tka: use ts_omit_tailnetlock in another spot, for ed25519consensus

I noticed this while modularizing clientupdate. With this in first,
moving clientupdate to be modular removes a bunch more stuff from
the minimal build + tsnet.

Updates #17115

Change-Id: I44bd055fca65808633fd3a848b0bbc09b00ad4fa
Signed-off-by: Brad Fitzpatrick <[email protected]>

cmd/tailscaled/depaware-minbox.txt

@@ -20,7 +20,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
         github.com/google/nftables/expr                              from github.com/google/nftables+
         github.com/google/nftables/internal/parseexprfunc            from github.com/google/nftables+
         github.com/google/nftables/xt                                from github.com/google/nftables/expr+
-        github.com/hdevalence/ed25519consensus                       from tailscale.com/clientupdate/distsign+
+        github.com/hdevalence/ed25519consensus                       from tailscale.com/clientupdate/distsign
      💣 github.com/jsimonetti/rtnetlink                              from tailscale.com/net/netmon
         github.com/jsimonetti/rtnetlink/internal/unix                from github.com/jsimonetti/rtnetlink
         github.com/klauspost/compress                                from github.com/klauspost/compress/zstd

tka/key.go

@@ -8,7 +8,6 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/hdevalence/ed25519consensus"
 	"tailscale.com/types/tkatype"
 )
 
@@ -136,24 +135,3 @@ func (k Key) StaticValidate() error {
 	}
 	return nil
 }
-
-// Verify returns a nil error if the signature is valid over the
-// provided AUM BLAKE2s digest, using the given key.
-func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key) error {
-	// NOTE(tom): Even if we can compute the public from the KeyID,
-	//            its possible for the KeyID to be attacker-controlled
-	//            so we should use the public contained in the state machine.
-	switch key.Kind {
-	case Key25519:
-		if len(key.Public) != ed25519.PublicKeySize {
-			return fmt.Errorf("ed25519 key has wrong length: %d", len(key.Public))
-		}
-		if ed25519consensus.Verify(ed25519.PublicKey(key.Public), aumDigest[:], s.Signature) {
-			return nil
-		}
-		return errors.New("invalid signature")
-
-	default:
-		return fmt.Errorf("unhandled key type: %v", key.Kind)
-	}
-}

tka/tka.go

@@ -3,7 +3,7 @@
 
 //go:build !ts_omit_tailnetlock
 
-// Package tka (WIP) implements the Tailnet Key Authority.
+// Package tka implements the Tailnet Key Authority (TKA) for Tailnet Lock.
 package tka
 
 import (

tka/verify.go

@@ -0,0 +1,36 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !ts_omit_tailnetlock
+
+package tka
+
+import (
+	"crypto/ed25519"
+	"errors"
+	"fmt"
+
+	"github.com/hdevalence/ed25519consensus"
+	"tailscale.com/types/tkatype"
+)
+
+// signatureVerify returns a nil error if the signature is valid over the
+// provided AUM BLAKE2s digest, using the given key.
+func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key) error {
+	// NOTE(tom): Even if we can compute the public from the KeyID,
+	//            its possible for the KeyID to be attacker-controlled
+	//            so we should use the public contained in the state machine.
+	switch key.Kind {
+	case Key25519:
+		if len(key.Public) != ed25519.PublicKeySize {
+			return fmt.Errorf("ed25519 key has wrong length: %d", len(key.Public))
+		}
+		if ed25519consensus.Verify(ed25519.PublicKey(key.Public), aumDigest[:], s.Signature) {
+			return nil
+		}
+		return errors.New("invalid signature")
+
+	default:
+		return fmt.Errorf("unhandled key type: %v", key.Kind)
+	}
+}

tka/verify_disabled.go

@@ -0,0 +1,18 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build ts_omit_tailnetlock
+
+package tka
+
+import (
+	"errors"
+
+	"tailscale.com/types/tkatype"
+)
+
+// signatureVerify returns a nil error if the signature is valid over the
+// provided AUM BLAKE2s digest, using the given key.
+func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key) error {
+	return errors.New("tailnetlock disabled in build")
+}