Noratrieb/cluelessh
1
0
Fork 0
mirror of https://github.com/Noratrieb/cluelessh.git synced 2026-01-14 16:35:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

changes

Browse source
This commit is contained in:
nora 2024-08-26 15:19:02 +02:00
parent 5f203d0f5b
commit dcba4931e5
23 changed files with 317 additions and 132 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/cluelessh-transport/Cargo.toml
View file

@ -5,6 +5,7 @@ edition = "2021"
[dependencies]
cluelessh-format = { path = "../cluelessh-format" }
cluelessh-keys = { path = "../cluelessh-keys" }
aes = "0.8.4"
aes-gcm = "0.10.3"
chacha20 = "0.9.1"

2
lib/cluelessh-transport/src/client.rs
View file

@ -155,7 +155,7 @@ impl ClientConnection {
));
}
let sup_algs = SupportedAlgorithms::secure();
let sup_algs = SupportedAlgorithms::secure(&[]);
let _cookie = kexinit.array::<16>()?;

41
lib/cluelessh-transport/src/crypto.rs
View file

@ -1,6 +1,7 @@
pub mod encrypt;
use cluelessh_format::{Reader, Writer};
use cluelessh_keys::{public::PublicKey, PlaintextPrivateKey, PrivateKey};
use p256::ecdsa::signature::Signer;
use sha2::Digest;
@ -103,14 +104,12 @@ impl AlgorithmName for EncryptionAlgorithm {
self.name
}
}
pub struct EncodedSshPublicHostKey(pub Vec<u8>);
pub struct EncodedSshSignature(pub Vec<u8>);
pub struct HostKeySigningAlgorithm {
name: &'static str,
hostkey_private: Vec<u8>,
public_key: fn(private_key: &[u8]) -> EncodedSshPublicHostKey,
public_key: fn(private_key: &[u8]) -> PublicKey,
sign: fn(private_key: &[u8], data: &[u8]) -> EncodedSshSignature,
pub verify:
fn(public_key: &[u8], message: &[u8], signature: &EncodedSshSignature) -> Result<()>,
@ -126,7 +125,7 @@ impl HostKeySigningAlgorithm {
pub fn sign(&self, data: &[u8]) -> EncodedSshSignature {
(self.sign)(&self.hostkey_private, data)
}
pub fn public_key(&self) -> EncodedSshPublicHostKey {
pub fn public_key(&self) -> PublicKey {
(self.public_key)(&self.hostkey_private)
}
}
@ -139,11 +138,7 @@ pub fn hostkey_ed25519(hostkey_private: Vec<u8>) -> HostKeySigningAlgorithm {
let key = ed25519_dalek::SigningKey::from_bytes(key.try_into().unwrap());
let public_key = key.verifying_key();
// <https://datatracker.ietf.org/doc/html/rfc8709#section-4>
let mut data = Writer::new();
data.string(b"ssh-ed25519");
data.string(public_key.as_bytes());
EncodedSshPublicHostKey(data.finish())
PublicKey::Ed25519 { public_key }
},
sign: |key, data| {
let key = ed25519_dalek::SigningKey::from_bytes(key.try_into().unwrap());
@ -203,7 +198,7 @@ pub fn hostkey_ecdsa_sha2_p256(hostkey_private: Vec<u8>) -> HostKeySigningAlgori
// > point compression MAY be used.
// But OpenSSH does not appear to support that, so let's NOT use it.
data.string(public_key.to_encoded_point(false).as_bytes());
EncodedSshPublicHostKey(data.finish())
todo!()
},
sign: |key, data| {
let key = p256::ecdsa::SigningKey::from_slice(key).unwrap();
@ -239,8 +234,15 @@ impl<T: AlgorithmName> AlgorithmNegotiation<T> {
}
}
let we_support = self
.supported
.iter()
.map(|alg| alg.name())
.collect::<Vec<_>>()
.join(",");
Err(peer_error!(
"peer does not support any matching algorithm: peer supports: {peer_supports:?}"
"peer does not support any matching algorithm: we support: {we_support:?}, peer supports: {peer_supports:?}"
))
}
}
@ -258,16 +260,23 @@ pub struct SupportedAlgorithms {
impl SupportedAlgorithms {
/// A secure default using elliptic curves and AEAD.
pub fn secure() -> Self {
pub fn secure(host_keys: &[PlaintextPrivateKey]) -> Self {
let supported_host_keys = host_keys
.iter()
.map(|key| match &key.private_key {
PrivateKey::Ed25519 { private_key, .. } => hostkey_ed25519(private_key.to_vec()),
PrivateKey::EcdsaSha2NistP256 { private_key, .. } => {
hostkey_ecdsa_sha2_p256(private_key.to_bytes().to_vec())
}
})
.collect();
Self {
key_exchange: AlgorithmNegotiation {
supported: vec![KEX_CURVE_25519_SHA256, KEX_ECDH_SHA2_NISTP256],
},
hostkey: AlgorithmNegotiation {
supported: vec![
hostkey_ed25519(crate::server::ED25519_PRIVKEY_BYTES.to_vec()),
hostkey_ecdsa_sha2_p256(crate::server::ECDSA_P256_PRIVKEY_BYTES.to_vec()),
],
supported: supported_host_keys,
},
encryption_to_peer: AlgorithmNegotiation {
supported: vec![encrypt::CHACHA20POLY1305, encrypt::AES256_GCM],

