Use ssh-key instead of local key handling (#368)

Co-authored-by: Nathy-bajo <[email protected]>

Author: Eugeny

.gitignore

@@ -4,3 +4,4 @@
 target
 Cargo.lock
 .cargo-ok
+ca-test*

Cargo.toml

@@ -1,5 +1,12 @@
 [workspace]
-members = ["russh-keys", "russh", "russh-config", "cryptovec", "pageant", "russh-util"]
+members = [
+    "russh-keys",
+    "russh",
+    "russh-config",
+    "cryptovec",
+    "pageant",
+    "russh-util",
+]
 resolver = "2"
 
 [patch.crates-io]
@@ -16,12 +23,19 @@ digest = "0.10"
 futures = "0.3"
 hmac = "0.12"
 log = "0.4"
-openssl = { version = "0.10" }
 rand = "0.8"
 sha1 = { version = "0.10", features = ["oid"] }
 sha2 = { version = "0.10", features = ["oid"] }
+signature = "2.2"
 ssh-encoding = "0.2"
-ssh-key = { version = "0.6", features = ["ed25519", "rsa", "encryption"] }
+ssh-key = { version = "0.6", features = [
+    "ed25519",
+    "rsa",
+    "p256",
+    "p384",
+    "p521",
+    "encryption",
+] }
 thiserror = "1.0"
 tokio = { version = "1.17.0" }
 tokio-stream = { version = "0.1", features = ["net", "sync"] }

README.md

@@ -57,12 +57,11 @@ This is a fork of [Thrussh](https://nest.pijul.com/pijul/thrussh) by Pierre-Éti
   * `publickey`
   * `keyboard-interactive`
   * `none`
-  * OpenSSH certificates (client only ✨)
+  * OpenSSH certificates ✨
 * Dependency updates
 * OpenSSH keepalive request handling ✨
 * OpenSSH agent forwarding channels ✨
 * OpenSSH `server-sig-algs` extension ✨
-* `openssl` dependency is optional ✨
 
 ## Safety
 

russh-keys/Cargo.toml

@@ -31,7 +31,6 @@ inout = { version = "0.1", features = ["std"] }
 log = { workspace = true }
 md5 = "0.7"
 num-integer = "0.1"
-openssl = { workspace = true, optional = true }
 p256 = "0.13"
 p384 = "0.13"
 p521 = "0.13"
@@ -48,6 +47,7 @@ sec1 = { version = "0.7", features = ["pkcs8"] }
 serde = { version = "1.0", features = ["derive"] }
 sha1 = { workspace = true }
 sha2 = { workspace = true }
+signature = { workspace = true }
 spki = "0.7"
 ssh-encoding = { workspace = true }
 ssh-key = { workspace = true }
@@ -62,7 +62,6 @@ tokio = { workspace = true, features = [
 ] }
 
 [features]
-vendored-openssl = ["openssl", "openssl/vendored"]
 legacy-ed25519-pkcs8-parser = ["yasna"]
 
 [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
@@ -83,6 +82,3 @@ pageant = { version = "0.0.1-beta.3", path = "../pageant" }
 env_logger = "0.11"
 tempdir = "0.3"
 tokio = { workspace = true, features = ["test-util", "macros", "process"] }
-
-[package.metadata.docs.rs]
-features = ["openssl"]

russh-keys/src/agent/client.rs

@@ -1,15 +1,16 @@
-use std::convert::TryFrom;
+use core::str;
 
 use byteorder::{BigEndian, ByteOrder};
 use log::debug;
 use russh_cryptovec::CryptoVec;
+use ssh_key::{Algorithm, HashAlg, PrivateKey, PublicKey, Signature};
 use tokio;
 use tokio::io::{AsyncRead, AsyncReadExt, AsyncWrite, AsyncWriteExt};
 
 use super::{msg, Constraint};
 use crate::encoding::{Encoding, Reader};
-use crate::key::{PublicKey, SignatureHash};
-use crate::{key, protocol, Error, PublicKeyBase64};
+use crate::helpers::EncodedExt;
+use crate::{key, Error};
 
