in google_guest_agent/windows_accounts.go [169:213]
func createcredsJSON(k metadata.WindowsKey, pwd string) (*credsJSON, error) {
mod, err := base64.StdEncoding.DecodeString(k.Modulus)
if err != nil {
return nil, fmt.Errorf("error decoding modulus: %v", err)
}
exp, err := base64.StdEncoding.DecodeString(k.Exponent)
if err != nil {
return nil, fmt.Errorf("error decoding exponent: %v", err)
}
key := &rsa.PublicKey{
N: new(big.Int).SetBytes(mod),
E: int(new(big.Int).SetBytes(exp).Int64()),
}
if k.HashFunction == "" {
k.HashFunction = "sha1"
}
var hashFunc hash.Hash
switch k.HashFunction {
case "sha1":
hashFunc = sha1.New()
case "sha256":
hashFunc = sha256.New()
case "sha512":
hashFunc = sha512.New()
default:
return nil, fmt.Errorf("unknown hash function requested: %q", k.HashFunction)
}
encPwd, err := rsa.EncryptOAEP(hashFunc, rand.Reader, key, []byte(pwd), nil)
if err != nil {
return nil, fmt.Errorf("error encrypting password: %v", err)
}
return &credsJSON{
PasswordFound: true,
Exponent: k.Exponent,
Modulus: k.Modulus,
UserName: k.UserName,
HashFunction: k.HashFunction,
EncryptedPassword: base64.StdEncoding.EncodeToString(encPwd),
}, nil
}