ssh-key: Add support for decoding ChaCha20-Poly1305 & 3DES-CBC private keys

Leo1003 · Leo1003 · commit 78acac2425c8 · 2023-05-29T17:45:23.000+08:00
diff --git a/ssh-key/src/cipher.rs b/ssh-key/src/cipher.rs
@@ -41,6 +41,12 @@ const AES128_GCM: &str = "aes128-gcm@openssh.com";
 /// AES-256 in Galois/Counter Mode (GCM).
 const AES256_GCM: &str = "aes256-gcm@openssh.com";
 
+/// ChaCha20-Poly1305
+const CHACHA20_POLY1305: &str = "chacha20-poly1305@openssh.com";
+
+/// Triple-DES in block chaining (CBC) mode
+const TDES_CBC: &str = "3des-cbc";
+
 /// Nonces for AEAD modes.
 #[cfg(feature = "aes-gcm")]
 type AeadNonce = [u8; 12];
@@ -84,6 +90,12 @@ pub enum Cipher {
 
     /// AES-256 in Galois/Counter Mode (GCM).
     Aes256Gcm,
+
+    /// ChaCha20-Poly1305
+    ChaCha20Poly1305,
+
+    /// TripleDES in block chaining (CBC) mode
+    TDesCbc,
 }
 
 impl Cipher {
@@ -102,6 +114,8 @@ impl Cipher {
             AES256_CTR => Ok(Self::Aes256Ctr),
             AES128_GCM => Ok(Self::Aes128Gcm),
             AES256_GCM => Ok(Self::Aes256Gcm),
+            CHACHA20_POLY1305 => Ok(Self::ChaCha20Poly1305),
+            TDES_CBC => Ok(Self::TDesCbc),
             _ => Err(Error::AlgorithmUnknown),
         }
     }
@@ -118,6 +132,8 @@ impl Cipher {
             Self::Aes256Ctr => AES256_CTR,
             Self::Aes128Gcm => AES128_GCM,
             Self::Aes256Gcm => AES256_GCM,
+            Self::ChaCha20Poly1305 => CHACHA20_POLY1305,
+            Self::TDesCbc => TDES_CBC,
         }
     }
 
@@ -133,13 +149,15 @@ impl Cipher {
             Self::Aes256Ctr => Some((32, 16)),
             Self::Aes128Gcm => Some((16, 12)),
             Self::Aes256Gcm => Some((32, 12)),
+            Self::ChaCha20Poly1305 => Some((64, 0)),
+            Self::TDesCbc => Some((24, 8)),
         }
     }
 
     /// Get the block size for this cipher in bytes.
     pub fn block_size(self) -> usize {
         match self {
-            Self::None => 8,
+            Self::None | Self::ChaCha20Poly1305 | Self::TDesCbc => 8,
             Self::Aes128Cbc
             | Self::Aes192Cbc
             | Self::Aes256Cbc
@@ -163,7 +181,10 @@ impl Cipher {
 
     /// Does this cipher have an authentication tag? (i.e. is it an AEAD mode?)
     pub fn has_tag(self) -> bool {
-        matches!(self, Self::Aes128Gcm | Self::Aes256Gcm)
+        matches!(
+            self,
+            Self::Aes128Gcm | Self::Aes256Gcm | Self::ChaCha20Poly1305
+        )
     }
 
     /// Is this cipher `none`?
@@ -347,10 +368,9 @@ where
 #[cfg(feature = "encryption")]
 fn ctr_encrypt<C>(key: &[u8], iv: &[u8], buffer: &mut [u8]) -> Result<()>
 where
-    C: StreamCipherCore + KeyIvInit
+    C: StreamCipherCore + KeyIvInit,
 {
-    let cipher = C::new_from_slices(key, iv)
-        .map_err(|_| Error::Crypto)?;
+    let cipher = C::new_from_slices(key, iv).map_err(|_| Error::Crypto)?;
 
     cipher
         .try_apply_keystream_partial(buffer.into())
diff --git a/ssh-key/tests/encrypted_private_key.rs b/ssh-key/tests/encrypted_private_key.rs
@@ -49,6 +49,16 @@ const OPENSSH_AES128_GCM_ED25519_EXAMPLE: &str = include_str!("examples/id_ed255
 /// Plaintext is `OPENSSH_ED25519_EXAMPLE`.
 const OPENSSH_AES256_GCM_ED25519_EXAMPLE: &str = include_str!("examples/id_ed25519.aes256-gcm.enc");
 
