Skip to content

Commit

Permalink
added Rust and Go support for encrypted PKCS#8 private keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@heavycrystal
heavycrystal committed Sep 18, 2023
1 parent 5372df9 commit 212543c
Show file tree
Hide file tree
Showing 15 changed files with 336 additions and 203 deletions.
2 changes: 1 addition & 1 deletion flow/connectors/snowflake/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ type SnowflakeClient struct {
}

func NewSnowflakeClient(ctx context.Context, config *protos.SnowflakeConfig) (*SnowflakeClient, error) {
privateKey, err := util.DecodePKCS8PrivateKey([]byte(config.PrivateKey))
privateKey, err := util.DecodePKCS8PrivateKey([]byte(config.PrivateKey), config.Password)
if err != nil {
return nil, fmt.Errorf("failed to read private key: %w", err)
}
Expand Down
3 changes: 2 additions & 1 deletion flow/connectors/snowflake/snowflake.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,8 @@ type UnchangedToastColumnResult struct {

func NewSnowflakeConnector(ctx context.Context,
snowflakeProtoConfig *protos.SnowflakeConfig) (*SnowflakeConnector, error) {
PrivateKeyRSA, err := util.DecodePKCS8PrivateKey([]byte(snowflakeProtoConfig.PrivateKey))
PrivateKeyRSA, err := util.DecodePKCS8PrivateKey([]byte(snowflakeProtoConfig.PrivateKey),
snowflakeProtoConfig.Password)
if err != nil {
return nil, err
}
Expand Down
272 changes: 142 additions & 130 deletions flow/generated/protos/peers.pb.go
View file

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions flow/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ require (
github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/twmb/murmur3 v1.1.8 // indirect
github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a // indirect
)

require (
Expand Down
3 changes: 3 additions & 0 deletions flow/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1431,6 +1431,8 @@ github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs=
github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a h1:fZHgsYlfvtyqToslyjUt3VOPF4J7aK/3MPcK7xp3PDk=
github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a/go.mod h1:ul22v+Nro/R083muKhosV54bj5niojjWZvU8xrevuH4=
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
Expand Down Expand Up @@ -1485,6 +1487,7 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
Expand Down
20 changes: 12 additions & 8 deletions flow/utils/crypto.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,24 +2,28 @@ package util

import (
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"fmt"

"github.com/youmark/pkcs8"
)

func DecodePKCS8PrivateKey(rawKey []byte) (*rsa.PrivateKey, error) {
func DecodePKCS8PrivateKey(rawKey []byte, password *string) (*rsa.PrivateKey, error) {
PEMBlock, _ := pem.Decode(rawKey)
if PEMBlock == nil {
return nil, fmt.Errorf("failed to decode private key PEM block")
}
privateKeyAny, err := x509.ParsePKCS8PrivateKey(PEMBlock.Bytes)

var privateKey *rsa.PrivateKey
var err error
if password != nil {
privateKey, err = pkcs8.ParsePKCS8PrivateKeyRSA(PEMBlock.Bytes, []byte(*password))
} else {
privateKey, err = pkcs8.ParsePKCS8PrivateKeyRSA(PEMBlock.Bytes)
}
if err != nil {
return nil, fmt.Errorf("failed to parse private key PEM block as PKCS8: %w", err)
}
privateKeyRSA, ok := privateKeyAny.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("key does not appear to RSA as expected")
}

return privateKeyRSA, nil
return privateKey, nil
}
Loading

0 comments on commit 212543c

Please sign in to comment.