forked from openssh/openssh-portable
-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This finishes the work in PR #160 which applied the upstream `sshkey.c` refactor to the OQS fork by adding support for hybrid SSH keys. More importantly, this brings the `OQS-v9` branch up to parity with `OQS-v8` in terms of supported algorithms and functionality. Therefore, we can do more in depth and thorough validation to increase confidence in cutting over to this newer branch. Speaking to the code changes for hybrid SSH key support, this works by adding logic to `ssh-oqs` which branches on hybrid SSH key implementations to handle the classical portion of the key and combine it with the PQ portion as-appropriate. The main trick is to introduce a small lookup table for the RSA/ECDSA implementation and exposing the symbols to `ssh-oqs` via an extern declaration. One notable oddity is that upstream OpenSSH multiplexes the underlying EC curves by placing a generic implementation behind the P-256 struct and allowing the implementation to fork based on the `bits` or `key->type` parameters. Depending on the context, this is how `sshkey` does things so I followed their convention. Related to issue #135 Asserted that Circle CI jobs pass. These tests run through a subset of the OpenSSH unit tests that have been documented to pass against the OQS fork and skip tests that depend on missing/broken functionality. This demonstrates internal consistency and parity with the testing bar set by `OQS-v8`. Performed interop testing between `OQS-v8` and `OQS-v9` to assert that we have no regressions from pulling in 2 years of upstream changes and re-implementing PQ+Hybrid SSH Keys. This was done by modifying `try_connection.py` which tests all PQ+Hybrid signatures and key exchanges by connecting the built SSH client to the SSHD server and explicitly specifying each algorithm. By adding CLI flags to override this test to use an SSH or SSHD binary from somewhere else, we can perform thorough interop testing between an `OQS-v8` server and `OQS-v9` client or vice versa. Detailed process/commands outlined below. ``` git clone [email protected]:open-quantum-safe/openssh.git oqs-openssh-clean cd oqs-openssh-clean git checkout OQS-v8 ./oqs-scripts/clone_liboqs.sh ./oqs-scripts/build_liboqs.sh ./oqs-scripts/build_openssh.sh python3 oqs-test/try_connection.py --sshd `readlink -f ../oqs-openssh-clean/sshd` doall Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-rsa3072-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-ecdsa-nistp256-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-falcon1024. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-ecdsa-nistp521-falcon1024. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-dilithium2. ... python3 oqs-test/try_connection.py --ssh `readlink -f ../oqs-openssh-clean/ssh` doall Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-rsa3072-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-ecdsa-nistp256-falcon512. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-falcon1024. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-ecdsa-nistp521-falcon1024. Success! Key Exchange Algorithm: frodokem-640-aes-sha256. Signature Algorithm: ssh-dilithium2. ... ``` Signed-off-by: gcr <[email protected]>
- Loading branch information
Showing
12 changed files
with
621 additions
and
134 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
{%- for kex in config['kexs'] %} | ||
"{{ kex['pretty_name'] }}", | ||
{%- for curve in kex['mix_with'] %} | ||
# "{{ curve['pretty_name'] }}", | ||
"{{ curve['pretty_name'] }}", | ||
{%- endfor -%} | ||
{%- endfor %} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
{%- for sig in config['sigs'] %} | ||
"ssh-{{ sig['name']|replace('_','') }}", | ||
{%- for alg in sig['mix_with'] %} | ||
# "ssh-{{ alg['name']|replace('_','-') }}-{{ sig['name']|replace('_','') }}", | ||
"ssh-{{ alg['name']|replace('_','-') }}-{{ sig['name']|replace('_','') }}", | ||
{%- endfor -%} | ||
{%- endfor %} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
{% for sig in config['sigs'] %} | ||
case KEY_{{ sig['name']|upper }}: | ||
{%- for alg in sig['mix_with'] %} | ||
case KEY_{{ alg['name']|upper }}_{{ sig['name']|upper }}: | ||
{%- endfor %} | ||
impl = &sshkey_{{ sig['name']|replace('_','') }}_impl; | ||
break; | ||
{%- endfor %} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,6 +2,7 @@ | |
# and signature algorithm, and checks whether the stock BoringSSL | ||
# client and server can establish a handshake with the choices. | ||
|
||
import argparse | ||
import os | ||
import random | ||
import subprocess | ||
|
@@ -13,75 +14,75 @@ | |
kexs = [ | ||
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_START | ||
"frodokem-640-aes-sha256", | ||
# "[email protected]", | ||
"[email protected]", | ||
"frodokem-976-aes-sha384", | ||
# "[email protected]", | ||
"[email protected]", | ||
