x14 := uint32(k[28]) | uint32(k[29])<<8 | uint32(k[30])<<16 | uint32(k[31])<<24 + x15 := uint32(c[12]) | uint32(c[13])<<8 | uint32(c[14])<<16 | uint32(c[15])<<24 + + for i := 0; i < 20; i += 2 { + u := x0 + x12 + x4 ^= u<<7 | u>>(32-7) + u = x4 + x0 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x4 + x12 ^= u<<13 | u>>(32-13) + u = x12 + x8 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x1 + x9 ^= u<<7 | u>>(32-7) + u = x9 + x5 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x9 + x1 ^= u<<13 | u>>(32-13) + u = x1 + x13 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x6 + x14 ^= u<<7 | u>>(32-7) + u = x14 + x10 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x14 + x6 ^= u<<13 | u>>(32-13) + u = x6 + x2 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x11 + x3 ^= u<<7 | u>>(32-7) + u = x3 + x15 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x3 + x11 ^= u<<13 | u>>(32-13) + u = x11 + x7 + x15 ^= u<<18 | u>>(32-18) + + u = x0 + x3 + x1 ^= u<<7 | u>>(32-7) + u = x1 + x0 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x1 + x3 ^= u<<13 | u>>(32-13) + u = x3 + x2 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x4 + x6 ^= u<<7 | u>>(32-7) + u = x6 + x5 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x6 + x4 ^= u<<13 | u>>(32-13) + u = x4 + x7 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x9 + x11 ^= u<<7 | u>>(32-7) + u = x11 + x10 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x11 + x9 ^= u<<13 | u>>(32-13) + u = x9 + x8 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x14 + x12 ^= u<<7 | u>>(32-7) + u = x12 + x15 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x12 + x14 ^= u<<13 | u>>(32-13) + u = x14 + x13 + x15 ^= u<<18 | u>>(32-18) + } + out[0] = byte(x0) + out[1] = byte(x0 >> 8) + out[2] = byte(x0 >> 16) + out[3] = byte(x0 >> 24) + + out[4] = byte(x5) + out[5] = byte(x5 >> 8) + out[6] = byte(x5 >> 16) + out[7] = byte(x5 >> 24) + + out[8] = byte(x10) + out[9] = byte(x10 >> 8) + out[10] = byte(x10 >> 16) + out[11] = byte(x10 >> 24) + + out[12] = byte(x15) + out[13] = byte(x15 >> 8) + out[14] = byte(x15 >> 16) + out[15] = byte(x15 >> 24) + + out[16] = byte(x6) + out[17] = byte(x6 >> 8) + out[18] = byte(x6 >> 16) + out[19] = byte(x6 >> 24) + + out[20] = byte(x7) + out[21] = byte(x7 >> 8) + out[22] = byte(x7 >> 16) + out[23] = byte(x7 >> 24) + + out[24] = byte(x8) + out[25] = byte(x8 >> 8) + out[26] = byte(x8 >> 16) + out[27] = byte(x8 >> 24) + + out[28] = byte(x9) + out[29] = byte(x9 >> 8) + out[30] = byte(x9 >> 16) + out[31] = byte(x9 >> 24) +} diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa2020_amd64.s b/vendor/golang.org/x/crypto/salsa20/salsa/salsa2020_amd64.s new file mode 100644 index 0000000000..22afbdcadc --- /dev/null +++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa2020_amd64.s @@ -0,0 +1,889 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!appengine,!gccgo + +// This code was translated into a form compatible with 6a from the public +// domain sources in SUPERCOP: https://bench.cr.yp.to/supercop.html + +// func salsa2020XORKeyStream(out, in *byte, n uint64, nonce, key *byte) +// This needs up to 64 bytes at 360(SP); hence the non-obvious frame size. +TEXT ·salsa2020XORKeyStream(SB),0,$456-40 // frame = 424 + 32 byte alignment + MOVQ out+0(FP),DI + MOVQ in+8(FP),SI + MOVQ n+16(FP),DX + MOVQ nonce+24(FP),CX + MOVQ key+32(FP),R8 + + MOVQ SP,R12 + MOVQ SP,R9 + ADDQ $31, R9 + ANDQ $~31, R9 + MOVQ R9, SP + + MOVQ DX,R9 + MOVQ CX,DX + MOVQ R8,R10 + CMPQ R9,$0 + JBE DONE + START: + MOVL 20(R10),CX + MOVL 0(R10),R8 + MOVL 0(DX),AX + MOVL 16(R10),R11 + MOVL CX,0(SP) + MOVL R8, 4 (SP) + MOVL AX, 8 (SP) + MOVL R11, 12 (SP) + MOVL 8(DX),CX + MOVL 24(R10),R8 + MOVL 4(R10),AX + MOVL 4(DX),R11 + MOVL CX,16(SP) + MOVL R8, 20 (SP) + MOVL AX, 24 (SP) + MOVL R11, 28 (SP) + MOVL 12(DX),CX + MOVL 12(R10),DX + MOVL 28(R10),R8 + MOVL 8(R10),AX + MOVL DX,32(SP) + MOVL CX, 36 (SP) + MOVL R8, 40 (SP) + MOVL AX, 44 (SP) + MOVQ $1634760805,DX + MOVQ $857760878,CX + MOVQ $2036477234,R8 + MOVQ $1797285236,AX + MOVL DX,48(SP) + MOVL CX, 52 (SP) + MOVL R8, 56 (SP) + MOVL AX, 60 (SP) + CMPQ R9,$256 + JB BYTESBETWEEN1AND255 + MOVOA 48(SP),X0 + PSHUFL $0X55,X0,X1 + PSHUFL $0XAA,X0,X2 + PSHUFL $0XFF,X0,X3 + PSHUFL $0X00,X0,X0 + MOVOA X1,64(SP) + MOVOA X2,80(SP) + MOVOA X3,96(SP) + MOVOA X0,112(SP) + MOVOA 0(SP),X0 + PSHUFL $0XAA,X0,X1 + PSHUFL $0XFF,X0,X2 + PSHUFL $0X00,X0,X3 + PSHUFL $0X55,X0,X0 + MOVOA X1,128(SP) + MOVOA X2,144(SP) + MOVOA X3,160(SP) + MOVOA X0,176(SP) + MOVOA 16(SP),X0 + PSHUFL $0XFF,X0,X1 + PSHUFL $0X55,X0,X2 + PSHUFL $0XAA,X0,X0 + MOVOA X1,192(SP) + MOVOA X2,208(SP) + MOVOA X0,224(SP) + MOVOA 32(SP),X0 + PSHUFL $0X00,X0,X1 + PSHUFL $0XAA,X0,X2 + PSHUFL $0XFF,X0,X0 + MOVOA X1,240(SP) + MOVOA X2,256(SP) + MOVOA X0,272(SP) + BYTESATLEAST256: + MOVL 16(SP),DX + MOVL 36 (SP),CX + MOVL DX,288(SP) + MOVL CX,304(SP) + ADDQ $1,DX + SHLQ $32,CX + ADDQ CX,DX + MOVQ DX,CX + SHRQ $32,CX + MOVL DX, 292 (SP) + MOVL CX, 308 (SP) + ADDQ $1,DX + SHLQ $32,CX + ADDQ CX,DX + MOVQ DX,CX + SHRQ $32,CX + MOVL DX, 296 (SP) + MOVL CX, 312 (SP) + ADDQ $1,DX + SHLQ $32,CX + ADDQ CX,DX + MOVQ DX,CX + SHRQ $32,CX + MOVL DX, 300 (SP) + MOVL CX, 316 (SP) + ADDQ $1,DX + SHLQ $32,CX + ADDQ CX,DX + MOVQ DX,CX + SHRQ $32,CX + MOVL DX,16(SP) + MOVL CX, 36 (SP) + MOVQ R9,352(SP) + MOVQ $20,DX + MOVOA 64(SP),X0 + MOVOA 80(SP),X1 + MOVOA 96(SP),X2 + MOVOA 256(SP),X3 + MOVOA 272(SP),X4 + MOVOA 128(SP),X5 + MOVOA 144(SP),X6 + MOVOA 176(SP),X7 + MOVOA 192(SP),X8 + MOVOA 208(SP),X9 + MOVOA 224(SP),X10 + MOVOA 304(SP),X11 + MOVOA 112(SP),X12 + MOVOA 160(SP),X13 + MOVOA 240(SP),X14 + MOVOA 288(SP),X15 + MAINLOOP1: + MOVOA X1,320(SP) + MOVOA X2,336(SP) + MOVOA X13,X1 + PADDL X12,X1 + MOVOA X1,X2 + PSLLL $7,X1 + PXOR X1,X14 + PSRLL $25,X2 + PXOR X2,X14 + MOVOA X7,X1 + PADDL X0,X1 + MOVOA X1,X2 + PSLLL $7,X1 + PXOR X1,X11 + PSRLL $25,X2 + PXOR X2,X11 + MOVOA X12,X1 + PADDL X14,X1 + MOVOA X1,X2 + PSLLL $9,X1 + PXOR X1,X15 + PSRLL $23,X2 + PXOR X2,X15 + MOVOA X0,X1 + PADDL X11,X1 + MOVOA X1,X2 + PSLLL $9,X1 + PXOR X1,X9 + PSRLL $23,X2 + PXOR X2,X9 + MOVOA X14,X1 + PADDL X15,X1 + MOVOA X1,X2 + PSLLL $13,X1 + PXOR X1,X13 + PSRLL $19,X2 + PXOR X2,X13 + MOVOA X11,X1 + PADDL X9,X1 + MOVOA X1,X2 + PSLLL $13,X1 + PXOR X1,X7 + PSRLL $19,X2 + PXOR X2,X7 + MOVOA X15,X1 + PADDL X13,X1 + MOVOA X1,X2 + PSLLL $18,X1 + PXOR X1,X12 + PSRLL $14,X2 + PXOR X2,X12 + MOVOA 320(SP),X1 + MOVOA X12,320(SP) + MOVOA X9,X2 + PADDL X7,X2 + MOVOA X2,X12 + PSLLL $18,X2 + PXOR X2,X0 + PSRLL $14,X12 + PXOR X12,X0 + MOVOA X5,X2 + PADDL X1,X2 + MOVOA X2,X12 + PSLLL $7,X2 + PXOR X2,X3 + PSRLL $25,X12 + PXOR X12,X3 + MOVOA 336(SP),X2 + MOVOA X0,336(SP) + MOVOA X6,X0 + PADDL X2,X0 + MOVOA X0,X12 + PSLLL $7,X0 + PXOR X0,X4 + PSRLL $25,X12 + PXOR X12,X4 + MOVOA X1,X0 + PADDL X3,X0 + MOVOA X0,X12 + PSLLL $9,X0 + PXOR X0,X10 + PSRLL $23,X12 + PXOR X12,X10 + MOVOA X2,X0 + PADDL X4,X0 + MOVOA X0,X12 + PSLLL $9,X0 + PXOR X0,X8 + PSRLL $23,X12 + PXOR X12,X8 + MOVOA X3,X0 + PADDL X10,X0 + MOVOA X0,X12 + PSLLL $13,X0 + PXOR X0,X5 + PSRLL $19,X12 + PXOR X12,X5 + MOVOA X4,X0 + PADDL X8,X0 + MOVOA X0,X12 + PSLLL $13,X0 + PXOR X0,X6 + PSRLL $19,X12 + PXOR X12,X6 + MOVOA X10,X0 + PADDL X5,X0 + MOVOA X0,X12 + PSLLL $18,X0 + PXOR X0,X1 + PSRLL $14,X12 + PXOR X12,X1 + MOVOA 320(SP),X0 + MOVOA X1,320(SP) + MOVOA X4,X1 + PADDL X0,X1 + MOVOA X1,X12 + PSLLL $7,X1 + PXOR X1,X7 + PSRLL $25,X12 + PXOR X12,X7 + MOVOA X8,X1 + PADDL X6,X1 + MOVOA X1,X12 + PSLLL $18,X1 + PXOR X1,X2 + PSRLL $14,X12 + PXOR X12,X2 + MOVOA 336(SP),X12 + MOVOA X2,336(SP) + MOVOA X14,X1 + PADDL X12,X1 + MOVOA X1,X2 + PSLLL $7,X1 + PXOR X1,X5 + PSRLL $25,X2 + PXOR X2,X5 + MOVOA X0,X1 + PADDL X7,X1 + MOVOA X1,X2 + PSLLL $9,X1 + PXOR X1,X10 + PSRLL $23,X2 + PXOR X2,X10 + MOVOA X12,X1 + PADDL X5,X1 + MOVOA X1,X2 + PSLLL $9,X1 + PXOR X1,X8 + PSRLL $23,X2 + PXOR X2,X8 + MOVOA X7,X1 + PADDL X10,X1 + MOVOA X1,X2 + PSLLL $13,X1 + PXOR X1,X4 + PSRLL $19,X2 + PXOR X2,X4 + MOVOA X5,X1 + PADDL X8,X1 + MOVOA X1,X2 + PSLLL $13,X1 + PXOR X1,X14 + PSRLL $19,X2 + PXOR X2,X14 + MOVOA X10,X1 + PADDL X4,X1 + MOVOA X1,X2 + PSLLL $18,X1 + PXOR X1,X0 + PSRLL $14,X2 + PXOR X2,X0 + MOVOA 320(SP),X1 + MOVOA X0,320(SP) + MOVOA X8,X0 + PADDL X14,X0 + MOVOA X0,X2 + PSLLL $18,X0 + PXOR X0,X12 + PSRLL $14,X2 + PXOR X2,X12 + MOVOA X11,X0 + PADDL X1,X0 + MOVOA X0,X2 + PSLLL $7,X0 + PXOR X0,X6 + PSRLL $25,X2 + PXOR X2,X6 + MOVOA 336(SP),X2 + MOVOA X12,336(SP) + MOVOA X3,X0 + PADDL X2,X0 + MOVOA X0,X12 + PSLLL $7,X0 + PXOR X0,X13 + PSRLL $25,X12 + PXOR X12,X13 + MOVOA X1,X0 + PADDL X6,X0 + MOVOA X0,X12 + PSLLL $9,X0 + PXOR X0,X15 + PSRLL $23,X12 + PXOR X12,X15 + MOVOA X2,X0 + PADDL X13,X0 + MOVOA X0,X12 + PSLLL $9,X0 + PXOR X0,X9 + PSRLL $23,X12 + PXOR X12,X9 + MOVOA X6,X0 + PADDL X15,X0 + MOVOA X0,X12 + PSLLL $13,X0 + PXOR X0,X11 + PSRLL $19,X12 + PXOR X12,X11 + MOVOA X13,X0 + PADDL X9,X0 + MOVOA X0,X12 + PSLLL $13,X0 + PXOR X0,X3 + PSRLL $19,X12 + PXOR X12,X3 + MOVOA X15,X0 + PADDL X11,X0 + MOVOA X0,X12 + PSLLL $18,X0 + PXOR X0,X1 + PSRLL $14,X12 + PXOR X12,X1 + MOVOA X9,X0 + PADDL X3,X0 + MOVOA X0,X12 + PSLLL $18,X0 + PXOR X0,X2 + PSRLL $14,X12 + PXOR X12,X2 + MOVOA 320(SP),X12 + MOVOA 336(SP),X0 + SUBQ $2,DX + JA MAINLOOP1 + PADDL 112(SP),X12 + PADDL 176(SP),X7 + PADDL 224(SP),X10 + PADDL 272(SP),X4 + MOVD X12,DX + MOVD X7,CX + MOVD X10,R8 + MOVD X4,R9 + PSHUFL $0X39,X12,X12 + PSHUFL $0X39,X7,X7 + PSHUFL $0X39,X10,X10 + PSHUFL $0X39,X4,X4 + XORL 0(SI),DX + XORL 4(SI),CX + XORL 8(SI),R8 + XORL 12(SI),R9 + MOVL DX,0(DI) + MOVL CX,4(DI) + MOVL R8,8(DI) + MOVL R9,12(DI) + MOVD X12,DX + MOVD X7,CX + MOVD X10,R8 + MOVD X4,R9 + PSHUFL $0X39,X12,X12 + PSHUFL $0X39,X7,X7 + PSHUFL $0X39,X10,X10 + PSHUFL $0X39,X4,X4 + XORL 64(SI),DX + XORL 68(SI),CX + XORL 72(SI),R8 + XORL 76(SI),R9 + MOVL DX,64(DI) + MOVL CX,68(DI) + MOVL R8,72(DI) + MOVL R9,76(DI) + MOVD X12,DX + MOVD X7,CX + MOVD X10,R8 + MOVD X4,R9 + PSHUFL $0X39,X12,X12 + PSHUFL $0X39,X7,X7 + PSHUFL $0X39,X10,X10 + PSHUFL $0X39,X4,X4 + XORL 128(SI),DX + XORL 132(SI),CX + XORL 136(SI),R8 + XORL 140(SI),R9 + MOVL DX,128(DI) + MOVL