222 lines
7.7 KiB
Go
222 lines
7.7 KiB
Go
/*
|
|
SSHSecure - a program to harden OpenSSH from defaults
|
|
Copyright (C) 2020 Brent Saner
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"crypto"
|
|
"crypto/aes"
|
|
"crypto/cipher"
|
|
"crypto/ed25519"
|
|
"encoding/hex"
|
|
"fmt"
|
|
|
|
"github.com/dchest/bcrypt_pbkdf"
|
|
)
|
|
|
|
// ssh-keygen -f /tmp/tmp2xzvpjhn -q -o -t ed25519 -N test -a 100
|
|
// private
|
|
/* on-disk format
|
|
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAZQzNZ6B
|
|
eWtpsLgQvGbcuMAAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFjgZ791hHftK4GY
|
|
uhnIN/1JdZqA17hIlNdKr+ljJ9bfAAAAoN0XZgxeA2SLXGZXqZi9TqeQHU7PERiJA9F0+p
|
|
2NtNP4Y1Rey8C1EnF5mhzy8AZs6YJsE+xnQUSI/+Kbmi6MACQALaPO7CgtKwnfbFHuxzrD
|
|
1EG83K08w2NE2txlQPqflQcFoVBIzcXNVFv+3A5DM7BBz0jLFi5CCwl2PEhMhcpElvV+LW
|
|
PGXBV9IVdOeHm/hesRfuWTHcUalrqar1CmLWo=
|
|
-----END OPENSSH PRIVATE KEY-----
|
|
*/
|
|
/* actual bytes (hex repr)
|
|
00000000: 6f 70 65 6e 73 73 68 2d 6b 65 79 2d 76 31 00 00 openssh-key-v1..
|
|
00000010: 00 00 0a 61 65 73 32 35 36 2d 63 74 72 00 00 00 ...aes256-ctr...
|
|
00000020: 06 62 63 72 79 70 74 00 00 00 18 00 00 00 10 19 .bcrypt.........
|
|
00000030: 43 33 59 e8 17 96 b6 9b 0b 81 0b c6 6d cb 8c 00 C3Y.........m...
|
|
00000040: 00 00 64 00 00 00 01 00 00 00 33 00 00 00 0b 73 ..d.......3....s
|
|
00000050: 73 68 2d 65 64 32 35 35 31 39 00 00 00 20 58 e0 sh-ed25519... X.
|
|
00000060: 67 bf 75 84 77 ed 2b 81 98 ba 19 c8 37 fd 49 75 g.u.w.+.....7.Iu
|
|
00000070: 9a 80 d7 b8 48 94 d7 4a af e9 63 27 d6 df 00 00 ....H..J..c'....
|
|
00000080: 00 a0 dd 17 66 0c 5e 03 64 8b 5c 66 57 a9 98 bd ....f.^.d.\fW...
|
|
00000090: 4e a7 90 1d 4e cf 11 18 89 03 d1 74 fa 9d 8d b4 N...N......t....
|
|
000000a0: d3 f8 63 54 5e cb c0 b5 12 71 79 9a 1c f2 f0 06 ..cT^....qy.....
|
|
000000b0: 6c e9 82 6c 13 ec 67 41 44 88 ff e2 9b 9a 2e 8c l..l..gAD.......
|
|
000000c0: 00 24 00 2d a3 ce ec 28 2d 2b 09 df 6c 51 ee c7 .$.-...(-+..lQ..
|
|
000000d0: 3a c3 d4 41 bc dc ad 3c c3 63 44 da dc 65 40 fa :..A...<.cD..e@.
|
|
000000e0: 9f 95 07 05 a1 50 48 cd c5 cd 54 5b fe dc 0e 43 .....PH...T[...C
|
|
000000f0: 33 b0 41 cf 48 cb 16 2e 42 0b 09 76 3c 48 4c 85 3.A.H...B..v<HL.