"frodokem-1344-aes-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
"frodokem-640-shake-sha256", | ||
# "[email protected]", | ||
"[email protected]", | ||
"frodokem-976-shake-sha384", | ||
# "[email protected]", | ||
"[email protected]", | ||
"frodokem-1344-shake-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
"kyber-512-sha256", | ||
# "[email protected]", | ||
"[email protected]", | ||
"kyber-768-sha384", | ||
# "[email protected]", | ||
"[email protected]", | ||
"kyber-1024-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
"bike-l1-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
"bike-l3-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
"classic-mceliece-348864-sha256", | ||
# "ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org", | ||
"ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org", | ||
"classic-mceliece-348864f-sha256", | ||
# "ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org", | ||
"ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org", | ||
"classic-mceliece-460896-sha512", | ||
# "ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org", | ||
"ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org", | ||
"classic-mceliece-460896f-sha512", | ||
# "ecdh-nistp384-classic-mceliece-460896fr4-sha512@openquantumsafe.org", | ||
"ecdh-nistp384-classic-mceliece-460896fr4-sha512@openquantumsafe.org", | ||
"classic-mceliece-6688128-sha512", | ||
# "ecdh-nistp521-classic-mceliece-6688128r4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-6688128r4-sha512@openquantumsafe.org", | ||
"classic-mceliece-6688128f-sha512", | ||
# "ecdh-nistp521-classic-mceliece-6688128fr4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-6688128fr4-sha512@openquantumsafe.org", | ||
"classic-mceliece-6960119-sha512", | ||
# "ecdh-nistp521-classic-mceliece-6960119r4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-6960119r4-sha512@openquantumsafe.org", | ||
"classic-mceliece-6960119f-sha512", | ||
# "ecdh-nistp521-classic-mceliece-6960119fr4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-6960119fr4-sha512@openquantumsafe.org", | ||
"classic-mceliece-8192128-sha512", | ||
# "ecdh-nistp521-classic-mceliece-8192128r4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-8192128r4-sha512@openquantumsafe.org", | ||
"classic-mceliece-8192128f-sha512", | ||
# "ecdh-nistp521-classic-mceliece-8192128fr4-sha512@openquantumsafe.org", | ||
"ecdh-nistp521-classic-mceliece-8192128fr4-sha512@openquantumsafe.org", | ||
"hqc-128-sha256", | ||
# "[email protected]", | ||
"[email protected]", | ||
"hqc-192-sha384", | ||
# "[email protected]", | ||
"[email protected]", | ||
"hqc-256-sha512", | ||
# "[email protected]", | ||
"[email protected]", | ||
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END | ||
] | ||
|
||
sigs = [ | ||
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_START | ||
"ssh-falcon512", | ||
# "ssh-rsa3072-falcon512", | ||
# "ssh-ecdsa-nistp256-falcon512", | ||
"ssh-rsa3072-falcon512", | ||
"ssh-ecdsa-nistp256-falcon512", | ||
"ssh-falcon1024", | ||
# "ssh-ecdsa-nistp521-falcon1024", | ||
"ssh-ecdsa-nistp521-falcon1024", | ||
"ssh-dilithium2", | ||
# "ssh-rsa3072-dilithium2", | ||
# "ssh-ecdsa-nistp256-dilithium2", | ||
"ssh-rsa3072-dilithium2", | ||
"ssh-ecdsa-nistp256-dilithium2", | ||
"ssh-dilithium3", | ||
# "ssh-ecdsa-nistp384-dilithium3", | ||
"ssh-ecdsa-nistp384-dilithium3", | ||
"ssh-dilithium5", | ||
# "ssh-ecdsa-nistp521-dilithium5", | ||
"ssh-ecdsa-nistp521-dilithium5", | ||
"ssh-sphincssha2128fsimple", | ||
# "ssh-rsa3072-sphincssha2128fsimple", | ||
# "ssh-ecdsa-nistp256-sphincssha2128fsimple", | ||
"ssh-rsa3072-sphincssha2128fsimple", | ||
"ssh-ecdsa-nistp256-sphincssha2128fsimple", | ||
"ssh-sphincssha2256fsimple", | ||
# "ssh-ecdsa-nistp521-sphincssha2256fsimple", | ||
"ssh-ecdsa-nistp521-sphincssha2256fsimple", | ||
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END | ||
] | ||
|
||
|
@@ -131,8 +132,11 @@ def try_handshake(ssh, sshd, dorandom="random"): | |
do_handshake(ssh, sshd, test_sig, test_kex) | ||
|
||
if __name__ == '__main__': | ||
if len(sys.argv)==1: | ||
try_handshake(os.path.abspath('ssh'), os.path.abspath('sshd')) | ||
else: | ||
try_handshake(os.path.abspath('ssh'), os.path.abspath('sshd'), dorandom=sys.argv[1]) | ||
parser = argparse.ArgumentParser(description="Test connections between ssh and sshd using PQ algorithms.") | ||
parser.add_argument("--ssh", default=os.path.abspath('ssh'), type=str, help="Override the ssh binary.") | ||
parser.add_argument("--sshd", default=os.path.abspath('sshd'), type=str, help="Override the sshd binary.") | ||
parser.add_argument("dorandom", type=str, default="random", choices=["doall", "doone", "random"], | ||
help="Slice of test cases to run.") | ||
args = parser.parse_args() | ||
try_handshake(args.ssh, args.sshd, args.dorandom) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.