CX,132(DI) + MOVL R8,136(DI) + MOVL R9,140(DI) + MOVD X12,DX + MOVD X7,CX + MOVD X10,R8 + MOVD X4,R9 + XORL 192(SI),DX + XORL 196(SI),CX + XORL 200(SI),R8 + XORL 204(SI),R9 + MOVL DX,192(DI) + MOVL CX,196(DI) + MOVL R8,200(DI) + MOVL R9,204(DI) + PADDL 240(SP),X14 + PADDL 64(SP),X0 + PADDL 128(SP),X5 + PADDL 192(SP),X8 + MOVD X14,DX + MOVD X0,CX + MOVD X5,R8 + MOVD X8,R9 + PSHUFL $0X39,X14,X14 + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X5,X5 + PSHUFL $0X39,X8,X8 + XORL 16(SI),DX + XORL 20(SI),CX + XORL 24(SI),R8 + XORL 28(SI),R9 + MOVL DX,16(DI) + MOVL CX,20(DI) + MOVL R8,24(DI) + MOVL R9,28(DI) + MOVD X14,DX + MOVD X0,CX + MOVD X5,R8 + MOVD X8,R9 + PSHUFL $0X39,X14,X14 + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X5,X5 + PSHUFL $0X39,X8,X8 + XORL 80(SI),DX + XORL 84(SI),CX + XORL 88(SI),R8 + XORL 92(SI),R9 + MOVL DX,80(DI) + MOVL CX,84(DI) + MOVL R8,88(DI) + MOVL R9,92(DI) + MOVD X14,DX + MOVD X0,CX + MOVD X5,R8 + MOVD X8,R9 + PSHUFL $0X39,X14,X14 + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X5,X5 + PSHUFL $0X39,X8,X8 + XORL 144(SI),DX + XORL 148(SI),CX + XORL 152(SI),R8 + XORL 156(SI),R9 + MOVL DX,144(DI) + MOVL CX,148(DI) + MOVL R8,152(DI) + MOVL R9,156(DI) + MOVD X14,DX + MOVD X0,CX + MOVD X5,R8 + MOVD X8,R9 + XORL 208(SI),DX + XORL 212(SI),CX + XORL 216(SI),R8 + XORL 220(SI),R9 + MOVL DX,208(DI) + MOVL CX,212(DI) + MOVL R8,216(DI) + MOVL R9,220(DI) + PADDL 288(SP),X15 + PADDL 304(SP),X11 + PADDL 80(SP),X1 + PADDL 144(SP),X6 + MOVD X15,DX + MOVD X11,CX + MOVD X1,R8 + MOVD X6,R9 + PSHUFL $0X39,X15,X15 + PSHUFL $0X39,X11,X11 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X6,X6 + XORL 32(SI),DX + XORL 36(SI),CX + XORL 40(SI),R8 + XORL 44(SI),R9 + MOVL DX,32(DI) + MOVL CX,36(DI) + MOVL R8,40(DI) + MOVL R9,44(DI) + MOVD X15,DX + MOVD X11,CX + MOVD X1,R8 + MOVD X6,R9 + PSHUFL $0X39,X15,X15 + PSHUFL $0X39,X11,X11 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X6,X6 + XORL 96(SI),DX + XORL 100(SI),CX + XORL 104(SI),R8 + XORL 108(SI),R9 + MOVL DX,96(DI) + MOVL CX,100(DI) + MOVL R8,104(DI) + MOVL R9,108(DI) + MOVD X15,DX + MOVD X11,CX + MOVD X1,R8 + MOVD X6,R9 + PSHUFL $0X39,X15,X15 + PSHUFL $0X39,X11,X11 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X6,X6 + XORL 160(SI),DX + XORL 164(SI),CX + XORL 168(SI),R8 + XORL 172(SI),R9 + MOVL DX,160(DI) + MOVL CX,164(DI) + MOVL R8,168(DI) + MOVL R9,172(DI) + MOVD X15,DX + MOVD X11,CX + MOVD X1,R8 + MOVD X6,R9 + XORL 224(SI),DX + XORL 228(SI),CX + XORL 232(SI),R8 + XORL 236(SI),R9 + MOVL DX,224(DI) + MOVL CX,228(DI) + MOVL R8,232(DI) + MOVL R9,236(DI) + PADDL 160(SP),X13 + PADDL 208(SP),X9 + PADDL 256(SP),X3 + PADDL 96(SP),X2 + MOVD X13,DX + MOVD X9,CX + MOVD X3,R8 + MOVD X2,R9 + PSHUFL $0X39,X13,X13 + PSHUFL $0X39,X9,X9 + PSHUFL $0X39,X3,X3 + PSHUFL $0X39,X2,X2 + XORL 48(SI),DX + XORL 52(SI),CX + XORL 56(SI),R8 + XORL 60(SI),R9 + MOVL DX,48(DI) + MOVL CX,52(DI) + MOVL R8,56(DI) + MOVL R9,60(DI) + MOVD X13,DX + MOVD X9,CX + MOVD X3,R8 + MOVD X2,R9 + PSHUFL $0X39,X13,X13 + PSHUFL $0X39,X9,X9 + PSHUFL $0X39,X3,X3 + PSHUFL $0X39,X2,X2 + XORL 112(SI),DX + XORL 116(SI),CX + XORL 120(SI),R8 + XORL 124(SI),R9 + MOVL DX,112(DI) + MOVL CX,116(DI) + MOVL R8,120(DI) + MOVL R9,124(DI) + MOVD X13,DX + MOVD X9,CX + MOVD X3,R8 + MOVD X2,R9 + PSHUFL $0X39,X13,X13 + PSHUFL $0X39,X9,X9 + PSHUFL $0X39,X3,X3 + PSHUFL $0X39,X2,X2 + XORL 176(SI),DX + XORL 180(SI),CX + XORL 184(SI),R8 + XORL 188(SI),R9 + MOVL DX,176(DI) + MOVL CX,180(DI) + MOVL R8,184(DI) + MOVL R9,188(DI) + MOVD X13,DX + MOVD X9,CX + MOVD X3,R8 + MOVD X2,R9 + XORL 240(SI),DX + XORL 244(SI),CX + XORL 248(SI),R8 + XORL 252(SI),R9 + MOVL DX,240(DI) + MOVL CX,244(DI) + MOVL R8,248(DI) + MOVL R9,252(DI) + MOVQ 352(SP),R9 + SUBQ $256,R9 + ADDQ $256,SI + ADDQ $256,DI + CMPQ R9,$256 + JAE BYTESATLEAST256 + CMPQ R9,$0 + JBE DONE + BYTESBETWEEN1AND255: + CMPQ R9,$64 + JAE NOCOPY + MOVQ DI,DX + LEAQ 360(SP),DI + MOVQ R9,CX + REP; MOVSB + LEAQ 360(SP),DI + LEAQ 360(SP),SI + NOCOPY: + MOVQ R9,352(SP) + MOVOA 48(SP),X0 + MOVOA 0(SP),X1 + MOVOA 16(SP),X2 + MOVOA 32(SP),X3 + MOVOA X1,X4 + MOVQ $20,CX + MAINLOOP2: + PADDL X0,X4 + MOVOA X0,X5 + MOVOA X4,X6 + PSLLL $7,X4 + PSRLL $25,X6 + PXOR X4,X3 + PXOR X6,X3 + PADDL X3,X5 + MOVOA X3,X4 + MOVOA X5,X6 + PSLLL $9,X5 + PSRLL $23,X6 + PXOR X5,X2 + PSHUFL $0X93,X3,X3 + PXOR X6,X2 + PADDL X2,X4 + MOVOA X2,X5 + MOVOA X4,X6 + PSLLL $13,X4 + PSRLL $19,X6 + PXOR X4,X1 + PSHUFL $0X4E,X2,X2 + PXOR X6,X1 + PADDL X1,X5 + MOVOA X3,X4 + MOVOA X5,X6 + PSLLL $18,X5 + PSRLL $14,X6 + PXOR X5,X0 + PSHUFL $0X39,X1,X1 + PXOR X6,X0 + PADDL X0,X4 + MOVOA X0,X5 + MOVOA X4,X6 + PSLLL $7,X4 + PSRLL $25,X6 + PXOR X4,X1 + PXOR X6,X1 + PADDL X1,X5 + MOVOA X1,X4 + MOVOA X5,X6 + PSLLL $9,X5 + PSRLL $23,X6 + PXOR X5,X2 + PSHUFL $0X93,X1,X1 + PXOR X6,X2 + PADDL X2,X4 + MOVOA X2,X5 + MOVOA X4,X6 + PSLLL $13,X4 + PSRLL $19,X6 + PXOR X4,X3 + PSHUFL $0X4E,X2,X2 + PXOR X6,X3 + PADDL X3,X5 + MOVOA X1,X4 + MOVOA X5,X6 + PSLLL $18,X5 + PSRLL $14,X6 + PXOR X5,X0 + PSHUFL $0X39,X3,X3 + PXOR X6,X0 + PADDL X0,X4 + MOVOA X0,X5 + MOVOA X4,X6 + PSLLL $7,X4 + PSRLL $25,X6 + PXOR X4,X3 + PXOR X6,X3 + PADDL X3,X5 + MOVOA X3,X4 + MOVOA X5,X6 + PSLLL $9,X5 + PSRLL $23,X6 + PXOR X5,X2 + PSHUFL $0X93,X3,X3 + PXOR X6,X2 + PADDL X2,X4 + MOVOA X2,X5 + MOVOA X4,X6 + PSLLL $13,X4 + PSRLL $19,X6 + PXOR X4,X1 + PSHUFL $0X4E,X2,X2 + PXOR X6,X1 + PADDL X1,X5 + MOVOA X3,X4 + MOVOA X5,X6 + PSLLL $18,X5 + PSRLL $14,X6 + PXOR X5,X0 + PSHUFL $0X39,X1,X1 + PXOR X6,X0 + PADDL X0,X4 + MOVOA X0,X5 + MOVOA X4,X6 + PSLLL $7,X4 + PSRLL $25,X6 + PXOR X4,X1 + PXOR X6,X1 + PADDL X1,X5 + MOVOA X1,X4 + MOVOA X5,X6 + PSLLL $9,X5 + PSRLL $23,X6 + PXOR X5,X2 + PSHUFL $0X93,X1,X1 + PXOR X6,X2 + PADDL X2,X4 + MOVOA X2,X5 + MOVOA X4,X6 + PSLLL $13,X4 + PSRLL $19,X6 + PXOR X4,X3 + PSHUFL $0X4E,X2,X2 + PXOR X6,X3 + SUBQ $4,CX + PADDL X3,X5 + MOVOA X1,X4 + MOVOA X5,X6 + PSLLL $18,X5 + PXOR X7,X7 + PSRLL $14,X6 + PXOR X5,X0 + PSHUFL $0X39,X3,X3 + PXOR X6,X0 + JA MAINLOOP2 + PADDL 48(SP),X0 + PADDL 0(SP),X1 + PADDL 16(SP),X2 + PADDL 32(SP),X3 + MOVD X0,CX + MOVD X1,R8 + MOVD X2,R9 + MOVD X3,AX + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X2,X2 + PSHUFL $0X39,X3,X3 + XORL 0(SI),CX + XORL 48(SI),R8 + XORL 32(SI),R9 + XORL 16(SI),AX + MOVL CX,0(DI) + MOVL R8,48(DI) + MOVL R9,32(DI) + MOVL AX,16(DI) + MOVD X0,CX + MOVD X1,R8 + MOVD X2,R9 + MOVD X3,AX + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X2,X2 + PSHUFL $0X39,X3,X3 + XORL 20(SI),CX + XORL 4(SI),R8 + XORL 52(SI),R9 + XORL 36(SI),AX + MOVL CX,20(DI) + MOVL R8,4(DI) + MOVL R9,52(DI) + MOVL AX,36(DI) + MOVD X0,CX + MOVD X1,R8 + MOVD X2,R9 + MOVD X3,AX + PSHUFL $0X39,X0,X0 + PSHUFL $0X39,X1,X1 + PSHUFL $0X39,X2,X2 + PSHUFL $0X39,X3,X3 + XORL 40(SI),CX + XORL 24(SI),R8 + XORL 8(SI),R9 + XORL 56(SI),AX + MOVL CX,40(DI) + MOVL R8,24(DI) + MOVL R9,8(DI) + MOVL AX,56(DI) + MOVD X0,CX + MOVD X1,R8 + MOVD X2,R9 + MOVD X3,AX + XORL 60(SI),CX + XORL 44(SI),R8 + XORL 28(SI),R9 + XORL 12(SI),AX + MOVL CX,60(DI) + MOVL R8,44(DI) + MOVL R9,28(DI) + MOVL AX,12(DI) + MOVQ 352(SP),R9 + MOVL 16(SP),CX + MOVL 36 (SP),R8 + ADDQ $1,CX + SHLQ $32,R8 + ADDQ R8,CX + MOVQ CX,R8 + SHRQ $32,R8 + MOVL CX,16(SP) + MOVL R8, 36 (SP) + CMPQ R9,$64 + JA BYTESATLEAST65 + JAE BYTESATLEAST64 + MOVQ DI,SI + MOVQ DX,DI + MOVQ R9,CX + REP; MOVSB + BYTESATLEAST64: + DONE: + MOVQ R12,SP + RET + BYTESATLEAST65: + SUBQ $64,R9 + ADDQ $64,DI + ADDQ $64,SI + JMP BYTESBETWEEN1AND255 diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa208.go b/vendor/golang.org/x/crypto/salsa20/salsa/salsa208.go new file mode 100644 index 0000000000..9bfc0927ce --- /dev/null +++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa208.go @@ -0,0 +1,199 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package salsa + +// Core208 applies the Salsa20/8 core function to the 64-byte array in and puts +// the result into the 64-byte array out. The input and output may be the same array. +func Core208(out *[64]byte, in *[64]byte) { + j0 := uint32(in[0]) | uint32(in[1])<<8 | uint32(in[2])<<16 | uint32(in[3])<<24 + j1 := uint32(in[4]) | uint32(in[5])<<8 | uint32(in[6])<<16 | uint32(in[7])<<24 + j2 := uint32(in[8]) | uint32(in[9])<<8 | uint32(in[10])<<16 | uint32(in[11])<<24 + j3 := uint32(in[12]) | uint32(in[13])<<8 | uint32(in[14])<<16 | uint32(in[15])<<24 + j4 := uint32(in[16]) | uint32(in[17])<<8 | uint32(in[18])<<16 | uint32(in[19])<<24 + j5 := uint32(in[20]) | uint32(in[21])<<8 | uint32(in[22])<<16 | uint32(in[23])<<24 + j6 := uint32(in[24]) | uint32(in[25])<<8 | uint32(in[26])<<16 | uint32(in[27])<<24 + j7 := uint32(in[28]) | uint32(in[29])<<8 | uint32(in[30])<<16 | uint32(in[31])<<24 + j8 := uint32(in[32]) | uint32(in[33])<<8 | uint32(in[34])<<16 | uint32(in[35])<<24 + j9 := uint32(in[36]) | uint32(in[37])<<8 | uint32(in[38])<<16 | uint32(in[39])<<24 + j10 := uint32(in[40]) | uint32(in[41])<<8 | uint32(in[42])<<16 | uint32(in[43])<<24 + j11 := uint32(in[44]) | uint32(in[45])<<8 | uint32(in[46])<<16 | uint32(in[47])<<24 + j12 := uint32(in[48]) | uint32(in[49])<<8 | uint32(in[50])<<16 | uint32(in[51])<<24 + j13 := uint32(in[52]) | uint32(in[53])<<8 | uint32(in[54])<<16 | uint32(in[55])<<24 + j14 := uint32(in[56]) | uint32(in[57])<<8 | uint32(in[58])<<16 | uint32(in[59])<<24 + j15 := uint32(in[60]) | uint32(in[61])<<8 | uint32(in[62])<<16 | uint32(in[63])<<24 + + x0, x1, x2, x3, x4, x5, x6, x7, x8 := j0, j1, j2, j3, j4, j5, j6, j7, j8 + x9, x10, x11, x12, x13, x14, x15 := j9, j10, j11, j12, j13, j14, j15 + + for i := 0; i < 8; i += 2 { + u := x0 + x12 + x4 ^= u<<7 | u>>(32-7) + u = x4 + x0 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x4 + x12 ^= u<<13 | u>>(32-13) + u = x12 + x8 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x1 + x9 ^= u<<7 | u>>(32-7) + u = x9 + x5 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x9 + x1 ^= u<<13 | u>>(32-13) + u = x1 + x13 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x6 + x14 ^= u<<7 | u>>(32-7) + u = x14 + x10 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x14 + x6 ^= u<<13 | u>>(32-13) + u = x6 + x2 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x11 + x3 ^= u<<7 | u>>(32-7) + u = x3 + x15 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x3 + x11 ^= u<<13 | u>>(32-13) + u = x11 + x7 + x15 ^= u<<18 | u>>(32-18) + + u = x0 + x3 + x1 ^= u<<7 | u>>(32-7) + u = x1 + x0 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x1 + x3 ^= u<<13 | u>>(32-13) + u = x3 + x2 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x4 + x6 ^= u<<7 | u>>(32-7) + u = x6 + x5 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x6 + x4 ^= u<<13 | u>>(32-13) + u = x4 + x7 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x9 + x11 ^= u<<7 | u>>(32-7) + u = x11 + x10 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x11 + x9 ^= u<<13 | u>>(32-13) + u = x9 + x8 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x14 + x12 ^= u<<7 | u>>(32-7) + u = x12 + x15 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x12 + x14 ^= u<<13 | u>>(32-13) + u = x14 + x13 + x15 ^= u<<18 | u>>(32-18) + } + x0 += j0 + x1 += j1 + x2 += j2 + x3 += j3 + x4 += j4 + x5 += j5 + x6 += j6 + x7 += j7 + x8 += j8 + x9 += j9 + x10 += j10 + x11 += j11 + x12 += j12 + x13 += j13 + x14 += j14 + x15 += j15 + + out[0] = byte(x0) + out[1] = byte(x0 >> 8) + out[2] = byte(x0 >> 16) + out[3] = byte(x0 >> 24) + + out[4] = byte(x1) + out[5] = byte(x1 >> 8) + out[6] = byte(x1 >> 16) + out[7] = byte(x1 >> 24) + + out[8] = byte(x2) + out[9] = byte(x2 >> 8) + out[10] = byte(x2 >> 16) + out[11] = byte(x2 >> 24) + + out[12] = byte(x3) + out[13] = byte(x3 >> 8) + out[14] = byte(x3 >> 16) + out[15] = byte(x3 >> 24) + + out[16] = byte(x4) + out[17] = byte(x4 >> 8) + out[18] = byte(x4 >> 16) + out[19] = byte(x4 >> 24) + + out[20] = byte(x5) + out[21] = byte(x5 >> 8) + out[22] = byte(x5 >> 16) + out[23] = byte(x5 >> 24) + + out[24] = byte(x6) + out[25] = byte(x6 >> 8) + out[26] = byte(x6 >> 16) + out[27] = byte(x6 >> 24) + + out[28] = byte(x7) + out[29] = byte(x7 >> 8) + out[30] = byte(x7 >> 16) + out[31] = byte(x7 >> 24) + + out[32] = byte(x8) + out[33] = byte(x8 >> 8) + out[34] = byte(x8 >> 16) + out[35] = byte(x8 >> 24) + + out[36] = byte(x9) + out[37] = byte(x9 >> 8) + out[38] = byte(x9 >> 16) + out[39] = byte(x9 >> 24) + + out[40] = byte(x10) + out[41] = byte(x10 >> 8) + out[42] = byte(x10 >> 16) + out[43] = byte(x10 >> 24) + + out[44] = byte(x11) + out[45] = byte(x11 >> 8) + out[46] = byte(x11 >> 16) + out[47] = byte(x11 >> 24) + + out[48] = byte(x12) + out[49] = byte(x12 >> 8) + out[50] = byte(x12 >> 16) + out[51] = byte(x12 >> 24) + + out[52] = byte(x13) + out[53] = byte(x13 >> 8) + out[54] = byte(x13 >> 16) + out[55] = byte(x13 >> 24) + + out[56] = byte(x14) + out[57] = byte(x14 >> 8) + out[58] = byte(x14 >> 16) + out[59] = byte(x14 >> 24) + + out[60] = byte(x15) + out[61] = byte(x15 >> 8) + out[62] = byte(x15 >> 16) + out[63] = byte(x15 >> 24) +} diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go new file mode 100644 index 0000000000..f9269c3848 --- /dev/null +++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go @@ -0,0 +1,24 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!appengine,!gccgo + +package salsa + +// This function is implemented in salsa2020_amd64.s. + +//go:noescape + +func salsa2020XORKeyStream(out, in *byte, n uint64, nonce, key *byte) + +// XORKeyStream crypts bytes from in to out using the given key and counters. +// In and out must overlap entirely or not at all. Counter +// contains the raw salsa20 counter bytes (both nonce and block counter). +func XORKeyStream(out, in []byte, counter *[16]byte, key *[32]byte) { + if len(in) == 0 { + return + } + _ = out[len(in)-1] + salsa2020XORKeyStream(&out[0], &in[0], uint64(len(in)), &counter[0], &key[0]) +} diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_ref.go b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_ref.go new file mode 100644 index 0000000000..22126d17c4 --- /dev/null +++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_ref.go @@ -0,0 +1,234 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64 appengine gccgo + +package salsa + +const rounds = 20 + +// core applies the Salsa20 core function to 16-byte input in, 32-byte key k, +// and 16-byte constant c, and puts the result into 64-byte array out. +func core(out *[64]byte, in *[16]byte, k *[32]byte, c *[16]byte) { + j0 := uint32(c[0]) | uint32(c[1])<<8 | uint32(c[2])<<16 | uint32(c[3])<<24 + j1 := uint32(k[0]) | uint32(k[1])<<8 | uint32(k[2])<<16 | uint32(k[3])<<24 + j2 := uint32(k[4]) | uint32(k[5])<<8 | uint32(k[6])<<16 | uint32(k[7])<<24 + j3 := uint32(k[8]) | uint32(k[9])<<8 | uint32(k[10])<<16 | uint32(k[11])<<24 + j4 := uint32(k[12]) | uint32(k[13])<<8 | uint32(k[14])<<16 | uint32(k[15])<<24 + j5 := uint32(c[4]) | uint32(c[5])<<8 | uint32(c[6])<<16 | uint32(c[7])<<24 + j6 := uint32(in[0]) | uint32(in[1])<<8 | uint32(in[2])<<16 | uint32(in[3])<<24 + j7 := uint32(in[4]) | uint32(in[5])<<8 | uint32(in[6])<<16 | uint32(in[7])<<24 + j8 := uint32(in[8]) | uint32(in[9])<<8 | uint32(in[10])<<16 | uint32(in[11])<<24 + j9 := uint32(in[12]) | uint32(in[13])<<8 | uint32(in[14])<<16 | uint32(in[15])<<24 + j10 := uint32(c[8]) | uint32(c[9])<<8 | uint32(c[10])<<16 | uint32(c[11])<<24 + j11 := uint32(k[16]) | uint32(k[17])<<8 | uint32(k[18])<<16 | uint32(k[19])<<24 + j12 := uint32(k[20]) | uint32(k[21])<<8 | uint32(k[22])<<16 | uint32(k[23])<<24 + j13 := uint32(k[24]) | uint32(k[25])<<8 | uint32(k[26])<<16 | uint32(k[27])<<24 + j14 := uint32(k[28]) | uint32(k[29])<<8 | uint32(k[30])<<16 | uint32(k[31])<<24 + j15 := uint32(c[12]) | uint32(c[13])<<8 | uint32(c[14])<<16 | uint32(c[15])<<24 + + x0, x1, x2, x3, x4, x5, x6, x7, x8 := j0, j1, j2, j3, j4, j5, j6, j7, j8 + x9, x10, x11, x12, x13, x14, x15 := j9, j10, j11, j12, j13, j14, j15 + + for i := 0; i < rounds; i += 2 { + u := x0 + x12 + x4 ^= u<<7 | u>>(32-7) + u = x4 + x0 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x4 + x12 ^= u<<13 | u>>(32-13) + u = x12 + x8 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x1 + x9 ^= u<<7 | u>>(32-7) + u = x9 + x5 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x9 + x1 ^= u<<13 | u>>(32-13) + u = x1 + x13 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x6 + x14 ^= u<<7 | u>>(32-7) + u = x14 + x10 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x14 + x6 ^= u<<13 | u>>(32-13) + u = x6 + x2 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x11 + x3 ^= u<<7 | u>>(32-7) + u = x3 + x15 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x3 + x11 ^= u<<13 | u>>(32-13) + u = x11 + x7 + x15 ^= u<<18 | u>>(32-18) + + u = x0 + x3 + x1 ^= u<<7 | u>>(32-7) + u = x1 + x0 + x2 ^= u<<9 | u>>(32-9) + u = x2 + x1 + x3 ^= u<<13 | u>>(32-13) + u = x3 + x2 + x0 ^= u<<18 | u>>(32-18) + + u = x5 + x4 + x6 ^= u<<7 | u>>(32-7) + u = x6 + x5 + x7 ^= u<<9 | u>>(32-9) + u = x7 + x6 + x4 ^= u<<13 | u>>(32-13) + u = x4 + x7 + x5 ^= u<<18 | u>>(32-18) + + u = x10 + x9 + x11 ^= u<<7 | u>>(32-7) + u = x11 + x10 + x8 ^= u<<9 | u>>(32-9) + u = x8 + x11 + x9 ^= u<<13 | u>>(32-13) + u = x9 + x8 + x10 ^= u<<18 | u>>(32-18) + + u = x15 + x14 + x12 ^= u<<7 | u>>(32-7) + u = x12 + x15 + x13 ^= u<<9 | u>>(32-9) + u = x13 + x12 + x14 ^= u<<13 | u>>(32-13) + u = x14 + x13 + x15 ^= u<<18 | u>>(32-18) + } + x0 += j0 + x1 += j1 + x2 += j2 + x3 += j3 + x4 += j4 + x5 += j5 + x6 += j6 + x7 += j7 + x8 += j8 + x9 += j9 + x10 += j10 + x11 += j11 + x12 += j12 + x13 += j13 + x14 += j14 + x15 += j15 + + out[0] = byte(x0) + out[1] = byte(x0 >> 8) + out[2] = byte(x0 >> 16) + out[3] = byte(x0 >> 24) + + out[4] = byte(x1) + out[5] = byte(x1 >> 8) + out[6] = byte(x1 >> 16) + out[7] = byte(x1 >> 24) + + out[8] = byte(x2) + out[9] = byte(x2 >> 8) + out[10] = byte(x2 >> 16) + out[11] = byte(x2 >> 24) + + out[12] = byte(x3) + out[13] = byte(x3 >> 8) + out[14] = byte(x3 >> 16) + out[15] = byte(x3 >> 24) + + out[16] = byte(x4) + out[17] = byte(x4 >> 8) + out[18] = byte(x4 >> 16) + out[19] = byte(x4 >> 24) + + out[20] = byte(x5) + out[21] = byte(x5 >> 8) + out[22] = byte(x5 >> 16) + out[23] = byte(x5 >> 24) + + out[24] = byte(x6) + out[25] = byte(x6 >> 8) + out[26] = byte(x6 >> 16) + out[27] = byte(x6 >> 24) + + out[28] = byte(x7) + out[29] = byte(x7 >> 8) + out[30] = byte(x7 >> 16) + out[31] = byte(x7 >> 24) + + out[32] = byte(x8) + out[33] = byte(x8 >> 8) + out[34] = byte(x8 >> 16) + out[35] = byte(x8 >> 24) + + out[36] = byte(x9) + out[37] = byte(x9 >> 8) + out[38] = byte(x9 >> 16) + out[39] = byte(x9 >> 24) + + out[40] = byte(x10) + out[41] = byte(x10 >> 8) + out[42] = byte(x10 >> 16) + out[43] = byte(x10 >> 24) + + out[44] = byte(x11) + out[45] = byte(x11 >> 8) + out[46] = byte(x11 >> 16) + out[47] = byte(x11 >> 24) + + out[48] = byte(x12) + out[49] = byte(x12 >> 8) + out[50] = byte(x12 >> 16) + out[51] = byte(x12 >> 24) + + out[52] = byte(x13) + out[53] = byte(x13 >> 8) + out[54] = byte(x13 >> 16) + out[55] = byte(x13 >> 24) + + out[56] = byte(x14) + out[57] = byte(x14 >> 8) + out[58] = byte(x14 >> 16) + out[59] = byte(x14 >> 24) + + out[60] = byte(x15) + out[61] = byte(x15 >> 8) + out[62] = byte(x15 >> 16) + out[63] = byte(x15 >> 24) +} + +// XORKeyStream crypts bytes from in to out using the given key and counters. +// In and out must overlap entirely or not at all. Counter +// contains the raw salsa20 counter bytes (both nonce and block counter). +func XORKeyStream(out, in []byte, counter *[16]byte, key *[32]byte) { + var block [64]byte + var counterCopy [16]byte + copy(counterCopy[:], counter[:]) + + for len(in) >= 64 { + core(&block, &counterCopy, key, &Sigma) + for i, x := range block { + out[i] = in[i] ^ x + } + u := uint32(1) + for i := 8; i < 16; i++ { + u += uint32(counterCopy[i]) + counterCopy[i] = byte(u) + u >>= 8 + } + in = in[64:] + out = out[64:] + } + + if len(in) > 0 { + core(&block, &counterCopy, key, &Sigma) + for i, v := range in { + out[i] = v ^ block[i] + } + } +} diff --git a/vendor/golang.org/x/crypto/sha3/doc.go b/vendor/golang.org/x/crypto/sha3/doc.go new file mode 100644 index 0000000000..a0ee3ae725 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/doc.go @@ -0,0 +1,66 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package sha3 implements