~apreiml/hare-ssh

ec25df752665d10a3b47714b6cf63db2c54366cd — Armin Preiml 1 year, 11 months ago e9c3562
catch up with stdlib ed25519 key name changes
M cmd/sshkey/main.ha => cmd/sshkey/main.ha +2 -2
@@ 57,9 57,9 @@ export fn main() void = {
	};

	const privkey = ssh::decodeprivate(&key)!;
	const pub = base64::encodestr(&base64::std_encoding, privkey.pkey);
	const pub = base64::encodestr(&base64::std_encoding, privkey.pubkey);
	defer free(pub);
	const priv = base64::encodestr(&base64::std_encoding, privkey.skey);
	const priv = base64::encodestr(&base64::std_encoding, privkey.privkey);
	defer free(priv);
	fmt::printfln("ed25519 key, pub: {}, priv: {}", pub, priv)!;
};

M format/ssh/+test/sshprivkey.ha => format/ssh/+test/sshprivkey.ha +4 -4
@@ 14,7 14,7 @@ use strings;

	const private = decodeprivate(&sshkey)!;
	assert(private.comment == "sircmpwn@taiga");
	assert(bytes::equal(private.skey, testkey_skey));
	assert(bytes::equal(private.privkey, testkey_privkey));
};

@test fn decrypt() void = {


@@ 31,7 31,7 @@ use strings;

	const private = decodeprivate(&sshkey)!;
	assert(private.comment == "sircmpwn@taiga");
	assert(bytes::equal(private.skey, testkey_encrypted_skey));
	assert(bytes::equal(private.privkey, testkey_encrypted_privkey));
};

const testkey: [_]u8 = [


@@ 72,7 72,7 @@ const testkey: [_]u8 = [
	0x2d, 0x2d, 0x0a,
];

const testkey_skey: [_]u8 = [
const testkey_privkey: [_]u8 = [
	0x7b, 0xbe, 0xd9, 0xb8, 0xaa, 0x22, 0xbd, 0xde, 0x36, 0x65, 0xbf, 0x4f,
	0xde, 0x0a, 0x94, 0x63, 0x47, 0x2c, 0x7e, 0x3c, 0x5a, 0xa8, 0x9f, 0x4f,
	0xc5, 0xdd, 0x95, 0xc9, 0x84, 0x0e, 0x83, 0xa9, 0x98, 0x45, 0xab, 0x46,


@@ 125,7 125,7 @@ const testkey_encrypted: [_]u8 = [

const testkey_encrypted_pw: str = "password";

const testkey_encrypted_skey: [_]u8 = [
const testkey_encrypted_privkey: [_]u8 = [
	0x99, 0x86, 0x43, 0xd7, 0x1d, 0xe1, 0xed, 0x46,  0x01, 0x5c, 0xc7, 0x01,
	0x19, 0x0e, 0x7a, 0x40, 0x9d, 0x1c, 0xf9, 0x16, 0x39, 0x85, 0x0b, 0x32,
	0xe0, 0x85, 0x58, 0x4c, 0x7f, 0x4f, 0x12, 0xe0, 0xa1, 0x65, 0xdb, 0x44,

M format/ssh/key.ha => format/ssh/key.ha +10 -10
@@ 60,7 60,7 @@ export fn decodepublic(sink: io::handle) (key | error) = {
export fn encode_pubkey(sink: io::handle, key: *key) (void | io::error) = {
	writestr(sink, keytype(key))?;
	// TODO: Other key types
	writeslice(sink, key.pkey)?;
	writeslice(sink, key.pubkey)?;
};

// Encodes a private key's public component using the SSH string format, writing


@@ 77,7 77,7 @@ export fn encode_pubkeystr(sink: io::handle, key: *key) (void | io::error) = {

// Securely wipes data associated with a private key from memory.
export fn key_finish(key: *key) void = {
	bytes::zero(key.skey);
	bytes::zero(key.privkey);
	free(key.comment);
};



@@ 89,31 89,31 @@ export fn keytype(key: *key) const str = {

// An ed25519 key pair.
export type ed25519key = struct {
	pkey: ed25519::publickey,
	skey: ed25519::privatekey,
	pubkey: ed25519::pubkey,
	privkey: ed25519::privkey,
	comment: str,
};

fn decode_ed25519_pk(key: *ed25519key, buf: io::handle) (void | error) = {
	const l = readu32(buf)?;
	if (l != ed25519::PUBLICKEYSZ) {
	if (l != ed25519::PUBKEYSZ) {
		return invalid;
	};
	io::readall(buf, key.pkey)?;
	io::readall(buf, key.pubkey)?;
};

fn decode_ed25519_sk(key: *ed25519key, buf: io::handle) (void | error) = {
	decode_ed25519_pk(key, buf)?;

	const l = readu32(buf)?;
	if (l != ed25519::PRIVATEKEYSZ) {
	if (l != ed25519::PRIVKEYSZ) {
		return invalid;
	};
	io::readall(buf, key.skey)?;
	io::readall(buf, key.privkey)?;

	// Sanity check
	const pkey = ed25519::skey_getpublic(&key.skey);
	if (!bytes::equal(pkey, key.pkey)) {
	const pubkey = ed25519::privkey_getpubkey(&key.privkey);
	if (!bytes::equal(pubkey, key.pubkey)) {
		return invalid;
	};


M format/ssh/sign.ha => format/ssh/sign.ha +2 -2
@@ 8,7 8,7 @@ export fn sign(
	key: *key,
	msg: []u8,
) (void | io::error) = {
	const signature = ed25519::sign(&key.skey, msg);
	const signature = ed25519::sign(&key.privkey, msg);
	writestr(sink, "ssh-ed25519")?;
	writeslice(sink, signature)?;
};


@@ 35,7 35,7 @@ export fn verify(
	};

	const sig = sig: *[*]u8: *[ed25519::SIGNATURESZ]u8;
	if (!ed25519::verify(&key.pkey, msg, sig)) {
	if (!ed25519::verify(&key.pubkey, msg, sig)) {
		return badsig;
	};
};

M net/ssh/agent/proto.ha => net/ssh/agent/proto.ha +4 -4
@@ 79,15 79,15 @@ fn parse_add_identity(src: io::handle) (add_identity | invalid) = {
	case "ssh-ed25519" =>
		let key = ssh::ed25519key { ... };
		const npub = readu32(src)?;
		if (npub != len(key.pkey)) {
		if (npub != len(key.pubkey)) {
			return invalid;
		};
		io::readall(src, key.pkey)!;
		io::readall(src, key.pubkey)!;
		const npriv = readu32(src)?;
		if (npriv != len(key.skey)) {
		if (npriv != len(key.privkey)) {
			return invalid;
		};
		io::readall(src, key.skey)!;
		io::readall(src, key.privkey)!;
		yield key;
	case =>
		return invalid;