github.com/zntrio/harp/v2@v2.0.9/pkg/container/seal/v1/unseal.go (about) 1 // Licensed to Elasticsearch B.V. under one or more contributor 2 // license agreements. See the NOTICE file distributed with 3 // this work for additional information regarding copyright 4 // ownership. Elasticsearch B.V. licenses this file to you under 5 // the Apache License, Version 2.0 (the "License"); you may 6 // not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, 12 // software distributed under the License is distributed on an 13 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 // KIND, either express or implied. See the License for the 15 // specific language governing permissions and limitations 16 // under the License. 17 18 package v1 19 20 import ( 21 "crypto/ed25519" 22 "encoding/base64" 23 "fmt" 24 "strings" 25 26 "github.com/awnumar/memguard" 27 "google.golang.org/protobuf/proto" 28 29 containerv1 "github.com/zntrio/harp/v2/api/gen/go/harp/container/v1" 30 "github.com/zntrio/harp/v2/pkg/sdk/types" 31 32 "golang.org/x/crypto/nacl/secretbox" 33 ) 34 35 // Unseal a sealed container with the given identity. 36 func (a *adapter) Unseal(container *containerv1.Container, identity *memguard.LockedBuffer) (*containerv1.Container, error) { 37 return a.unseal(container, identity, nil) 38 } 39 40 // Unseal a sealed container with the given identity and the given preshared key. 41 func (a *adapter) UnsealWithPSK(container *containerv1.Container, identity, preSharedKey *memguard.LockedBuffer) (*containerv1.Container, error) { 42 return a.unseal(container, identity, preSharedKey) 43 } 44 45 //nolint:gocyclo,funlen // To refactor 46 func (a *adapter) unseal(container *containerv1.Container, identity, preSharedKey *memguard.LockedBuffer) (*containerv1.Container, error) { 47 // Check parameters 48 if types.IsNil(container) { 49 return nil, fmt.Errorf("unable to process nil container") 50 } 51 if types.IsNil(container.Headers) { 52 return nil, fmt.Errorf("unable to process nil container headers") 53 } 54 if identity == nil { 55 return nil, fmt.Errorf("unable to process without container key") 56 } 57 58 // Check headers 59 if container.Headers.ContentType != containerSealedContentType { 60 return nil, fmt.Errorf("unable to unseal container") 61 } 62 63 // Check ephemeral container public encryption key 64 if len(container.Headers.EncryptionPublicKey) != publicKeySize { 65 return nil, fmt.Errorf("invalid container public size") 66 } 67 var publicKey [publicKeySize]byte 68 copy(publicKey[:], container.Headers.EncryptionPublicKey[:publicKeySize]) 69 70 // Decode private key 71 privRaw, err := base64.RawURLEncoding.DecodeString(strings.TrimPrefix(identity.String(), PrivateKeyPrefix)) 72 if err != nil { 73 return nil, fmt.Errorf("unable to decode private key: %w", err) 74 } 75 if len(privRaw) != privateKeySize { 76 return nil, fmt.Errorf("invalid identity private key length") 77 } 78 var pk [privateKeySize]byte 79 copy(pk[:], privRaw[:privateKeySize]) 80 81 // Compute preshared key 82 var psk *[preSharedKeySize]byte 83 if preSharedKey != nil { 84 psk, err = pskStretch(preSharedKey.Bytes(), publicKey[:]) 85 if err != nil { 86 return nil, fmt.Errorf("unable to stretch preshared key: %w", err) 87 } 88 } 89 90 // Precompute identifier 91 derivedKey, err := deriveSharedKeyFromRecipient(&publicKey, &pk, psk) 92 if err != nil { 93 return nil, fmt.Errorf("unable to compute recipient shared key: %w", err) 94 } 95 96 // Try recipients 97 payloadKey, err := tryRecipientKeys(derivedKey, container.Headers.Recipients, psk) 98 if err != nil { 99 return nil, fmt.Errorf("error occurred during recipient key tests: %w", err) 100 } 101 102 // Check private key 103 if len(payloadKey) != encryptionKeySize { 104 return nil, fmt.Errorf("invalid encryption key size") 105 } 106 var encryptionKey [encryptionKeySize]byte 107 copy(encryptionKey[:], payloadKey[:encryptionKeySize]) 108 109 // Prepare sig nonce 110 var pubSigNonce [nonceSize]byte 111 copy(pubSigNonce[:], "harp_container_psigk_box") 112 113 // Decrypt signing public key 114 containerSignKeyRaw, ok := secretbox.Open(nil, container.Headers.ContainerBox, &pubSigNonce, &encryptionKey) 115 if !ok { 116 return nil, fmt.Errorf("invalid container key") 117 } 118 if len(containerSignKeyRaw) != ed25519.PublicKeySize { 119 return nil, fmt.Errorf("invalid signature key size") 120 } 121 122 // Compute headers hash 123 headerHash, err := computeHeaderHash(container.Headers) 124 if err != nil { 125 return nil, fmt.Errorf("unable to compute header hash: %w", err) 126 } 127 128 // Extract payload nonce 129 var payloadNonce [nonceSize]byte 130 copy(payloadNonce[:], headerHash[:nonceSize]) 131 132 // Decrypt payload 133 payloadRaw, ok := secretbox.Open(nil, container.Raw, &payloadNonce, &encryptionKey) 134 if !ok || len(payloadRaw) < signatureSize { 135 return nil, fmt.Errorf("invalid ciphered content") 136 } 137 138 // Extract signature / content 139 detachedSig := payloadRaw[:signatureSize] 140 content := payloadRaw[signatureSize:] 141 142 // Prepare protected content 143 protectedHash := computeProtectedHash(headerHash, content) 144 145 // Validate signature 146 if !ed25519.Verify(containerSignKeyRaw, protectedHash, detachedSig) { 147 return nil, fmt.Errorf("invalid container signature") 148 } 149 150 // Unmarshal inner container 151 out := &containerv1.Container{} 152 if err := proto.Unmarshal(content, out); err != nil { 153 return nil, fmt.Errorf("unable to unpack inner content: %w", err) 154 } 155 156 // No error 157 return out, nil 158 }