the SHA-3 fixed-output-length hash functions and +// the SHAKE variable-output-length hash functions defined by FIPS-202. +// +// Both types of hash function use the "sponge" construction and the Keccak +// permutation. For a detailed specification see http://keccak.noekeon.org/ +// +// +// Guidance +// +// If you aren't sure what function you need, use SHAKE256 with at least 64 +// bytes of output. The SHAKE instances are faster than the SHA3 instances; +// the latter have to allocate memory to conform to the hash.Hash interface. +// +// If you need a secret-key MAC (message authentication code), prepend the +// secret key to the input, hash with SHAKE256 and read at least 32 bytes of +// output. +// +// +// Security strengths +// +// The SHA3-x (x equals 224, 256, 384, or 512) functions have a security +// strength against preimage attacks of x bits. Since they only produce "x" +// bits of output, their collision-resistance is only "x/2" bits. +// +// The SHAKE-256 and -128 functions have a generic security strength of 256 and +// 128 bits against all attacks, provided that at least 2x bits of their output +// is used. Requesting more than 64 or 32 bytes of output, respectively, does +// not increase the collision-resistance of the SHAKE functions. +// +// +// The sponge construction +// +// A sponge builds a pseudo-random function from a public pseudo-random +// permutation, by applying the permutation to a state of "rate + capacity" +// bytes, but hiding "capacity" of the bytes. +// +// A sponge starts out with a zero state. To hash an input using a sponge, up +// to "rate" bytes of the input are XORed into the sponge's state. The sponge +// is then "full" and the permutation is applied to "empty" it. This process is +// repeated until all the input has been "absorbed". The input is then padded. +// The digest is "squeezed" from the sponge in the same way, except that output +// output is copied out instead of input being XORed in. +// +// A sponge is parameterized by its generic security strength, which is equal +// to half its capacity; capacity + rate is equal to the permutation's width. +// Since the KeccakF-1600 permutation is 1600 bits (200 bytes) wide, this means +// that the security strength of a sponge instance is equal to (1600 - bitrate) / 2. +// +// +// Recommendations +// +// The SHAKE functions are recommended for most new uses. They can produce +// output of arbitrary length. SHAKE256, with an output length of at least +// 64 bytes, provides 256-bit security against all attacks. The Keccak team +// recommends it for most applications upgrading from SHA2-512. (NIST chose a +// much stronger, but much slower, sponge instance for SHA3-512.) +// +// The SHA-3 functions are "drop-in" replacements for the SHA-2 functions. +// They produce output of the same length, with the same security strengths +// against all attacks. This means, in particular, that SHA3-256 only has +// 128-bit collision resistance, because its output length is 32 bytes. +package sha3 // import "golang.org/x/crypto/sha3" diff --git a/vendor/golang.org/x/crypto/sha3/hashes.go b/vendor/golang.org/x/crypto/sha3/hashes.go new file mode 100644 index 0000000000..2b51cf4e9b --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/hashes.go @@ -0,0 +1,65 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package sha3 + +// This file provides functions for creating instances of the SHA-3 +// and SHAKE hash functions, as well as utility functions for hashing +// bytes. + +import ( + "hash" +) + +// New224 creates a new SHA3-224 hash. +// Its generic security strength is 224 bits against preimage attacks, +// and 112 bits against collision attacks. +func New224() hash.Hash { return &state{rate: 144, outputLen: 28, dsbyte: 0x06} } + +// New256 creates a new SHA3-256 hash. +// Its generic security strength is 256 bits against preimage attacks, +// and 128 bits against collision attacks. +func New256() hash.Hash { return &state{rate: 136, outputLen: 32, dsbyte: 0x06} } + +// New384 creates a new SHA3-384 hash. +// Its generic security strength is 384 bits against preimage attacks, +// and 192 bits against collision attacks. +func New384() hash.Hash { return &state{rate: 104, outputLen: 48, dsbyte: 0x06} } + +// New512 creates a new SHA3-512 hash. +// Its generic security strength is 512 bits against preimage attacks, +// and 256 bits against collision attacks. +func New512() hash.Hash { return &state{rate: 72, outputLen: 64, dsbyte: 0x06} } + +// Sum224 returns the SHA3-224 digest of the data. +func Sum224(data []byte) (digest [28]byte) { + h := New224() + h.Write(data) + h.Sum(digest[:0]) + return +} + +// Sum256 returns the SHA3-256 digest of the data. +func Sum256(data []byte) (digest [32]byte) { + h := New256() + h.Write(data) + h.Sum(digest[:0]) + return +} + +// Sum384 returns the SHA3-384 digest of the data. +func Sum384(data []byte) (digest [48]byte) { + h := New384() + h.Write(data) + h.Sum(digest[:0]) + return +} + +// Sum512 returns the SHA3-512 digest of the data. +func Sum512(data []byte) (digest [64]byte) { + h := New512() + h.Write(data) + h.Sum(digest[:0]) + return +} diff --git a/vendor/golang.org/x/crypto/sha3/keccakf.go b/vendor/golang.org/x/crypto/sha3/keccakf.go new file mode 100644 index 0000000000..46d03ed385 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/keccakf.go @@ -0,0 +1,412 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64 appengine gccgo + +package sha3 + +// rc stores the round constants for use in the ι step. +var rc = [24]uint64{ + 0x0000000000000001, + 0x0000000000008082, + 0x800000000000808A, + 0x8000000080008000, + 0x000000000000808B, + 0x0000000080000001, + 0x8000000080008081, + 0x8000000000008009, + 0x000000000000008A, + 0x0000000000000088, + 0x0000000080008009, + 0x000000008000000A, + 0x000000008000808B, + 0x800000000000008B, + 0x8000000000008089, + 0x8000000000008003, + 0x8000000000008002, + 0x8000000000000080, + 0x000000000000800A, + 0x800000008000000A, + 0x8000000080008081, + 0x8000000000008080, + 0x0000000080000001, + 0x8000000080008008, +} + +// keccakF1600 applies the Keccak permutation to a 1600b-wide +// state represented as a slice of 25 uint64s. +func keccakF1600(a *[25]uint64) { + // Implementation translated from Keccak-inplace.c + // in the keccak reference code. + var t, bc0, bc1, bc2, bc3, bc4, d0, d1, d2, d3, d4 uint64 + + for i := 0; i < 24; i += 4 { + // Combines the 5 steps in each round into 2 steps. + // Unrolls 4 rounds per loop and spreads some steps across rounds. + + // Round 1 + bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] + bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] + bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] + bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] + bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] + d0 = bc4 ^ (bc1<<1 | bc1>>63) + d1 = bc0 ^ (bc2<<1 | bc2>>63) + d2 = bc1 ^ (bc3<<1 | bc3>>63) + d3 = bc2 ^ (bc4<<1 | bc4>>63) + d4 = bc3 ^ (bc0<<1 | bc0>>63) + + bc0 = a[0] ^ d0 + t = a[6] ^ d1 + bc1 = t<<44 | t>>(64-44) + t = a[12] ^ d2 + bc2 = t<<43 | t>>(64-43) + t = a[18] ^ d3 + bc3 = t<<21 | t>>(64-21) + t = a[24] ^ d4 + bc4 = t<<14 | t>>(64-14) + a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i] + a[6] = bc1 ^ (bc3 &^ bc2) + a[12] = bc2 ^ (bc4 &^ bc3) + a[18] = bc3 ^ (bc0 &^ bc4) + a[24] = bc4 ^ (bc1 &^ bc0) + + t = a[10] ^ d0 + bc2 = t<<3 | t>>(64-3) + t = a[16] ^ d1 + bc3 = t<<45 | t>>(64-45) + t = a[22] ^ d2 + bc4 = t<<61 | t>>(64-61) + t = a[3] ^ d3 + bc0 = t<<28 | t>>(64-28) + t = a[9] ^ d4 + bc1 = t<<20 | t>>(64-20) + a[10] = bc0 ^ (bc2 &^ bc1) + a[16] = bc1 ^ (bc3 &^ bc2) + a[22] = bc2 ^ (bc4 &^ bc3) + a[3] = bc3 ^ (bc0 &^ bc4) + a[9] = bc4 ^ (bc1 &^ bc0) + + t = a[20] ^ d0 + bc4 = t<<18 | t>>(64-18) + t = a[1] ^ d1 + bc0 = t<<1 | t>>(64-1) + t = a[7] ^ d2 + bc1 = t<<6 | t>>(64-6) + t = a[13] ^ d3 + bc2 = t<<25 | t>>(64-25) + t = a[19] ^ d4 + bc3 = t<<8 | t>>(64-8) + a[20] = bc0 ^ (bc2 &^ bc1) + a[1] = bc1 ^ (bc3 &^ bc2) + a[7] = bc2 ^ (bc4 &^ bc3) + a[13] = bc3 ^ (bc0 &^ bc4) + a[19] = bc4 ^ (bc1 &^ bc0) + + t = a[5] ^ d0 + bc1 = t<<36 | t>>(64-36) + t = a[11] ^ d1 + bc2 = t<<10 | t>>(64-10) + t = a[17] ^ d2 + bc3 = t<<15 | t>>(64-15) + t = a[23] ^ d3 + bc4 = t<<56 | t>>(64-56) + t = a[4] ^ d4 + bc0 = t<<27 | t>>(64-27) + a[5] = bc0 ^ (bc2 &^ bc1) + a[11] = bc1 ^ (bc3 &^ bc2) + a[17] = bc2 ^ (bc4 &^ bc3) + a[23] = bc3 ^ (bc0 &^ bc4) + a[4] = bc4 ^ (bc1 &^ bc0) + + t = a[15] ^ d0 + bc3 = t<<41 | t>>(64-41) + t = a[21] ^ d1 + bc4 = t<<2 | t>>(64-2) + t = a[2] ^ d2 + bc0 = t<<62 | t>>(64-62) + t = a[8] ^ d3 + bc1 = t<<55 | t>>(64-55) + t = a[14] ^ d4 + bc2 = t<<39 | t>>(64-39) + a[15] = bc0 ^ (bc2 &^ bc1) + a[21] = bc1 ^ (bc3 &^ bc2) + a[2] = bc2 ^ (bc4 &^ bc3) + a[8] = bc3 ^ (bc0 &^ bc4) + a[14] = bc4 ^ (bc1 &^ bc0) + + // Round 2 + bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] + bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] + bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] + bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] + bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] + d0 = bc4 ^ (bc1<<1 | bc1>>63) + d1 = bc0 ^ (bc2<<1 | bc2>>63) + d2 = bc1 ^ (bc3<<1 | bc3>>63) + d3 = bc2 ^ (bc4<<1 | bc4>>63) + d4 = bc3 ^ (bc0<<1 | bc0>>63) + + bc0 = a[0] ^ d0 + t = a[16] ^ d1 + bc1 = t<<44 | t>>(64-44) + t = a[7] ^ d2 + bc2 = t<<43 | t>>(64-43) + t = a[23] ^ d3 + bc3 = t<<21 | t>>(64-21) + t = a[14] ^ d4 + bc4 = t<<14 | t>>(64-14) + a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+1] + a[16] = bc1 ^ (bc3 &^ bc2) + a[7] = bc2 ^ (bc4 &^ bc3) + a[23] = bc3 ^ (bc0 &^ bc4) + a[14] = bc4 ^ (bc1 &^ bc0) + + t = a[20] ^ d0 + bc2 = t<<3 | t>>(64-3) + t = a[11] ^ d1 + bc3 = t<<45 | t>>(64-45) + t = a[2] ^ d2 + bc4 = t<<61 | t>>(64-61) + t = a[18] ^ d3 + bc0 = t<<28 | t>>(64-28) + t = a[9] ^ d4 + bc1 = t<<20 | t>>(64-20) + a[20] = bc0 ^ (bc2 &^ bc1) + a[11] = bc1 ^ (bc3 &^ bc2) + a[2] = bc2 ^ (bc4 &^ bc3) + a[18] = bc3 ^ (bc0 &^ bc4) + a[9] = bc4 ^ (bc1 &^ bc0) + + t = a[15] ^ d0 + bc4 = t<<18 | t>>(64-18) + t = a[6] ^ d1 + bc0 = t<<1 | t>>(64-1) + t = a[22] ^ d2 + bc1 = t<<6 | t>>(64-6) + t = a[13] ^ d3 + bc2 = t<<25 | t>>(64-25) + t = a[4] ^ d4 + bc3 = t<<8 | t>>(64-8) + a[15] = bc0 ^ (bc2 &^ bc1) + a[6] = bc1 ^ (bc3 &^ bc2) + a[22] = bc2 ^ (bc4 &^ bc3) + a[13] = bc3 ^ (bc0 &^ bc4) + a[4] = bc4 ^ (bc1 &^ bc0) + + t = a[10] ^ d0 + bc1 = t<<36 | t>>(64-36) + t = a[1] ^ d1 + bc2 = t<<10 | t>>(64-10) + t = a[17] ^ d2 + bc3 = t<<15 | t>>(64-15) + t = a[8] ^ d3 + bc4 = t<<56 | t>>(64-56) + t = a[24] ^ d4 + bc0 = t<<27 | t>>(64-27) + a[10] = bc0 ^ (bc2 &^ bc1) + a[1] = bc1 ^ (bc3 &^ bc2) + a[17] = bc2 ^ (bc4 &^ bc3) + a[8] = bc3 ^ (bc0 &^ bc4) + a[24] = bc4 ^ (bc1 &^ bc0) + + t = a[5] ^ d0 + bc3 = t<<41 | t>>(64-41) + t = a[21] ^ d1 + bc4 = t<<2 | t>>(64-2) + t = a[12] ^ d2 + bc0 = t<<62 | t>>(64-62) + t = a[3] ^ d3 + bc1 = t<<55 | t>>(64-55) + t = a[19] ^ d4 + bc2 = t<<39 | t>>(64-39) + a[5] = bc0 ^ (bc2 &^ bc1) + a[21] = bc1 ^ (bc3 &^ bc2) + a[12] = bc2 ^ (bc4 &^ bc3) + a[3] = bc3 ^ (bc0 &^ bc4) + a[19] = bc4 ^ (bc1 &^ bc0) + + // Round 3 + bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] + bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] + bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] + bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] + bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] + d0 = bc4 ^ (bc1<<1 | bc1>>63) + d1 = bc0 ^ (bc2<<1 | bc2>>63) + d2 = bc1 ^ (bc3<<1 | bc3>>63) + d3 = bc2 ^ (bc4<<1 | bc4>>63) + d4 = bc3 ^ (bc0<<1 | bc0>>63) + + bc0 = a[0] ^ d0 + t = a[11] ^ d1 + bc1 = t<<44 | t>>(64-44) + t = a[22] ^ d2 + bc2 = t<<43 | t>>(64-43) + t = a[8] ^ d3 + bc3 = t<<21 | t>>(64-21) + t = a[19] ^ d4 + bc4 = t<<14 | t>>(64-14) + a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+2] + a[11] = bc1 ^ (bc3 &^ bc2) + a[22] = bc2 ^ (bc4 &^ bc3) + a[8] = bc3 ^ (bc0 &^ bc4) + a[19] = bc4 ^ (bc1 &^ bc0) + + t = a[15] ^ d0 + bc2 = t<<3 | t>>(64-3) + t = a[1] ^ d1 + bc3 = t<<45 | t>>(64-45) + t = a[12] ^ d2 + bc4 = t<<61 | t>>(64-61) + t = a[23] ^ d3 + bc0 = t<<28 | t>>(64-28) + t = a[9] ^ d4 + bc1 = t<<20 | t>>(64-20) + a[15] = bc0 ^ (bc2 &^ bc1) + a[1] = bc1 ^ (bc3 &^ bc2) + a[12] = bc2 ^ (bc4 &^ bc3) + a[23] = bc3 ^ (bc0 &^ bc4) + a[9] = bc4 ^ (bc1 &^ bc0) + + t = a[5] ^ d0 + bc4 = t<<18 | t>>(64-18) + t = a[16] ^ d1 + bc0 = t<<1 | t>>(64-1) + t = a[2] ^ d2 + bc1 = t<<6 | t>>(64-6) + t = a[13] ^ d3 + bc2 = t<<25 | t>>(64-25) + t = a[24] ^ d4 + bc3 = t<<8 | t>>(64-8) + a[5] = bc0 ^ (bc2 &^ bc1) + a[16] = bc1 ^ (bc3 &^ bc2) + a[2] = bc2 ^ (bc4 &^ bc3) + a[13] = bc3 ^ (bc0 &^ bc4) + a[24] = bc4 ^ (bc1 &^ bc0) + + t = a[20] ^ d0 + bc1 = t<<36 | t>>(64-36) + t = a[6] ^ d1 + bc2 = t<<10 | t>>(64-10) + t = a[17] ^ d2 + bc3 = t<<15 | t>>(64-15) + t = a[3] ^ d3 + bc4 = t<<56 | t>>(64-56) + t = a[14] ^ d4 + bc0 = t<<27 | t>>(64-27) + a[20] = bc0 ^ (bc2 &^ bc1) + a[6] = bc1 ^ (bc3 &^ bc2) + a[17] = bc2 ^ (bc4 &^ bc3) + a[3] = bc3 ^ (bc0 &^ bc4) + a[14] = bc4 ^ (bc1 &^ bc0) + + t = a[10] ^ d0 + bc3 = t<<41 | t>>(64-41) + t = a[21] ^ d1 + bc4 = t<<2 | t>>(64-2) + t = a[7] ^ d2 + bc0 = t<<62 | t>>(64-62) + t = a[18] ^ d3 + bc1 = t<<55 | t>>(64-55) + t = a[4] ^ d4 + bc2 = t<<39 | t>>(64-39) + a[10] = bc0 ^ (bc2 &^ bc1) + a[21] = bc1 ^ (bc3 &^ bc2) + a[7] = bc2 ^ (bc4 &^ bc3) + a[18] = bc3 ^ (bc0 &^ bc4) + a[4] = bc4 ^ (bc1 &^ bc0) + + // Round 4 + bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] + bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] + bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] + bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] + bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] + d0 = bc4 ^ (bc1<<1 | bc1>>63) + d1 = bc0 ^ (bc2<<1 | bc2>>63) + d2 = bc1 ^ (bc3<<1 | bc3>>63) + d3 = bc2 ^ (bc4<<1 | bc4>>63) + d4 = bc3 ^ (bc0<<1 | bc0>>63) + + bc0 = a[0] ^ d0 + t = a[1] ^ d1 + bc1 = t<<44 | t>>(64-44) + t = a[2] ^ d2 + bc2 = t<<43 | t>>(64-43) + t = a[3] ^ d3 + bc3 = t<<21 | t>>(64-21) + t = a[4] ^ d4 + bc4 = t<<14 | t>>(64-14) + a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+3] + a[1] = bc1 ^ (bc3 &^ bc2) + a[2] = bc2 ^ (bc4 &^ bc3) + a[3] = bc3 ^ (bc0 &^ bc4) + a[4] = bc4 ^ (bc1 &^ bc0) + + t = a[5] ^ d0 + bc2 = t<<3 | t>>(64-3) + t = a[6] ^ d1 + bc3 = t<<45 | t>>(64-45) + t = a[7] ^ d2 + bc4 = t<<61 | t>>(64-61) + t = a[8] ^ d3 + bc0 = t<<28 | t>>(64-28) + t = a[9] ^ d4 + bc1 = t<<20 | t>>(64-20) + a[5] = bc0 ^ (bc2 &^ bc1) + a[6] = bc1 ^ (bc3 &^ bc2) + a[7] = bc2 ^ (bc4 &^ bc3) + a[8] = bc3 ^ (bc0 &^ bc4) + a[9] = bc4 ^ (bc1 &^ bc0) + + t = a[10] ^ d0 + bc4 = t<<18 | t>>(64-18) + t = a[11] ^ d1 + bc0 = t<<1 | t>>(64-1) + t = a[12] ^ d2 + bc1 = t<<6 | t>>(64-6) + t = a[13] ^ d3 + bc2 = t<<25 | t>>(64-25) + t = a[14] ^ d4 + bc3 = t<<8 | t>>(64-8) + a[10] = bc0 ^ (bc2 &^ bc1) + a[11] = bc1 ^ (bc3 &^ bc2) + a[12] = bc2 ^ (bc4 &^ bc3) + a[13] = bc3 ^ (bc0 &^ bc4) + a[14] = bc4 ^ (bc1 &^ bc0) + + t = a[15] ^ d0 + bc1 = t<<36 | t>>(64-36) + t = a[16] ^ d1 + bc2 = t<<10 | t>>(64-10) + t = a[17] ^ d2 + bc3 = t<<15 | t>>(64-15) + t = a[18] ^ d3 + bc4 = t<<56 | t>>(64-56) + t = a[19] ^ d4 + bc0 = t<<27 | t>>(64-27) + a[15] = bc0 ^ (bc2 &^ bc1) + a[16] = bc1 ^ (bc3 &^ bc2) + a[17] = bc2 ^ (bc4 &^ bc3) + a[18] = bc3 ^ (bc0 &^ bc4) + a[19] = bc4 ^ (bc1 &^ bc0) + + t = a[20] ^ d0 + bc3 = t<<41 | t>>(64-41) + t = a[21] ^ d1 + bc4 = t<<2 | t>>(64-2) + t = a[22] ^ d2 + bc0 = t<<62 | t>>(64-62) + t = a[23] ^ d3 + bc1 = t<<55 | t>>(64-55) + t = a[24] ^ d4 + bc2 = t<<39 | t>>(64-39) + a[20] = bc0 ^ (bc2 &^ bc1) + a[21] = bc1 ^ (bc3 &^ bc2) + a[22] = bc2 ^ (bc4 &^ bc3) + a[23] = bc3 ^ (bc0 &^ bc4) + a[24] = bc4 ^ (bc1 &^ bc0) + } +} diff --git a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go new file mode 100644 index 0000000000..7886795850 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go @@ -0,0 +1,13 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!appengine,!gccgo + +package sha3 + +// This function is implemented in keccakf_amd64.s. + +//go:noescape + +func keccakF1600(a *[25]uint64) diff --git a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s new file mode 100644 index 0000000000..563dc5494a --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s @@ -0,0 +1,390 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64,!appengine,!gccgo + +// This code was translated into a form compatible with 6a from the public +// domain sources at https://github.com/gvanas/KeccakCodePackage + +// Offsets in state +#define _ba (0*8) +#define _be (1*8) +#define _bi (2*8) +#define _bo (3*8) +#define _bu (4*8) +#define _ga (5*8) +#define _ge (6*8) +#define _gi (7*8) +#define _go (8*8) +#define _gu (9*8) +#define _ka (10*8) +#define _ke (11*8) +#define _ki (12*8) +#define _ko (13*8) +#define _ku (14*8) +#define _ma (15*8) +#define _me (16*8) +#define _mi (17*8) +#define _mo (18*8) +#define _mu (19*8) +#define _sa (20*8) +#define _se (21*8) +#define _si (22*8) +#define _so (23*8) +#define _su (24*8) + +// Temporary registers +#define rT1 AX + +// Round vars +#define rpState DI +#define rpStack SP + +#define rDa BX +#define rDe CX +#define rDi DX +#define rDo R8 +#define rDu R9 + +#define rBa R10 +#define rBe R11 +#define rBi R12 +#define rBo R13 +#define rBu R14 + +#define rCa SI +#define rCe BP +#define rCi rBi +#define rCo rBo +#define rCu R15 + +#define MOVQ_RBI_RCE MOVQ rBi, rCe +#define XORQ_RT1_RCA XORQ rT1, rCa +#define XORQ_RT1_RCE XORQ rT1, rCe +#define XORQ_RBA_RCU XORQ rBa, rCu +#define XORQ_RBE_RCU XORQ rBe, rCu +#define XORQ_RDU_RCU XORQ rDu, rCu +#define XORQ_RDA_RCA XORQ rDa, rCa +#define XORQ_RDE_RCE XORQ rDe, rCe + +#define mKeccakRound(iState, oState, rc, B_RBI_RCE, G_RT1_RCA, G_RT1_RCE, G_RBA_RCU, K_RT1_RCA, K_RT1_RCE, K_RBA_RCU, M_RT1_RCA, M_RT1_RCE, M_RBE_RCU, S_RDU_RCU, S_RDA_RCA, S_RDE_RCE) \ + /* Prepare round */ \ + MOVQ rCe, rDa; \ + ROLQ $1, rDa; \ + \ + MOVQ _bi(iState), rCi; \ + XORQ _gi(iState), rDi; \ + XORQ rCu, rDa; \ + XORQ _ki(iState), rCi; \ + XORQ _mi(iState), rDi; \ + XORQ rDi, rCi; \ + \ + MOVQ rCi, rDe; \ + ROLQ $1, rDe; \ + \ + MOVQ _bo(iState), rCo; \ + XORQ _go(iState), rDo; \ + XORQ rCa, rDe; \ + XORQ _ko(iState), rCo; \ + XORQ _mo(iState), rDo; \ + XORQ rDo, rCo; \ + \ + MOVQ rCo, rDi; \ + ROLQ $1, rDi; \ + \ + MOVQ rCu, rDo; \ + XORQ rCe, rDi; \ + ROLQ $1, rDo; \ + \ + MOVQ rCa, rDu; \ + XORQ rCi, rDo; \ + ROLQ $1, rDu; \ + \ + /* Result b */ \ + MOVQ _ba(iState), rBa; \ + MOVQ _ge(iState), rBe; \ + XORQ rCo, rDu; \ + MOVQ _ki(iState), rBi; \ + MOVQ _mo(iState), rBo; \ + MOVQ _su(iState), rBu; \ + XORQ rDe, rBe; \ + ROLQ $44, rBe; \ + XORQ rDi, rBi; \ + XORQ rDa, rBa; \ + ROLQ $43, rBi; \ + \ + MOVQ rBe, rCa; \ + MOVQ rc, rT1; \ + ORQ rBi, rCa; \ + XORQ rBa, rT1; \ + XORQ rT1, rCa; \ + MOVQ rCa, _ba(oState); \ + \ + XORQ rDu, rBu; \ + ROLQ $14, rBu; \ + MOVQ rBa, rCu; \ + ANDQ rBe, rCu; \ + XORQ rBu, rCu; \ + MOVQ rCu, _bu(oState); \ + \ + XORQ rDo, rBo; \ + ROLQ $21, rBo; \ + MOVQ rBo, rT1; \ + ANDQ rBu, rT1; \ + XORQ rBi, rT1; \ + MOVQ rT1, _bi(oState); \ + \ + NOTQ rBi; \ + ORQ rBa, rBu; \ + ORQ rBo, rBi; \ + XORQ rBo, rBu; \ + XORQ rBe, rBi; \ + MOVQ rBu, _bo(oState); \ + MOVQ rBi, _be(oState); \ + B_RBI_RCE; \ + \ + /* Result g */ \ + MOVQ _gu(iState), rBe; \ + XORQ rDu, rBe; \ + MOVQ _ka(iState), rBi; \ + ROLQ $20, rBe; \ + XORQ rDa, rBi; \ + ROLQ $3, rBi; \ + MOVQ _bo(iState), rBa; \ + MOVQ rBe, rT1; \ + ORQ rBi, rT1; \ + XORQ rDo, rBa; \ + MOVQ _me(iState), rBo; \ + MOVQ _si(iState), rBu; \ + ROLQ $28, rBa; \ + XORQ rBa, rT1; \ + MOVQ rT1, _ga(oState); \ + G_RT1_RCA; \ + \ + XORQ rDe, rBo; \ + ROLQ $45, rBo; \ + MOVQ rBi, rT1; \ + ANDQ rBo, rT1; \ + XORQ rBe, rT1; \ + MOVQ rT1, _ge(oState); \ + G_RT1_RCE; \ + \ + XORQ rDi, rBu; \ + ROLQ $61, rBu; \ + MOVQ rBu, rT1; \ + ORQ rBa, rT1; \ + XORQ rBo, rT1; \ + MOVQ rT1, _go(oState); \ + \ + ANDQ rBe, rBa; \ + XORQ rBu, rBa; \ + MOVQ rBa, _gu(oState); \ + NOTQ rBu; \ + G_RBA_RCU; \ + \ + ORQ rBu, rBo; \ + XORQ rBi, rBo; \ + MOVQ rBo, _gi(oState); \ + \ + /* Result k */ \ + MOVQ _be(iState), rBa; \ + MOVQ _gi(iState), rBe; \ + MOVQ _ko(iState), rBi; \ + MOVQ _mu(iState), rBo; \ + MOVQ _sa(iState), rBu; \ + XORQ rDi, rBe; \ + ROLQ $6, rBe; \ + XORQ rDo, rBi; \ + ROLQ $25, rBi; \ + MOVQ rBe, rT1; \ + ORQ rBi, rT1; \ + XORQ rDe, rBa; \ + ROLQ $1, rBa; \ + XORQ rBa, rT1; \ + MOVQ rT1, _ka(oState); \ + K_RT1_RCA; \ + \ + XORQ rDu, rBo; \ + ROLQ $8, rBo; \ + MOVQ rBi, rT1; \ + ANDQ rBo, rT1; \ + XORQ rBe, rT1; \ + MOVQ rT1, _ke(oState); \ + K_RT1_RCE; \ + \ + XORQ rDa, rBu; \ + ROLQ $18, rBu; \ + NOTQ rBo; \ + MOVQ rBo, rT1; \ + ANDQ rBu, rT1; \ + XORQ rBi, rT1; \ + MOVQ rT1, _ki(oState); \ + \ + MOVQ rBu, rT1; \ + ORQ rBa, rT1; \ + XORQ rBo, rT1; \ + MOVQ rT1, _ko(oState); \ + \ + ANDQ rBe, rBa; \ + XORQ rBu, rBa; \ + MOVQ rBa, _ku(oState); \ + K_RBA_RCU; \ + \ + /* Result m */ \ + MOVQ _ga(iState), rBe; \ + XORQ rDa, rBe; \ + MOVQ _ke(iState), rBi; \ + ROLQ $36, rBe; \ + XORQ rDe, rBi; \ + MOVQ _bu(iState), rBa; \ + ROLQ $10, rBi; \ + MOVQ rBe, rT1; \ + MOVQ _mi(iState), rBo; \ + ANDQ rBi, rT1; \ + XORQ rDu, rBa; \ + MOVQ _so(iState), rBu; \ + ROLQ $27, rBa; \ + XORQ rBa, rT1; \ + MOVQ rT1, _ma(oState); \ + M_RT1_RCA; \ + \ + XORQ rDi, rBo; \ + ROLQ $15, rBo; \ + MOVQ rBi, rT1; \ + ORQ rBo, rT1; \ + XORQ rBe, rT1; \ + MOVQ rT1, _me(oState); \ + M_RT1_RCE; \ + \ + XORQ rDo, rBu; \ + ROLQ $56, rBu; \ + NOTQ rBo; \ + MOVQ rBo, rT1; \ + ORQ rBu, rT1; \ + XORQ rBi, rT1; \ + MOVQ rT1, _mi(oState); \ + \ + ORQ rBa, rBe; \ + XORQ rBu, rBe; \ + MOVQ rBe, _mu(oState); \ + \ + ANDQ rBa, rBu; \ + XORQ rBo, rBu; \ + MOVQ rBu, _mo(oState); \ + M_RBE_RCU; \ + \ + /* Result s */ \ + MOVQ _bi(iState), rBa; \ + MOVQ _go(iState), rBe; \ + MOVQ _ku(iState), rBi; \ + XORQ rDi, rBa; \ + MOVQ _ma(iState), rBo; \ + ROLQ $62, rBa; \ + XORQ rDo, rBe; \ + MOVQ _se(iState), rBu; \ + ROLQ $55, rBe; \ + \ + XORQ rDu, rBi; \ + MOVQ rBa, rDu; \ + XORQ rDe, rBu; \ + ROLQ $2, rBu; \ + ANDQ rBe, rDu; \ + XORQ rBu, rDu; \ + MOVQ rDu, _su(oState); \ + \ + ROLQ $39, rBi; \ + S_RDU_RCU; \ + NOTQ rBe; \ + XORQ rDa, rBo; \ + MOVQ rBe, rDa; \ + ANDQ rBi, rDa; \ + XORQ rBa, rDa; \ + MOVQ rDa, _sa(oState); \ + S_RDA_RCA; \ + \ + ROLQ $41, rBo; \ + MOVQ rBi, rDe; \ + ORQ rBo, rDe; \ + XORQ rBe, rDe; \ + MOVQ rDe, _se(oState); \ + S_RDE_RCE; \ + \ + MOVQ rBo, rDi; \ + MOVQ rBu, rDo; \ + ANDQ rBu, rDi; \ + ORQ rBa, rDo; \ + XORQ rBi, rDi; \ + XORQ rBo, rDo; \ + MOVQ rDi, _si(oState); \ + MOVQ rDo, _so(oState) \ + +// func keccakF1600(state *[25]uint64) +TEXT ·keccakF1600(SB), 0, $200-8 + MOVQ state+0(FP), rpState + + // Convert the user state into an internal state + NOTQ _be(rpState) + NOTQ _bi(rpState) + NOTQ _go(rpState) + NOTQ _ki(rpState) + NOTQ _mi(rpState) + NOTQ _sa(rpState) + + // Execute the KeccakF permutation + MOVQ _ba(rpState), rCa + MOVQ _be(rpState), rCe + MOVQ _bu(rpState), rCu + + XORQ _ga(rpState), rCa + XORQ _ge(rpState), rCe + XORQ _gu(rpState), rCu + + XORQ _ka(rpState), rCa + XORQ _ke(rpState), rCe + XORQ _ku(rpState), rCu + + XORQ _ma(rpState), rCa + XORQ _me(rpState), rCe + XORQ _mu(rpState), rCu + + XORQ _sa(rpState), rCa + XORQ _se(rpState), rCe + MOVQ _si(rpState), rDi + MOVQ _so(rpState), rDo + XORQ _su(rpState), rCu + + mKeccakRound(rpState, rpStack, $0x0000000000000001, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x0000000000008082, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x800000000000808a, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000080008000, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x000000000000808b, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x0000000080000001, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x8000000080008081, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000000008009, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x000000000000008a, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x0000000000000088, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x0000000080008009, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x000000008000000a, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x000000008000808b, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x800000000000008b, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x8000000000008089, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000000008003, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x8000000000008002, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000000000080, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x000000000000800a, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x800000008000000a, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x8000000080008081, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000000008080, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpState, rpStack, $0x0000000080000001, MOVQ_RBI_RCE, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBA_RCU, XORQ_RT1_RCA, XORQ_RT1_RCE, XORQ_RBE_RCU, XORQ_RDU_RCU, XORQ_RDA_RCA, XORQ_RDE_RCE) + mKeccakRound(rpStack, rpState, $0x8000000080008008, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP, NOP) + + // Revert the internal state to the user state + NOTQ _be(rpState) + NOTQ _bi(rpState) + NOTQ _go(rpState) + NOTQ _ki(rpState) + NOTQ _mi(rpState) + NOTQ _sa(rpState) + + RET diff --git a/vendor/golang.org/x/crypto/sha3/register.go b/vendor/golang.org/x/crypto/sha3/register.go new file mode 100644 index 0000000000..3cf6a22e09 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/register.go @@ -0,0 +1,18 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build go1.4 + +package sha3 + +import ( + "crypto" +) + +func init() { + crypto.RegisterHash(crypto.SHA3_224, New224) + crypto.RegisterHash(crypto.SHA3_256, New256) + crypto.RegisterHash(crypto.SHA3_384, New384) + crypto.RegisterHash(crypto.SHA3_512, New512) +} diff --git a/vendor/golang.org/x/crypto/sha3/sha3.go b/vendor/golang.org/x/crypto/sha3/sha3.go new file mode 100644 index 0000000000..b12a35c87f --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/sha3.go @@ -0,0 +1,192 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package sha3 + +// spongeDirection indicates the direction bytes are flowing through the sponge. +type spongeDirection int + +const ( + // spongeAbsorbing indicates that the sponge is absorbing input. + spongeAbsorbing spongeDirection = iota + // spongeSqueezing indicates that the sponge is being squeezed. + spongeSqueezing +) + +const ( + // maxRate is the maximum size of the internal buffer. SHAKE-256 + // currently needs the largest buffer. + maxRate = 168 +) + +type state struct { + // Generic sponge components. + a [25]uint64 // main state of the hash + buf []byte // points into storage + rate int // the number of bytes of state to use + + // dsbyte contains the "domain separation" bits and the first bit of + // the padding. Sections 6.1 and 6.2 of [1] separate the outputs of the + // SHA-3 and SHAKE functions by appending bitstrings to the message. + // Using a little-endian bit-ordering convention, these are "01" for SHA-3 + // and "1111" for SHAKE, or 00000010b and 00001111b, respectively. Then the + // padding rule from section 5.1 is applied to pad the message to a multiple + // of the rate, which involves adding a "1" bit, zero or more "0" bits, and + // a final "1" bit. We merge the first "1" bit from the padding into dsbyte, + // giving 00000110b (0x06) and 00011111b (0x1f). + // [1] http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf + // "Draft FIPS 202: SHA-3 Standard: Permutation-Based Hash and + // Extendable-Output Functions (May 2014)" + dsbyte byte + storage [maxRate]byte + + // Specific to SHA-3 and SHAKE. + outputLen int // the default output size in bytes + state spongeDirection // whether the sponge is absorbing or squeezing +} + +// BlockSize returns the rate of sponge underlying this hash function. +func (d *state) BlockSize() int { return d.rate } + +// Size returns the output size of the hash function in bytes. +func (d *state) Size() int { return d.outputLen } + +// Reset clears the internal state by zeroing the sponge state and +// the byte buffer, and setting Sponge.state to absorbing. +func (d *state) Reset() { + // Zero the permutation's state. + for i := range d.a { + d.a[i] = 0 + } + d.state = spongeAbsorbing + d.buf = d.storage[:0] +} + +func (d *state) clone() *state { + ret := *d + if ret.state == spongeAbsorbing { + ret.buf = ret.storage[:len(ret.buf)] + } else { + ret.buf = ret.storage[d.rate-cap(d.buf) : d.rate] + } + + return &ret +} + +// permute applies the KeccakF-1600 permutation. It handles +// any input-output buffering. +func (d *state) permute() { + switch d.state { + case spongeAbsorbing: + // If we're absorbing, we need to xor the input into the state + // before applying the permutation. + xorIn(d, d.buf) + d.buf = d.storage[:0] + keccakF1600(&d.a) + case spongeSqueezing: + // If we're squeezing, we need to apply the permutatin before + // copying more output. + keccakF1600(&d.a) + d.buf = d.storage[:d.rate] + copyOut(d, d.buf) + } +} + +// pads appends the domain separation bits in dsbyte, applies +// the multi-bitrate 10..1 padding rule, and permutes the state. +func (d *state) padAndPermute(dsbyte byte) { + if d.buf == nil { + d.buf = d.storage[:0] + } + // Pad with this instance's domain-separator bits. We know that there's + // at least one byte of space in d.buf because, if it were full, + // permute would have been called to empty it. dsbyte also contains the + // first one bit for the padding. See the comment in the state struct. + d.buf = append(d.buf, dsbyte) + zerosStart := len(d.buf) + d.buf = d.storage[:d.rate] + for i := zerosStart; i < d.rate; i++ { + d.buf[i] = 0 + } + // This adds the final one bit for the padding. Because of the way that + // bits are numbered from the LSB upwards, the final bit is the MSB of + // the last byte. + d.buf[d.rate-1] ^= 0x80 + // Apply the permutation + d.permute() + d.state = spongeSqueezing + d.buf = d.storage[:d.rate] + copyOut(d, d.buf) +} + +// Write absorbs more data into the hash's state. It produces an error +// if more data is written to the ShakeHash after writing +func (d *state) Write(p []byte) (written int, err error) { + if d.state != spongeAbsorbing { + panic("sha3: write to sponge after