 pub trait AgentStream: AsyncRead + AsyncWrite {}
 
@@ -142,7 +143,7 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
     /// constraints to apply when using the key to sign.
     pub async fn add_identity(
         &mut self,
-        key: &key::KeyPair,
+        key: &PrivateKey,
         constraints: &[Constraint],
     ) -> Result<(), Error> {
         // See IETF draft-miller-ssh-agent-13, section 3.2 for format.
@@ -154,30 +155,10 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
         } else {
             self.buf.push(msg::ADD_ID_CONSTRAINED)
         }
-        match *key {
-            key::KeyPair::Ed25519(ref pair) => {
-                self.buf.extend_ssh_string(b"ssh-ed25519");
-                self.buf.extend_ssh_string(pair.verifying_key().as_bytes());
-                self.buf.push_u32_be(64);
-                self.buf.extend(pair.to_bytes().as_slice());
-                self.buf.extend(pair.verifying_key().as_bytes());
-                self.buf.extend_ssh_string(b"");
-            }
-            #[allow(clippy::unwrap_used)] // key is known to be private
-            key::KeyPair::RSA { ref key, .. } => {
-                self.buf.extend_ssh_string(b"ssh-rsa");
-                self.buf
-                    .extend_ssh(&protocol::RsaPrivateKey::try_from(key)?);
-            }
-            key::KeyPair::EC { ref key } => {
-                self.buf.extend_ssh_string(key.algorithm().as_bytes());
-                self.buf.extend_ssh_string(key.ident().as_bytes());
-                self.buf
-                    .extend_ssh_string(&key.to_public_key().to_sec1_bytes());
-                self.buf.extend_ssh_mpint(&key.to_secret_bytes());
-                self.buf.extend_ssh_string(b""); // comment
-            }
-        }
+
+        self.buf.extend(key.key_data().encoded()?.as_slice());
+        self.buf.extend_ssh_string(&[]); // comment field
+
         if !constraints.is_empty() {
             for cons in constraints {
                 match *cons {
@@ -292,66 +273,54 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
             for _ in 0..n {
                 let key_blob = r.read_string()?;
                 let _comment = r.read_string()?;
-                keys.push(key::parse_public_key(
-                    key_blob,
-                    Some(SignatureHash::SHA2_512),
-                )?);
+                keys.push(key::parse_public_key(key_blob)?);
             }
         }
 
         Ok(keys)
     }
 
     /// Ask the agent to sign the supplied piece of data.
-    pub fn sign_request(
-        mut self,
-        public: &key::PublicKey,
+    pub async fn sign_request(
+        &mut self,
+        public: &PublicKey,
         mut data: CryptoVec,
-    ) -> impl futures::Future<Output = (Self, Result<CryptoVec, Error>)> {
+    ) -> Result<CryptoVec, Error> {
         debug!("sign_request: {:?}", data);
-        let hash = self.prepare_sign_request(public, &data);
-
-        async move {
-            if let Err(e) = hash {
-                return (self, Err(e));
-            }
+        let hash = self.prepare_sign_request(public, &data)?;
 
-            let resp = self.read_response().await;
-            debug!("resp = {:?}", &self.buf[..]);
-            if let Err(e) = resp {
-                return (self, Err(e));
-            }
+        self.read_response().await?;
 
-            #[allow(clippy::indexing_slicing, clippy::unwrap_used)]
-            // length is checked, hash already checked
-            if !self.buf.is_empty() && self.buf[0] == msg::SIGN_RESPONSE {
-                let resp = self.write_signature(hash.unwrap(), &mut data);
-                if let Err(e) = resp {
-                    return (self, Err(e));
-                }
-                (self, Ok(data))
-            } else if self.buf.first() == Some(&msg::FAILURE) {
-                (self, Err(Error::AgentFailure))
-            } else {
-                debug!("self.buf = {:?}", &self.buf[..]);
-                (self, Ok(data))
-            }
+        if self.buf.first() == Some(&msg::SIGN_RESPONSE) {
+            self.write_signature(hash, &mut data)?;
+            Ok(data)
+        } else if self.buf.first() == Some(&msg::FAILURE) {
+            Err(Error::AgentFailure)
+        } else {
+            debug!("self.buf = {:?}", &self.buf[..]);
+            Ok(data)
         }
     }
 
-    fn prepare_sign_request(&mut self, public: &key::PublicKey, data: &[u8]) -> Result<u32, Error> {
+    fn prepare_sign_request(
+        &mut self,
+        public: &ssh_key::PublicKey,
+        data: &[u8],
+    ) -> Result<u32, Error> {
         self.buf.clear();
         self.buf.resize(4);
         self.buf.push(msg::SIGN_REQUEST);
         key_blob(public, &mut self.buf)?;
         self.buf.extend_ssh_string(data);
         debug!("public = {:?}", public);
-        let hash = match public {
-            PublicKey::RSA { hash, .. } => match hash {
-                SignatureHash::SHA2_256 => 2,
-                SignatureHash::SHA2_512 => 4,
-                SignatureHash::SHA1 => 0,
-            },
+        let hash = match public.algorithm() {
+            Algorithm::Rsa {
+                hash: Some(HashAlg::Sha256),
+            } => 2,
+            Algorithm::Rsa {
+                hash: Some(HashAlg::Sha512),
+            } => 4,
+            Algorithm::Rsa { hash: None } => 0,
             _ => 0,
         };
         self.buf.push_u32_be(hash);
@@ -376,7 +345,7 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
     /// Ask the agent to sign the supplied piece of data.
     pub fn sign_request_base64(
         mut self,
-        public: &key::PublicKey,
+        public: &ssh_key::PublicKey,
         data: &[u8],
     ) -> impl futures::Future<Output = (Self, Result<String, Error>)> {
         debug!("sign_request: {:?}", data);
@@ -402,67 +371,32 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
     }
 
