ssh

package
v1.0.2014 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 1, 2023 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	SSHDESEDE3CBC = "3des-cbc"

	SSHAES128CBC = "aes128-cbc"
	SSHAES192CBC = "aes192-cbc"
	SSHAES256CBC = "aes256-cbc"

	SSHAES128CTR = "aes128-ctr"
	SSHAES192CTR = "aes192-ctr"
	SSHAES256CTR = "aes256-ctr"

	SSHAES128GCM = "aes128-gcm@openssh.com"
	SSHAES256GCM = "aes256-gcm@openssh.com"

	// RC4 = arcfour
	SSHArcfour    = "arcfour"
	SSHArcfour128 = "arcfour128"
	SSHArcfour256 = "arcfour256"

	SSHBlowfishCBC = "blowfish-cbc"

	// cast5 = cast128
	SSHCast128CBC = "cast128-cbc"

	SSHChacha20poly1305 = "chacha20-poly1305@openssh.com"

	SSHSM4CBC = "sm4-cbc"
	SSHSM4CTR = "sm4-ctr"
)
View Source
var AES128CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES128CBC is the 128-bit key AES cipher in CBC mode.

View Source
var AES128CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES128CTR is the 128-bit key AES cipher in CTR mode.

View Source
var AES128GCM = CipherGCM{
	// contains filtered or unexported fields
}

AES128GCM is the 128-bit key AES cipher in GCM mode.

View Source
var AES192CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES192CBC is the 192-bit key AES cipher in CBC mode.

View Source
var AES192CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES192CTR is the 192-bit key AES cipher in CTR mode.

View Source
var AES256CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES256CBC is the 256-bit key AES cipher in CBC mode.

View Source
var AES256CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES256CTR is the 256-bit key AES cipher in CTR mode.

View Source
var AES256GCM = CipherGCM{
	// contains filtered or unexported fields
}

AES256GCM is the 256-bit key AES cipher in GCM mode.

View Source
var Arcfour = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour is the (from 1 to 256 bytes) key RC4 cipher.

View Source
var Arcfour128 = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour128 is the 128-bit key RC4 cipher.

View Source
var Arcfour256 = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour256 is the 256-bit key RC4 cipher.

View Source
var BlowfishCBC = CipherCBC{
	// contains filtered or unexported fields
}

BlowfishCBC is the key (from 1 to 56 bytes) blowfish cipher in CBC mode.

View Source
var Cast128CBC = CipherCBC{
	// contains filtered or unexported fields
}

Cast128CBC is the 128-bit key cast5 cipher in CBC mode.

View Source
var Chacha20poly1305 = CipherChacha20poly1305{
	// contains filtered or unexported fields
}

Chacha20poly1305 is the 256-bit chacha20poly1305 cipher.

View Source
var CipherMap = map[string]Cipher{
	"DESEDE3CBC":       DESEDE3CBC,
	"BlowfishCBC":      BlowfishCBC,
	"Chacha20poly1305": Chacha20poly1305,

	"Cast128CBC": Cast128CBC,

	"AES128CBC": AES128CBC,
	"AES192CBC": AES192CBC,
	"AES256CBC": AES256CBC,

	"AES128CTR": AES128CTR,
	"AES192CTR": AES192CTR,
	"AES256CTR": AES256CTR,

	"AES128GCM": AES128GCM,
	"AES256GCM": AES256GCM,

	"Arcfour":    Arcfour,
	"Arcfour128": Arcfour128,
	"Arcfour256": Arcfour256,

	"SM4CBC": SM4CBC,
	"SM4CTR": SM4CTR,
}

Cipher 列表

View Source
var DESEDE3CBC = CipherCBC{
	// contains filtered or unexported fields
}

DESEDE3CBC is the 168-bit key 3DES cipher in CBC mode.

View Source
var DefaultOpts = Opts{
	Cipher: AES256CTR,
	KDFOpts: BcryptOpts{
		SaltSize: 16,
		Rounds:   16,
	},
}

默认配置

View Source
var (
	KeyAlgoSM2 = "ssh-sm2"
)
View Source
var SM4CBC = CipherCBC{
	// contains filtered or unexported fields
}

SM4CBC is the 128-bit SM4 AES cipher in CBC mode.

View Source
var SM4CTR = CipherCTR{
	// contains filtered or unexported fields
}

SM4CTR is the 128-bit SM4 AES cipher in CTR mode.

