stubbing out keygen funcs
This commit is contained in:
parent
ff9fbdab69
commit
1624740118
15
const.go
15
const.go
@ -1,7 +1,14 @@
|
||||
package sshsecure
|
||||
|
||||
import (
|
||||
"git.square-r00t.net/sshsecure/sshkeys"
|
||||
)
|
||||
|
||||
const (
|
||||
RoundsDefUser uint = 100
|
||||
RoundsDefHost uint = 0 // 0 = Default rounds
|
||||
RSABitSize uint = 4096
|
||||
)
|
||||
RoundsDefUser uint = 100
|
||||
RoundsDefHost uint = 100
|
||||
RSABitSize uint = 4096
|
||||
DefKeyType string = sshkeys.KEY_ED25519
|
||||
DefCipher string = sshkeys.CIPHER_AES256_CTR
|
||||
DefKDF string = sshkeys.KDF_BCRYPT
|
||||
)
|
||||
|
@ -7,16 +7,24 @@ const (
|
||||
|
||||
// Cipher names. I believe only AES256-CTR is supported upstream currently.
|
||||
const (
|
||||
CIPHER_AES256_CTR = "aes256-ctr"
|
||||
CIPHER_NULL string = "none"
|
||||
CIPHER_AES256_CTR string = "aes256-ctr"
|
||||
)
|
||||
|
||||
var allowed_ciphers = [...]string{CIPHER_NULL, CIPHER_AES256_CTR}
|
||||
|
||||
// Key types.
|
||||
const (
|
||||
KEY_ED25519 string = "ssh-ed25519"
|
||||
KEY_RSA string = "ssh-rsa"
|
||||
)
|
||||
|
||||
var allowed_keytypes = [...]string{KEY_ED25519, KEY_RSA}
|
||||
|
||||
// KDF names. I believe only bcrypt is supported upstream currently.
|
||||
const (
|
||||
KDF_NULL string = "none"
|
||||
KDF_BCRYPT string = "bcrypt"
|
||||
)
|
||||
|
||||
var allowed_kdfnames = [...]string{KDF_NULL, KDF_BCRYPT}
|
||||
|
@ -1,22 +1,47 @@
|
||||
package sshkeys
|
||||
|
||||
func (k *EncryptedSSHKeyV1) GeneratePrivate(keyType uint8) error {
|
||||
import (
|
||||
"errors"
|
||||
)
|
||||
|
||||
func genPrivKey(cipherAlgo string, kdf string, salt []byte, rounds uint32) ([]byte, error) {
|
||||
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func genPubKey(privKey *[]byte) ([]byte, error) {
|
||||
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (k *EncryptedSSHKeyV1) GeneratePrivate(force bool) error {
|
||||
if k.Passphrase == "" {
|
||||
return errors.New("cannot use encrypted key with empty passphrase")
|
||||
}
|
||||
if k.PrivateKeys != nil && !force {
|
||||
return nil // Already generated.
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (k *EncryptedSSHKeyV1) GeneratePublic(keyType uint8) error {
|
||||
if err := k.GeneratePrivate(keyType); err != nil {
|
||||
func (k *EncryptedSSHKeyV1) GeneratePublic(force bool) error {
|
||||
if err := k.GeneratePrivate(force); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (k *SSHKeyV1) GeneratePrivate(force bool) error {
|
||||
if k.PrivateKeys != nil && !force {
|
||||
return nil // Already generated.
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (k *SSHKeyV1) GeneratePrivate(keyType uint8) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (k *SSHKeyV1) GeneratePublic(keyType uint8) error {
|
||||
if err := k.GeneratePrivate(keyType); err != nil {
|
||||
func (k *SSHKeyV1) GeneratePublic(force bool) error {
|
||||
if err := k.GeneratePrivate(force); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
|
@ -1,4 +1,4 @@
|
||||
The following uses the bcrypt encryption. The passphrase is "test".
|
||||
The following uses the aes256-ctr/bcrypt encryption. The passphrase is "test".
|
||||
|
||||
The new "v1" format contains the header "-----BEGIN OPENSSH PRIVATE KEY-----"
|
||||
and the footer "-----END OPENSSH PRIVATE KEY-----".
|
||||
@ -54,7 +54,7 @@ ANNOTATED HEX:
|
||||
4.0.0.1 00000020 (32)
|
||||
4.0.0.1.0 bfa2031aa5463113e40e16896af503c5299ead76b09cb63846f41cc4de1740f6 (bytes)
|
||||
4.0.1 000000a0 (160)
|
||||
4.0.1 (AES256-CBC encrypted block) (bytes)
|
||||
4.0.1 (AES256-CTR encrypted block) (bytes)
|
||||
c49777cd0d1a7d37db77a1814991278f8ce99d57
|
||||
2e2c666b93b99867425c60da4652fddb85550985
|
||||
32b51beeee2959f9db5cf5a0905052720c5de25f
|
||||
|
@ -3,6 +3,8 @@ package sshkeys
|
||||
// EncryptedSSHKeyV1 represents an encrypted private key.
|
||||
type EncryptedSSHKeyV1 struct {
|
||||
SSHKeyV1
|
||||
CipherName string
|
||||
KDFName string
|
||||
KDFOpts SSHKDFOpts
|
||||
Passphrase string
|
||||
}
|
||||
@ -18,9 +20,6 @@ type SSHKDFOpts struct {
|
||||
// Patch your shit.
|
||||
type SSHKeyV1 struct {
|
||||
Magic string
|
||||
CipherName string
|
||||
KDFName string
|
||||
KDFOpts SSHKDFOpts
|
||||
PublicKeys []SSHPubKey
|
||||
PrivateKeys []SSHPrivKey
|
||||
}
|
||||
@ -34,4 +33,6 @@ type SSHPubKey struct {
|
||||
// SSHPrivKey contains the Private key of an SSH Keypair.
|
||||
type SSHPrivKey struct {
|
||||
PublicKey *SSHPubKey
|
||||
Checksum uint32
|
||||
Comment string
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user