SSHSecure/moduli/struct.go

79 lines
2.5 KiB
Go
Raw Normal View History

2020-09-18 18:01:16 -04:00
/*
SSHSecure - a program to harden OpenSSH from defaults
Copyright (C) 2020 Brent Saner
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package moduli
import (
"math/big"
"time"
)
// Moduli contains all data needed for generated /etc/ssh/moduli. of ModuliEntry entries.
type Moduli struct {
Header string
Params []ModuliEntry
}
// Moduli is a struct reflecting the format of a single /etc/ssh/moduli entry. See moduli(5) for details.
type ModuliEntry struct {
Time time.Time // YYYYMMDDHHSS
/*
// man 5 moduli:
Decimal number specifying the internal structure of the prime modulus. Supported types are:
0 Unknown, not tested.
2 "Safe" prime; (p-1)/2 is also prime.
4 Sophie Germain; 2p+1 is also prime.
Moduli candidates initially produced by ssh-keygen(1) are Sophie Germain primes (type 4).
Further primality testing with ssh-keygen(1) produces safe prime moduli (type 2) that are ready for use in sshd(8).
Other types are not used by OpenSSH.
*/
Type uint8
/*
// man 5 moduli:
Decimal number indicating the type of primality tests that the number has been
subjected to represented as a bitmask of the following values:
0x00 Not tested.
0x01 Composite number not prime.
0x02 Sieve of Eratosthenes.
0x04 Probabilistic Miller-Rabin primality tests.
The ssh-keygen(1) moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02).
Subsequent ssh-keygen(1) primality tests are Miller-Rabin tests (flag 0x04).
*/
Tests uint8
/*
// man 5 moduli:
Decimal number indicating the number of primality trials that have been performed on the modulus.
*/
Trials uint8
/*
// man 5 moduli:
Decimal number indicating the size of the prime in bits.
*/
Size uint8
/*
// man 5 moduli:
The recommended generator for use with this modulus (hexadecimal).
*/
Generator uint8
/*
// man 5 moduli:
The modulus itself in hexadecimal.
*/
Modulus big.Int
}