1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package goodkey
// This file defines a basic method for testing if a given RSA public key is on one of
// the Debian weak key lists and is therefore considered compromised. Instead of
// directly loading the hash suffixes from the individual lists we flatten them all
// into a single JSON list using cmd/weak-key-flatten for ease of use.
import (
"crypto/rsa"
"crypto/sha1"
"encoding/hex"
"encoding/json"
"fmt"
"os"
)
type truncatedHash [10]byte
type WeakRSAKeys struct {
suffixes map[truncatedHash]struct{}
}
func LoadWeakRSASuffixes(path string) (*WeakRSAKeys, error) {
f, err := os.ReadFile(path)
if err != nil {
return nil, err
}
var suffixList []string
err = json.Unmarshal(f, &suffixList)
if err != nil {
return nil, err
}
wk := &WeakRSAKeys{suffixes: make(map[truncatedHash]struct{})}
for _, suffix := range suffixList {
err := wk.addSuffix(suffix)
if err != nil {
return nil, err
}
}
return wk, nil
}
func (wk *WeakRSAKeys) addSuffix(str string) error {
var suffix truncatedHash
decoded, err := hex.DecodeString(str)
if err != nil {
return err
}
if len(decoded) != 10 {
return fmt.Errorf("unexpected suffix length of %d", len(decoded))
}
copy(suffix[:], decoded)
wk.suffixes[suffix] = struct{}{}
return nil
}
func (wk *WeakRSAKeys) Known(key *rsa.PublicKey) bool {
// Hash input is in the format "Modulus={upper-case hex of modulus}\n"
hash := sha1.Sum([]byte(fmt.Sprintf("Modulus=%X\n", key.N.Bytes())))
var suffix truncatedHash
copy(suffix[:], hash[10:])
_, present := wk.suffixes[suffix]
return present
}
|