read") + } + if d.buf == nil { + d.buf = d.storage[:0] + } + written = len(p) + + for len(p) > 0 { + if len(d.buf) == 0 && len(p) >= d.rate { + // The fast path; absorb a full "rate" bytes of input and apply the permutation. + xorIn(d, p[:d.rate]) + p = p[d.rate:] + keccakF1600(&d.a) + } else { + // The slow path; buffer the input until we can fill the sponge, and then xor it in. + todo := d.rate - len(d.buf) + if todo > len(p) { + todo = len(p) + } + d.buf = append(d.buf, p[:todo]...) + p = p[todo:] + + // If the sponge is full, apply the permutation. + if len(d.buf) == d.rate { + d.permute() + } + } + } + + return +} + +// Read squeezes an arbitrary number of bytes from the sponge. +func (d *state) Read(out []byte) (n int, err error) { + // If we're still absorbing, pad and apply the permutation. + if d.state == spongeAbsorbing { + d.padAndPermute(d.dsbyte) + } + + n = len(out) + + // Now, do the squeezing. + for len(out) > 0 { + n := copy(out, d.buf) + d.buf = d.buf[n:] + out = out[n:] + + // Apply the permutation if we've squeezed the sponge dry. + if len(d.buf) == 0 { + d.permute() + } + } + + return +} + +// Sum applies padding to the hash state and then squeezes out the desired +// number of output bytes. +func (d *state) Sum(in []byte) []byte { + // Make a copy of the original hash so that caller can keep writing + // and summing. + dup := d.clone() + hash := make([]byte, dup.outputLen) + dup.Read(hash) + return append(in, hash...) +} diff --git a/vendor/golang.org/x/crypto/sha3/shake.go b/vendor/golang.org/x/crypto/sha3/shake.go new file mode 100644 index 0000000000..841f9860f0 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/shake.go @@ -0,0 +1,60 @@ +// Copyright 2014 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package sha3 + +// This file defines the ShakeHash interface, and provides +// functions for creating SHAKE instances, as well as utility +// functions for hashing bytes to arbitrary-length output. + +import ( + "io" +) + +// ShakeHash defines the interface to hash functions that +// support arbitrary-length output. +type ShakeHash interface { + // Write absorbs more data into the hash's state. It panics if input is + // written to it after output has been read from it. + io.Writer + + // Read reads more output from the hash; reading affects the hash's + // state. (ShakeHash.Read is thus very different from Hash.Sum) + // It never returns an error. + io.Reader + + // Clone returns a copy of the ShakeHash in its current state. + Clone() ShakeHash + + // Reset resets the ShakeHash to its initial state. + Reset() +} + +func (d *state) Clone() ShakeHash { + return d.clone() +} + +// NewShake128 creates a new SHAKE128 variable-output-length ShakeHash. +// Its generic security strength is 128 bits against all attacks if at +// least 32 bytes of its output are used. +func NewShake128() ShakeHash { return &state{rate: 168, dsbyte: 0x1f} } + +// NewShake256 creates a new SHAKE128 variable-output-length ShakeHash. +// Its generic security strength is 256 bits against all attacks if +// at least 64 bytes of its output are used. +func NewShake256() ShakeHash { return &state{rate: 136, dsbyte: 0x1f} } + +// ShakeSum128 writes an arbitrary-length digest of data into hash. +func ShakeSum128(hash, data []byte) { + h := NewShake128() + h.Write(data) + h.Read(hash) +} + +// ShakeSum256 writes an arbitrary-length digest of data into hash. +func ShakeSum256(hash, data []byte) { + h := NewShake256() + h.Write(data) + h.Read(hash) +} diff --git a/vendor/golang.org/x/crypto/sha3/xor.go b/vendor/golang.org/x/crypto/sha3/xor.go new file mode 100644 index 0000000000..46a0d63a6d --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/xor.go @@ -0,0 +1,16 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !amd64,!386,!ppc64le appengine + +package sha3 + +var ( + xorIn = xorInGeneric + copyOut = copyOutGeneric + xorInUnaligned = xorInGeneric + copyOutUnaligned = copyOutGeneric +) + +const xorImplementationUnaligned = "generic" diff --git a/vendor/golang.org/x/crypto/sha3/xor_generic.go b/vendor/golang.org/x/crypto/sha3/xor_generic.go new file mode 100644 index 0000000000..fd35f02ef6 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/xor_generic.go @@ -0,0 +1,28 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package sha3 + +import "encoding/binary" + +// xorInGeneric xors the bytes in buf into the state; it +// makes no non-portable assumptions about memory layout +// or alignment. +func xorInGeneric(d *state, buf []byte) { + n := len(buf) / 8 + + for i := 0; i < n; i++ { + a := binary.LittleEndian.Uint64(buf) + d.a[i] ^= a + buf = buf[8:] + } +} + +// copyOutGeneric copies ulint64s to a byte buffer. +func copyOutGeneric(d *state, b []byte) { + for i := 0; len(b) >= 8; i++ { + binary.LittleEndian.PutUint64(b, d.a[i]) + b = b[8:] + } +} diff --git a/vendor/golang.org/x/crypto/sha3/xor_unaligned.go b/vendor/golang.org/x/crypto/sha3/xor_unaligned.go new file mode 100644 index 0000000000..929a486a79 --- /dev/null +++ b/vendor/golang.org/x/crypto/sha3/xor_unaligned.go @@ -0,0 +1,58 @@ +// Copyright 2015 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build amd64 386 ppc64le +// +build !appengine + +package sha3 + +import "unsafe" + +func xorInUnaligned(d *state, buf []byte) { + bw := (*[maxRate / 8]uint64)(unsafe.Pointer(&buf[0])) + n := len(buf) + if n >= 72 { + d.a[0] ^= bw[0] + d.a[1] ^= bw[1] + d.a[2] ^= bw[2] + d.a[3] ^= bw[3] + d.a[4] ^= bw[4] + d.a[5] ^= bw[5] + d.a[6] ^= bw[6] + d.a[7] ^= bw[7] + d.a[8] ^= bw[8] + } + if n >= 104 { + d.a[9] ^= bw[9] + d.a[10] ^= bw[10] + d.a[11] ^= bw[11] + d.a[12] ^= bw[12] + } + if n >= 136 { + d.a[13] ^= bw[13] + d.a[14] ^= bw[14] + d.a[15] ^= bw[15] + d.a[16] ^= bw[16] + } + if n >= 144 { + d.a[17] ^= bw[17] + } + if n >= 168 { + d.a[18] ^= bw[18] + d.a[19] ^= bw[19] + d.a[20] ^= bw[20] + } +} + +func copyOutUnaligned(d *state, buf []byte) { + ab := (*[maxRate]uint8)(unsafe.Pointer(&d.a[0])) + copy(buf, ab[:]) +} + +var ( + xorIn = xorInUnaligned + copyOut = copyOutUnaligned +) + +const xorImplementationUnaligned = "unaligned" diff --git a/vendor/gopkg.in/src-d/go-git.v4/config/config.go b/vendor/gopkg.in/src-d/go-git.v4/config/config.go index fc4cd28df3..87a847d928 100644 --- a/vendor/gopkg.in/src-d/go-git.v4/config/config.go +++ b/vendor/gopkg.in/src-d/go-git.v4/config/config.go @@ -64,11 +64,15 @@ type Config struct { // NewConfig returns a new empty Config. func NewConfig() *Config { - return &Config{ + config := &Config{ Remotes: make(map[string]*RemoteConfig), Submodules: make(map[string]*Submodule), Raw: format.New(), } + + config.Pack.Window = DefaultPackWindow + + return config } // Validate validates the fields and sets the default values. @@ -97,7 +101,9 @@ const ( worktreeKey = "worktree" windowKey = "window" - defaultPackWindow = uint(10) + // DefaultPackWindow holds the number of previous objects used to + // generate deltas. The value 10 is the same used by git command. + DefaultPackWindow = uint(10) ) // Unmarshal parses a git-config file and stores it. @@ -131,7 +137,7 @@ func (c *Config) unmarshalPack() error { s := c.Raw.Section(packSection) window := s.Options.Get(windowKey) if window == "" { - c.Pack.Window = defaultPackWindow + c.Pack.Window = DefaultPackWindow } else { winUint, err := strconv.ParseUint(window, 10, 32) if err != nil { @@ -192,7 +198,7 @@ func (c *Config) marshalCore() { func (c *Config) marshalPack() { s := c.Raw.Section(packSection) - if c.Pack.Window != defaultPackWindow { + if c.Pack.Window != DefaultPackWindow { s.SetOption(windowKey, fmt.Sprintf("%d", c.Pack.Window)) } } diff --git a/vendor/gopkg.in/src-d/go-git.v4/plumbing/cache/object_lru.go b/vendor/gopkg.in/src-d/go-git.v4/plumbing/cache/object_lru.go index d99a5c92a8..049453950c 100644 --- a/vendor/gopkg.in/src-d/go-git.v4/plumbing/cache/object_lru.go +++ b/vendor/gopkg.in/src-d/go-git.v4/plumbing/cache/object_lru.go @@ -51,11 +51,11 @@ func (c *ObjectLRU) Put(obj plumbing.EncodedObject) { objSize := FileSize(obj.Size()) - if objSize >= c.MaxSize { + if objSize > c.MaxSize { return } - if c.actualSize+objSize > c.MaxSize { + for c.actualSize+objSize > c.MaxSize { last := c.ll.Back() lastObj := last.Value.(plumbing.EncodedObject) lastSize := FileSize(lastObj.Size()) @@ -63,10 +63,6 @@ func (c *ObjectLRU) Put(obj plumbing.EncodedObject) { c.ll.Remove(last) delete(c.cache, lastObj.Hash()) c.actualSize -= lastSize - - if c.actualSize+objSize > c.MaxSize { - return - } } ee := c.ll.PushFront(obj) diff --git a/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/decoder.go b/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/decoder.go index cb787017c9..f706e5d844 100644 --- a/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/decoder.go +++ b/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/decoder.go @@ -407,6 +407,8 @@ func (d *Decoder) fillOFSDeltaObjectContent(obj plumbing.EncodedObject, offset i if err != nil { return 0, err } + + d.cachePut(base) } obj.SetType(base.Type()) diff --git a/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/delta_selector.go b/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/delta_selector.go index 8792574a63..cd38c16bd1 100644 --- a/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/delta_selector.go +++ b/vendor/gopkg.in/src-d/go-git.v4/plumbing/format/packfile/delta_selector.go @@ -222,10 +222,16 @@ func (dw *deltaSelector) walk( ) error { indexMap := make(map[plumbing.Hash]*deltaIndex) for i := 0; i < len(objectsToPack); i++ { - // Clean up the index map for anything outside our pack - // window, to save memory. + // Clean up the index map and reconstructed delta objects for anything + // outside our pack window, to save memory. if i > int(packWindow) { - delete(indexMap, objectsToPack[i-int(packWindow)].Hash()) + obj := objectsToPack[i-int(packWindow)] + + delete(indexMap, obj.Hash()) + + if obj.IsDelta() { + obj.Original = nil + } } target := objectsToPack[i] @@ -261,6 +267,16 @@ func (dw *deltaSelector) walk( } func (dw *deltaSelector) tryToDeltify(indexMap