/* SSHSecure - a program to harden OpenSSH from defaults Copyright (C) 2020 Brent Saner This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ package sshkeys // Needed for V1 key format. const ( KeyV1Magic string = "openssh-key-v1" ) // Defaults. const ( defCipher string = CipherAes256Ctr defKeyType string = KeyEd25519 defKDF string = KdfBcrypt defRounds uint32 = 100 defRSABitSize uint32 = 4096 defSaltLen int = 16 // bcrypt_pbkdf maxes out at 32 for private key gen (sk is actually 64; sk+pk) // But per OpenSSH code, we pass a key len of kdfKeyLen + len(salt) kdfKeyLen int = 32 kdfSplit int = 32 ) // Cipher names. I believe only AES256-CTR is supported upstream currently. const ( CipherNull string = "none" CipherAes256Ctr string = "aes256-ctr" ) var allowedCiphers = [...]string{CipherNull, CipherAes256Ctr} // Key types. const ( KeyEd25519 string = "ssh-ed25519" KeyRsa string = "ssh-rsa" ) var allowedKeytypes = [...]string{KeyEd25519, KeyRsa} // KDF names. I believe only bcrypt is supported upstream currently. const ( KdfNull string = "none" KdfBcrypt string = "bcrypt" ) var allowedKdfnames = [...]string{KdfNull, KdfBcrypt} // Key lengths. const ( // ED25519 in OpenSSH uses a static key size of 64 bytes. ed25519Len uint32 = 64 ) // Key/Block sizes. const ( keyEd25519 uint32 = 32 // Is this correct? Based on PROTOCOL.key's "padlen % 255", it seems to be. blockPad uint32 = 255 blockEd25519 uint32 = 16 // Blocksize for RSA depends on key bits, I think. blockNull uint32 = 8 )