65 lines
1.5 KiB
Go
65 lines
1.5 KiB
Go
package sshkeys
|
|
|
|
// Needed for V1 key format.
|
|
const (
|
|
KeyV1Magic string = "openssh-key-v1"
|
|
)
|
|
|
|
// "Meta". Used for comment strings, etc.
|
|
|
|
const projUrl = "https://git.square-r00t.net/SSHSecure"
|
|
|
|
// Defaults.
|
|
const (
|
|
defCipher string = CipherAes256Ctr
|
|
defKeyType string = KeyEd25519
|
|
defKDF string = KdfBcrypt
|
|
defRounds uint32 = 100
|
|
defRSABitSize uint32 = 4096
|
|
defSaltLen int = 16
|
|
// bcrypt_pbkdf maxes out at 32 for private key gen (sk is actually 64; sk+pk)
|
|
// But per OpenSSH code, we pass a key len of kdfKeyLen + len(salt)
|
|
kdfKeyLen int = 32
|
|
kdfSplit int = 32
|
|
)
|
|
|
|
// Cipher names. I believe only AES256-CTR is supported upstream currently.
|
|
const (
|
|
CipherNull string = "none"
|
|
CipherAes256Ctr string = "aes256-ctr"
|
|
)
|
|
|
|
var allowed_ciphers = [...]string{CipherNull, CipherAes256Ctr}
|
|
|
|
// Key types.
|
|
const (
|
|
KeyEd25519 string = "ssh-ed25519"
|
|
KeyRsa string = "ssh-rsa"
|
|
)
|
|
|
|
var allowed_keytypes = [...]string{KeyEd25519, KeyRsa}
|
|
|
|
// KDF names. I believe only bcrypt is supported upstream currently.
|
|
const (
|
|
KdfNull string = "none"
|
|
KdfBcrypt string = "bcrypt"
|
|
)
|
|
|
|
var allowed_kdfnames = [...]string{KdfNull, KdfBcrypt}
|
|
|
|
// Key lengths.
|
|
const (
|
|
// ED25519 in OpenSSH uses a static key size of 64 bytes.
|
|
ed25519Len uint32 = 64
|
|
)
|
|
|
|
// Key/Block sizes.
|
|
const (
|
|
keyEd25519 uint32 = 32
|
|
// Is this correct? Based on PROTOCOL.key's "padlen % 255", it seems to be.
|
|
blockPad uint32 = 255
|
|
blockEd25519 uint32 = 16
|
|
// Blocksize for RSA depends on key bits, I think.
|
|
blockNull uint32 = 8
|
|
)
|