ssh

package
v1.0.3010 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 21, 2024 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	SSHDESEDE3CBC = "3des-cbc"

	SSHAES128CBC = "aes128-cbc"
	SSHAES192CBC = "aes192-cbc"
	SSHAES256CBC = "aes256-cbc"

	SSHAES128CTR = "aes128-ctr"
	SSHAES192CTR = "aes192-ctr"
	SSHAES256CTR = "aes256-ctr"

	SSHAES128GCM = "aes128-gcm@openssh.com"
	SSHAES256GCM = "aes256-gcm@openssh.com"

	// RC4 = arcfour
	SSHArcfour    = "arcfour"
	SSHArcfour128 = "arcfour128"
	SSHArcfour256 = "arcfour256"

	SSHBlowfishCBC = "blowfish-cbc"

	// cast5 = cast128
	SSHCast128CBC = "cast128-cbc"

	SSHChacha20poly1305 = "chacha20-poly1305@openssh.com"

	SSHSM4CBC = "sm4-cbc"
	SSHSM4CTR = "sm4-ctr"
)
View Source 
var AES128CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES128CBC is the 128-bit key AES cipher in CBC mode.

View Source 
var AES128CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES128CTR is the 128-bit key AES cipher in CTR mode.

View Source 
var AES128GCM = CipherGCM{
	// contains filtered or unexported fields
}

AES128GCM is the 128-bit key AES cipher in GCM mode.

View Source 
var AES192CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES192CBC is the 192-bit key AES cipher in CBC mode.

View Source 
var AES192CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES192CTR is the 192-bit key AES cipher in CTR mode.

View Source 
var AES256CBC = CipherCBC{
	// contains filtered or unexported fields
}

AES256CBC is the 256-bit key AES cipher in CBC mode.

View Source 
var AES256CTR = CipherCTR{
	// contains filtered or unexported fields
}

AES256CTR is the 256-bit key AES cipher in CTR mode.

View Source 
var AES256GCM = CipherGCM{
	// contains filtered or unexported fields
}

AES256GCM is the 256-bit key AES cipher in GCM mode.

View Source 
var Arcfour = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour is the (from 1 to 256 bytes) key RC4 cipher.

View Source 
var Arcfour128 = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour128 is the 128-bit key RC4 cipher.

View Source 
var Arcfour256 = CipherRC4{
	// contains filtered or unexported fields
}

Arcfour256 is the 256-bit key RC4 cipher.

View Source 
var BlowfishCBC = CipherCBC{
	// contains filtered or unexported fields
}

BlowfishCBC is the key (from 1 to 56 bytes) blowfish cipher in CBC mode.

View Source 
var Cast128CBC = CipherCBC{
	// contains filtered or unexported fields
}

Cast128CBC is the 128-bit key cast5 cipher in CBC mode.

View Source 
var Chacha20poly1305 = CipherChacha20poly1305{
	// contains filtered or unexported fields
}

Chacha20poly1305 is the 256-bit chacha20poly1305 cipher.

View Source 
var CipherMap = map[string]Cipher{
	"DESEDE3CBC":       DESEDE3CBC,
	"BlowfishCBC":      BlowfishCBC,
	"Chacha20poly1305": Chacha20poly1305,

	"Cast128CBC": Cast128CBC,

	"AES128CBC": AES128CBC,
	"AES192CBC": AES192CBC,
	"AES256CBC": AES256CBC,

	"AES128CTR": AES128CTR,
	"AES192CTR": AES192CTR,
	"AES256CTR": AES256CTR,

	"AES128GCM": AES128GCM,
	"AES256GCM": AES256GCM,

	"Arcfour":    Arcfour,
	"Arcfour128": Arcfour128,
	"Arcfour256": Arcfour256,

	"SM4CBC": SM4CBC,
	"SM4CTR": SM4CTR,
}

Cipher 列表

View Source 
var DESEDE3CBC = CipherCBC{
	// contains filtered or unexported fields
}

DESEDE3CBC is the 168-bit key 3DES cipher in CBC mode.