     /// Ask the agent to sign the supplied piece of data, and return a `Signature`.
-    pub fn sign_request_signature(
-        mut self,
-        public: &key::PublicKey,
+    pub async fn sign_request_signature(
+        &mut self,
+        public: &ssh_key::PublicKey,
         data: &[u8],
-    ) -> impl futures::Future<Output = (Self, Result<crate::signature::Signature, Error>)> {
+    ) -> Result<Signature, Error> {
         debug!("sign_request: {:?}", data);
 
-        let r = self.prepare_sign_request(public, data);
-
-        async move {
-            if let Err(e) = r {
-                return (self, Err(e));
-            }
-
-            if let Err(e) = self.read_response().await {
-                return (self, Err(e));
-            }
+        self.prepare_sign_request(public, data)?;
+        self.read_response().await?;
 
-            #[allow(clippy::indexing_slicing)] // length is checked
-            if !self.buf.is_empty() && self.buf[0] == msg::SIGN_RESPONSE {
-                let as_sig = |buf: &CryptoVec| -> Result<crate::signature::Signature, Error> {
-                    let mut r = buf.reader(1);
-                    let mut resp = r.read_string()?.reader(0);
-                    let typ = resp.read_string()?;
-                    let sig = resp.read_string()?;
-                    use crate::signature::Signature;
-                    match typ {
-                        b"ssh-rsa" => Ok(Signature::RSA {
-                            bytes: sig.to_vec(),
-                            hash: SignatureHash::SHA1,
-                        }),
-                        b"rsa-sha2-256" => Ok(Signature::RSA {
-                            bytes: sig.to_vec(),
-                            hash: SignatureHash::SHA2_256,
-                        }),
-                        b"rsa-sha2-512" => Ok(Signature::RSA {
-                            bytes: sig.to_vec(),
-                            hash: SignatureHash::SHA2_512,
-                        }),
-                        b"ssh-ed25519" => {
-                            let mut sig_bytes = [0; 64];
-                            sig_bytes.clone_from_slice(sig);
-                            Ok(Signature::Ed25519(crate::signature::SignatureBytes(
-                                sig_bytes,
-                            )))
-                        }
-                        _ => Err(Error::UnknownSignatureType {
-                            sig_type: std::str::from_utf8(typ).unwrap_or("").to_string(),
-                        }),
-                    }
-                };
-                let sig = as_sig(&self.buf);
-                (self, sig)
-            } else {
-                (self, Err(Error::AgentProtocolError))
-            }
+        #[allow(clippy::indexing_slicing)] // length is checked
+        if !self.buf.is_empty() && self.buf[0] == msg::SIGN_RESPONSE {
+            let mut r = self.buf.reader(1);
+            let mut resp = r.read_string()?.reader(0);
+            let typ = String::from_utf8(resp.read_string()?.into())?;
+            let sig = resp.read_string()?;
+            let algo = Algorithm::new(&typ)?;
+            let sig = Signature::new(algo, sig.to_vec())?;
+            Ok(sig)
+        } else {
+            Err(Error::AgentProtocolError)
         }
     }
 
     /// Ask the agent to remove a key from its memory.
-    pub async fn remove_identity(&mut self, public: &key::PublicKey) -> Result<(), Error> {
+    pub async fn remove_identity(&mut self, public: &ssh_key::PublicKey) -> Result<(), Error> {
         self.buf.clear();
         self.buf.resize(4);
         self.buf.push(msg::REMOVE_IDENTITY);
@@ -527,29 +461,7 @@ impl<S: AgentStream + Unpin> AgentClient<S> {
     }
 }
 
-fn key_blob(public: &key::PublicKey, buf: &mut CryptoVec) -> Result<(), Error> {
-    match *public {
-        PublicKey::RSA { ref key, .. } => {
-            buf.extend(&[0, 0, 0, 0]);
-            let len0 = buf.len();
-            buf.extend_ssh_string(b"ssh-rsa");
-            buf.extend_ssh(&protocol::RsaPublicKey::from(key));
-            let len1 = buf.len();
-            #[allow(clippy::indexing_slicing)] // length is known
-            BigEndian::write_u32(&mut buf[5..], (len1 - len0) as u32);
-        }
-        PublicKey::Ed25519(ref p) => {
-            buf.extend(&[0, 0, 0, 0]);
-            let len0 = buf.len();
-            buf.extend_ssh_string(b"ssh-ed25519");
-            buf.extend_ssh_string(p.as_bytes());
-            let len1 = buf.len();
-            #[allow(clippy::indexing_slicing)] // length is known
-            BigEndian::write_u32(&mut buf[5..], (len1 - len0) as u32);
-        }
-        PublicKey::EC { .. } => {
-            buf.extend_ssh_string(&public.public_key_bytes());
-        }
-    }
+fn key_blob(public: &ssh_key::PublicKey, buf: &mut CryptoVec) -> Result<(), Error> {
+    buf.extend_ssh_string(public.key_data().encoded()?.as_slice());
     Ok(())
 }