diff --git a/cmd/ro/gopass/gopass.go b/cmd/ro/gopass/gopass.go index 26e16aa..2d75406 100644 --- a/cmd/ro/gopass/gopass.go +++ b/cmd/ro/gopass/gopass.go @@ -1,12 +1,12 @@ // Author: johnsiilver@gmail.com (John Doak) /* -gopass is a library for getting hidden input from a terminal. +Package gopass is a library for getting hidden input from a terminal. This library's main use is to allow a user to enter a password at the command line without having it echoed to the screen. -The libary currently supports unix systems by manipulating stty. +The library currently supports unix systems by manipulating stty. This code is based upon code by RogerV in the golang-nuts thread: https://groups.google.com/group/golang-nuts/browse_thread/thread/40cc41e9d9fc9247 @@ -24,7 +24,7 @@ import ( const ( sttyArg0 = "/bin/stty" - exec_cwdir = "" + execCwdir = "" ) // Tells the terminal to turn echo off. @@ -33,7 +33,7 @@ var sttyArgvEOff []string = []string{"stty", "-echo"} // Tells the terminal to turn echo on. var sttyArgvEOn []string = []string{"stty", "echo"} -var ws syscall.WaitStatus = 0 +var ws syscall.WaitStatus // GetPass gets input hidden from the terminal from a user. // This is accomplished by turning off terminal echo, @@ -82,7 +82,7 @@ func GetPass(prompt string) (passwd string, err error) { } func echoOff(fd []uintptr) (int, error) { - pid, err := syscall.ForkExec(sttyArg0, sttyArgvEOff, &syscall.ProcAttr{Dir: exec_cwdir, Files: fd}) + pid, err := syscall.ForkExec(sttyArg0, sttyArgvEOff, &syscall.ProcAttr{Dir: execCwdir, Files: fd}) if err != nil { return 0, fmt.Errorf("failed turning off console echo for password entry:\n\t%s", err) } @@ -92,7 +92,7 @@ func echoOff(fd []uintptr) (int, error) { // echoOn turns back on the terminal echo. func echoOn(fd []uintptr) { // Turn on the terminal echo. - pid, e := syscall.ForkExec(sttyArg0, sttyArgvEOn, &syscall.ProcAttr{Dir: exec_cwdir, Files: fd}) + pid, e := syscall.ForkExec(sttyArg0, sttyArgvEOn, &syscall.ProcAttr{Dir: execCwdir, Files: fd}) if e == nil { syscall.Wait4(pid, &ws, 0, nil) } diff --git a/core/core.go b/core/core.go index 15f3bc6..d099f57 100644 --- a/core/core.go +++ b/core/core.go @@ -1,7 +1,6 @@ // Package core handles the main operations of the Red October server. // // Copyright (c) 2013 CloudFlare, Inc. - package core import ( @@ -458,7 +457,7 @@ func Delegate(jsonIn []byte) ([]byte, error) { return jsonStatusOk() } -// Create User processes a create-user request. +// CreateUser processes a create-user request. func CreateUser(jsonIn []byte) ([]byte, error) { var s CreateUserRequest var err error @@ -712,9 +711,8 @@ func Modify(jsonIn []byte) ([]byte, error) { if err != nil { return jsonStatusError(err) - } else { - return jsonStatusOk() } + return jsonStatusOk() } // Owners processes a owners request. diff --git a/cryptor/cryptor.go b/cryptor/cryptor.go index e8aabf4..49d0833 100644 --- a/cryptor/cryptor.go +++ b/cryptor/cryptor.go @@ -2,7 +2,6 @@ // vault and key cache. // // Copyright (c) 2013 CloudFlare, Inc. - package cryptor import ( @@ -386,7 +385,7 @@ func (encrypted *EncryptedData) wrapKey(records *passvault.Records, clearKey []b return err } - for name, _ := range shareSet { + for name := range shareSet { encrypted.KeySetRSA[name], err = generateRandomKey(name) if err != nil { return err @@ -396,7 +395,7 @@ func (encrypted *EncryptedData) wrapKey(records *passvault.Records, clearKey []b return err } - for i, _ := range shareSet[name] { + for i := range shareSet[name] { tmp := make([]byte, 16) crypt.Encrypt(tmp, shareSet[name][i]) shareSet[name][i] = tmp @@ -469,26 +468,25 @@ func (encrypted *EncryptedData) unwrapKey(cache *keycache.Cache, user string) (u for name := range nameSet { names = append(names, name) } - return - } else { - var sss msp.MSP - sss, err = msp.StringToMSP(encrypted.Predicate) - if err != nil { - return nil, nil, err - } - - db := UserDatabase{ - names: &names, - cache: cache, - user: user, - labels: encrypted.Labels, - keySet: encrypted.KeySetRSA, - shareSet: encrypted.ShareSet, - } - unwrappedKey, err = sss.RecoverSecret(&db) - return } + var sss msp.MSP + sss, err = msp.StringToMSP(encrypted.Predicate) + if err != nil { + return nil, nil, err + } + + db := UserDatabase{ + names: &names, + cache: cache, + user: user, + labels: encrypted.Labels, + keySet: encrypted.KeySetRSA, + shareSet: encrypted.ShareSet, + } + unwrappedKey, err = sss.RecoverSecret(&db) + + return } // Encrypt encrypts data with the keys associated with names. This @@ -655,7 +653,7 @@ func (c *Cryptor) GetOwners(in []byte) (names []string, predicate string, err er } } - for name, _ := range encrypted.ShareSet { // names from the secret splitting method + for name := range encrypted.ShareSet { // names from the secret splitting method if !addedNames[name] { names = append(names, name) addedNames[name] = true diff --git a/cryptor/cryptor_test.go b/cryptor/cryptor_test.go index 27cbf08..53e2ee4 100644 --- a/cryptor/cryptor_test.go +++ b/cryptor/cryptor_test.go @@ -310,30 +310,30 @@ func TestRestore(t *testing.T) { } if len(c.cache.UserKeys) != 2 { - t.Fatalf("Delegations do not seem to have been restored.") + t.Fatal("Delegations do not seem to have been restored.") } usage, ok := c.cache.UserKeys[keycache.DelegateIndex{Name: "Alice"}] if !ok { - t.Fatalf("Alice not found in active delegations.") + t.Fatal("Alice not found in active delegations.") } if usage.Uses != testUses { - t.Fatalf("Invalid number of uses in restored delegations.") + t.Fatal("Invalid number of uses in restored delegations.") } usage, ok = c.cache.UserKeys[keycache.DelegateIndex{Name: "Carl"}] if !ok { - t.Fatalf("Carl not found in active delegations.") + t.Fatal("Carl not found in active delegations.") } if usage.Uses != testUses { - t.Fatalf("Invalid number of uses in restored delegations.") + t.Fatal("Invalid number of uses in restored delegations.") } _, ok = c.cache.UserKeys[keycache.DelegateIndex{Name: "Bob"}] if ok { - t.Fatalf("Bob shouldn't be in the active delegations.") + t.Fatal("Bob shouldn't be in the active delegations.") } } diff --git a/keycache/keycache.go b/keycache/keycache.go index 00443e8..f0bca77 100644 --- a/keycache/keycache.go +++ b/keycache/keycache.go @@ -2,7 +2,6 @@ // for the Red October server. // // Copyright (c) 2013 CloudFlare, Inc. - package keycache import ( diff --git a/keycache/keycache_test.go b/keycache/keycache_test.go index 26a0f2e..08fa3a5 100644 --- a/keycache/keycache_test.go +++ b/keycache/keycache_test.go @@ -65,7 +65,7 @@ func TestUsesFlush(t *testing.T) { } if bytes.Equal(key, key2) { - t.Fatalf("cache.DecryptKey didnt decrypt the right key!") + t.Fatal("cache.DecryptKey didnt decrypt the right key!") } // Second decryption allowed. diff --git a/msp/formatted.go b/msp/formatted.go index d7c4f03..27dad91 100644 --- a/msp/formatted.go +++ b/msp/formatted.go @@ -28,31 +28,6 @@ func StringToFormatted(f string) (out Formatted, err error) { return out, errors.New("Invalid string: Needs to begin and end with parentheses.") } - getNext := func(f string) (string, string) { // f -> (next, rest) - f = strings.TrimSpace(f) - - if f[0] == '(' { - return f[0:1], f[1:] - } - - nextComma := strings.Index(f, ",") - if f[0] == ')' { - if