View Source 
var DefaultOpts = Opts{
	Cipher: AES256CTR,
	KDFOpts: BcryptOpts{
		SaltSize: 16,
		Rounds:   16,
	},
}

默认配置

View Source 
var (
	KeyAlgoSM2 = "ssh-sm2"
)
View Source 
var SM4CBC = CipherCBC{
	// contains filtered or unexported fields
}

SM4CBC is the 128-bit SM4 AES cipher in CBC mode.

View Source 
var SM4CTR = CipherCTR{
	// contains filtered or unexported fields
}

SM4CTR is the 128-bit SM4 AES cipher in CTR mode.

Functions

func AddCipher 

func AddCipher(name string, cipher func() Cipher)

添加加密

func AddKDF 

func AddKDF(name string, params func() KDFParameters)

添加 kdf 方式

func AddKey 

func AddKey(name string, key func() Key)

添加Key

func AddPubKeyParser added in v1.0.2002 

func AddPubKeyParser(name string, parser PubKeyParser)

添加解析方式方式

func EncodeSSHKeyToPem added in v1.0.1030 

func EncodeSSHKeyToPem(keyBlock *pem.Block) []byte

编码到 pem

func GetStructName 

func GetStructName(s any) (name string)

反射获取结构体名称

func MarshalAuthorizedKey added in v1.0.2002 

func MarshalAuthorizedKey(key ssh.PublicKey) []byte

创建 key

func MarshalAuthorizedKeyWithComment added in v1.0.2002 

func MarshalAuthorizedKeyWithComment(key ssh.PublicKey, comment string) []byte

创建带信息的 key

func MarshalOpenSSHPrivateKey 

func MarshalOpenSSHPrivateKey(rand io.Reader, key crypto.PrivateKey, comment string) (*pem.Block, error)

编码

func MarshalOpenSSHPrivateKeyWithPassword added in v1.0.1030 

func MarshalOpenSSHPrivateKeyWithPassword(rand io.Reader, key crypto.PrivateKey, comment string, password []byte, opts ...Opts) (*pem.Block, error)

编码

func NewPublicKey added in v1.0.2002 

func NewPublicKey(key any) (out ssh.PublicKey, err error)

RSA | DSA | SM2 | ECDSA | SKECDSA | ED25519 | SKEd25519 CertAlgoRSAv01 | CertAlgoDSAv01 CertAlgoECDSA256v01 | CertAlgoECDSA384v01 CertAlgoECDSA521v01 | CertAlgoSKECDSA256v01 CertAlgoED25519v01 | CertAlgoSKED25519v01

func NewSM2PrivateKey added in v1.0.2002 

func NewSM2PrivateKey(key *sm2.PrivateKey) ssh.Signer

func NewSM2PublicKey added in v1.0.2002 

func NewSM2PublicKey(key *sm2.PublicKey) ssh.PublicKey

func NewSignerFromKey added in v1.0.2002 

func NewSignerFromKey(key any) (out ssh.Signer, err error)

func ParseAuthorizedKey added in v1.0.2002 

func ParseAuthorizedKey(in []byte) (out ssh.PublicKey, comment string, options []string, rest []byte, err error)

func ParseKnownHosts added in v1.0.2002 

func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey ssh.PublicKey, comment string, rest []byte, err error)

func ParseOpenSSHPrivateKey 

func ParseOpenSSHPrivateKey(key []byte) (crypto.PrivateKey, string, error)

解析

func ParseOpenSSHPrivateKeyWithPassword added in v1.0.1030 

func ParseOpenSSHPrivateKeyWithPassword(key []byte, password []byte) (crypto.PrivateKey, string, error)

