Skip to content

Commit 423cb0e

Browse files
committed
fix bad defaults
1 parent 9de2cce commit 423cb0e

File tree

3 files changed

+17
-19
lines changed

3 files changed

+17
-19
lines changed

cmd/generate.go

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ func runGenerateKeyPair(c *cli.Context) error {
120120
// provide defaults for bits, ed25519 ignores bit length so it's ommited
121121
if bits == 0 {
122122
if keytype == "rsa" {
123-
bits = 3096
123+
bits = 3072
124124
} else {
125125
bits = 256
126126
}
@@ -140,6 +140,4 @@ func runGenerateKeyPair(c *cli.Context) error {
140140
return err
141141
}
142142
return os.WriteFile(file+".pub", ssh.MarshalAuthorizedKey(pub), 0o644)
143-
144-
return nil
145143
}

modules/ssh/ssh.go

Lines changed: 13 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -406,7 +406,18 @@ func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
406406
// Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.
407407
// Private Key generated is PEM encoded
408408
func GenKeyPair(keyPath string) error {
409-
publicKey, privateKeyPEM, err := generate.NewSSHKey("rsa", 4096)
409+
bits := 4096
410+
keytype := filepath.Ext(keyPath)
411+
if keytype == ".ed25519" {
412+
keytype = "ed25519"
413+
} else if keytype == ".ecdsa" {
414+
bits = 256
415+
keytype = "ecdsa"
416+
417+
} else {
418+
keytype = "rsa"
419+
}
420+
publicKey, privateKeyPEM, err := generate.NewSSHKey(keytype, bits)
410421
if err != nil {
411422
return err
412423
}
@@ -425,13 +436,7 @@ func GenKeyPair(keyPath string) error {
425436
return err
426437
}
427438

428-
// generate public key
429-
pub, err := gossh.NewPublicKey(publicKey)
430-
if err != nil {
431-
return err
432-
}
433-
434-
public := gossh.MarshalAuthorizedKey(pub)
439+
public := gossh.MarshalAuthorizedKey(publicKey)
435440
p, err := os.OpenFile(keyPath+".pub", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
436441
if err != nil {
437442
return err

modules/ssh/ssh_test.go

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,6 @@ import (
77
"crypto/ecdsa"
88
"crypto/ed25519"
99
"crypto/rsa"
10-
"crypto/x509"
11-
"encoding/pem"
1210
"io"
1311
"os"
1412
"path/filepath"
@@ -18,6 +16,7 @@ import (
1816

1917
"github.com/stretchr/testify/assert"
2018
"github.com/stretchr/testify/require"
19+
gossh "golang.org/x/crypto/ssh"
2120
)
2221

2322
func TestGenKeyPair(t *testing.T) {
@@ -31,7 +30,7 @@ func TestGenKeyPair(t *testing.T) {
3130
},
3231
{
3332
keyPath: "/gitea.ed25519",
34-
expectedType: ed25519.PrivateKey{},
33+
expectedType: &ed25519.PrivateKey{},
3534
},
3635
{
3736
keyPath: "/gitea.ecdsa",
@@ -49,11 +48,7 @@ func TestGenKeyPair(t *testing.T) {
4948
bytes, err := io.ReadAll(file)
5049
require.NoError(t, err)
5150

52-
block, _ := pem.Decode(bytes)
53-
require.NotNil(t, block)
54-
assert.Equal(t, "PRIVATE KEY", block.Type)
55-
56-
privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
51+
privateKey, err := gossh.ParseRawPrivateKey(bytes)
5752
require.NoError(t, err)
5853
assert.IsType(t, tC.expectedType, privateKey)
5954
})

0 commit comments

Comments
 (0)