nextComma == -1 { - return f[0:1], "" - } - return f[0:1], f[nextComma+1:] - } else if nextComma == -1 { - return f[0 : len(f)-1], f[len(f)-1:] - } - - nextUnParen := strings.Index(f, ")") - if nextComma < nextUnParen { - return strings.TrimSpace(f[0:nextComma]), f[nextComma+1:] - } - - return strings.TrimSpace(f[0:nextUnParen]), f[nextUnParen:] - } - staging := [][]Condition{} indices := make(map[string]int, 0) @@ -117,6 +92,31 @@ func StringToFormatted(f string) (out Formatted, err error) { return out, errors.New("Invalid string: Not finished parsing, but out of data. Too many opening parentheses or too few closing parentheses?") } +func getNext(f string) (string, string) { // f -> (next, rest) + f = strings.TrimSpace(f) + + if f[0] == '(' { + return f[0:1], f[1:] + } + + nextComma := strings.Index(f, ",") + if f[0] == ')' { + if nextComma == -1 { + return f[0:1], "" + } + return f[0:1], f[nextComma+1:] + } else if nextComma == -1 { + return f[0 : len(f)-1], f[len(f)-1:] + } + + nextUnParen := strings.Index(f, ")") + if nextComma < nextUnParen { + return strings.TrimSpace(f[0:nextComma]), f[nextComma+1:] + } + + return strings.TrimSpace(f[0:nextUnParen]), f[nextUnParen:] +} + func (f Formatted) String() string { out := fmt.Sprintf("(%v", f.Min) diff --git a/msp/matrix.go b/msp/matrix.go index 6c82141..f2ef09e 100644 --- a/msp/matrix.go +++ b/msp/matrix.go @@ -1,4 +1,4 @@ -// Matrix operations for elements in GF(2^128). +// Package msp implements matrix operations for elements in GF(2^128). package msp type Row []FieldElem @@ -21,8 +21,8 @@ func (e Row) AddM(f Row) { panic("Can't add rows that are different sizes!") } - for i, f_i := range f { - e[i].AddM(f_i) + for i, fI := range f { + e[i].AddM(fI) } return @@ -30,7 +30,7 @@ func (e Row) AddM(f Row) { // MulM multiplies the row by a scalar. func (e Row) MulM(f FieldElem) { - for i, _ := range e { + for i := range e { e[i] = e[i].Mul(f) } } @@ -92,7 +92,7 @@ func (e Matrix) Recovery() (Row, bool) { // Duplicate e away so we don't mutate it; transpose it at the same time. f := make([]Row, b) - for i, _ := range f { + for i := range f { f[i] = NewRow(a) } @@ -102,15 +102,15 @@ func (e Matrix) Recovery() (Row, bool) { } } - for row, _ := range f { + for row := range f { if row >= b { // The matrix is tall and thin--we've finished before exhausting all the rows. break } // Find a row with a non-zero entry in the (row)th position candId := -1 - for j, f_j := range f[row:] { - if !f_j[row].IsZero() { + for j, fJ := range f[row:] { + if !fJ[row].IsZero() { candId = j + row break } @@ -131,7 +131,7 @@ func (e Matrix) Recovery() (Row, bool) { aug[row] = aug[row].Mul(fInv) // Cancel out the (row)th position for every row above and below it. - for i, _ := range f { + for i := range f { if i != row && !f[i][row].IsZero() { c := f[i][row].Dup() diff --git a/msp/msp_test.go b/msp/msp_test.go index bd57749..bfbb66d 100644 --- a/msp/msp_test.go +++ b/msp/msp_test.go @@ -24,9 +24,8 @@ func (d *Database) GetShare(name string) ([][]byte, error) { if ok { return out, nil - } else { - return nil, errors.New("Not found!") } + return nil, errors.New("Not found!") } func TestMSP(t *testing.T) { diff --git a/msp/raw.go b/msp/raw.go index 9aa2d40..795d9f6 100644 --- a/msp/raw.go +++ b/msp/raw.go @@ -223,7 +223,6 @@ func (r Raw) Formatted() (out Formatted) { func (r Raw) Ok(db UserDatabase) bool { if r.Type() == NodeAnd { return r.Left.Ok(db) && r.Right.Ok(db) - } else { - return r.Left.Ok(db) || r.Right.Ok(db) } + return r.Left.Ok(db) || r.Right.Ok(db) } diff --git a/order/order.go b/order/order.go index 1fed65c..c441f87 