Keys

1. Add P-384 and P-521 sample user public and private keys. 2. Add DER format versions of the sample user private keys. 3. Add the sample user public keys for P-256 and RSA-2048. 4. Fix a bug where the user authentication signing would fail if using an ECDSA curve other than P-256.
2020-09-25 16:59:05 -07:00 · 2020-09-25 16:59:05 -07:00 · 82c69b9758
parent a269b1e843
commit 82c69b9758
24 changed files with 73 additions and 16 deletions
--- a/keys/gretel-key-ecc-384.der
+++ b/keys/gretel-key-ecc-384.der
--- a/keys/gretel-key-ecc-384.pem
+++ b/keys/gretel-key-ecc-384.pem
@ -0,0 +1,11 @@
+ASN1 OID: secp384r1
+NIST CURVE: P-384
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCbJgFByjzObZPIsdeDWJhousjR4dS+RusTeuAWvz1nJjKEn6jmnMMf
+Lnl7MK7+AkmgBwYFK4EEACKhZANiAAQMx2lasNsBTgRRynJDNpYRIiT9o9w8P/zv
+XyHehhIJtNp50R4sSqJOWcLHxqNoqLXzLz2HSLQ0rhi+bS8anYDnOhaP9FI4KDuU
+0gRlIukRBK3pbRWPxf+t6YLOH9P0xPo=
+-----END EC PRIVATE KEY-----
--- a/keys/gretel-key-ecc-384.pub
+++ b/keys/gretel-key-ecc-384.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAzHaVqw2wFOBFHKckM2lhEiJP2j3Dw//O9fId6GEgm02nnRHixKok5ZwsfGo2iotfMvPYdItDSuGL5tLxqdgOc6Fo/0UjgoO5TSBGUi6REEreltFY/F/63pgs4f0/TE+g== gretel
--- a/keys/gretel-key-ecc-521.der
+++ b/keys/gretel-key-ecc-521.der
--- a/keys/gretel-key-ecc-521.pem
+++ b/keys/gretel-key-ecc-521.pem
@ -0,0 +1,12 @@
+ASN1 OID: secp521r1
+NIST CURVE: P-521
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIAFwRmxnrUpSzry9y1gD32Ahr6Vxm1NK7gJUFgmftir37yftsyucaz
+vLGcpBEEYmtylCFHKa95Fcy0VNxAAaUfVyOgBwYFK4EEACOhgYkDgYYABAD3gANm
+zvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8
+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8x
+FZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw==
+-----END EC PRIVATE KEY-----
--- a/keys/gretel-key-ecc-521.pub
+++ b/keys/gretel-key-ecc-521.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD3gANmzvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8xFZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw== gretel
--- a/keys/gretel-key-ecc.der
+++ b/keys/gretel-key-ecc.der
--- a/keys/gretel-key-ecc.pub
+++ b/keys/gretel-key-ecc.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKAtH8cqaDbtJFjtviLobHBmjCtG56DMkP6A4M2H9zX2/YCg1h9bYS7WHd9UQDwXO1HhIZzRYecXh7SG9P4GhRY= gretel
--- a/keys/gretel-key-rsa.der
+++ b/keys/gretel-key-rsa.der
--- a/keys/gretel-key-rsa.pub
+++ b/keys/gretel-key-rsa.pub
@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjOP6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjzuNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadrubiE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdIRGwkU38D043AR1h0mUoGCPIKuqcFMf gretel
--- a/keys/hansel-key-ecc-384.der
+++ b/keys/hansel-key-ecc-384.der
--- a/keys/hansel-key-ecc-384.pem
+++ b/keys/hansel-key-ecc-384.pem
@ -0,0 +1,11 @@
+ASN1 OID: secp384r1
+NIST CURVE: P-384
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDBaxq6RECDqdn+EP6FkoasL0cnBs4c/e+nevuWzIelR6tAGDL1gUt9T
+YkK4nVa3wrWgBwYFK4EEACKhZANiAAQr2YmeotiM8dBVvP17oO88LGoaBHKjBI5S
+DxTcEaN/OR6UcNJsbW1dc2WJ4bROtxrwFhoK4Q+Vrk0RwwdcdI6SHHN122h4+KKR
+4T3OG4pKcsy9dMNLQ6P0TMXm6kluUcI=
+-----END EC PRIVATE KEY-----
--- a/keys/hansel-key-ecc-384.pub
+++ b/keys/hansel-key-ecc-384.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCvZiZ6i2Izx0FW8/Xug7zwsahoEcqMEjlIPFNwRo385HpRw0mxtbV1zZYnhtE63GvAWGgrhD5WuTRHDB1x0jpIcc3XbaHj4opHhPc4bikpyzL10w0tDo/RMxebqSW5Rwg== hansel
--- a/keys/hansel-key-ecc-521.der
+++ b/keys/hansel-key-ecc-521.der
--- a/keys/hansel-key-ecc-521.pem
+++ b/keys/hansel-key-ecc-521.pem
@ -0,0 +1,12 @@
+ASN1 OID: secp521r1
+NIST CURVE: P-521
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIBeUC4M+VTW5797b58aOS2w1AADTlkBfZaXUGrs9mnyxx9NEZcLVYm
+oGrHPU94WBRmbPyGPItbVCmJk0jZVIu+nZGgBwYFK4EEACOhgYkDgYYABAET/BOz
+Bb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmq
+r7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXB
+M4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA==
+-----END EC PRIVATE KEY-----
--- a/keys/hansel-key-ecc-521.pub
+++ b/keys/hansel-key-ecc-521.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAET/BOzBb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmqr7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXBM4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA== hansel
--- a/keys/hansel-key-ecc.der
+++ b/keys/hansel-key-ecc.der
--- a/keys/hansel-key-ecc.pub
+++ b/keys/hansel-key-ecc.pub
@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNkI5JTP6D0lF42tbxX19cE87hztUS6FSDoGvPfiU0CgeNSbI+aFdKIzTP5CQEJSvm25qUzgDtH7oyaQROUnNvk= hansel