+/// ChaCha20-Poly1305 encrypted Ed25519 OpenSSH-formatted private key.
+///
+/// Plaintext is `OPENSSH_ED25519_EXAMPLE`.
+const OPENSSH_CHACHA20_POLY1305_ED25519_EXAMPLE: &str = include_str!("examples/id_ed25519.chacha20-poly1305.enc");
+
+/// TripleDES-CBC encrypted Ed25519 OpenSSH-formatted private key.
+///
+/// Plaintext is `OPENSSH_ED25519_EXAMPLE`.
+const OPENSSH_3DES_CBC_ED25519_EXAMPLE: &str = include_str!("examples/id_ed25519.3des-cbc.enc");
+
 /// Bad password; don't actually use outside tests!
 #[cfg(all(feature = "encryption"))]
 const PASSWORD: &[u8] = b"hunter42";
@@ -94,6 +104,49 @@ fn decode_openssh_aes256_gcm() {
         key.public_key().key_data().ed25519().unwrap().as_ref(),
     );
 }
+
+#[test]
+fn decode_openssh_chacha20_poly1305() {
+    let key = PrivateKey::from_openssh(OPENSSH_CHACHA20_POLY1305_ED25519_EXAMPLE).unwrap();
+    assert_eq!(Algorithm::Ed25519, key.algorithm());
+    assert_eq!(Cipher::ChaCha20Poly1305, key.cipher());
+    assert_eq!(KdfAlg::Bcrypt, key.kdf().algorithm());
+
+    match key.kdf() {
+        Kdf::Bcrypt { salt, rounds } => {
+            assert_eq!(salt, &hex!("f651ca3efb15904d05c216a5041ea89a"));
+            assert_eq!(*rounds, 16);
+        }
+        other => panic!("unexpected KDF algorithm: {:?}", other),
+    }
+
+    assert_eq!(
+        &hex!("b33eaef37ea2df7caa010defdea34e241f65f1b529a4f43ed14327f5c54aab62"),
+        key.public_key().key_data().ed25519().unwrap().as_ref(),
+    );
+}
+
+#[test]
+fn decode_openssh_3des_cbc() {
+    let key = PrivateKey::from_openssh(OPENSSH_3DES_CBC_ED25519_EXAMPLE).unwrap();
+    assert_eq!(Algorithm::Ed25519, key.algorithm());
+    assert_eq!(Cipher::TDesCbc, key.cipher());
+    assert_eq!(KdfAlg::Bcrypt, key.kdf().algorithm());
+
+    match key.kdf() {
+        Kdf::Bcrypt { salt, rounds } => {
+            assert_eq!(salt, &hex!("1afcebea3c598c277e7edc2b78db1e94"));
+            assert_eq!(*rounds, 16);
+        }
+        other => panic!("unexpected KDF algorithm: {:?}", other),
+    }
+
+    assert_eq!(
+        &hex!("b33eaef37ea2df7caa010defdea34e241f65f1b529a4f43ed14327f5c54aab62"),
+        key.public_key().key_data().ed25519().unwrap().as_ref(),
+    );
+}
+
 #[cfg(all(feature = "encryption"))]
 #[test]
 fn decrypt_openssh_aes128_ctr() {
diff --git a/ssh-key/tests/examples/id_ed25519.3des-cbc.enc b/ssh-key/tests/examples/id_ed25519.3des-cbc.enc
@@ -0,0 +1,8 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACDNkZXMtY2JjAAAABmJjcnlwdAAAABgAAAAQGvzr6jxZjC
+d+ftwreNselAAAABAAAAABAAAAMwAAAAtzc2gtZWQyNTUxOQAAACCzPq7zfqLffKoBDe/e
+o04kH2XxtSmk9D7RQyf1xUqrYgAAAJg/4GdFw1boDlKQK5tYsHQUUIyHIYR91BH6LfVhG1
+gj+b6Cj3dm1ESAUdg1qhKac4oZS6AYx6L3m7M4rHXYi2SncRqPoa+DODCxcvUqUNQOrT54
+6PjbIx6P7Ewam4PtXENekmx0gOsBshNkQyzP8XA86DtorA+kW0VU1YUTmJrqwAzZrrg2Nf
+Rueif44KC5+spnhieuaDf6Lg==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/ssh-key/tests/examples/id_ed25519.chacha20-poly1305.enc b/ssh-key/tests/examples/id_ed25519.chacha20-poly1305.enc
@@ -0,0 +1,9 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAAHWNoYWNoYTIwLXBvbHkxMzA1QG9wZW5zc2guY29tAAAABm
+JjcnlwdAAAABgAAAAQ9lHKPvsVkE0FwhalBB6omgAAABAAAAABAAAAMwAAAAtzc2gtZWQy
+NTUxOQAAACCzPq7zfqLffKoBDe/eo04kH2XxtSmk9D7RQyf1xUqrYgAAAJiRvYDd00XU/W
+BkZ93ZW52HNwvM2m3z/MHuqD8q/tk16rKKtBNOc95wo4gyRzkdGYhKnF1RFCJYcdvlw6zo
+kctfmmhQ6W54G6u9Eh9bIJtHt3l4FQgzriuIsBTUKZIlvvk6Fo5ItNPHM00r2ehuX81lcZ
+QHMaims6Blw8Esl6G3NYCAa2NKyqlmM5LIfkga/Ymydvrbc7EQmN2hbii0c0aMUdYQclyk
+F4o=
+-----END OPENSSH PRIVATE KEY-----