解析带密码

func ParsePrivateKey added in v1.0.2002 

func ParsePrivateKey(pemBytes []byte) (ssh.Signer, error)

func ParsePrivateKeyWithPassphrase added in v1.0.2002 

func ParsePrivateKeyWithPassphrase(pemBytes, passphrase []byte) (ssh.Signer, error)

func ParsePublicKey added in v1.0.2002 

func ParsePublicKey(in []byte) (out ssh.PublicKey, err error)

func ParseRawPrivateKey added in v1.0.2002 

func ParseRawPrivateKey(pemBytes []byte) (out any, err error)

func ParseRawPrivateKeyWithPassphrase added in v1.0.2002 

func ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (out any, err error)

func ParseSM2AuthorizedKey added in v1.0.2002 

func ParseSM2AuthorizedKey(in []byte) (out ssh.PublicKey, comment string, options []string, rest []byte, err error)

func ParseSM2PrivateKeyFromPem added in v1.0.2039 

func ParseSM2PrivateKeyFromPem(privateKeyPem []byte, pwd []byte) (*sm2.PrivateKey, error)

func ParseSM2PublicKey added in v1.0.2002 

func ParseSM2PublicKey(in []byte) (out ssh.PublicKey, err error)

func ParseSM2RawPrivateKey added in v1.0.2002 

func ParseSM2RawPrivateKey(pemBytes []byte) (any, error)

func ParseSM2RawPrivateKeyWithPassphrase added in v1.0.2002 

func ParseSM2RawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (any, error)

func ParseSSHKeyPem added in v1.0.1030 

func ParseSSHKeyPem(data []byte) ([]byte, error)

解析 pem 数据

Types

type BcryptOpts 

type BcryptOpts struct {
	SaltSize int
	Rounds   int
}

BcryptOpts 设置

func (BcryptOpts) DeriveKey 

func (this BcryptOpts) DeriveKey(password []byte, size int) ([]byte, string, error)

func (BcryptOpts) GetSaltSize 

func (this BcryptOpts) GetSaltSize() int

func (BcryptOpts) Name 

func (this BcryptOpts) Name() string

type Cipher 

type Cipher interface {
	// 名称
	Name() string

	// 值大小
	KeySize() int

	// 块大小
	BlockSize() int

	// 加密, 返回: [加密后数据, error]
	Encrypt(key, plaintext []byte) ([]byte, error)

	// 解密
	Decrypt(key, ciphertext []byte) ([]byte, error)
}

加密接口

func GetCipherFromName added in v1.0.1029 

func GetCipherFromName(name string) Cipher

获取 Cipher 类型

func ParseCipher 

func ParseCipher(cipherName string) (Cipher, error)

type CipherCBC 

type CipherCBC struct {
	// contains filtered or unexported fields
}

cbc 模式加密

func (CipherCBC) BlockSize 

func (this CipherCBC) BlockSize() int

块大小

func (CipherCBC) Decrypt 

func (this CipherCBC) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherCBC) Encrypt 

func (this CipherCBC) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherCBC) KeySize 

func (this CipherCBC) KeySize() int

值大小

func (CipherCBC) Name 

func (this CipherCBC) Name() string

oid

type CipherCTR 

type CipherCTR struct {
	// contains filtered or unexported fields
}

CTR 模式加密

func (CipherCTR) BlockSize 

func (this CipherCTR) BlockSize() int

块大小

func (CipherCTR) Decrypt 

func (this CipherCTR) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherCTR) Encrypt 

func (this CipherCTR) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherCTR) KeySize 

func (this CipherCTR) KeySize() int

值大小

func (CipherCTR) Name 

func (this CipherCTR) Name() string

名称

type CipherChacha20poly1305 added in v1.0.1031 

type CipherChacha20poly1305 struct {
	// contains filtered or unexported fields
}

Chacha20poly1305 加密/解密

func (CipherChacha20poly1305) BlockSize added in v1.0.1031 

func (this CipherChacha20poly1305) BlockSize() int

块大小

func (CipherChacha20poly1305) Decrypt added in v1.0.1031 

func (this CipherChacha20poly1305) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherChacha20poly1305) Encrypt added in v1.0.1031 

func (this CipherChacha20poly1305) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherChacha20poly1305) KeySize added in v1.0.1031 

func (this CipherChacha20poly1305) KeySize() int

值大小

func (CipherChacha20poly1305) Name added in v1.0.1031 

func (this CipherChacha20poly1305) Name() string

名称

type CipherGCM added in v1.0.1031 

type CipherGCM struct {
	// contains filtered or unexported fields
}

gcm 模式加密

func (CipherGCM) BlockSize added in v1.0.1031 

func (this CipherGCM) BlockSize() int

块大小

func (CipherGCM) Decrypt added in v1.0.1031 

func (this CipherGCM) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherGCM) Encrypt added in v1.0.1031 