Functions

func AddCipher

func AddCipher(name string, cipher func() Cipher)

添加加密

func AddKDF

func AddKDF(name string, params func() KDFParameters)

添加 kdf 方式

func AddKey

func AddKey(name string, key func() Key)

添加Key

func AddPubKeyParser added in v1.0.2002

func AddPubKeyParser(name string, parser PubKeyParser)

添加解析方式方式

func EncodeSSHKeyToPem added in v1.0.1030

func EncodeSSHKeyToPem(keyBlock *pem.Block) []byte

编码到 pem

func GetStructName

func GetStructName(s any) (name string)

反射获取结构体名称

func MarshalAuthorizedKey added in v1.0.2002

func MarshalAuthorizedKey(key ssh.PublicKey) []byte

创建 key

func MarshalAuthorizedKeyWithComment added in v1.0.2002

func MarshalAuthorizedKeyWithComment(key ssh.PublicKey, comment string) []byte

创建带信息的 key

func MarshalOpenSSHPrivateKey

func MarshalOpenSSHPrivateKey(key crypto.PrivateKey, comment string) (*pem.Block, error)

编码

func MarshalOpenSSHPrivateKeyWithPassword added in v1.0.1030

func MarshalOpenSSHPrivateKeyWithPassword(key crypto.PrivateKey, comment string, password []byte, opts ...Opts) (*pem.Block, error)

编码

func NewPublicKey added in v1.0.2002

func NewPublicKey(key any) (out ssh.PublicKey, err error)

RSA | DSA | SM2 | ECDSA | SKECDSA | ED25519 | SKEd25519 CertAlgoRSAv01 | CertAlgoDSAv01 CertAlgoECDSA256v01 | CertAlgoECDSA384v01 CertAlgoECDSA521v01 | CertAlgoSKECDSA256v01 CertAlgoED25519v01 | CertAlgoSKED25519v01

func NewSM2PrivateKey added in v1.0.2002

func NewSM2PrivateKey(key *sm2.PrivateKey) ssh.Signer

func NewSM2PublicKey added in v1.0.2002

func NewSM2PublicKey(key *sm2.PublicKey) ssh.PublicKey

func NewSignerFromKey added in v1.0.2002

func NewSignerFromKey(key any) (out ssh.Signer, err error)

func ParseAuthorizedKey added in v1.0.2002

func ParseAuthorizedKey(in []byte) (out ssh.PublicKey, comment string, options []string, rest []byte, err error)

func ParseKnownHosts added in v1.0.2002

func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey ssh.PublicKey, comment string, rest []byte, err error)

func ParseOpenSSHPrivateKey

func ParseOpenSSHPrivateKey(key []byte) (crypto.PrivateKey, string, error)

解析

func ParseOpenSSHPrivateKeyWithPassword added in v1.0.1030

func ParseOpenSSHPrivateKeyWithPassword(key []byte, password []byte) (crypto.PrivateKey, string, error)

解析带密码

func ParsePrivateKey added in v1.0.2002

func ParsePrivateKey(pemBytes []byte) (ssh.Signer, error)

func ParsePrivateKeyWithPassphrase added in v1.0.2002

func ParsePrivateKeyWithPassphrase(pemBytes, passphrase []byte) (ssh.Signer, error)

func ParsePublicKey added in v1.0.2002

func ParsePublicKey(in []byte) (out ssh.PublicKey, err error)

func ParseRawPrivateKey added in v1.0.2002

func ParseRawPrivateKey(pemBytes []byte) (out any, err error)

func ParseRawPrivateKeyWithPassphrase added in v1.0.2002

func ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (out any, err error)

func ParseSM2AuthorizedKey added in v1.0.2002

func ParseSM2AuthorizedKey(in []byte) (out ssh.PublicKey, comment string, options []string, rest []byte, err error)

func ParseSM2PublicKey added in v1.0.2002

func ParseSM2PublicKey(in []byte) (out ssh.PublicKey, err error)

func ParseSM2RawPrivateKey added in v1.0.2002

func ParseSM2RawPrivateKey(pemBytes []byte) (any, error)

func ParseSM2RawPrivateKeyWithPassphrase added in v1.0.2002

func ParseSM2RawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (any, error)

func ParseSSHKeyPem added in v1.0.1030

func ParseSSHKeyPem(data []byte) ([]byte, error)

解析 pem 数据

Types

type BcryptOpts

type BcryptOpts struct {
	SaltSize int
	Rounds   int
}

BcryptOpts 设置

func (BcryptOpts) DeriveKey

func (this BcryptOpts) DeriveKey(password []byte, size int) ([]byte, string, error)

func (BcryptOpts) GetSaltSize

func (this BcryptOpts) GetSaltSize() int

func (BcryptOpts) Name

func (this BcryptOpts) Name() string

type Cipher

type Cipher interface {
	// 名称
	Name() string

	// 值大小
	KeySize() int

	// 块大小
	BlockSize() int

	// 加密, 返回: [加密后数据, error]
	Encrypt(key, plaintext []byte) ([]byte, error)

	// 解密
	Decrypt(key, ciphertext []byte) ([]byte, error)
}

加密接口

func GetCipherFromName added in v1.0.1029

func GetCipherFromName(name string) Cipher

获取 Cipher 类型

func ParseCipher

func ParseCipher(cipherName string) (Cipher, error)

type CipherCBC

type CipherCBC struct {
	// contains filtered or unexported fields
}

cbc 模式加密

func (CipherCBC) BlockSize

func (this CipherCBC) BlockSize() int

块大小

func (CipherCBC) Decrypt

func (this CipherCBC) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherCBC) Encrypt

func (this CipherCBC) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherCBC) KeySize

func (this CipherCBC) KeySize() int

值大小

func (CipherCBC) Name

func (this CipherCBC) Name() string

oid

type CipherCTR

type CipherCTR struct {
	// contains filtered or unexported fields
}

CTR 模式加密

func (CipherCTR) BlockSize

func (this CipherCTR) BlockSize() int

块大小

func (CipherCTR) Decrypt

func (this CipherCTR) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherCTR) Encrypt

func (this CipherCTR) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherCTR) KeySize

func (this CipherCTR) KeySize() int

值大小

func (CipherCTR) Name

func (this CipherCTR) Name() string

名称

type CipherChacha20poly1305 added in v1.0.1031

type CipherChacha20poly1305 struct {
	// contains filtered or unexported fields
}

