Merge branch 'develop'

2025-12-25 00:21:00 +03:00 · 2020-02-07 18:36:41 +01:00
parent a72db6da6b 20bd6881fe
commit 8ad2a91663
4 changed files with 44 additions and 27 deletions
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -31,11 +31,11 @@

 [[projects]]
  branch = "master"
-  digest = "1:e0e7407760180ecbb8f9a005164e28e2fb2e3c43643937ce963fe70759c26262"
+  digest = "1:ee89c007cd77c942ef65d9d6541a6bdc55a33fe40e8935d659de469c57e3f4ee"
  name = "github.com/ssh-vault/go-keychain"
  packages = ["."]
  pruneopts = "UT"
-  revision = "ccd67945d59e2e76561507e6d274dfe97905d40e"
+  revision = "f65a47cbe0b120345b64ba52303ebced28b64112"

 [[projects]]
  branch = "master"
@@ -47,22 +47,34 @@

 [[projects]]
  branch = "master"
-  digest = "1:bbe51412d9915d64ffaa96b51d409e070665efc5194fcf145c4a27d4133107a4"
+  digest = "1:fa45508cb3dd10a5f066fb203d7b99db0034549eee37d400ee719f56f2b4b095"
  name = "golang.org/x/crypto"
-  packages = ["ssh/terminal"]
+  packages = [
+    "blowfish",
+    "chacha20",
+    "curve25519",
+    "ed25519",
+    "ed25519/internal/edwards25519",
+    "internal/subtle",
+    "poly1305",
+    "ssh",
+    "ssh/internal/bcrypt_pbkdf",
+    "ssh/terminal",
+  ]
  pruneopts = "UT"
-  revision = "e9b2fee46413994441b28dfca259d911d963dfed"
+  revision = "a0c6ece9d31a0ebfbd3ddf2d290cfb1265ba47c7"

 [[projects]]
  branch = "master"
-  digest = "1:472d3f5adc36e1c0b9120bc3830d692a090134aa5461335f39caabd0fdb7feac"
+  digest = "1:82a36a77bd0e9b96345f621e6fe74a83261bb09f1ec3863328420ac5198e7510"
  name = "golang.org/x/sys"
  packages = [
+    "cpu",
    "unix",
    "windows",
  ]
  pruneopts = "UT"
-  revision = "ac6580df4449443a05718fd7858c1f91ad5f8d20"
+  revision = "d101bd2416d505c0448a6ce8a282482678040a89"

 [solve-meta]
  analyzer-name = "dep"
@@ -74,6 +86,7 @@
    "github.com/ssh-vault/crypto/oaep",
    "github.com/ssh-vault/go-keychain",
    "github.com/ssh-vault/ssh2pem",
+    "golang.org/x/crypto/ssh",
    "golang.org/x/crypto/ssh/terminal",
  ]
  solver-name = "gps-cdcl"
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -1,6 +1,6 @@
 # Gopkg.toml example
 #
-# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
+# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
 # for detailed Gopkg.toml documentation.
 #
 # required = ["github.com/user/thing/cmd/thing"]
@@ -27,7 +27,7 @@

 [[constraint]]
  name = "github.com/kr/pty"
-  version = "1.1.1"
+  version = "1.1.3"

 [[constraint]]
  branch = "master"
--- a/README.md
+++ b/README.md
@@ -20,7 +20,12 @@ Example:
    $ echo "secret" | ssh-vault -u <github.com/user> create


-## Compile from source
+## Installation
+
+### Mac OS
+    brew install ssh-vault
+
+### Compile from source

 Setup go environment https://golang.org/doc/install

@@ -28,20 +33,15 @@ For example using $HOME/go for your workspace

    $ export GOPATH=$HOME/go

-Create the directory:
+Get the code:

-    $ mkdir -p $HOME/go/src/github.com/ssh-vault
-
-Clone project into that directory:
-
-    $ git clone git@github.com:ssh-vault/ssh-vault.git $HOME/go/src/github.com/ssh-vault/ssh-vault
+    $ go get github.com/ssh-vault/ssh-vault

 Build by just typing make:

-    $ cd $HOME/go/src/github.com/ssh-vault/ssh-vault
+    $ cd $GOPATH/src/github.com/ssh-vault/ssh-vault
    $ make

-
 ## Issues

 Please feel free to raise any issue, feature requirement or a simple comment [here](https://github.com/ssh-vault/ssh-vault/issues).
--- a/view.go
+++ b/view.go
@@ -3,6 +3,7 @@ package sshvault
 import (
 	"bufio"
 	"bytes"
+	"crypto/rsa"
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/pem"
@@ -13,6 +14,7 @@ import (

 	"github.com/ssh-vault/crypto/aead"
 	"github.com/ssh-vault/crypto/oaep"
+	"golang.org/x/crypto/ssh"
 )

 // View decrypts data and print it to stdout
@@ -69,25 +71,27 @@ func (v *vault) View() ([]byte, error) {
 	}

 	block, _ := pem.Decode(keyFile)
-	if block == nil || block.Type != "RSA PRIVATE KEY" {
+	if block == nil || !strings.HasSuffix(block.Type, "PRIVATE KEY") {
 		return nil, fmt.Errorf("No valid PEM (private key) data found")
 	}

+	var privateKey interface{}
+
 	if x509.IsEncryptedPEMBlock(block) {
 		keyPassword, err := v.GetPassword()
 		if err != nil {
 			return nil, fmt.Errorf("unable to get private key password, Decryption failed")
 		}

-		block.Bytes, err = x509.DecryptPEMBlock(block, keyPassword)
+		privateKey, err = ssh.ParseRawPrivateKeyWithPassphrase(keyFile, keyPassword)
 		if err != nil {
-			return nil, fmt.Errorf("password incorrect, Decryption failed")
+			return nil, fmt.Errorf("could not parse private key: %v", err)
+		}
+	} else {
+		privateKey, err = ssh.ParseRawPrivateKey(keyFile)
+		if err != nil {
+			return nil, fmt.Errorf("could not parse private key: %v", err)
 		}
-	}
-
-	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
-	if err != nil {
-		return nil, err
 	}

 	ciphertext, err := base64.StdEncoding.DecodeString(payload[0])
@@ -95,7 +99,7 @@ func (v *vault) View() ([]byte, error) {
 		return nil, err
 	}

-	v.Password, err = oaep.Decrypt(privateKey, ciphertext, []byte(""))
+	v.Password, err = oaep.Decrypt(privateKey.(*rsa.PrivateKey), ciphertext, []byte(""))
 	if err != nil {
 		return nil, fmt.Errorf("Decryption failed, use private key with fingerprint: %s", header[2])
 	}