Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process #27671

Open
disconsented opened this issue Sep 14, 2018 · 3 comments
Open

x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process #27671

disconsented opened this issue Sep 14, 2018 · 3 comments

Comments

@disconsented
Copy link

@disconsented disconsented commented Sep 14, 2018

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

go version go1.11 windows/amd64

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (go env)?

Windows 10, AMD64

What did you do?

If possible, provide a recipe for reproducing the error.
A complete runnable program is good.
A link on play.golang.org is best.

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"fmt"
	"github.com/xanzy/ssh-agent"
	"golang.org/x/crypto/ed25519"
	"golang.org/x/crypto/ssh/agent"
)

func addEd25519(a agent.Agent) error {
	_, priv, err := ed25519.GenerateKey(rand.Reader)
	if err != nil {
		return err
	}
	toadd := agent.AddedKey{
		PrivateKey: priv,
	}
	if err := a.Add(toadd); err != nil {
		return err
	}
	fmt.Println("ed25519 key added")
	return nil
}

func addRSA(a agent.Agent) error {
	priv, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		return err
	}
	toadd := agent.AddedKey{
		PrivateKey: priv,
	}
	if err := a.Add(toadd); err != nil {
		return err
	}
	fmt.Println("RSA key added")
	return nil
}

func main() {
	local, _, _ := sshagent.New()
	//soc, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK"))
	//if err != nil {
	//	fmt.Printf("Error connecting to agent: %v\n", err)
	//	os.Exit(1)
	//}
	//local := agent.NewClient(soc)
	if err := addRSA(local); err != nil {
		fmt.Println(err)
	}
	if err := addEd25519(local); err != nil {
		fmt.Println(err)
	}
}

What did you expect to see?

RSA key added
ed25519 key added

Process finished with exit code 0

What did you see instead?

RSA key added
agent: unsupported key type ed25519.PrivateKey

Process finished with exit code 0

This may be a possible regression since #15701, however, I am using xanzy/ssh-agent instead of unix sockets.

@disconsented disconsented changed the title Cannot add ed25519 keys to local ssh agent process Cannot add ed25519 keys to local ssh agent process (Windows) Sep 14, 2018
@agnivade agnivade changed the title Cannot add ed25519 keys to local ssh agent process (Windows) x/crypto/ssh/agent: cannot add ed25519 keys to local ssh agent process Sep 14, 2018
@gopherbot gopherbot added this to the Unreleased milestone Sep 14, 2018
@agnivade

This comment has been minimized.

Copy link
Contributor

@agnivade agnivade commented Sep 14, 2018

/cc @hanwen

@disconsented

This comment has been minimized.

Copy link
Author

@disconsented disconsented commented Sep 14, 2018

After editing ed25519.GenerateKey() locally and comparing it against rsa.GenerateKey() and agent.client.insertCert() I believe I know why this is happening.

The switch statement insertCert() uses is comparing references to those types rather than the types themselves for example case *rsa.PrivateKey:

With this in mind, I went through and adjusted my local copy of GenerateKey to the below.

func GenerateKey(rand io.Reader) (PublicKey, *PrivateKey, error) {
	if rand == nil {
		rand = cryptorand.Reader
	}

	seed := make([]byte, SeedSize)
	if _, err := io.ReadFull(rand, seed); err != nil {
		return nil, nil, err
	}

	privateKey := NewKeyFromSeed(seed)
	publicKey := make([]byte, PublicKeySize)
	copy(publicKey, privateKey[32:])

	return publicKey, &privateKey, nil
}

Upon rerunning the test:

RSA key added
ed25519 key added

Process finished with exit code 0
@alex

This comment has been minimized.

Copy link
Contributor

@alex alex commented Feb 16, 2020

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.