From: Eric McDonald Date: Wed, 21 Sep 2022 13:04:49 +0000 (-0400) Subject: luci-mod-system: allow ecdsa-sk and ed25519-sk key types X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=refs%2Fpull%2F5983%2Fhead;p=project%2Fluci.git luci-mod-system: allow ecdsa-sk and ed25519-sk key types Allow adding ecdsa-sk and ed25519-sk SSH keys in LuCI These key types can be generated via the -t flag in ssh-keygen and are supported in recent versions of dropbear. As ssh-keygen ignores the -b flag when generating ecdsa-sk and ed25519-sk keys, the curve field in the objects returned by the decode function is set to fixed strings for both ecdsa-sk and ed25519-sk public key strings. This is in contrast to ecdsa keys for which various curves can be provided (e.g., NIST P-256, NIST P-384, and NIST P-521). Signed-off-by: Eric McDonald --- diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/sshkeys.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/sshkeys.js index 8b12b2311e..df3e354e37 100644 --- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/sshkeys.js +++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/sshkeys.js @@ -22,7 +22,7 @@ var SSHPubkeyDecoder = baseclass.singleton({ decode: function(s) { - var parts = s.trim().match(/^((?:(?:^|,)[^ =,]+(?:=(?:[^ ",]+|"(?:[^"\\]|\\.)*"))?)+ +)?(ssh-dss|ssh-rsa|ssh-ed25519|ecdsa-sha2-nistp[0-9]+) +([^ ]+)( +.*)?$/); + var parts = s.trim().match(/^((?:(?:^|,)[^ =,]+(?:=(?:[^ ",]+|"(?:[^"\\]|\\.)*"))?)+ +)?(ssh-dss|ssh-rsa|ssh-ed25519|ecdsa-sha2-nistp[0-9]+|sk-ecdsa-sha2-nistp256@openssh\.com|sk-ssh-ed25519@openssh\.com) +([^ ]+)( +.*)?$/); if (!parts) return null; @@ -99,6 +99,12 @@ var SSHPubkeyDecoder = baseclass.singleton({ case 'ecdsa-sha2': return { type: 'ECDSA', curve: curve, comment: comment, options: options, fprint: fprint, src: s }; + + case 'sk-ecdsa-sha2-nistp256@openssh.com': + return { type: 'ECDSA-SK', curve: 'NIST P-256', comment: comment, options: options, fprint: fprint, src: s }; + + case 'sk-ssh-ed25519@openssh.com': + return { type: 'EdDSA-SK', curve: 'Curve25519', comment: comment, options: options, fprint: fprint, src: s }; default: return null;