|
|
00000100: ca 44 96 f5 7e 2d 63 c6 5c 15 7d 21 57 4e 78 79 .D..~-c.\.}!WNxy
|
|
00000110: bf 85 eb 11 7e e5 93 1d c5 1a 96 ba 9a af 50 a6 ....~.........P.
|
|
00000120: 2d 6a -j
|
|
//
|
|
6f70656e7373682d6b65792d763100 authmagic
|
|
0000000a 10
|
|
6165733235362d637472 "aes256-ctr"
|
|
00000006 6
|
|
626372797074 "bcrypt"
|
|
00000018 24
|
|
00000010 16
|
|
19433359e81796b69b0b810bc66dcb8c salt
|
|
00000064 100
|
|
00000001 1
|
|
00000033 51
|
|
0000000b 11
|
|
7373682d65643235353139 "ssh-ed25519"
|
|
00000020 32
|
|
58e067bf758477ed2b8198ba19c837fd49759a80d7b84894d74aafe96327d6df pubkey
|
|
000000a0 160 length of encrypted private info
|
|
dd17660c5e03648b5c6657a998bd4ea7 16*10 bytes (160 bytes)
|
|
901d4ecf11188903d174fa9d8db4d3f8
|
|
63545ecbc0b51271799a1cf2f0066ce9
|
|
826c13ec67414488ffe29b9a2e8c0024
|
|
002da3ceec282d2b09df6c51eec73ac3
|
|
d441bcdcad3cc36344dadc6540fa9f95
|
|
0705a15048cdc5cd545bfedc0e4333b0
|
|
41cf48cb162e420b09763c484c85ca44
|
|
96f57e2d63c65c157d21574e7879bf85
|
|
eb117ee5931dc51a96ba9aaf50a62d6a
|
|
*/
|
|
// public
|
|
/* on-disk format
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgZ791hHftK4GYuhnIN/1JdZqA17hIlNdKr+ljJ9bf bts@dawid.r00t.space
|
|
*/
|
|
/* actual bytes (hex repr)
|
|
00000000: 00 00 00 0b 73 73 68 2d 65 64 32 35 35 31 39 00 ....ssh-ed25519.
|
|
00000010: 00 00 20 58 e0 67 bf 75 84 77 ed 2b 81 98 ba 19 .. X.g.u.w.+....
|
|
00000020: c8 37 fd 49 75 9a 80 d7 b8 48 94 d7 4a af e9 63 .7.Iu....H..J..c
|
|
00000030: 27 d6 df '..
|
|
//
|
|
0000000b 11
|
|
7373682d65643235353139 "ssh-ed25519"
|
|
00000020 32
|
|
58e067bf758477ed2b8198ba19c837fd49759a80d7b84894d74aafe96327d6df
|
|
*/
|
|
|
|
func main() {
|
|
const (
|
|
passphrase string = "test"
|
|
rounds int = 100
|
|
keySize int = 32
|
|
lenPlain int = 160
|
|
)
|
|
var salt []byte
|
|
var bcryptKey []byte
|
|
var sk []byte
|
|
var pk []byte
|
|
var pubkey crypto.PublicKey
|
|
var key ed25519.PrivateKey
|
|
var decrypted []byte
|
|
var aesCtx cipher.Block
|
|
var encData []byte
|
|
|
|
decrypted = make([]byte, lenPlain)
|
|
encData = make([]byte, lenPlain)
|
|
|
|
// Import salt
|
|
if s, err := hex.DecodeString("19433359e81796b69b0b810bc66dcb8c"); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
salt = s
|
|
}
|
|
|
|
// Import encrypted data
|
|
if b, err := hex.DecodeString("dd17660c5e03648b5c6657a998bd4ea7901d4ecf11188903d174fa9d8db4d3f863545ecbc0b51271799a1cf2f0066ce9826c13ec67414488ffe29b9a2e8c0024002da3ceec282d2b09df6c51eec73ac3d441bcdcad3cc36344dadc6540fa9f950705a15048cdc5cd545bfedc0e4333b041cf48cb162e420b09763c484c85ca4496f57e2d63c65c157d21574e7879bf85eb117ee5931dc51a96ba9aaf50a62d6a"); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
encData = b
|
|
}
|
|
|
|
// ED25519 keys
|
|
// This is used to validate decrypted keys.
