r00t2/SSHSecure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

update format spec, working on better structs

Browse Source
This commit is contained in:
brent s. 2020-09-11 23:53:55 -04:00
parent 6e032d8969
commit ff9fbdab69
Signed by: bts
GPG Key ID: 8C004C2F93481F6B
3 changed files with 38 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
sshkeys/const.go
View File

@ -5,8 +5,18 @@ const (
KeyV1Magic string = "openssh-key-v1" KeyV1Magic string = "openssh-key-v1"
) )
// Key cipher names. // Cipher names. I believe only AES256-CTR is supported upstream currently.
const ( const (
CipherED25519 = iota CIPHER_AES256_CTR = "aes256-ctr"
CipherRSA = iota )
// Key types.
const (
KEY_ED25519 string = "ssh-ed25519"
KEY_RSA string = "ssh-rsa"
)
// KDF names. I believe only bcrypt is supported upstream currently.
const (
KDF_BCRYPT string = "bcrypt"
) )

2
sshkeys/ref/format
View File

@ -32,7 +32,7 @@ PRIVATE:
4.0.1.5 Sequential padding to align private key to cipher blocksize (8 for unencrypted keys)[1]. 4.0.1.5 Sequential padding to align private key to cipher blocksize (8 for unencrypted keys)[1].
[0] If it is an encrypted key, everything below 4.0.1 is AES256-CBC encrypted. [0] If it is an encrypted key, everything below 4.0.1 is encrypted per 1.0.0, 2.0.0, and 3.0.0.
[1] Pad determined by: 8 - ((4.0.1.3 + 4.0.1.4) % 8) (??) [1] Pad determined by: 8 - ((4.0.1.3 + 4.0.1.4) % 8) (??)

28
sshkeys/struct.go
View File

@ -3,19 +3,35 @@ package sshkeys
// EncryptedSSHKeyV1 represents an encrypted private key. // EncryptedSSHKeyV1 represents an encrypted private key.
type EncryptedSSHKeyV1 struct { type EncryptedSSHKeyV1 struct {
SSHKeyV1 SSHKeyV1
Salt string KDFOpts SSHKDFOpts
Rounds uint32
Passphrase string Passphrase string
} }
// SSHKDFOpts contains a set of KDF options.
type SSHKDFOpts struct {
Salt []byte // Also referred to as IV (initialization vector). (https://en.wikipedia.org/wiki/Initialization_vector)
Rounds uint32 // Also referred to as work factor.
}
// SSHKeyV1 represents an unencrypted private key. // SSHKeyV1 represents an unencrypted private key.
// We don't bother with the legacy (pre v1) keys. Sorry not sorry. // We don't bother with the legacy (pre v1) keys. Sorry not sorry.
// Patch your shit. // Patch your shit.
type SSHKeyV1 struct { type SSHKeyV1 struct {
Magic string
CipherName string CipherName string
KDFName string KDFName string
KDFOpts string KDFOpts SSHKDFOpts
NumKeys uint32 PublicKeys []SSHPubKey
Publickey string PrivateKeys []SSHPrivKey
Privatekey string }
// SSHPubKey contains the Public key of an SSH Keypair.
type SSHPubKey struct {
KeyType string
PrivateKey *SSHPrivKey
}
// SSHPrivKey contains the Private key of an SSH Keypair.
type SSHPrivKey struct {
PublicKey *SSHPubKey
} }