From 661c809f7500fcd01e1a0da9767dde989799b6fb Mon Sep 17 00:00:00 2001 From: Wu Tingfeng Date: Tue, 6 Feb 2024 14:28:46 +0800 Subject: [PATCH 1/3] Add support for 2FAS --- README.md | 5 +- cmd/andcli/andcli_test.go | 88 ++++++++++ cmd/andcli/main.go | 5 +- cmd/andcli/testdata/twofas-export-test.2fas | 1 + cmd/andcli/testdata/twofas-invalid-file.2fas | 1 + cmd/andcli/twofas.go | 169 +++++++++++++++++++ go.sum | 45 ----- 7 files changed, 266 insertions(+), 48 deletions(-) create mode 100644 cmd/andcli/testdata/twofas-export-test.2fas create mode 100644 cmd/andcli/testdata/twofas-invalid-file.2fas create mode 100644 cmd/andcli/twofas.go diff --git a/README.md b/README.md index c50fa61..790d15f 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ View, decrypt and copy 2FA tokens from encrypted backup files directly in your s * [andotp](https://github.com/andOTP/andOTP) * [aegis](https://getaegis.app) +* [twofas](https://2fas.com) ![Demo](doc/demo.gif "Demo") @@ -16,7 +17,7 @@ Download a [prebuild release](https://github.com/tjblackheart/andcli/releases) a ## Usage 1. Export an **encrypted, password protected** backup from your 2FA app and save it into your preferred cloud provider (i.e. Dropbox, Nextcloud...). -2. Fire up `andcli` and point it to this file with `-f `. Specify the vault type via `-t `: choose between `andotp` or `aegis`. The path and type will get cached, so you have to do this only once. +2. Fire up `andcli` and point it to this file with `-f `. Specify the vault type via `-t `: choose between `andotp` or `aegis` or `twofas`. The path and type will get cached, so you have to do this only once. 3. Enter the encryption password. 4. To search an entry, type a word. Press `ESC` to clear the current query. 5. Navigate via keyboard, press `Enter` to view a token and press `c` to copy it into the clipboard (**Linux/Mac only**). @@ -35,7 +36,7 @@ Usage of andcli: -f string Path to the encrypted vault -t string - Vault type (andotp, aegis) + Vault type (andotp, aegis, twofas) -v Show current version ``` diff --git a/cmd/andcli/andcli_test.go b/cmd/andcli/andcli_test.go index 08fee54..4d9a677 100644 --- a/cmd/andcli/andcli_test.go +++ b/cmd/andcli/andcli_test.go @@ -37,6 +37,36 @@ func TestDecrypt(t *testing.T) { } } +func TestTwoFas(t *testing.T) { + tests := []struct { + name string + filename string + password string + fails bool + }{ + {"decrypts", "testdata/twofas-export-test.2fas", "andcli-test", false}, + {"fails: wrong password", "testdata/twofas-export-test.2fas", "invalid", true}, + {"fails: invalid file", "testdata/twofas-invalid-file.2fas", "invalid", true}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + b, err := os.ReadFile(tt.filename) + assert.NoError(t, err) + + entries, err := decryptTWOFAS(b, []byte(tt.password)) + if tt.fails { + assert.Error(t, err) + return + } + + assert.NoError(t, err) + assert.Len(t, entries, 1) + assert.Equal(t, entries[0].Label, "andcli-test") + }) + } +} + func TestAEGIS(t *testing.T) { tests := []struct { name string @@ -159,6 +189,64 @@ func TestConvertAEGISEntry(t *testing.T) { assert.Equal(t, have.toEntry(), want) } +func TestConvertTwoFasEntry(t *testing.T) { + have := twofasEntry{ + Name: "name", + Secret: "secret", + UpdatedAt: 1707198293593, + Otp: struct { + Label string + Account string + Issuer string + Digits int + Period int + Algorithm string + TokenType string `json:"tokenType"` + Source string + }{ + Label: "name", + Account: "andcli-test", + Issuer: "issuer", + Digits: 6, + Period: 