Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for encrypted private keys. #207

Merged
merged 13 commits into from
Aug 12, 2024
Merged

Conversation

jborean93
Copy link
Contributor

@jborean93 jborean93 commented Jul 26, 2024

Adds support for using encrypted private keys with user authentication. This implementation support private keys encrypted with the PKCS#1 and OpenSSH PEM formats. The AES and ChaCha20-Poly1305 ciphers allowed by each format has been implemented in this change.

Fixes: #202

@jborean93
Copy link
Contributor Author

I tried my best to clean up the Bcrypt KDF implementation from SSH.NET but I'm sure there are probably further optimisations that could be implemented. The good news is it works with some test vectors I found and the tests when they run.

README.md Outdated Show resolved Hide resolved
@tmds
Copy link
Owner

tmds commented Aug 4, 2024

@jborean93 thanks for working on this! I've added some high level comments about code organization. I'll try to do a more in depth review in the coming week.

Adds support for using encrypted private keys with user authentication.
This implementation support private keys encrypted with the PKCS#1 and
OpenSSH PEM formats. The AES and ChaCha20Poly1304 ciphers allowed by
each format has been implemented in this change.
src/Tmds.Ssh/AesCtr.cs Outdated Show resolved Hide resolved
src/Tmds.Ssh/AlgorithmNames.cs Outdated Show resolved Hide resolved
@tmds tmds merged commit 2bc065c into tmds:main Aug 12, 2024
1 check passed
@tmds
Copy link
Owner

tmds commented Aug 12, 2024

Thanks a lot @jborean93!

@jborean93 jborean93 deleted the key-encryption branch August 12, 2024 11:08
@jborean93
Copy link
Contributor Author

Thanks for the review and looking through the changes!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

PrivateKey encryption support
2 participants