2020-09-18 18:01:16 -04:00
|
|
|
/*
|
|
|
|
SSHSecure - a program to harden OpenSSH from defaults
|
|
|
|
Copyright (C) 2020 Brent Saner
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
2020-09-03 19:11:42 -04:00
|
|
|
package sshkeys
|
|
|
|
|
2020-09-11 23:06:51 -04:00
|
|
|
// Needed for V1 key format.
|
2020-09-03 19:11:42 -04:00
|
|
|
const (
|
2020-09-11 23:06:51 -04:00
|
|
|
KeyV1Magic string = "openssh-key-v1"
|
2020-09-03 19:11:42 -04:00
|
|
|
)
|
|
|
|
|
2020-09-17 08:37:05 -04:00
|
|
|
// Defaults.
|
|
|
|
const (
|
|
|
|
defCipher string = CipherAes256Ctr
|
|
|
|
defKeyType string = KeyEd25519
|
|
|
|
defKDF string = KdfBcrypt
|
|
|
|
defRounds uint32 = 100
|
|
|
|
defRSABitSize uint32 = 4096
|
|
|
|
defSaltLen int = 16
|
2020-09-18 04:04:39 -04:00
|
|
|
// bcrypt_pbkdf maxes out at 32 for private key gen (sk is actually 64; sk+pk)
|
|
|
|
// But per OpenSSH code, we pass a key len of kdfKeyLen + len(salt)
|
|
|
|
kdfKeyLen int = 32
|
|
|
|
kdfSplit int = 32
|
2020-09-17 08:37:05 -04:00
|
|
|
)
|
|
|
|
|
2020-09-11 23:53:55 -04:00
|
|
|
// Cipher names. I believe only AES256-CTR is supported upstream currently.
|
2020-09-11 23:06:51 -04:00
|
|
|
const (
|
2020-09-17 08:37:05 -04:00
|
|
|
CipherNull string = "none"
|
|
|
|
CipherAes256Ctr string = "aes256-ctr"
|
2020-09-11 23:53:55 -04:00
|
|
|
)
|
|
|
|
|
2020-09-17 08:37:05 -04:00
|
|
|
var allowed_ciphers = [...]string{CipherNull, CipherAes256Ctr}
|
2020-09-12 00:58:58 -04:00
|
|
|
|
2020-09-11 23:53:55 -04:00
|
|
|
// Key types.
|
|
|
|
const (
|
2020-09-17 08:37:05 -04:00
|
|
|
KeyEd25519 string = "ssh-ed25519"
|
|
|
|
KeyRsa string = "ssh-rsa"
|
2020-09-11 23:53:55 -04:00
|
|
|
)
|
|
|
|
|
2020-09-17 08:37:05 -04:00
|
|
|
var allowed_keytypes = [...]string{KeyEd25519, KeyRsa}
|
2020-09-12 00:58:58 -04:00
|
|
|
|
2020-09-11 23:53:55 -04:00
|
|
|
// KDF names. I believe only bcrypt is supported upstream currently.
|
|
|
|
const (
|
2020-09-17 08:37:05 -04:00
|
|
|
KdfNull string = "none"
|
|
|
|
KdfBcrypt string = "bcrypt"
|
2020-09-11 23:06:51 -04:00
|
|
|
)
|
2020-09-12 00:58:58 -04:00
|
|
|
|
2020-09-17 08:37:05 -04:00
|
|
|
var allowed_kdfnames = [...]string{KdfNull, KdfBcrypt}
|
|
|
|
|
|
|
|
// Key lengths.
|
|
|
|
const (
|
|
|
|
// ED25519 in OpenSSH uses a static key size of 64 bytes.
|
|
|
|
ed25519Len uint32 = 64
|
|
|
|
)
|
|
|
|
|
|
|
|
// Key/Block sizes.
|
|
|
|
const (
|
2020-09-18 04:04:39 -04:00
|
|
|
keyEd25519 uint32 = 32
|
|
|
|
// Is this correct? Based on PROTOCOL.key's "padlen % 255", it seems to be.
|
|
|
|
blockPad uint32 = 255
|
2020-09-17 08:37:05 -04:00
|
|
|
blockEd25519 uint32 = 16
|
2020-09-18 04:04:39 -04:00
|
|
|
// Blocksize for RSA depends on key bits, I think.
|
|
|
|
blockNull uint32 = 8
|
2020-09-17 08:37:05 -04:00
|
|
|
)
|