Extend hcl2 support with more functions

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>

vendor/github.com/hashicorp/go-cty-funcs/crypto/bcrypt.go

@@ -0,0 +1,59 @@
+package crypto
+
+import (
+	"fmt"
+
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/function"
+	"github.com/zclconf/go-cty/cty/gocty"
+	"golang.org/x/crypto/bcrypt"
+)
+
+// BcryptFunc is a function that computes a hash of the given string using the
+// Blowfish cipher.
+var BcryptFunc = function.New(&function.Spec{
+	Params: []function.Parameter{
+		{
+			Name: "str",
+			Type: cty.String,
+		},
+	},
+	VarParam: &function.Parameter{
+		Name: "cost",
+		Type: cty.Number,
+	},
+	Type: function.StaticReturnType(cty.String),
+	Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
+		defaultCost := 10
+
+		if len(args) > 1 {
+			var val int
+			if err := gocty.FromCtyValue(args[1], &val); err != nil {
+				return cty.UnknownVal(cty.String), err
+			}
+			defaultCost = val
+		}
+
+		if len(args) > 2 {
+			return cty.UnknownVal(cty.String), fmt.Errorf("bcrypt() takes no more than two arguments")
+		}
+
+		input := args[0].AsString()
+		out, err := bcrypt.GenerateFromPassword([]byte(input), defaultCost)
+		if err != nil {
+			return cty.UnknownVal(cty.String), fmt.Errorf("error occured generating password %s", err.Error())
+		}
+
+		return cty.StringVal(string(out)), nil
+	},
+})
+
+// Bcrypt computes a hash of the given string using the Blowfish cipher,
+// returning a string in the Modular Crypt Format usually expected in the
+// shadow password file on many Unix systems.
+func Bcrypt(str cty.Value, cost ...cty.Value) (cty.Value, error) {
+	args := make([]cty.Value, len(cost)+1)
+	args[0] = str
+	copy(args[1:], cost)
+	return BcryptFunc.Call(args)
+}

vendor/github.com/hashicorp/go-cty-funcs/crypto/hash.go

@@ -0,0 +1,27 @@
+package crypto
+
+import (
+	"hash"
+
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/function"
+)
+
+func makeStringHashFunction(hf func() hash.Hash, enc func([]byte) string) function.Function {
+	return function.New(&function.Spec{
+		Params: []function.Parameter{
+			{
+				Name: "str",
+				Type: cty.String,
+			},
+		},
+		Type: function.StaticReturnType(cty.String),
+		Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
+			s := args[0].AsString()
+			h := hf()
+			h.Write([]byte(s))
+			rv := enc(h.Sum(nil))
+			return cty.StringVal(rv), nil
+		},
+	})
+}

vendor/github.com/hashicorp/go-cty-funcs/crypto/md5.go

@@ -0,0 +1,18 @@
+package crypto
+
+import (
+	"crypto/md5"
+	"encoding/hex"
+
+	"github.com/zclconf/go-cty/cty"
+)
+
+// Md5Func is a function that computes the MD5 hash of a given string and
+// encodes it with hexadecimal digits.
+var Md5Func = makeStringHashFunction(md5.New, hex.EncodeToString)
+
+// Md5 computes the MD5 hash of a given string and encodes it with hexadecimal
+// digits.
+func Md5(str cty.Value) (cty.Value, error) {
+	return Md5Func.Call([]cty.Value{str})
+}

vendor/github.com/hashicorp/go-cty-funcs/crypto/rsa.go

@@ -0,0 +1,64 @@
+package crypto
+
+import (
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/pem"
+	"fmt"
+
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/function"
+)
+
+// RsaDecryptFunc is a function that decrypts an RSA-encrypted ciphertext.
+var RsaDecryptFunc = function.New(&function.Spec{
+	Params: []function.Parameter{
+		{
+			Name: "ciphertext",
+			Type: cty.String,
+		},
+		{
+			Name: "privatekey",
+			Type: cty.String,
+		},
+	},
+	Type: function.StaticReturnType(cty.String),
+	Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
+		s := args[0].AsString()
+		key := args[1].AsString()
+
+		b, err := base64.StdEncoding.DecodeString(s)
+		if err != nil {
+			return cty.UnknownVal(cty.String), fmt.Errorf("failed to decode input %q: cipher text must be base64-encoded", s)
+		}
+
+		block, _ := pem.Decode([]byte(key))
+		if block == nil {
+			return cty.UnknownVal(cty.String), fmt.Errorf("failed to parse key: no key found")
+		}
+		if block.Headers["Proc-Type"] == "4,ENCRYPTED" {
+			return cty.UnknownVal(cty.String), fmt.Errorf(
+				"failed to parse key: password protected keys are not supported. Please decrypt the key prior to use",
+			)
+		}
+
+		x509Key, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+		if err != nil {
+			return cty.UnknownVal(cty.String), err
+		}
+
+		out, err := rsa.DecryptPKCS1v15(nil, x509Key, b)
+		if err != nil {
+			return cty.UnknownVal(cty.String), err
+		}
+
+		return cty.StringVal(string(out)), nil
+	},
+})
+
+// RsaDecrypt decrypts an RSA-encrypted ciphertext, returning the corresponding
+// cleartext.
+func RsaDecrypt(ciphertext, privatekey cty.Value) (cty.Value, error) {
+	return RsaDecryptFunc.Call([]cty.Value{ciphertext, privatekey})
+}

vendor/github.com/hashicorp/go-cty-funcs/crypto/sha.go

@@ -0,0 +1,40 @@
+package crypto
+
+import (
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"encoding/hex"
+
+	"github.com/zclconf/go-cty/cty"
+)
+
+// Sha1Func is a function that computes the SHA1 hash of a given string and
+// encodes it with hexadecimal digits.
+var Sha1Func = makeStringHashFunction(sha1.New, hex.EncodeToString)
+
+// Sha256Func is a function that computes the SHA256 hash of a given string and
+// encodes it with hexadecimal digits.
+var Sha256Func = makeStringHashFunction(sha256.New, hex.EncodeToString)
+
+// Sha512Func is a function that computes the SHA512 hash of a given string and
+// encodes it with hexadecimal digits.
+var Sha512Func = makeStringHashFunction(sha512.New, hex.EncodeToString)
+
+// Sha1 computes the SHA1 hash of a given string and encodes it with
+// hexadecimal digits.
+func Sha1(str cty.Value) (cty.Value, error) {
+	return Sha1Func.Call([]cty.Value{str})
+}
+
+// Sha256 computes the SHA256 hash of a given string and encodes it with
+// hexadecimal digits.
+func Sha256(str cty.Value) (cty.Value, error) {
+	return Sha256Func.Call([]cty.Value{str})
+}
+
+// Sha512 computes the SHA512 hash of a given string and encodes it with
+// hexadecimal digits.
+func Sha512(str cty.Value) (cty.Value, error) {
+	return Sha512Func.Call([]cty.Value{str})
+}