r00t2/SSHSecure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

starting moduli.c port from OpenSSH

Browse Source
This commit is contained in:
brent s
2021-05-04 03:39:43 -04:00
parent d3a5f039c1
commit a31d50359a
11 changed files with 364 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
dh/README Normal file
View File

@@ -0,0 +1,51 @@
The functions found in this sub-component are ported almost directly from the
openssh-portable[0]'s `moduli.c`[1] code (with, of course, changes made where
appropriate to match and take advantage of Golang).
The OpenBSD and OpenSSH(-portable) teams have my gratitude.
OpenSSH/OpenSSH portable are released under a combination of the following licenses[2]:
* public domain
* "BSD-style"
* 2-, 3-, and 4-clause BSD
* Beerware
The license in full for OpenSSH/OpenSSH-Portable can be found at [2].
The license for OpenSSH-Portable's `moduli.c` is as follows:
###########################################################################
Copyright 1994 Phil Karn <karn@qualcomm.com>
Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
Copyright 2000 Niels Provos <provos@citi.umich.edu>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###########################################################################
[0] https://www.openssh.com/portable.html
https://anongit.mindrot.org/openssh.git
[1] https://anongit.mindrot.org/openssh.git/tree/moduli.c
[2] https://anongit.mindrot.org/openssh.git/tree/LICENCE

40
dh/const.go Normal file
View File

@@ -0,0 +1,40 @@
package dh
const (
// QSizeMinimum Specifies the number of the most significant bit (0 to M).
// WARNING: internally, usually 1 to N.
QSizeMinimum = 511
// Prime sieving constants
// Assuming 8 bit bytes and 32 bit words.
ShiftBit = 3
ShiftByte = 2
ShiftWord = ShiftBit + ShiftByte
ShiftMegabyte = 20
ShiftMegaWord = ShiftMegabyte - ShiftBit
// Memory limits.
// LargeMinimum is 8 megabytes
LargeMinimum = uint32(8) // Originally an 8UL in moduli.c
// LargeMaximum is 127MB.
LargeMaximum = uint32(127)
// The largest sieve prime has to be < 2**32 on 32-bit systems.
SmallMaximum = uint32(0xffffffff) // 4294967295
// Can sieve all primes less than 2**32, as 65537**2 > 2**32-1.
TinyNumber = uint32(1) << 16
// Ensure enough bit space for testing 2*q.
TestMaximum = uint32(1) << 16
TestMinimum = QSizeMinimum + 1 // (uint32(1) << (ShiftWord - TestPower))
TestPower = 3 // 2**n, n < ShiftWord
)
var (
)
// Bit* functions operate on 32-bit words
func BitClear(a []uint32, n uint32) (i uint32) {
i = a[n >> ShiftWord] &= ~(uint32(1) << (n & 31))
return
}

36
dh/func_gen.go Normal file
View File

@@ -0,0 +1,36 @@
/*
SSHSecure - a program to harden OpenSSH from defaults
Copyright (C) 2020 Brent Saner
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package dh
/*
OpenSSH does prime generation and primality checking a *little* weird.
The seemingly go-to package for DH parameter generation in Golang, github.com/Luzifer/go-dhparam,
does implement safety checking in a way I believe to be safe (with the huge caveat that I am nowhere
near a professional, expert, guru, etc. in mathematics, cryptography, or the like).
However, it is incompatible with OpenSSH's methodology for DH parameter generation.
1.) First, primes are generated via the Sieve of Eratosthenes.
a.) They must also be Sophie Germain primes (where p is selected prime, 2p+1 is also prime).
2.) Then they are filtered via Probabilistic Miller-Rabin primality tests (on both q and p, where q is (p-1)/2).
3.) OpenSSH fully supports generators of 2, 3, and 5 whereas go-dhparam only fully supports 2 and 5.
And that's why I'm a sad panda and porting moduli.c to native Golang.
*/