x/crypto/ssh: doesn't support ed25519 keys #8581
Comments
mikioh
changed the title
|
Is using cgo to bridge to native C code an option? If so, the original code written in C doesn't require a libc to be available at all. It could be easily used, see for example https://github.com/mildred/ed25519 |
rsc
changed the title
|
I can look into submitting a patch for this to Gerrit if it is alright with you all, is there a case against adding @agl's pkg to x/crypto? I found this related thread from last year that looks like the answer is to wait until the code is sufficiently commented. Is there anything I can do to help? |
|
I agree that it's probably time that ed25519 lived in crypto/, although some pondering will be needed about exactly what to expose. The CFRG is likely to standardise something almost, but not quite, Ed25519 in the future and we'll want to support that with a minimum of additional code. |
|
Is it possible that it could make sense to make x/crypto/ssh work anyway, and alter it's dependencies if/when CFRG do their thing and something lands in crypto/, given that these things may be a while? |
|
@agl if you tell me what you want I'll do it ;) |
|
@agl Howdy. To begin, thanks for all the great stuff you contribute! |
|
I agree that it's time to move Ed25519 into x/crypto at least and have started that process. |
|
CL https://golang.org/cl/22030 mentions this issue. |
|
thanks @agl! On Wed, Apr 13, 2016 at 5:02 PM, GopherBot notifications@github.com wrote:
Jessie Frazelle |
This change “graduates” the Ed25519 package from my personal GitHub account to x/crypto. At this point, the code and algorithm seems sufficiently mature that it warrants more general exposure. (There seem to be about 110 packages importing it from my GitHub repo: https://godoc.org/github.com/agl/ed25519?importers) Two people made changes to the code while it was living in my GitHub. Both have signed the CLA and both have confirmed that they intended their changes to be covered by it. (Recorded internally in b/28166583.) The significant change from GitHub to x/crypto is that the types of public keys, private keys and signatures have been changed from pointers to arrays into []byte and that support for crypto.Signer has been added. Updates golang/go#8581 Change-Id: Ia8632d2153e289363b50d76fd0662d1a7fed00f6 Reviewed-on: https://go-review.googlesource.com/22030 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Martin Garton <garton@gmail.com> Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
|
I started a change here to add support for ed25519 host keys as a starting point: |
|
https://go-review.googlesource.com/#/c/22512/ This got merged, so ed25519 is now supported in x/crypto/ssh |
|
@mjgarton Is there already an issue for adding ed25519 client support? Should I open one? |
|
@corny What do you mean by client support? You can already use ed25519 keys on the client to authenticate against a server. Is that what you mean? |
|
it's not supported by the agent for one thing. I've been meaning to fix that but I keep getting pulled into work work. |
Thanks to the hardwork in golang/go#8581 we, with a one line change, add ed25519 support. Boom.
by h3g3m0n:
The text was updated successfully, but these errors were encountered: