Hello agl@golang.org, jpsugar@google.com (cc: golang-dev@googlegroups.com, jmpittman@google.com), I'd like you to review this change to https://code.google.com/p/go.crypto
10 years, 7 months ago
(2013-09-10 11:11:53 UTC)
#1
Hi, I think this is a big improvement, but some caveats: * this will affect ...
10 years, 7 months ago
(2013-09-10 11:16:10 UTC)
#2
Hi,
I think this is a big improvement, but some caveats:
* this will affect the public API. Is that OK ?
* I did not add a PrivateKey yet, to keep the change smaller, but I could add it
with this change.
* When we add a PrivateKey, should we change the KeyRing interface? It would
look like
type PrivateKey interface {
PublicKey
Sign(rand io.Reader, data []byte) (sig []byte, err error)
}
and ClientKeyRing could be just
type ClientKeyRing interface {
Key(i int) (PrivateKey, error)
}
Also, I just noticed that cert based user-auth is untested. Jonathan, could you look into ...
10 years, 7 months ago
(2013-09-10 11:28:55 UTC)
#3
Also, I just noticed that cert based user-auth is untested.
Jonathan, could you look into a test that exercises the code in certs.go?
Without tests it is hard to do any refactoring.
I have not fully looked over this, but I wanted to comment on your ClientKeyRing ...
10 years, 7 months ago
(2013-09-10 16:08:16 UTC)
#4
I have not fully looked over this, but I wanted to comment on your ClientKeyRing
interface change idea. A normal ssh-agent does not reveal private keys. So,
having a ClientKeyRing return a PrivateKey would disallow the AgentClient to
implement ClientKeyRing. Your previous idea about ClientKeyRing returning a
Signer is better for this case IMHO.
I can look into adding some tests for certs. Are you wanting anything in
particular or mostly showing it working with client/server side auth?
On Tue, Sep 10, 2013 at 6:08 PM, <jmpittman@google.com> wrote: > I have not fully ...
10 years, 7 months ago
(2013-09-10 16:28:28 UTC)
#5
On Tue, Sep 10, 2013 at 6:08 PM, <jmpittman@google.com> wrote:
> I have not fully looked over this, but I wanted to comment on your
> ClientKeyRing interface change idea. A normal ssh-agent does not reveal
> private keys. So, having a ClientKeyRing return a PrivateKey would
> disallow the AgentClient to implement ClientKeyRing.
AFAICT, AgentClient today does not implement ClientKeyRing either.
> Your previous idea
> about ClientKeyRing returning a Signer is better for this case IMHO.
But that's just naming? The Signer would need to contain the private
key, otherwise it can't sign anything.
> I can look into adding some tests for certs. Are you wanting anything
> in particular or mostly showing it working with client/server side auth?
Code coverage for the success case is a useful start. Right now, I can
put a panic() in the middle of the cert code, and all tests will still
pass.
--
Han-Wen Nienhuys
Google Munich
hanwen@google.com
On 2013/09/10 16:28:28, hanwen-google wrote: > On Tue, Sep 10, 2013 at 6:08 PM, <mailto:jmpittman@google.com> ...
10 years, 7 months ago
(2013-09-10 16:58:58 UTC)
#7
On 2013/09/10 16:28:28, hanwen-google wrote:
> On Tue, Sep 10, 2013 at 6:08 PM, <mailto:jmpittman@google.com> wrote:
> > I have not fully looked over this, but I wanted to comment on your
> > ClientKeyRing interface change idea. A normal ssh-agent does not reveal
> > private keys. So, having a ClientKeyRing return a PrivateKey would
> > disallow the AgentClient to implement ClientKeyRing.
>
> AFAICT, AgentClient today does not implement ClientKeyRing either.
AgentClient does not implement ClientKeyRing directly, but it can currently be
used to implement ClientKeyRing. There is currently an unexported
implementation in client_auth.go (look for agentKeyring). The ClientAuthAgent
function currently uses this implementation.
>
> > Your previous idea
> > about ClientKeyRing returning a Signer is better for this case IMHO.
>
> But that's just naming? The Signer would need to contain the private
> key, otherwise it can't sign anything.
>
It is not just naming. Returning a PrivateKey would carry an expectation that
it is the actual private key. Returning a Signer would only carry the
expectation that the Signer has access to the private key to be used for
signing. A Signer would carry no expectation that the private key is directly
accessible from itself. And an ssh agent would fit this.
> > I can look into adding some tests for certs. Are you wanting anything
> > in particular or mostly showing it working with client/server side auth?
>
> Code coverage for the success case is a useful start. Right now, I can
> put a panic() in the middle of the cert code, and all tests will still
> pass.
>
Understood. We also need to add some sort of safe guard in association with
supportedHostKeyAlgos as it still only contains "ssh-rsa" and yet others get
through for client usage. We need to add in all of the types supported in this
package and reject or prevent usage of types not supported by this package (like
v00 certs and some others).
> --
> Han-Wen Nienhuys
> Google Munich
> mailto:hanwen@google.com
On Tue, Sep 10, 2013 at 6:58 PM, <jmpittman@google.com> wrote: > On 2013/09/10 16:28:28, hanwen-google ...
10 years, 7 months ago
(2013-09-10 17:08:00 UTC)
#8
On Tue, Sep 10, 2013 at 6:58 PM, <jmpittman@google.com> wrote:
> On 2013/09/10 16:28:28, hanwen-google wrote:
>
>> On Tue, Sep 10, 2013 at 6:08 PM, <mailto:jmpittman@google.com> wrote:
>> > I have not fully looked over this, but I wanted to comment on your
>> > ClientKeyRing interface change idea. A normal ssh-agent does not
>
> reveal
>>
>> > private keys. So, having a ClientKeyRing return a PrivateKey would
>> > disallow the AgentClient to implement ClientKeyRing.
>
>
>> AFAICT, AgentClient today does not implement ClientKeyRing either.
>
> AgentClient does not implement ClientKeyRing directly, but it can
> currently be used to implement ClientKeyRing. There is currently an
> unexported implementation in client_auth.go (look for agentKeyring).
> The ClientAuthAgent function currently uses this implementation.
Ah, right.
>> > Your previous idea
>> > about ClientKeyRing returning a Signer is better for this case IMHO.
>
>
>> But that's just naming? The Signer would need to contain the private
>> key, otherwise it can't sign anything.
>
>
> It is not just naming. Returning a PrivateKey would carry an
> expectation that it is the actual private key.
The interface just requires something that can sign data. You could
make a PrivateKey that carries a connection to the agent, and forwards
any Sign() call to the agent. Arguably, Signer is more Go-ish, but I
think PrivateKey conveys more information to crypto people.
> Returning a Signer would
> only carry the expectation that the Signer has access to the private key
> to be used for signing. A Signer would carry no expectation that the
> private key is directly accessible from itself. And an ssh agent would
> fit this.
>> Code coverage for the success case is a useful start. Right now, I can
>> put a panic() in the middle of the cert code, and all tests will still
>> pass.
>
>
> Understood.
> We also need to add some sort of safe guard in association
> with supportedHostKeyAlgos as it still only contains "ssh-rsa" and yet
> others get through for client usage. We need to add in all of the types
> supported in this package and reject or prevent usage of types not
> supported by this package (like v00 certs and some others).
I'll add support for proper host keys, hopefully in a next CL. The
crypto config could just carry a
HostKeys []PrivateKey
and the PrivateKey implementations will specify what they do or do not support.
--
Han-Wen Nienhuys
Google Munich
hanwen@google.com
On Tue, Sep 10, 2013 at 7:16 PM, <jpsugar@google.com> wrote: > > https://codereview.appspot.com/13642043/diff/1002/ssh/keys.go > File ...
10 years, 7 months ago
(2013-09-10 17:40:26 UTC)
#11
On Tue, Sep 10, 2013 at 7:16 PM, <jpsugar@google.com> wrote:
>
> https://codereview.appspot.com/13642043/diff/1002/ssh/keys.go
> File ssh/keys.go (right):
>
> https://codereview.appspot.com/13642043/diff/1002/ssh/keys.go#newcode198
> ssh/keys.go:198: Name() string
> On 2013/09/10 17:14:40, hanwen-google wrote:
>>
>> I find the names confusing, but if what you're suggesting is correct,
>
> wouldn't
>>
>> this one be the PrivateKeyAlgo, and the other the PublicKeyAlgo? (I'm
>
> not sure.)
>
> Erm, quite possibly. I'm not entirely clear on the usage. Whichever one
> returns a cert algo should be the PublicKeyAlgo.
Done.
--
Han-Wen Nienhuys
Google Munich
hanwen@google.com
LGTM https://codereview.appspot.com/13642043/diff/26001/ssh/client_auth.go File ssh/client_auth.go (right): https://codereview.appspot.com/13642043/diff/26001/ssh/client_auth.go#newcode227 ssh/client_auth.go:227: s := serializeSignature(key.PrivateKeyAlgo(), sign) Is this a bug ...
10 years, 7 months ago
(2013-09-10 18:07:39 UTC)
#12
LGTM Changing the public API is acceptable for a good reason, and this seems like ...
10 years, 7 months ago
(2013-09-13 18:24:11 UTC)
#14
LGTM
Changing the public API is acceptable for a good reason, and this seems like a
nice cleanup such that it hopefully won't affect many users of the package.
In the future, if there's a PrivateKey interface, but which only actually
implements signing (i.e. by talking to an agent), then I think Signer is a
better name.
Issue 13642043: code review 13642043: go.crypto/ssh: introduce PublicKey interface type.
(Closed)
Created 10 years, 7 months ago by hanwen-google
Modified 10 years, 7 months ago
Reviewers:
Base URL:
Comments: 18
