Bugzilla – Attachment 3393 Details for
Bug 3082
Add support for deterministically derived keys
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
deterministic ed25519 key generator
mked25519.go (text/plain), 2.17 KB, created by
Damien Miller
on 2020-05-08 15:10:29 AEST
(
hide
)
Description:
deterministic ed25519 key generator
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2020-05-08 15:10:29 AEST
Size:
2.17 KB
patch
obsolete
>package main > >import ( > "crypto/ed25519" > cryptorand "crypto/rand" > "encoding/base64" > "encoding/hex" > "flag" > "fmt" > "io" > "os" > "log" >) > >var seedFlag = flag.String("seed", "", "Seed for key") > >func putU32(msg *[]byte, u uint32) { > *msg = append(*msg, []byte{ > byte((u >> 24) & 0xff), > byte((u >> 16) & 0xff), > byte((u >> 8) & 0xff), > byte(u & 0xff), > }...) >} > >func putU8(msg *[]byte, u uint8) { > *msg = append(*msg, byte(u)) >} > >func putString(msg *[]byte, s []byte) { > putU32(msg, uint32(len(s))) > *msg = append(*msg, s[:]...) >} > >func putCstring(msg *[]byte, s string) { > putString(msg, []byte(s)) >} > >func main() { > flag.Parse() > var seed []byte > var err error > if *seedFlag == "" { > seed = make([]byte, ed25519.SeedSize) > if _, err = io.ReadFull(cryptorand.Reader, seed); err != nil { > log.Fatalf("Read random seed: %v", err) > } > } else if seed, err = hex.DecodeString(*seedFlag); err != nil { > log.Fatalf("Could not parse seed: %v", err) > } else if len(seed) != ed25519.SeedSize { > log.Fatalf("Incorrect seed length %v; require %v", len(seed), ed25519.SeedSize) > } > > key := ed25519.NewKeyFromSeed(seed) > pubKey := key.Public().(ed25519.PublicKey) > > sshPub := []byte{} > putCstring(&sshPub, "ssh-ed25519") > putString(&sshPub, []byte(pubKey)) > fmt.Fprintf(os.Stderr, "## pubkey:\n") > fmt.Fprintf(os.Stderr, "# ssh-ed25519 %s\n", base64.StdEncoding.EncodeToString(sshPub)) > > sshKey := []byte("openssh-key-v1\x00") > putCstring(&sshKey, "none") // ciphername > putCstring(&sshKey, "none") // kdfname > putString(&sshKey, nil) // kdfoptions > putU32(&sshKey, 1) // nkeys > putString(&sshKey, sshPub) // public key > sshKeyInner := []byte{} > putU32(&sshKeyInner, 0xdeadbeef) > putU32(&sshKeyInner, 0xdeadbeef) > putCstring(&sshKeyInner, "ssh-ed25519") > putString(&sshKeyInner, []byte(pubKey)) > putString(&sshKeyInner, []byte(key)) > putCstring(&sshKeyInner, "seeded private key") // comment > for i := uint8(1); (len(sshKeyInner) % 8) != 0; i++ { > putU8(&sshKeyInner, i) // Deterministic padding > } > putString(&sshKey, sshKeyInner) // private key > > fmt.Printf("-----BEGIN OPENSSH PRIVATE KEY-----\n") > fmt.Printf(base64.StdEncoding.EncodeToString(sshKey)) > fmt.Printf("\n-----END OPENSSH PRIVATE KEY-----\n") >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3393">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 3082
:
3335
|
3336
| 3393