30, + Algorithm: "algo", + TokenType: "type", + Source: "Link", + }, + Order: struct { + Position int + }{Position: 0}, + Icon: struct { + Selected string + Label struct { + Text string + BackgroundColor string `json:"backgroundColor"` + } + IconCollection struct { + Id string + } `json:"iconCollection"` + }{ + Selected: "Label", Label: struct { + Text string + BackgroundColor string `json:"backgroundColor"` + }{Text: "OT", BackgroundColor: "Orange"}, IconCollection: struct { + Id string + }{Id: "a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}, + } + + want := &entry{ + Secret: "secret", + Issuer: "issuer", + Label: "name", + Digits: 6, + Type: "type", + Algorithm: "algo", + Period: 30, + } + + assert.Equal(t, have.toEntry(), want) +} + func TestConfig(t *testing.T) { cwd, err := os.Getwd() assert.NoError(t, err) diff --git a/cmd/andcli/main.go b/cmd/andcli/main.go index a66e5da..7ed833b 100644 --- a/cmd/andcli/main.go +++ b/cmd/andcli/main.go @@ -19,6 +19,7 @@ const ( VIEW_DETAIL = "detail" TYPE_ANDOTP = "andotp" TYPE_AEGIS = "aegis" + TYPE_TWOFAS = "twofas" ) var ( @@ -65,7 +66,7 @@ func main() { var showVersion bool flag.StringVar(&vaultFile, "f", "", "Path to the encrypted vault") - flag.StringVar(&vaultType, "t", "", "Vault type (andotp, aegis)") + flag.StringVar(&vaultType, "t", "", "Vault type (andotp, aegis, twofas)") flag.BoolVar(&showVersion, "v", false, "Show current version") flag.Parse() @@ -149,6 +150,8 @@ func decrypt(vaultFile, vaultType string, p ...[]byte) (entries, error) { return decryptANDOTP(b, pass) case TYPE_AEGIS: return decryptAEGIS(b, pass) + case TYPE_TWOFAS: + return decryptTWOFAS(b, pass) } return nil, fmt.Errorf("vault type %q: not implemented", vaultType) diff --git a/cmd/andcli/testdata/twofas-export-test.2fas b/cmd/andcli/testdata/twofas-export-test.2fas new file mode 100644 index 0000000..b513d0f --- /dev/null +++ b/cmd/andcli/testdata/twofas-export-test.2fas @@ -0,0 +1 @@ +{"services":[],"groups":[],"updatedAt":1707198500794,"schemaVersion":4,"appVersionCode":5000012,"appVersionName":"5.2.0","appOrigin":"android","servicesEncrypted":"ejHkcIU7/KtjZkdm0mx+X+BY/jWAO1lbZaLpiSfADFsEFOo+rUhbaZ+i0a/0DKg5fBooJBqD4h8kJ20lHvkv2gCU30cy/hEs6vBZWTPBwr8dfC07NStxgWY3K78NBi5rhkXfe7QdHxMzhIXsnGOBqp1ibL5INCPESw9BlXQ1OWox/MNbIl9wRg0gRSyag+AF5xWdZ/AqpT/Gx4WM9bMw9MbM7zNKLGEHrlqf3ESO5r2JvPpB/Y2XiM87nCRrpCfQYsWLUwfKG+KkvokuXwwfH9lh8H0MZWqzIYHO8EW1rrBeW6arbjnInAjI4u71n0/MIRyiA+t6RVaGlqMXztAR4yo4Ts1e2RwBWA2TGOWMPoXXzj+uxjSDHmRv1/zDvkcg9FiP0xH2Ftr/fZYYwtUcsX4X5L6Jg+nvLR0wN6Al/zl3yHjgLn0vPMO9YMqtWFo2mnLuBHa8Epaey6ZCLQ6HkT4YHj3H7wQcRrc06Wy+vYs7nNHO5lD9wY+lpdxJGMeXv7nYSkTmSQwfIBSeuhngDZfMqRPZKqF74pjmb2Z/6pIP2ZdiKgceswN7an+ZXVxvDeS3jiS//cQyA9jJrkJB3tk=:w3uke3TsIcM0v0IWyIFNZTZTBkPVoKvckvikTEq/CeKPlUgmICJdhlSdMUuI4m9UO3jUqoAv5uCeLhn0XN5JycEklpd2p9rJUc5aSj3uhDb+Ki1oWBG6K5ePX82NMxp/xyWFZMWQrUbkXxSOXckV06F2ohrpz6hp2DpVgc+WkLecLQ4h2PzO9wEPrEKl+5B/iNnzI+2WXU8CW9oSg4B3JyFI/UVEk/80jMFs2lYFMAV7EmxbOBMuQrf2H/bzBPwYUCAbtqN9nfx54ywXfaHQHX/p11HbmdWgyp2PNAxFi2VqoY/c1TG0OSqs2RVbwYMtAMIGhnQWIcvtMJp4FV1/2A==:Ow6fbkwu/65x56U3","reference":""} diff --git a/cmd/andcli/testdata/twofas-invalid-file.2fas b/cmd/andcli/testdata/twofas-invalid-file.2fas new file mode 100644 index 0000000..50a269a --- /dev/null +++ b/cmd/andcli/testdata/twofas-invalid-file.2fas @@ -0,0 +1 @@ +"invalid" diff --git a/cmd/andcli/twofas.go b/cmd/andcli/twofas.go new file mode 100644 index 0000000..cfd03ff --- /dev/null +++ b/cmd/andcli/twofas.go @@ -0,0 +1,169 @@ +package main + +import ( + "crypto/aes" + "crypto/cipher" + "crypto/sha256" + "encoding/base64" + "encoding/json" + "fmt" + "strings" + + "golang.org/x/crypto/pbkdf2" +) + +type ( + twofasVault struct { + UpdatedAt int + SchemaVersion int + AppVersionCode int + AppVersionName string + AppOrigin string + ServicesEncrypted string + } + + twofasDB []twofasEntry + + twofasEntry struct { + Name string + Secret string + UpdatedAt int + Otp struct { + Label string + Account string + Issuer string + Digits int + Period int + Algorithm string + TokenType string `json:"tokenType"` + Source string + } + Order struct { + Position int + } + Icon struct { + Selected string + Label struct { + Text string + BackgroundColor string `json:"backgroundColor"` + } + IconCollection struct { + Id string + } `json:"iconCollection"` + } + } +) + +func (e twofasEntry) toEntry() *entry { + return &entry{ + Secret: e.Secret, + Issuer: e.Otp.Issuer, + Label: e.Otp.Label, + Digits: e.Otp.Digits, + Type: e.Otp.TokenType, + Algorithm: e.Otp.Algorithm, + Period: e.Otp.Period, + } +} + +// + +func decryptTWOFAS(data, password []byte) (entries, error) { + + var vault twofasVault + if err := json.Unmarshal(data, &vault); err != nil { + return nil, err + } + + key, err := deriveTwoFasMasterKey(&vault, password) + if err != nil { + return nil, err + } + + plain, err := decryptTwoFasDB(&vault, key) + if err != nil { + return nil, err + } + + var db twofasDB + if err := json.Unmarshal(plain, &db); err != nil { + return nil, err + } + + var list entries + for _, e := range db { + list = append(list, *e.toEntry()) + } + + return list, nil +} + +func deriveTwoFasMasterKey(v *twofasVault, password []byte) ([]byte, error) { + + servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", 3) + if len(servicesEncrypted) != 3 { + return nil, fmt.Errorf("Invalid vault file. Number of fields is not 3") + } + var dbAndAuthTag, salt []byte + var err error + + dbAndAuthTag, err = base64.StdEncoding.DecodeString(servicesEncrypted[0]) + if err != nil { + return nil, err + } + salt, err = base64.StdEncoding.DecodeString(servicesEncrypted[1]) + if err != nil { + return nil, err + } + + if len(dbAndAuthTag) <= 16 { + return nil, fmt.Errorf("Invalid vault file. Length of cipher text with auth tag must be more than 16") + } + + return pbkdf2.Key(password, salt, 10000, 32, sha256.New), nil +} + +func decryptTwoFasDB(v *twofasVault, key []byte) ([]byte, error) { + + servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", 3) + if len(servicesEncrypted) != 3 { + return nil, fmt.Errorf("Invalid vault file. Number of fields is not 3") + } + + var dbAndAuthTag, b, tag, nonce []byte + var err error + + dbAndAuthTag, err = base64.StdEncoding.DecodeString(servicesEncrypted[0]) + if err != nil { + return nil, err + } + + b = dbAndAuthTag[:len(dbAndAuthTag)-16] + tag = dbAndAuthTag[len(dbAndAuthTag)-16:] + + nonce, err = base64.StdEncoding.DecodeString(servicesEncrypted[2]) + if err != nil { + return nil, err + } + + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + gcm, err := cipher.NewGCM(block) + if err != nil { + return nil, err + } + + var c []byte + c = append(c, b...) + c = append(c, tag...) + + plain, err := gcm.Open(nil, nonce, c, nil) + if err != nil { + return nil, err + } + + return plain, nil +} diff --git a/go.sum b/go.sum index 2aa6473..6106974 100644 --- a/go.sum +++ b/go.sum @@ -1,17 +1,9 @@ -github.com/aymanbagabas/go-osc52 v1.2.1/go.mod h1:zT8H+Rk4VSabYN90pWyugflM3ZhpTZNC7cASDfUCdT4= github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= -github.com/charmbracelet/bubbletea