ssh

package
v0.0.0-...-be0423a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 18, 2014 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

This package is a duplicate of 32844aa1ae54: https://code.google.com/p/go/source/browse/ssh/keys.go?repo=crypto

Index

Constants

View Source 
const (
	CertAlgoRSAv01      = "ssh-rsa-cert-v01@openssh.com"
	CertAlgoDSAv01      = "ssh-dss-cert-v01@openssh.com"
	CertAlgoECDSA256v01 = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
	CertAlgoECDSA384v01 = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
	CertAlgoECDSA521v01 = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
)

These constants from [PROTOCOL.certkeys] represent the algorithm names for certificate types supported by this package.

View Source 
const (
	UserCert = 1
	HostCert = 2
)

Certificate types are used to specify whether a certificate is for identification of a user or a host. Current identities are defined in [PROTOCOL.certkeys].

View Source 
const (
	KeyAlgoRSA      = "ssh-rsa"
	KeyAlgoDSA      = "ssh-dss"
	KeyAlgoECDSA256 = "ecdsa-sha2-nistp256"
	KeyAlgoECDSA384 = "ecdsa-sha2-nistp384"
	KeyAlgoECDSA521 = "ecdsa-sha2-nistp521"
)

These constants represent the algorithm names for key types supported by this package.

Variables

This section is empty.

Functions

func MarshalAuthorizedKey 

func MarshalAuthorizedKey(key PublicKey) []byte

MarshalAuthorizedKey returns a byte stream suitable for inclusion in an OpenSSH authorized_keys file following the format specified in the sshd(8) manual page.

func MarshalPublicKey 

func MarshalPublicKey(key PublicKey) []byte

MarshalPublicKey serializes a supported key or certificate for use by the SSH wire protocol. It can be used for comparison with the pubkey argument of ServerConfig's PublicKeyCallback as well as for generating an authorized_keys or host_keys file.

Types

type CertTime 

type CertTime uint64

CertTime represents an unsigned 64-bit time value in seconds starting from UNIX epoch. We use CertTime instead of time.Time in order to properly handle the "infinite" time value ^0, which would become negative when expressed as an int64.

func (CertTime) IsInfinite 

func (ct CertTime) IsInfinite() bool

func (CertTime) Time 

func (ct CertTime) Time() time.Time

type OpenSSHCertV01 

type OpenSSHCertV01 struct {
	Nonce                   []byte
	Key                     PublicKey
	Serial                  uint64
	Type                    uint32
	KeyId                   string
	ValidPrincipals         []string
	ValidAfter, ValidBefore CertTime
	CriticalOptions         []tuple
	Extensions              []tuple
	Reserved                []byte
	SignatureKey            PublicKey
	Signature               *signature
}

An OpenSSHCertV01 represents an OpenSSH certificate as defined in [PROTOCOL.certkeys]?rev=1.8.

func (*OpenSSHCertV01) BytesForSigning 

func (cert *OpenSSHCertV01) BytesForSigning() []byte

func (*OpenSSHCertV01) Marshal 

func (cert *OpenSSHCertV01) Marshal() []byte

func (*OpenSSHCertV01) PrivateKeyAlgo 

func (c *OpenSSHCertV01) PrivateKeyAlgo() string

func (*OpenSSHCertV01) PublicKeyAlgo 

func (c *OpenSSHCertV01) PublicKeyAlgo() string

func (*OpenSSHCertV01) Verify 

func (c *OpenSSHCertV01) Verify(data []byte, sig []byte) bool

type PublicKey 

type PublicKey interface {
	// PrivateKeyAlgo returns the name of the encryption system.
	PrivateKeyAlgo() string

	// PublicKeyAlgo returns the algorithm for the public key,
	// which may be different from PrivateKeyAlgo for certificates.
	PublicKeyAlgo() string

	// Marshal returns the serialized key data in SSH wire format,
	// without the name prefix.  Callers should typically use
	// MarshalPublicKey().
	Marshal() []byte

	// Verify that sig is a signature on the given data using this
	// key. This function will hash the data appropriately first.
	Verify(data []byte, sigBlob []byte) bool
}

PublicKey is an abstraction of different types of public keys.

func NewPublicKey 

func NewPublicKey(k interface{}) (PublicKey, error)

NewPublicKey takes a pointer to rsa, dsa or ecdsa PublicKey and returns a corresponding ssh PublicKey instance. EC keys should use P256, P384 or P521.

func ParseAuthorizedKey 

func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []string, rest []byte, ok bool)

ParseAuthorizedKeys parses a public key from an authorized_keys file used in OpenSSH according to the sshd(8) manual page.

func ParsePublicKey 

func ParsePublicKey(in []byte) (out PublicKey, rest []byte, ok bool)

ParsePublicKey parses an SSH public key formatted for use in the SSH wire protocol according to RFC 4253, section 6.6.

type Signer 

type Signer interface {
	// PublicKey returns an associated PublicKey instance.
	PublicKey() PublicKey

	// Sign returns raw signature for the given data. This method
	// will apply the hash specified for the keytype to the data.
	Sign(rand io.Reader, data []byte) ([]byte, error)
}

A Signer is can create signatures that verify against a public key.

func NewSignerFromKey 

func NewSignerFromKey(k interface{}) (Signer, error)

NewPrivateKey takes a pointer to rsa, dsa or ecdsa PrivateKey returns a corresponding Signer instance. EC keys should use P256, P384 or P521.

func ParsePrivateKey 

func ParsePrivateKey(pemBytes []byte) (Signer, error)

ParsePublicKey parses a PEM encoded private key. It supports PKCS#1, RSA, DSA and ECDSA private keys.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.