100644 --- a/order/order.go +++ b/order/order.go @@ -1,6 +1,6 @@ // Package order manages the bookkeeping and utilies required // for users to create an 'order' meaning they have requested -// delegations for a certian resource. +// delegations for a certain resource. // // Copyright (c) 2016 CloudFlare, Inc. package order diff --git a/padding/padding.go b/padding/padding.go index 65a65c0..545e71f 100644 --- a/padding/padding.go +++ b/padding/padding.go @@ -1,7 +1,6 @@ // Package padding adds and removes padding for AES-CBC mode. // // Copyright (c) 2013 CloudFlare, Inc. - package padding import "errors" diff --git a/passvault/passvault.go b/passvault/passvault.go index 912334b..b580b2f 100644 --- a/passvault/passvault.go +++ b/passvault/passvault.go @@ -3,7 +3,6 @@ // stored hashed (with salt) using scrypt. // // Copyright (c) 2013 CloudFlare, Inc. - package passvault import ( @@ -89,7 +88,7 @@ type PasswordRecord struct { Admin bool } -// diskRecords is the structure used to read and write a JSON file +// Records is the structure used to read and write a JSON file // containing the contents of a password vault type Records struct { Version int @@ -257,7 +256,7 @@ func encryptECB(data, key []byte) (encryptedData []byte, err error) { return } -// InitFromDisk reads the record from disk and initialize global context. +// InitFrom reads the record from disk and initialize global context. func InitFrom(path string) (records Records, err error) { var jsonDiskRecord []byte @@ -423,7 +422,7 @@ func (records *Records) ChangePassword(name, password, newPassword, hipchatName return } } else { - err = errors.New("Unkown record type") + err = errors.New("Unknown record type") return } @@ -482,12 +481,12 @@ func (records *Records) GetRecord(name string) (PasswordRecord, bool) { return dpr, found } -// GetVaultId returns the id of the current vault. +// GetVaultID returns the id of the current vault. func (records *Records) GetVaultID() (id int, err error) { return records.VaultId, nil } -// GetHmacKey returns the hmac key of the current vault. +// GetHMACKey returns the hmac key of the current vault. func (records *Records) GetHMACKey() (key []byte, err error) { return records.HmacKey, nil } @@ -626,8 +625,8 @@ func (pr *PasswordRecord) GetKeyRSA(password string) (key rsa.PrivateKey, err er return } -func (r *Records) GetAltNameFromName(alt, name string) (altName string, found bool) { - if passwordRecord, ok := r.Passwords[name]; ok { +func (records *Records) GetAltNameFromName(alt, name string) (altName string, found bool) { + if passwordRecord, ok := records.Passwords[name]; ok { if altName, ok := passwordRecord.AltNames[alt]; ok { return altName, true } diff --git a/redoctober_test.go b/redoctober_test.go index de0ec18..6409e57 100644 --- a/redoctober_test.go +++ b/redoctober_test.go @@ -961,6 +961,10 @@ func beforeRestartRestore(t *testing.T, cfgPath, vaultPath string) { } decryptedMessage, err := base64.StdEncoding.DecodeString(string(decrypted)) + if err != nil { + t.Fatalf("DecodeString failed: %s", err) + } + if string(decryptedMessage) != encryptMessage { t.Fatalf("decryption produced the wrong message: want '%s' but have '%s'", encryptMessage, decryptedMessage) @@ -1023,6 +1027,9 @@ func afterRestartRestore(t *testing.T, cfgPath, vaultPath string) { } decryptedMessage, err := base64.StdEncoding.DecodeString(string(decrypted)) + if err != nil { + t.Fatalf("DecodeString failed: %s", err) + } if string(decryptedMessage) != encryptMessage { t.Fatalf("decryption produced the wrong message: want '%s' but have '%s'", encryptMessage, decryptedMessage)