v0.23.2 h1:vuUJ9HJ7b/COy4I30e8xDVQ+VRDUEFykIjryPfgsdps= -github.com/charmbracelet/bubbletea v0.23.2/go.mod h1:FaP3WUivcTM0xOKNmhciz60M6I+weYLF76mr1JyI7sM= -github.com/charmbracelet/bubbletea v0.24.1 h1:LpdYfnu+Qc6XtvMz6d/6rRY71yttHTP5HtrjMgWvixc= -github.com/charmbracelet/bubbletea v0.24.1/go.mod h1:rK3g/2+T8vOSEkNHvtq40umJpeVYDn6bLaqbgzhL/hg= github.com/charmbracelet/bubbletea v0.24.2 h1:uaQIKx9Ai6Gdh5zpTbGiWpytMU+CfsPp06RaW2cx/SY= github.com/charmbracelet/bubbletea v0.24.2/go.mod h1:XdrNrV4J8GiyshTtx3DNuYkR1FDaJmO3l2nejekbsgg= -github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= -github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= @@ -23,25 +15,19 @@ github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= -github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= -github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho= github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI= github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo= github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s= github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8= -github.com/muesli/termenv v0.14.0/go.mod h1:kG/pF1E7fh949Xhe156crRUrHNyK221IuGO7Ez60Uc8= github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs= github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -50,63 +36,32 @@ github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po= github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg= golang.org/x/crypto v0.0.0-20210506145944-38f3c27a63bf/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= -golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= -golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= -golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI= -golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210601080250-7ecdf8ef093b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28= golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From facef0db87a6b9e9d03cf42c173f3f60c8811ae7 Mon Sep 17 00:00:00 2001 From: Wu Tingfeng Date: Wed, 7 Feb 2024 01:02:37 +0800 Subject: [PATCH 2/3] Ensure SplitN checks for excessive fields. Move magic numbers to const. --- cmd/andcli/twofas.go | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/cmd/andcli/twofas.go b/cmd/andcli/twofas.go index cfd03ff..d595218 100644 --- a/cmd/andcli/twofas.go +++ b/cmd/andcli/twofas.go @@ -12,6 +12,9 @@ import ( "golang.org/x/crypto/pbkdf2" ) +const numFields int = 3 +const authTagLength int = 16 + type ( twofasVault struct { UpdatedAt int @@ -99,10 +102,9 @@ func decryptTWOFAS(data, password []byte) (entries, error) { } func deriveTwoFasMasterKey(v *twofasVault, password []byte) ([]byte, error) { - - servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", 3) - if len(servicesEncrypted) != 3 { - return nil, fmt.Errorf("Invalid vault file. Number of fields is not 3") + servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", numFields+1) + if len(servicesEncrypted) != numFields { + return nil, fmt.Errorf("Invalid vault file. Number of fields is not %d", numFields) } var dbAndAuthTag, salt []byte var err error @@ -116,8 +118,8 @@ func deriveTwoFasMasterKey(v *twofasVault, password []byte) ([]byte, error) { return nil, err } - if len(dbAndAuthTag) <= 16 { - return nil, fmt.Errorf("Invalid vault file. Length of cipher text with auth tag must be more than 16") + if len(dbAndAuthTag) <= authTagLength { + return nil, fmt.Errorf("Invalid vault file. Length