SSHSecure/sshkeys/struct.go

/*
   SSHSecure - a program to harden OpenSSH from defaults
   Copyright (C) 2020  Brent Saner

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <https://www.gnu.org/licenses/>.
*/

package sshkeys

import (
	"bytes"
	"crypto/cipher"
)

// EncryptedSSHKeyV1 represents an encrypted private key.
type EncryptedSSHKeyV1 struct {
	SSHKeyV1
	Crypt      SSHCrypt
	KDFOpts    SSHKDFOpts
	Passphrase []byte
}

// SSHCrypt contains the encryption object Stream, the cipher object Cipher, the ephemeral salt (CryptSalt), and the ephemeral key (CryptKey).
// the Cipher, and the stream.
type SSHCrypt struct {
	Stream     cipher.Stream
	Cipher     cipher.Block
	PrivateKey []byte  // encryption key
	CryptSalt  []byte  // ephemeral salt
	CryptKey   []byte  // ephemeral key (not really used)
}

// SSHKDFOpts contains a set of KDF options.
type SSHKDFOpts struct {
	Salt   []byte // Also referred to as IV (initialization vector). (https://en.wikipedia.org/wiki/Initialization_vector)
	Rounds uint32 // Also referred to as work factor.
}

// SSHKeyV1 represents a private key.
// We don't bother with the legacy (pre v1) keys. Sorry not sorry.
// Patch your shit.
type SSHKeyV1 struct {
	Magic      string
	DefKeyType string
	KDFName    string
	CipherName string
	KeySize    uint32
	Keys       []SSHPrivKey // 1 by default.
	Buffer     bytes.Buffer
}

// SSHPubKey contains the Public key of an SSH Keypair.
type SSHPubKey struct {
	KeyType string
	Key     interface{}
}

// SSHPrivKey contains the Private key of an SSH Keypair.
type SSHPrivKey struct {
	PublicKey *SSHPubKey
	BitSize   uint32
	BlockSize int
	Key       interface{}
	// ED25519 keys are actually "sk + pk", where sk is the secret key and pk is the pubkey.
	// We store that here.
	KeyAlt   []byte
	Checksum []byte
	Comment  string
}
adding GPL 2020-09-18 18:01:16 -04:00			`/*`
			`SSHSecure - a program to harden OpenSSH from defaults`
			`Copyright (C) 2020 Brent Saner`

			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation, either version 3 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`

checking in 2020-09-03 19:11:42 -04:00			`package sshkeys`

checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`import (`
			`"bytes"`
			`"crypto/cipher"`
			`)`

adding documentation/analysis of key format 2020-09-11 23:06:51 -04:00			`// EncryptedSSHKeyV1 represents an encrypted private key.`
			`type EncryptedSSHKeyV1 struct {`
			`SSHKeyV1`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`Crypt SSHCrypt`
update format spec, working on better structs 2020-09-11 23:53:55 -04:00			`KDFOpts SSHKDFOpts`
checking in some more research and primitive functions. i cannot, for the life of me, figure out why i can't (seemingly) properly decrypt private keys. 2020-09-17 08:37:05 -04:00			`Passphrase []byte`
checking in 2020-09-03 19:11:42 -04:00			`}`

updating refs, finished key gen buffer 2020-09-21 01:43:22 -04:00			`// SSHCrypt contains the encryption object Stream, the cipher object Cipher, the ephemeral salt (CryptSalt), and the ephemeral key (CryptKey).`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`// the Cipher, and the stream.`
			`type SSHCrypt struct {`
			`Stream cipher.Stream`
			`Cipher cipher.Block`
updating refs, finished key gen buffer 2020-09-21 01:43:22 -04:00			`PrivateKey []byte // encryption key`
			`CryptSalt []byte // ephemeral salt`
			`CryptKey []byte // ephemeral key (not really used)`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`}`

update format spec, working on better structs 2020-09-11 23:53:55 -04:00			`// SSHKDFOpts contains a set of KDF options.`
			`type SSHKDFOpts struct {`
			`Salt []byte // Also referred to as IV (initialization vector). (https://en.wikipedia.org/wiki/Initialization_vector)`
			`Rounds uint32 // Also referred to as work factor.`
			`}`

adding GPL 2020-09-18 18:01:16 -04:00			`// SSHKeyV1 represents a private key.`
adding documentation/analysis of key format 2020-09-11 23:06:51 -04:00			`// We don't bother with the legacy (pre v1) keys. Sorry not sorry.`
			`// Patch your shit.`
			`type SSHKeyV1 struct {`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`Magic string`
			`DefKeyType string`
			`KDFName string`
adding GPL 2020-09-18 18:01:16 -04:00			`CipherName string`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`KeySize uint32`
			`Keys []SSHPrivKey // 1 by default.`
			`Buffer bytes.Buffer`
update format spec, working on better structs 2020-09-11 23:53:55 -04:00			`}`

			`// SSHPubKey contains the Public key of an SSH Keypair.`
			`type SSHPubKey struct {`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`KeyType string`
			`Key interface{}`
update format spec, working on better structs 2020-09-11 23:53:55 -04:00			`}`

			`// SSHPrivKey contains the Private key of an SSH Keypair.`
			`type SSHPrivKey struct {`
			`PublicKey *SSHPubKey`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`BitSize uint32`
updating refs, finished key gen buffer 2020-09-21 01:43:22 -04:00			`BlockSize int`
checking in for the night. key generation should be done, need to finish packing/formatting. also need to start on moduli generation. 2020-09-18 04:04:39 -04:00			`Key interface{}`
			`// ED25519 keys are actually "sk + pk", where sk is the secret key and pk is the pubkey.`
			`// We store that here.`
			`KeyAlt []byte`
			`Checksum []byte`
			`Comment string`
checking in 2020-09-03 19:11:42 -04:00			`}`