97
lib/cluelessh-transport/src/key.rs
View file

@ -1,97 +0,0 @@
//! Operations on SSH keys.
// <https://datatracker.ietf.org/doc/html/rfc4716> exists but is kinda weird
use std::fmt::Display;
use base64::Engine;
use tracing::debug;
use cluelessh_format::{ParseError, Reader, Writer};
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum PublicKey {
Ed25519 { public_key: [u8; 32] },
}
impl PublicKey {
/// Parses an SSH public key from its wire encoding as specified in
/// RFC4253, RFC5656, and RFC8709.
pub fn from_wire_encoding(bytes: &[u8]) -> cluelessh_format::Result<Self> {
let mut p = Reader::new(bytes);
let alg = p.utf8_string()?;
let k = match alg {
"ssh-ed25519" => {
let len = p.u32()?;
if len != 32 {
return Err(ParseError(format!("incorrect ed25519 len: {len}")));
}
let public_key = p.array::<32>()?;
Self::Ed25519 { public_key }
}
_ => return Err(ParseError(format!("unsupported key type: {alg}"))),
};
Ok(k)
}
pub fn to_wire_encoding(&self) -> Vec<u8> {
let mut p = Writer::new();
match self {
Self::Ed25519 { public_key } => {
p.string(b"ssh-ed25519");
p.string(public_key);
}
}
p.finish()
}
pub fn algorithm_name(&self) -> &'static str {
match self {
Self::Ed25519 { .. } => "ssh-ed25519",
}
}
pub fn verify_signature(&self, data: &[u8], signature: &[u8]) -> bool {
match self {
PublicKey::Ed25519 { public_key } => {
let mut s = Reader::new(signature);
let Ok(alg) = s.utf8_string() else {
return false;
};
if alg != "ssh-ed25519" {
return false;
}
let Ok(signature) = s.string() else {
return false;
};
let Ok(signature) = ed25519_dalek::Signature::from_slice(signature) else {
debug!("Invalid signature length");
return false;
};
let Ok(verifying_key) = ed25519_dalek::VerifyingKey::from_bytes(public_key) else {
debug!("Invalid public key");
return false;
};
verifying_key.verify_strict(data, &signature).is_ok()
}
}
}
}
impl Display for PublicKey {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Ed25519 { .. } => {
let encoded_pubkey = b64encode(&self.to_wire_encoding());
write!(f, "ssh-ed25519 {encoded_pubkey}")
}
}
}
}
fn b64encode(bytes: &[u8]) -> String {
base64::prelude::BASE64_STANDARD_NO_PAD.encode(bytes)
}

1
lib/cluelessh-transport/src/lib.rs
View file

@ -1,6 +1,5 @@
pub mod client;
mod crypto;
pub mod key;
pub mod packet;
pub mod server;

