bcrypt and null kdf done, work on ciphers next (then keytypes)
This commit is contained in:
31
kdf/types.go
31
kdf/types.go
@@ -26,31 +26,8 @@ type KDF interface {
|
||||
IsPlain() (plain bool)
|
||||
// PackedBytes returns the bytes suitable for serializing into a key file.
|
||||
PackedBytes() (buf *bytes.Reader, err error)
|
||||
// addSalt adds the salt as parsed from the private key.
|
||||
addSalt(salt []byte) (err error)
|
||||
// addRounds adds the rounds as parsed from the private key.
|
||||
addRounds(rounds uint32) (err error)
|
||||
// AddSalt adds the salt as parsed from the private key.
|
||||
AddSalt(salt []byte) (err error)
|
||||
// AddRounds adds the rounds as parsed from the private key.
|
||||
AddRounds(rounds uint32) (err error)
|
||||
}
|
||||
|
||||
/*
|
||||
BcryptPbkdf combines bcrypt hashing algorithm with PBKDF2 key derivation.
|
||||
|
||||
(bcrypt) https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html
|
||||
(PBKDF2) https://datatracker.ietf.org/doc/html/rfc2898
|
||||
http://www.tedunangst.com/flak/post/bcrypt-pbkdf
|
||||
*/
|
||||
type BcryptPbkdf struct {
|
||||
// salt is used to salt the hash for each round in rounds.
|
||||
salt []byte
|
||||
// rounds controls how many iterations of salting/hashing is done.
|
||||
rounds uint32
|
||||
// keyLen is how long the derived key should be in bytes.
|
||||
keyLen uint32
|
||||
// secret is the "passphrase" used to seed the key creation.
|
||||
secret []byte
|
||||
// key is used to store the derived key.
|
||||
key []byte
|
||||
}
|
||||
|
||||
// Null is a dummy KDF that is used for unencrypted/plain SSH private keys. It literally does nothing.
|
||||
type Null struct{}
|
||||
|
||||
Reference in New Issue
Block a user