map[plumbing.Hash]*deltaIndex, base, target *ObjectToPack) error { + // Original object might not be present if we're reusing a delta, so we + // ensure it is restored. + if err := dw.restoreOriginal(target); err != nil { + return err + } + + if err := dw.restoreOriginal(base); err != nil { + return err + } + // If the sizes are radically different, this is a bad pairing. if target.Size() < base.Size()>>4 { return nil @@ -283,16 +299,6 @@ func (dw *deltaSelector) tryToDeltify(indexMap map[plumbing.Hash]*deltaIndex, ba return nil } - // Original object might not be present if we're reusing a delta, so we - // ensure it is restored. - if err := dw.restoreOriginal(target); err != nil { - return err - } - - if err := dw.restoreOriginal(base); err != nil { - return err - } - if _, ok := indexMap[base.Hash()]; !ok { indexMap[base.Hash()] = new(deltaIndex) } diff --git a/vendor/vendor.json b/vendor/vendor.json index 328d238294..8ca904a618 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -32,6 +32,12 @@ "revision": "3cfea5ab600ae37946be2b763b8ec2c1cf2d272d", "revisionTime": "2017-09-22T10:33:52Z" }, + { + "checksumSHA1": "u8n5T1RWE2k2jkddsmQ1SMtssms=", + "path": "github.com/cenk/backoff", + "revision": "61153c768f31ee5f130071d08fc82b85208528de", + "revisionTime": "2017-07-11T19:02:43Z" + }, { "checksumSHA1": "hTThB1Cw2ue02RD5Oig4eu1Dkzk=", "path": "github.com/cenkalti/backoff", @@ -93,6 +99,12 @@ "revision": "eaad1884d40f9cabff98a57a524c17afd00c9fe7", "revisionTime": "2017-09-17T21:41:16Z" }, + { + "checksumSHA1": "WX1+2gktHcBmE9MGwFSGs7oqexU=", + "path": "github.com/golang/protobuf/proto", + "revision": "bbd03ef6da3a115852eaf24c8a1c46aeb39aa175", + "revisionTime": "2018-02-02T18:43:18Z" + }, { "checksumSHA1": "aAhauhzbr8Om2gxyU1Mdu1wdkRo=", "path": "github.com/google/go-cmp/cmp", @@ -304,12 +316,30 @@ "revision": "a3153f7040e90324c58c6287535e26a0ac5c1cc1", "revisionTime": "2017-02-18T16:04:15Z" }, + { + "checksumSHA1": "AWuia/XxtuoN3NCX0qBssThjDGE=", + "path": "golang.org/x/crypto/argon2", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "ppPg0bIlBAVJy0Pn13BfBnkp9V4=", + "path": "golang.org/x/crypto/blake2b", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, { "checksumSHA1": "TT1rac6kpQp2vz24m5yDGUNQ/QQ=", "path": "golang.org/x/crypto/cast5", "revision": "d585fd2cc9195196078f516b69daff6744ef5e84", "revisionTime": "2017-12-16T04:08:15Z" }, + { + "checksumSHA1": "1zB843WyoSh8oMdbeDfgByEa2TE=", + "path": "golang.org/x/crypto/chacha20poly1305", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, { "checksumSHA1": "IQkUIOnvlf0tYloFx9mLaXSvXWQ=", "path": "golang.org/x/crypto/curve25519", @@ -328,6 +358,30 @@ "revision": "0fcca4842a8d74bfddc2c96a073bd2a4d2a7a2e8", "revisionTime": "2017-11-25T19:00:56Z" }, + { + "checksumSHA1": "hfABw6DX9B4Ma+88qDDGz9qY45s=", + "path": "golang.org/x/crypto/internal/chacha20", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "Stw/FTo5pU/JUxU9J5qb1Oketic=", + "path": "golang.org/x/crypto/nacl/auth", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "Fy1wkWVRMRkq0/AEzFWwRCib8jU=", + "path": "golang.org/x/crypto/nacl/box", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "TwxAhBcGuCzWA6H3FvJE1XVZsxo=", + "path": "golang.org/x/crypto/nacl/secretbox", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, { "checksumSHA1": "ooU7jaiYSUKlg5BVllI8lsq+5Qk=", "path": "golang.org/x/crypto/openpgp", @@ -364,6 +418,24 @@ "revision": "d585fd2cc9195196078f516b69daff6744ef5e84", "revisionTime": "2017-12-16T04:08:15Z" }, + { + "checksumSHA1": "kVKE0OX1Xdw5mG7XKT86DLLKE2I=", + "path": "golang.org/x/crypto/poly1305", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "cRCpfAgTnlIDpdcfjivbiv+9YJU=", + "path": "golang.org/x/crypto/salsa20/salsa", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, + { + "checksumSHA1": "iNE2KX9BQzCptlQC2DdQEVmn4R4=", + "path": "golang.org/x/crypto/sha3", + "revision": "5f55bce93ad2c89f411e009659bb1fd83da36e7b", + "revisionTime": "2018-01-08T14:34:49Z" + }, { "checksumSHA1": "NHjGg73p5iGZ+7tflJ4cVABNmKE=", "path": "golang.org/x/crypto/ssh", @@ -475,242 +547,242 @@ { "checksumSHA1": "ydjzL2seh3M8h9svrSDV5y/KQJU=", "path": "gopkg.in/src-d/go-git.v4", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { - "checksumSHA1": "TSoIlaADKlw3Zx0ysCCBn6kyXNE=", + "checksumSHA1": "bVtb4daHdBslZSNI9J7npr8rmj8=", "path": "gopkg.in/src-d/go-git.v4/config", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "B2OLPJ4wnJIM2TMjTyzusYluUeI=", "path": "gopkg.in/src-d/go-git.v4/internal/revision", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "o9YH41kQMefVGUS7d3WWSLLhIRk=", "path": "gopkg.in/src-d/go-git.v4/plumbing", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { - "checksumSHA1": "BrsKLhmB0BtaMY+ol1oglnHhvrs=", + "checksumSHA1": "3T1sV2OzAYnGSZuGJWyFlTHgB/k=", "path": "gopkg.in/src-d/go-git.v4/plumbing/cache", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "pHPMiAzXG/TJqTLEKj2SHjxX4zs=", "path": "gopkg.in/src-d/go-git.v4/plumbing/filemode", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "UGIM9BX7w3MhiadsuN6f8Bx0VZU=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/config", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "L1H7nPf65//6nQGt3Lzq16vLD8w=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/diff", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "87WhYdropmGA4peZOembY5hEgq8=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/gitignore", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "G0TX3efLdk7noo/n1Dt9Tzempig=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/idxfile", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "q7HtzrSzVE9qN5N3QOxkLFcZI1U=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/index", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "0IxJpGMfdnr3cuuVE59u+1B5n9o=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/objfile", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { - "checksumSHA1": "LJnyldAM69WmMXW5avaEeSScKTU=", + "checksumSHA1": "V2wgsOxqbv9ErNPRrTraYVOKujc=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/packfile", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "T8efjPxCKp23RvSBI51qugHzgxw=", "path": "gopkg.in/src-d/go-git.v4/plumbing/format/pktline", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "97LEL3gxgDWPP/UlRHMfKb5I0RA=", "path": "gopkg.in/src-d/go-git.v4/plumbing/object", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "PQmY1mHiPdNBNrh3lESZe3QH36c=", "path": "gopkg.in/src-d/go-git.v4/plumbing/protocol/packp", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "JjHHYoWDYf0H//nP2FIS05ZLgj8=", "path": "gopkg.in/src-d/go-git.v4/plumbing/protocol/packp/capability", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "wVfbzV5BNhjW/HFFJuTCjkPSJ5M=", "path": "gopkg.in/src-d/go-git.v4/plumbing/protocol/packp/sideband", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "m8nTTRFD7kmX9nT5Yfr9lqabR4s=", "path": "gopkg.in/src-d/go-git.v4/plumbing/revlist", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "Xito+BwVCMpKrhcvgz5wU+MRmEo=", "path": "gopkg.in/src-d/go-git.v4/plumbing/storer", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "AVSX04sTj3cBv1muAmIbPE9D9FY=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "cmOntUALmiRvvblEXAQXNO4Oous=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/client", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "gaKy+c/OjPQFLhENnSAFEZUngok=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/file", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "chcAwbm6J5uXXn6IV58+G6RKCjU=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/git", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "m9TNeIIGUBdZ0qdSl5Xa/0TIvfo=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/http", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "6asrmcjb98FpRr83ICCODXdGWdE=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/internal/common", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "MGiWWrsy8iQ5ZdCXEN2Oc4oprCk=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/server", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "vat8YhxXGXNcg8HvCDfHAR6BcL0=", "path": "gopkg.in/src-d/go-git.v4/plumbing/transport/ssh", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "FlVLBdu4cjlXj9zjRRNDurRLABU=", "path": "gopkg.in/src-d/go-git.v4/storage", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "IpSxC31PynwJBajOaHR7gtnVc7I=", "path": "gopkg.in/src-d/go-git.v4/storage/filesystem", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "OaZO6dgvn6PMvezw0bYQUGLSrF0=", "path": "gopkg.in/src-d/go-git.v4/storage/filesystem/internal/dotgit", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "jPRm9YqpcJzx4oasd6PBdD33Dgo=", "path": "gopkg.in/src-d/go-git.v4/storage/memory", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "AzdUpuGqSNnNK6DgdNjWrn99i3o=", "path": "gopkg.in/src-d/go-git.v4/utils/binary", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "vniUxB6bbDYazl21cOfmhdZZiY8=", "path": "gopkg.in/src-d/go-git.v4/utils/diff", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "cspCXRxvzvoNOEUB7wRgOKYrVjQ=", "path": "gopkg.in/src-d/go-git.v4/utils/ioutil", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "shsY2I1OFbnjopNWF21Tkfx+tac=", "path": "gopkg.in/src-d/go-git.v4/utils/merkletrie", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "QiHHx1Qb/Vv4W6uQb+mJU2zMqLo=", "path": "gopkg.in/src-d/go-git.v4/utils/merkletrie/filesystem", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "M+6y9mdBFksksEGBceBh9Se3W7Y=", "path": "gopkg.in/src-d/go-git.v4/utils/merkletrie/index", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "7eEw/xsSrFLfSppRf/JIt9u7lbU=", "path": "gopkg.in/src-d/go-git.v4/utils/merkletrie/internal/frame", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "qCb9d3cwnPHVLqS/U9NAzK+1Ptg=", "path": "gopkg.in/src-d/go-git.v4/utils/merkletrie/noder", - "revision": "bf3b1f1fb9e0a04d0f87511a7ded2562b48a19d8", - "revisionTime": "2018-01-08T13:05:52Z" + "revision": "e9247ce9c5ce12126f646ca3ddf0066e4829bd14", + "revisionTime": "2018-01-16T13:25:37Z" }, { "checksumSHA1": "I4c3qsEX8KAUTeB9+2pwVX/2ojU=",