of cipher text with auth tag must be more than %d", authTagLength) } return pbkdf2.Key(password, salt, 10000, 32, sha256.New), nil @@ -125,9 +127,9 @@ func deriveTwoFasMasterKey(v *twofasVault, password []byte) ([]byte, error) { func decryptTwoFasDB(v *twofasVault, key []byte) ([]byte, error) { - servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", 3) - if len(servicesEncrypted) != 3 { - return nil, fmt.Errorf("Invalid vault file. Number of fields is not 3") + servicesEncrypted := strings.SplitN(v.ServicesEncrypted, ":", numFields+1) + if len(servicesEncrypted) != numFields { + return nil, fmt.Errorf("Invalid vault file. Number of fields is not %d", numFields) } var dbAndAuthTag, b, tag, nonce []byte @@ -138,8 +140,8 @@ func decryptTwoFasDB(v *twofasVault, key []byte) ([]byte, error) { return nil, err } - b = dbAndAuthTag[:len(dbAndAuthTag)-16] - tag = dbAndAuthTag[len(dbAndAuthTag)-16:] + b = dbAndAuthTag[:len(dbAndAuthTag)-authTagLength] + tag = dbAndAuthTag[len(dbAndAuthTag)-authTagLength:] nonce, err = base64.StdEncoding.DecodeString(servicesEncrypted[2]) if err != nil { From 55ca499c65e8af0c2e67e2685cf6cd8287c56aa1 Mon Sep 17 00:00:00 2001 From: Wu Tingfeng Date: Wed, 7 Feb 2024 03:47:42 +0800 Subject: [PATCH 3/3] Revert go.sum changes --- go.sum | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/go.sum b/go.sum index 6106974..2aa6473 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,17 @@ +github.com/aymanbagabas/go-osc52 v1.2.1/go.mod h1:zT8H+Rk4VSabYN90pWyugflM3ZhpTZNC7cASDfUCdT4= github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= +github.com/charmbracelet/bubbletea v0.23.2 h1:vuUJ9HJ7b/COy4I30e8xDVQ+VRDUEFykIjryPfgsdps= +github.com/charmbracelet/bubbletea v0.23.2/go.mod h1:FaP3WUivcTM0xOKNmhciz60M6I+weYLF76mr1JyI7sM= +github.com/charmbracelet/bubbletea v0.24.1 h1:LpdYfnu+Qc6XtvMz6d/6rRY71yttHTP5HtrjMgWvixc= +github.com/charmbracelet/bubbletea v0.24.1/go.mod h1:rK3g/2+T8vOSEkNHvtq40umJpeVYDn6bLaqbgzhL/hg= github.com/charmbracelet/bubbletea v0.24.2 h1:uaQIKx9Ai6Gdh5zpTbGiWpytMU+CfsPp06RaW2cx/SY= github.com/charmbracelet/bubbletea v0.24.2/go.mod h1:XdrNrV4J8GiyshTtx3DNuYkR1FDaJmO3l2nejekbsgg= +github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= @@ -15,19 +23,25 @@ github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= +github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= +github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho= github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI= github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo= github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s= github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8= +github.com/muesli/termenv v0.14.0/go.mod h1:kG/pF1E7fh949Xhe156crRUrHNyK221IuGO7Ez60Uc8= github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs= github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -36,32 +50,63 @@ github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po= github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg= golang.org/x/crypto v0.0.0-20210506145944-38f3c27a63bf/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= +golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= +golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= +golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI= +golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210601080250-7ecdf8ef093b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28= golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=