Chacha20poly1305 加密/解密

func (CipherChacha20poly1305) BlockSize added in v1.0.1031

func (this CipherChacha20poly1305) BlockSize() int

块大小

func (CipherChacha20poly1305) Decrypt added in v1.0.1031

func (this CipherChacha20poly1305) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherChacha20poly1305) Encrypt added in v1.0.1031

func (this CipherChacha20poly1305) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherChacha20poly1305) KeySize added in v1.0.1031

func (this CipherChacha20poly1305) KeySize() int

值大小

func (CipherChacha20poly1305) Name added in v1.0.1031

func (this CipherChacha20poly1305) Name() string

名称

type CipherGCM added in v1.0.1031

type CipherGCM struct {
	// contains filtered or unexported fields
}

gcm 模式加密

func (CipherGCM) BlockSize added in v1.0.1031

func (this CipherGCM) BlockSize() int

块大小

func (CipherGCM) Decrypt added in v1.0.1031

func (this CipherGCM) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherGCM) Encrypt added in v1.0.1031

func (this CipherGCM) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherGCM) KeySize added in v1.0.1031

func (this CipherGCM) KeySize() int

值大小

func (CipherGCM) Name added in v1.0.1031

func (this CipherGCM) Name() string

名称

type CipherRC4 added in v1.0.1031

type CipherRC4 struct {
	// contains filtered or unexported fields
}

CipherRC4 加密/解密

func (CipherRC4) BlockSize added in v1.0.1031

func (this CipherRC4) BlockSize() int

块大小

func (CipherRC4) Decrypt added in v1.0.1031

func (this CipherRC4) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherRC4) Encrypt added in v1.0.1031

func (this CipherRC4) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherRC4) KeySize added in v1.0.1031

func (this CipherRC4) KeySize() int

值大小

func (CipherRC4) Name added in v1.0.1031

func (this CipherRC4) Name() string

名称

func (CipherRC4) WithKeySize added in v1.0.1031

func (this CipherRC4) WithKeySize(keySize int) CipherRC4

设置值大小

type KDFOpts

type KDFOpts interface {
	// 名称
	Name() string

	// 生成密钥
	DeriveKey(password []byte, size int) (key []byte, params string, err error)

	// 随机数大小
	GetSaltSize() int
}

KDF 设置接口

type KDFParameters

type KDFParameters interface {
	// 生成密钥
	DeriveKey(password []byte, kdfOpts string, size int) (key []byte, err error)
}

数据接口

func ParsePbkdf

func ParsePbkdf(kdfName string) (KDFParameters, error)

type Key

type Key interface {
	// 包装
	Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

	// 解析
	Parse(data []byte) (crypto.PrivateKey, string, error)
}

Key 接口

func ParseKeytype

func ParseKeytype(keytype string) (Key, error)

type KeyEcdsa

type KeyEcdsa struct{}

ecdsa

func (KeyEcdsa) Marshal

func (this KeyEcdsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyEcdsa) Parse

func (this KeyEcdsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeyEdDsa

type KeyEdDsa struct{}

EdDsa

func (KeyEdDsa) Marshal

func (this KeyEdDsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyEdDsa) Parse

func (this KeyEdDsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeyRsa

type KeyRsa struct{}

rsa

func (KeyRsa) Marshal

func (this KeyRsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyRsa) Parse

func (this KeyRsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeySM2 added in v1.0.1031

type KeySM2 struct{}

SM2

func (KeySM2) Marshal added in v1.0.1031

func (this KeySM2) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeySM2) Parse added in v1.0.1031

func (this KeySM2) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type Opts added in v1.0.1030

type Opts struct {
	Cipher  Cipher
	KDFOpts KDFOpts
}

配置

type PcryptOpts added in v1.0.1029

type PcryptOpts struct {
	SaltSize int
	Rounds   int
}

PcryptOpts 设置

func (PcryptOpts) DeriveKey added in v1.0.1029

func (this PcryptOpts) DeriveKey(password []byte, size int) (key []byte, params string, err error)

func (PcryptOpts) GetSaltSize added in v1.0.1029

func (this PcryptOpts) GetSaltSize() int

func (PcryptOpts) Name added in v1.0.1029

func (this PcryptOpts) Name() string

type PubKeyParser added in v1.0.2002

type PubKeyParser = func([]byte) (ssh.PublicKey, []byte, error)

解析方式

func GetPubKeyParser added in v1.0.2002

func GetPubKeyParser(name string) PubKeyParser

获取解析方式方式

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL