Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process #27671

Closed
disconsented opened this issue Sep 14, 2018 · 4 comments
Closed

x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process #27671

disconsented opened this issue Sep 14, 2018 · 4 comments
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. OS-Windows
Milestone
Unreleased

Comments

@disconsented
Copy link

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

go version go1.11 windows/amd64

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (go env)?

Windows 10, AMD64

What did you do?

If possible, provide a recipe for reproducing the error.
A complete runnable program is good.
A link on play.golang.org is best.

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"fmt"
	"github.com/xanzy/ssh-agent"
	"golang.org/x/crypto/ed25519"
	"golang.org/x/crypto/ssh/agent"
)

func addEd25519(a agent.Agent) error {
	_, priv, err := ed25519.GenerateKey(rand.Reader)
	if err != nil {
		return err
	}
	toadd := agent.AddedKey{
		PrivateKey: priv,
	}
	if err := a.Add(toadd); err != nil {
		return err
	}
	fmt.Println("ed25519 key added")
	return nil
}

func addRSA(a agent.Agent) error {
	priv, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		return err
	}
	toadd := agent.AddedKey{
		PrivateKey: priv,
	}
	if err := a.Add(toadd); err != nil {
		return err
	}
	fmt.Println("RSA key added")
	return nil
}

func main() {
	local, _, _ := sshagent.New()
	//soc, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK"))
	//if err != nil {
	//	fmt.Printf("Error connecting to agent: %v\n", err)
	//	os.Exit(1)
	//}
	//local := agent.NewClient(soc)
	if err := addRSA(local); err != nil {
		fmt.Println(err)
	}
	if err := addEd25519(local); err != nil {
		fmt.Println(err)
	}
}

What did you expect to see?

RSA key added
ed25519 key added

Process finished with exit code 0

What did you see instead?

RSA key added
agent: unsupported key type ed25519.PrivateKey

Process finished with exit code 0

This may be a possible regression since #15701, however, I am using xanzy/ssh-agent instead of unix sockets.
@disconsented disconsented changed the title Cannot add ed25519 keys to local ssh agent process Cannot add ed25519 keys to local ssh agent process (Windows) Sep 14, 2018
@agnivade agnivade changed the title Cannot add ed25519 keys to local ssh agent process (Windows) x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process Sep 14, 2018
@gopherbot gopherbot added this to the Unreleased milestone Sep 14, 2018
@agnivade agnivade added OS-Windows NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Sep 14, 2018
@agnivade
Copy link
Contributor

/cc @hanwen

@disconsented
Copy link
Author

disconsented commented Sep 14, 2018
edited

After editing ed25519.GenerateKey() locally and comparing it against rsa.GenerateKey() and agent.client.insertCert() I believe I know why this is happening.

The switch statement insertCert() uses is comparing references to those types rather than the types themselves for example case *rsa.PrivateKey:

With this in mind, I went through and adjusted my local copy of GenerateKey to the below.

func GenerateKey(rand io.Reader) (PublicKey, *PrivateKey, error) {
	if rand == nil {
		rand = cryptorand.Reader
	}

	seed := make([]byte, SeedSize)
	if _, err := io.ReadFull(rand, seed); err != nil {
		return nil, nil, err
	}

	privateKey := NewKeyFromSeed(seed)
	publicKey := make([]byte, PublicKeySize)
	copy(publicKey, privateKey[32:])

	return publicKey, &privateKey, nil
}

Upon rerunning the test:

RSA key added
ed25519 key added

Process finished with exit code 0

@alex
Copy link
Contributor

alex commented Feb 16, 2020

https://go-review.googlesource.com/c/crypto/+/219506 addresses this

@FiloSottile
Copy link
Contributor

Fixed by golang/crypto@056763e.

@golang golang locked and limited conversation to collaborators Aug 15, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. OS-Windows
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@alex @FiloSottile @disconsented @agnivade @gopherbot