mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-10 14:08:53 +00:00
shankar0123
21aeed4f4e
Phase 0 closure (Path B2, post-rewrite):
addlicense sweep — adds the canonical certctl LLC copyright + BUSL-1.1
SPDX header to every production Go file. Template:
// Copyright 2026 certctl LLC. All rights reserved.
// SPDX-License-Identifier: BUSL-1.1
Coverage: 338 / 338 production Go files (cmd/ + internal/, excluding
*_test.go and **/testdata/**). Pre-sweep coverage was 22 / 338 (6.5%);
post-sweep is 338 / 338 (100%).
Normalized 22 pre-existing legacy headers (`// Copyright (c) certctl`
+ `// SPDX-License-Identifier: BSL-1.1`) and 1 file using a
`Certctl Contributors` attribution. The legacy SPDX ID `BSL-1.1`
is non-standard; the official SPDX identifier for Business Source
License 1.1 is `BUSL-1.1` (capital U). All 338 files now share the
canonical form.
Generated via:
addlicense -c "certctl LLC" -y 2026 \
-f cowork/legal/copyright-header.tpl \
-ignore '**/testdata/**' -ignore '**/*_test.go' \
cmd/ internal/
Verification:
find cmd internal -name '*.go' -not -name '*_test.go' \
-not -path '*/testdata/*' \
-exec grep -L '^// Copyright 2026 certctl LLC' {} \; | wc -l
Returns: 0
gofmt clean. Header additions are comments only, no compile impact.
Closes: cowork/certctl-architecture-diligence-audit.html#fix-RED-4
58 lines
2.2 KiB
Go
58 lines
2.2 KiB
Go
// Copyright 2026 certctl LLC. All rights reserved.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package local
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/x509"
|
|
"fmt"
|
|
)
|
|
|
|
// Bundle-9 / Audit L-002 (Private-key bytes linger in heap after marshal):
|
|
//
|
|
// x509.MarshalECPrivateKey copies the private scalar into a fresh DER buffer.
|
|
// If the caller PEM-encodes that buffer, writes it to disk, and returns, the
|
|
// buffer remains in the goroutine's heap until the GC sweeps it — at which
|
|
// point the bytes may persist further (Go's GC does not zero released memory).
|
|
//
|
|
// A heap dump (debug attach, core dump, swap-out, container memory snapshot
|
|
// taken by an attacker with host access) can then recover the private key.
|
|
//
|
|
// marshalPrivateKeyAndZeroize wraps MarshalECPrivateKey + a deferred
|
|
// `clear(buf)` so the caller can copy the DER into a PEM block and the
|
|
// underlying bytes are zeroed on function return. It is the caller's
|
|
// responsibility to do the same on whatever PEM/file buffer they derive.
|
|
//
|
|
// This is a defense-in-depth measure — Go memory hygiene cannot match the
|
|
// guarantees of a process-isolated HSM. See L-014's documentation in
|
|
// local.go for the explicit threat-model carve-out around CA private keys
|
|
// resident in the server process.
|
|
|
|
// marshalPrivateKeyAndZeroize marshals an ECDSA private key to DER and
|
|
// invokes onDER with the bytes. After onDER returns, the DER buffer is
|
|
// zeroized via the builtin `clear`. This bounds the window during which
|
|
// the private scalar lives in the heap to exactly the duration of onDER.
|
|
//
|
|
// Callers that PEM-encode + write to disk should structure as:
|
|
//
|
|
// err := marshalPrivateKeyAndZeroize(priv, func(der []byte) error {
|
|
// pemBytes := pem.EncodeToMemory(&pem.Block{Type: "EC PRIVATE KEY", Bytes: der})
|
|
// defer clear(pemBytes)
|
|
// return os.WriteFile(path, pemBytes, 0o600)
|
|
// })
|
|
//
|
|
// onDER MUST NOT retain a reference to the slice — the bytes are zeroed
|
|
// after it returns.
|
|
func marshalPrivateKeyAndZeroize(priv *ecdsa.PrivateKey, onDER func([]byte) error) error {
|
|
if priv == nil {
|
|
return fmt.Errorf("marshalPrivateKeyAndZeroize: nil private key")
|
|
}
|
|
der, err := x509.MarshalECPrivateKey(priv)
|
|
if err != nil {
|
|
return fmt.Errorf("marshal EC private key: %w", err)
|
|
}
|
|
defer clear(der)
|
|
return onDER(der)
|
|
}
|