--- a/keys/hansel-key-rsa.der
+++ b/keys/hansel-key-rsa.der
--- a/keys/hansel-key-rsa.pub
+++ b/keys/hansel-key-rsa.pub
@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGhoMNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3Gp2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTjnEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPWNmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pEnIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel
--- a/keys/include.am
+++ b/keys/include.am
@ -4,18 +4,17 @@


 EXTRA_DIST+= \
-            keys/server-key-ecc.der \
-            keys/server-key-ecc.pem \
-            keys/server-key-ecc-384.der \
-            keys/server-key-ecc-384.pem \
-            keys/server-key-ecc-521.der \
-            keys/server-key-ecc-521.pem \
-            keys/server-key-rsa.der \
-            keys/server-key-rsa.pem \
-            keys/hansel-key-ecc.pem \
-            keys/hansel-key-rsa.pem \
-            keys/gretel-key-ecc.pem \
-            keys/gretel-key-rsa.pem \
-            keys/pubkeys-ecc.txt \
-            keys/pubkeys-rsa.txt \
-            keys/passwd.txt
+            keys/server-key-ecc.der keys/server-key-ecc.pem \
+            keys/server-key-ecc-384.der keys/server-key-ecc-384.pem \
+            keys/server-key-ecc-521.der keys/server-key-ecc-521.pem \
+            keys/server-key-rsa.der keys/server-key-rsa.pem \
+            keys/hansel-key-ecc.der keys/hansel-key-ecc.pem keys/hansel-key-ecc.pub \
+            keys/hansel-key-ecc-384.der keys/hansel-key-ecc-384.pem keys/hansel-key-ecc-384.pub \
+            keys/hansel-key-ecc-521.der keys/hansel-key-ecc-521.pem keys/hansel-key-ecc-521.pub \
+            keys/hansel-key-rsa.der keys/hansel-key-rsa.pem keys/hansel-key-rsa.pub \
+            keys/gretel-key-ecc.der keys/gretel-key-ecc.pem keys/gretel-key-ecc.pub \
+            keys/gretel-key-ecc-384.der keys/gretel-key-ecc-384.pem keys/gretel-key-ecc-384.pub \
+            keys/gretel-key-ecc-521.der keys/gretel-key-ecc-521.pem keys/gretel-key-ecc-521.pub \
+            keys/gretel-key-rsa.der keys/gretel-key-rsa.pem keys/gretel-key-rsa.pub \
+            keys/pubkeys-ecc.txt keys/pubkeys-ecc-384.txt keys/pubkeys-ecc-521.txt \
+            keys/pubkeys-rsa.txt keys/passwd.txt
--- a/keys/pubkeys-ecc-384.txt
+++ b/keys/pubkeys-ecc-384.txt
@ -0,0 +1,2 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCvZiZ6i2Izx0FW8/Xug7zwsahoEcqMEjlIPFNwRo385HpRw0mxtbV1zZYnhtE63GvAWGgrhD5WuTRHDB1x0jpIcc3XbaHj4opHhPc4bikpyzL10w0tDo/RMxebqSW5Rwg== hansel
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAzHaVqw2wFOBFHKckM2lhEiJP2j3Dw//O9fId6GEgm02nnRHixKok5ZwsfGo2iotfMvPYdItDSuGL5tLxqdgOc6Fo/0UjgoO5TSBGUi6REEreltFY/F/63pgs4f0/TE+g== gretel
--- a/keys/pubkeys-ecc-521.txt
+++ b/keys/pubkeys-ecc-521.txt
@ -0,0 +1,2 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAET/BOzBb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmqr7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXBM4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA== hansel
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD3gANmzvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8xFZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw== gretel
--- a/src/internal.c
+++ b/src/internal.c
@ -7650,7 +7650,7 @@ static int BuildUserAuthRequestEcc(WOLFSSH* ssh,
    int ret = WS_SUCCESS;
    byte* r;
    byte* s;
-    byte sig[72]; /* wc_ecc_sig_size() for a prime256 key. */
+    byte sig[139]; /* wc_ecc_sig_size() for a prime521 key. */
    word32 sigSz = sizeof(sig), rSz, sSz;
    byte* checkData = NULL;
    word32 checkDataSz = 0;
				`@ -0,0 +1 @@`
				`ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAzHaVqw2wFOBFHKckM2lhEiJP2j3Dw//O9fId6GEgm02nnRHixKok5ZwsfGo2iotfMvPYdItDSuGL5tLxqdgOc6Fo/0UjgoO5TSBGUi6REEreltFY/F/63pgs4f0/TE+g== gretel`
				`@ -0,0 +1 @@`
				`ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD3gANmzvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8xFZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw== gretel`
				`@ -0,0 +1 @@`
				`ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKAtH8cqaDbtJFjtviLobHBmjCtG56DMkP6A4M2H9zX2/YCg1h9bYS7WHd9UQDwXO1HhIZzRYecXh7SG9P4GhRY= gretel`
				`@ -0,0 +1 @@`
				`ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjOP6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjzuNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadrubiE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdIRGwkU38D043AR1h0mUoGCPIKuqcFMf gretel`