r00t2
/
SSHSecure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity
SSHSecure/moduli/struct.go

79 lines
2.5 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
SSHSecure - a program to harden OpenSSH from defaults
Copyright (C) 2020 Brent Saner
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package moduli
import (
"math/big"
"time"
)
// Moduli contains all data needed for generated /etc/ssh/moduli of Entry entries.
type Moduli struct {
Header string
Groups []Entry
}
// Entry is a struct reflecting the format of a single /etc/ssh/moduli entry. See moduli(5) for details.
type Entry struct {
Time time.Time // YYYYMMDDHHSS
/*
// man 5 moduli:
Decimal number specifying the internal structure of the prime modulus. Supported types are:
0 Unknown, not tested.
2 "Safe" prime; (p-1)/2 is also prime.
4 Sophie Germain; 2p+1 is also prime.
Moduli candidates initially produced by ssh-keygen(1) are Sophie Germain primes (type 4).
Further primality testing with ssh-keygen(1) produces safe prime moduli (type 2) that are ready for use in sshd(8).
Other types are not used by OpenSSH.
*/
Type uint8
/*
// man 5 moduli:
Decimal number indicating the type of primality tests that the number has been
subjected to represented as a bitmask of the following values:
0x00 Not tested.
0x01 Composite number not prime.
0x02 Sieve of Eratosthenes.
0x04 Probabilistic Miller-Rabin primality tests.
The ssh-keygen(1) moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02).
Subsequent ssh-keygen(1) primality tests are Miller-Rabin tests (flag 0x04).
*/
Tests uint8
/*
// man 5 moduli:
Decimal number indicating the number of primality trials that have been performed on the modulus.
*/
Trials uint8
/*
// man 5 moduli:
Decimal number indicating the size of the prime in bits.
*/
Size uint16
/*
// man 5 moduli:
The recommended generator for use with this modulus (hexadecimal).
*/
Generator uint8
/*
// man 5 moduli:
The modulus itself in hexadecimal.
*/
Modulus big.Int
}
Reference in New Issue View Git Blame Copy Permalink