48
lib/cluelessh-transport/src/server.rs
View file

@ -20,9 +20,16 @@ pub struct ServerConnection {
packet_transport: PacketTransport,
rng: Box<dyn SshRng + Send + Sync>,
config: ServerConfig,
plaintext_packets: VecDeque<Packet>,
}
#[derive(Debug, Clone, Default)]
pub struct ServerConfig {
pub host_keys: Vec<cluelessh_keys::PlaintextPrivateKey>,
}
enum ServerState {
ProtoExchange {
ident_parser: ProtocolIdentParser,
@ -54,14 +61,14 @@ enum ServerState {
}
impl ServerConnection {
pub fn new(rng: impl SshRng + Send + Sync + 'static) -> Self {
pub fn new(rng: impl SshRng + Send + Sync + 'static, config: ServerConfig) -> Self {
Self {
state: ServerState::ProtoExchange {
ident_parser: ProtocolIdentParser::new(),
},
packet_transport: PacketTransport::new(),
rng: Box::new(rng),
config,
plaintext_packets: VecDeque::new(),
}
}
@ -133,7 +140,7 @@ impl ServerConnection {
} => {
let kex = KeyExchangeInitPacket::parse(&packet.payload)?;
let sup_algs = SupportedAlgorithms::secure();
let sup_algs = SupportedAlgorithms::secure(&self.config.host_keys);
let kex_algorithm = sup_algs.key_exchange.find(kex.kex_algorithms.0)?;
debug!(name = %kex_algorithm.name(), "Using KEX algorithm");
@ -245,7 +252,7 @@ impl ServerConnection {
SERVER_IDENTIFICATION,
client_kexinit,
server_kexinit,
&pub_hostkey.0,
&pub_hostkey.to_wire_encoding(),
client_public_key,
&server_public_key,
&shared_secret,
@ -259,7 +266,7 @@ impl ServerConnection {
// eprintln!("hash: {:x?}", hash);
let packet = Packet::new_msg_kex_ecdh_reply(
&pub_hostkey.0,
&pub_hostkey.to_wire_encoding(),
&server_public_key,
&signature.0,
);
@ -348,35 +355,12 @@ impl ServerConnection {
}
}
/// Manually extracted from the key using <https://peterlyons.com/problog/2017/12/openssh-ed25519-private-key-file-format/>, probably wrong
/// ```text
/// ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk5zfpvwNc3MztTTpE90zLI1Ref4AwwRVdSFyJLGbj2 testkey
/// ```
/// ```text
/// -----BEGIN OPENSSH PRIVATE KEY-----
/// b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
/// QyNTUxOQAAACDpOc36b8DXNzM7U06RPdMyyNUXn+AMMEVXUhciSxm49gAAAJDpgLSk6YC0
/// pAAAAAtzc2gtZWQyNTUxOQAAACDpOc36b8DXNzM7U06RPdMyyNUXn+AMMEVXUhciSxm49g
/// AAAECSeskxuEtJrr9L7ZkbpogXC5pKRNVHx1ueMX2h1XUnmek5zfpvwNc3MztTTpE90zLI
/// 1Ref4AwwRVdSFyJLGbj2AAAAB3Rlc3RrZXkBAgMEBQY=
/// -----END OPENSSH PRIVATE KEY-----
/// ```
// todo: remove this lol, lmao
pub(crate) const ED25519_PRIVKEY_BYTES: &[u8; 32] = &[
0x92, 0x7a, 0xc9, 0x31, 0xb8, 0x4b, 0x49, 0xae, 0xbf, 0x4b, 0xed, 0x99, 0x1b, 0xa6, 0x88, 0x17,
0x0b, 0x9a, 0x4a, 0x44, 0xd5, 0x47, 0xc7, 0x5b, 0x9e, 0x31, 0x7d, 0xa1, 0xd5, 0x75, 0x27, 0x99,
];
pub(crate) const ECDSA_P256_PRIVKEY_BYTES: &[u8; 32] = &[
0x89, 0xdd, 0x0c, 0x96, 0x22, 0x85, 0x10, 0xec, 0x3c, 0xa4, 0xa1, 0xb8, 0xac, 0x2a, 0x77, 0xa8,
0xd4, 0x4d, 0xcb, 0x9d, 0x90, 0x25, 0xc6, 0xd8, 0x3a, 0x02, 0x74, 0x4f, 0x9e, 0x44, 0xcd, 0xa3,
];
#[cfg(test)]
mod tests {
use hex_literal::hex;
use crate::{packet::MsgKind, server::ServerConnection, SshRng};
use crate::{packet::MsgKind, server::{ServerConfig, ServerConnection}, SshRng};
struct NoRng;
impl SshRng for NoRng {
@ -395,7 +379,7 @@ mod tests {
#[test]
fn protocol_exchange() {
let mut con = ServerConnection::new(NoRng);
let mut con = ServerConnection::new(NoRng, ServerConfig::default());
con.recv_bytes(b"SSH-2.0-OpenSSH_9.7\r\n").unwrap();
let msg = con.next_msg_to_send().unwrap();
assert!(matches!(msg.0, MsgKind::ServerProtocolInfo(_)));
@ -403,7 +387,7 @@ mod tests {
#[test]
fn protocol_exchange_slow_client() {
let mut con = ServerConnection::new(NoRng);
let mut con = ServerConnection::new(NoRng, ServerConfig::default());
con.recv_bytes(b"SSH-2.0-").unwrap();
con.recv_bytes(b"OpenSSH_9.7\r\n").unwrap();
let msg = con.next_msg_to_send().unwrap();
@ -463,7 +447,7 @@ mod tests {
},
];
let mut con = ServerConnection::new(HardcodedRng(rng));
let mut con = ServerConnection::new(HardcodedRng(rng), ServerConfig::default());
for part in conversation {
con.recv_bytes(&part.client).unwrap();
eprintln!("client: {:x?}", part.client);