|
|
if edk, err := hex.DecodeString("cceabbe370f139c3d3915018d8511e0663b62840d6b328426ac3df4e75ce6adf58e067bf758477ed2b8198ba19c837fd49759a80d7b84894d74aafe96327d6df"); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
key = edk
|
|
// .Public() returns a crypto.PublicKey, which... is an interface that seemingly cannot be type asserted to anything.
|
|
pubkey = key.Public()
|
|
}
|
|
sep := len(key) - ed25519.PublicKeySize
|
|
pk = key[sep:]
|
|
sk = key[0:sep]
|
|
|
|
// Bcrypt_pbkdf2 derivation (used for deriving decryption key for AES encrypted private key)
|
|
// if k, err := bcrypt_pbkdf.Key([]byte(passphrase), salt, rounds, keySize); err != nil {
|
|
if k, err := bcrypt_pbkdf.Key([]byte(passphrase), salt, rounds, keySize+len(salt)); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
bcryptKey = k
|
|
}
|
|
realBcryptKey := bcryptKey[0:sep]
|
|
realIV := bcryptKey[sep:]
|
|
|
|
// Decrypter
|
|
if a, err := aes.NewCipher(realBcryptKey); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
aesCtx = a
|
|
}
|
|
|
|
// Actual cipher setup. AES256-CBC
|
|
// d := cipher.NewCBCDecrypter(aesCtx, realIV)
|
|
// d.CryptBlocks(decrypted, encData)
|
|
|
|
// Actual cipher setup. AES256-CTR
|
|
d := cipher.NewCTR(aesCtx, realIV)
|
|
d.XORKeyStream(decrypted, encData)
|
|
|
|
/*
|
|
if p, s, err := ed25519.GenerateKey(nil); err != nil {
|
|
fmt.Println(err)
|
|
return
|
|
} else {
|
|
pubkey = p
|
|
key = s
|
|
pk = key[(len(key) - ed25519.PublicKeySize):]
|
|
sk = key[0:(len(key) - ed25519.PublicKeySize)]
|
|
}
|
|
*/
|
|
|
|
fmt.Printf("ED25519 key: %v\n", hex.EncodeToString(key))
|
|
fmt.Printf("Pubkey: %v\n", pubkey)
|
|
fmt.Printf("SK: %v\n", hex.EncodeToString(sk))
|
|
fmt.Printf("PK: %v\n", hex.EncodeToString(pk))
|
|
fmt.Printf("Salt: %v\n", hex.EncodeToString(salt))
|
|
fmt.Printf("Bcrypt Key: %v\n", hex.EncodeToString(bcryptKey))
|
|
fmt.Printf("realBcryptKey: %v\n", hex.EncodeToString(realBcryptKey))
|
|
fmt.Printf("realIV: %v\n", hex.EncodeToString(realIV))
|
|
// fmt.Printf("Encrypted data: %v\n", hex.EncodeToString(encData))
|
|
fmt.Printf("Decrypted data?: %v\n", hex.EncodeToString(decrypted))
|
|
|
|
/* decrypted now correctly returns:
|
|
54efc132 checksum
|
|
54efc132 checksum matches!
|
|
0000000b 11
|
|
7373682d65643235353139 "ssh-ed25519"
|
|
00000020 32
|
|
58e067bf758477ed2b8198ba19c837fd49759a80d7b84894d74aafe96327d6df pubkey
|
|
00000040 64
|
|
cceabbe370f139c3d3915018d8511e0663b62840d6b328426ac3df4e75ce6adf58e067bf758477ed2b8198ba19c837fd49759a80d7b84894d74aafe96327d6df private key
|
|
00000014 20
|
|
6274734064617769642e723030742e7370616365 "bts@dawid.r00t.space"
|
|
010203040506070809 (padding)
|
|
*/
|
|
}
|