+ Add a lock to the keycache.
+ Ensure that all instantiations of keycaches use New, rather
than the old keycache.Cache{make()} construct. This no longer
works with the lock in place.
+ Update travis to run the race detector on a few specific packages
that should help identify this type of problem in the future.
This change addresses several points:
1. The integration tests didn't verify that delegations could be used
for decryption following a restore. The integration tests now
verify this.
2. There was no functionality for clearing persisted delegations if
needed. The vault admin can now do this via the command line tool.
3. Restoring active delegations wasn't storing the key with the
delegation. Keys are now serialised properly.
4. [Minor] The MSP package now reports the name of the offending user
when it can't find a user name in the database.
This is a rather large change. It consists of the following changes:
+ Direct access to the keycache has been removed from the core
package. This forces all interaction with the cache to go
through the Cryptor, which is required for persistence. The
Cryptor needs to know when the cache has changed, and the only
way to do this effectively is to make the Cryptor responsible
for managing the keycache.
+ A new persist package has been added. This provides a Store
interface, for which two implementations are provided. The
first is a null persister: this is used when no persistence
is configured. The second is a file-backed persistence store.
+ The Cryptor now persists the cache every time it changes.
Additionally, a number of missing returns in a function in the core
package have been added.
Supports MSP and requires several arguments to add hipchat integration to
red october. RedOctober will then alert on creation of an order, any new
delegation, or several other states.
The keycache does not remove active delegations when uses drops to zero;
rather it only removes these when Refresh is called.
So Valid returns true even if the user's delegation has expired,
so fullMatch is not set to false in unwrapKey,
so DecryptKey fails since the keycache refreshes and finds the delegation has expired,
so tmpKeyValue is left empty and decryptErr is set.
Since decryptErr is only used to break out of the inner loop, and
fullMatch wasn't set to false, no error is returned from unwrapKey.
So aesKey in DecryptKey is an empty string, causing an error when
passed to aes.NewCipher.
This commit actively removes a delegation from the keycache when it
is used for the last time, and properly handles errors thrown by
DecryptKey in unwrapKey.
The idea is to create a new type (to avoid ugly string parsing) and
then, instead of iterating through delegations with the username, iterate
through the delegations and look for your username and matching slot. Also
in cases we don't have the slot (everything but delegation), find the slot
when we match a user.
This commit adds ECC cases to functions checking for RSA records.
Additionally, the rsaEncryptedKey variable is changed to pubEncryptedKey
to reflect a general use of public key crypto.