func (this CipherGCM) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherGCM) KeySize added in v1.0.1031 

func (this CipherGCM) KeySize() int

值大小

func (CipherGCM) Name added in v1.0.1031 

func (this CipherGCM) Name() string

名称

type CipherRC4 added in v1.0.1031 

type CipherRC4 struct {
	// contains filtered or unexported fields
}

CipherRC4 加密/解密

func (CipherRC4) BlockSize added in v1.0.1031 

func (this CipherRC4) BlockSize() int

块大小

func (CipherRC4) Decrypt added in v1.0.1031 

func (this CipherRC4) Decrypt(key, ciphertext []byte) ([]byte, error)

解密

func (CipherRC4) Encrypt added in v1.0.1031 

func (this CipherRC4) Encrypt(key, plaintext []byte) ([]byte, error)

加密

func (CipherRC4) KeySize added in v1.0.1031 

func (this CipherRC4) KeySize() int

值大小

func (CipherRC4) Name added in v1.0.1031 

func (this CipherRC4) Name() string

名称

func (CipherRC4) WithKeySize added in v1.0.1031 

func (this CipherRC4) WithKeySize(keySize int) CipherRC4

设置值大小

type KDFOpts 

type KDFOpts interface {
	// 名称
	Name() string

	// 生成密钥
	DeriveKey(password []byte, size int) (key []byte, params string, err error)

	// 随机数大小
	GetSaltSize() int
}

KDF 设置接口

type KDFParameters 

type KDFParameters interface {
	// 生成密钥
	DeriveKey(password []byte, kdfOpts string, size int) (key []byte, err error)
}

数据接口

func ParsePbkdf 

func ParsePbkdf(kdfName string) (KDFParameters, error)

type Key 

type Key interface {
	// 包装
	Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

	// 解析
	Parse(data []byte) (crypto.PrivateKey, string, error)
}

Key 接口

func ParseKeytype 

func ParseKeytype(keytype string) (Key, error)

type KeyEcdsa 

type KeyEcdsa struct{}

ecdsa

func (KeyEcdsa) Marshal 

func (this KeyEcdsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyEcdsa) Parse 

func (this KeyEcdsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeyEdDsa 

type KeyEdDsa struct{}

EdDsa

func (KeyEdDsa) Marshal 

func (this KeyEdDsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyEdDsa) Parse 

func (this KeyEdDsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeyRsa 

type KeyRsa struct{}

rsa

func (KeyRsa) Marshal 

func (this KeyRsa) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeyRsa) Parse 

func (this KeyRsa) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type KeySM2 added in v1.0.1031 

type KeySM2 struct{}

SM2

func (KeySM2) Marshal added in v1.0.1031 

func (this KeySM2) Marshal(key crypto.PrivateKey, comment string) (string, []byte, []byte, error)

包装

func (KeySM2) Parse added in v1.0.1031 

func (this KeySM2) Parse(rest []byte) (crypto.PrivateKey, string, error)

解析

type Opts added in v1.0.1030 

type Opts struct {
	Cipher  Cipher
	KDFOpts KDFOpts
}

配置

type PcryptOpts added in v1.0.1029 

type PcryptOpts struct {
	SaltSize int
	Rounds   int
}

PcryptOpts 设置

func (PcryptOpts) DeriveKey added in v1.0.1029 

func (this PcryptOpts) DeriveKey(password []byte, size int) (key []byte, params string, err error)

func (PcryptOpts) GetSaltSize added in v1.0.1029 

func (this PcryptOpts) GetSaltSize() int

func (PcryptOpts) Name added in v1.0.1029 

func (this PcryptOpts) Name() string

type PubKeyParser added in v1.0.2002 

type PubKeyParser = func([]byte) (ssh.PublicKey, []byte, error)

解析方式

func GetPubKeyParser added in v1.0.2002 

func GetPubKeyParser(name string) PubKeyParser

获取解析方式方式

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.