crypto

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 11, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultKeyBitSize        = 4096
	DefaultDsaParameterSize  = dsa.L2048N256
	DefaultEllipticCurveType = EllipticCurveTypeP521
)

Variables

View Source 
var (
	ErrIllegalSshKey               = errors.New("illegal ssh key found")
	ErrIllegalAuthorizedKeysFormat = errors.New("illegal authorized keys format")
)
View Source 
var (
	DefaultDsaRestriction = DsaRestrictionNone
)
View Source 
var (
	DefaultEcdsaRestriction = EcdsaRestrictionAtLeast384Bits
)
View Source 
var (
	DefaultEd25519Restriction = Ed25519RestrictionAll
)
View Source 
var (
	DefaultRsaRestriction = RsaRestrictionAtLeast4096Bits
)
View Source 
var (
	ErrIllegalAuthorizedKeyOption = errors.New("illegal authorized key option")
)
View Source 
var (
	ErrIllegalAuthorizedKeyOptionType = errors.New("illegal authorized key option type")
)
View Source 
var (
	ErrIllegalPassword = errors.New("illegal password")
)
View Source 
var (
	ErrIllegalPasswordType = errors.New("illegal password type")
)

Functions

func DoWithEachAuthorizedKey 

func DoWithEachAuthorizedKey[R any](requireExistence bool, callback func(ssh.PublicKey) (result R, canContinue bool, err error), files ...string) (result R, err error)

func EnsureKeyFile 

func EnsureKeyFile(fn string, reqOnAbsence *KeyRequirement, rand io.Reader) (crypto.Signer, error)

func WriteSshPrivateKey 

func WriteSshPrivateKey(pk crypto.Signer, to io.Writer) error

Types

type AuthorizedKeyOption added in v0.2.0 

type AuthorizedKeyOption struct {
	Type  AuthorizedKeyOptionType
	Value string
}

func (AuthorizedKeyOption) IsEqualTo added in v0.2.0 

func (this AuthorizedKeyOption) IsEqualTo(other any) bool

func (AuthorizedKeyOption) MarshalText added in v0.2.0 

func (this AuthorizedKeyOption) MarshalText() ([]byte, error)

func (*AuthorizedKeyOption) Set added in v0.2.0 

func (this *AuthorizedKeyOption) Set(text string) error

func (AuthorizedKeyOption) String added in v0.2.0 

func (this AuthorizedKeyOption) String() string

func (*AuthorizedKeyOption) UnmarshalText added in v0.2.0 

func (this *AuthorizedKeyOption) UnmarshalText(text []byte) error

func (AuthorizedKeyOption) Validate added in v0.2.0 

func (this AuthorizedKeyOption) Validate() error

type AuthorizedKeyOptionType added in v0.2.0 

type AuthorizedKeyOptionType uint8
const (
	AuthorizedKeyOptionEmpty AuthorizedKeyOptionType = iota
	AuthorizedKeyAgentForwarding
	AuthorizedKeyNoAgentForwarding
	AuthorizedKeyCertAuthority
	AuthorizedKeyCommand
	AuthorizedKeyEnvironment
	AuthorizedKeyExpiryTime
	AuthorizedKeyFrom
	AuthorizedKeyPermitListen
	AuthorizedKeyPermitOpen
	AuthorizedKeyPrincipals
	AuthorizedKeyPortForwarding
	AuthorizedKeyNoPortForwarding
	AuthorizedKeyPty
	AuthorizedKeyNoPty
	AuthorizedKeyNoTouchRequired
	AuthorizedKeyVerifyRequired
	AuthorizedKeyRestrict
	AuthorizedKeyTunnel
	AuthorizedKeyUserRc
	AuthorizedKeyNoUserRc
	AuthorizedKeyX11Forwarding
	AuthorizedKeyNoX11Forwarding
)

func (AuthorizedKeyOptionType) IsEqualTo added in v0.2.0 

func (this AuthorizedKeyOptionType) IsEqualTo(other any) bool

func (AuthorizedKeyOptionType) IsZero added in v0.2.0 

func (this AuthorizedKeyOptionType) IsZero() bool

func (AuthorizedKeyOptionType) MarshalText added in v0.2.0 

func (this AuthorizedKeyOptionType) MarshalText() ([]byte, error)

func (*AuthorizedKeyOptionType) Set added in v0.2.0 

func (this *AuthorizedKeyOptionType) Set(text string) error

func (AuthorizedKeyOptionType) String added in v0.2.0 

func (this AuthorizedKeyOptionType) String() string

func (*AuthorizedKeyOptionType) UnmarshalText added in v0.2.0 

func (this *AuthorizedKeyOptionType) UnmarshalText(text []byte) error

func (AuthorizedKeyOptionType) Validate added in v0.2.0 

func (this AuthorizedKeyOptionType) Validate() error

type AuthorizedKeyWithOptions added in v0.2.0 

type AuthorizedKeyWithOptions struct {
	ssh.PublicKey
	Options []AuthorizedKeyOption
}

type AuthorizedKeys added in v0.2.0 

type AuthorizedKeys string

func (AuthorizedKeys) ForEach added in v0.2.0 

func (this AuthorizedKeys) ForEach(consumer func(i int, key ssh.PublicKey, comment string, opts []AuthorizedKeyOption) (canContinue bool, err error)) error

func (AuthorizedKeys) Get added in v0.2.0 

func (this AuthorizedKeys) Get() ([]AuthorizedKeyWithOptions, error)

func (AuthorizedKeys) IsEqualTo added in v0.2.0 

func (this AuthorizedKeys) IsEqualTo(other any) bool

func (AuthorizedKeys) IsZero added in v0.2.0 

func (this AuthorizedKeys) IsZero() bool

func (*AuthorizedKeys) Trim added in v0.2.0 

func (this *AuthorizedKeys) Trim() error

func (AuthorizedKeys) Validate added in v0.2.0 

func (this AuthorizedKeys) Validate() error

type AuthorizedKeysFile added in v0.2.0 

type AuthorizedKeysFile string

func (AuthorizedKeysFile) ForEach added in v0.2.0 

func (this AuthorizedKeysFile) ForEach(consumer func(i int, key ssh.PublicKey, comment string, opts []AuthorizedKeyOption) (canContinue bool, err error)) error

func (AuthorizedKeysFile) Get added in v0.2.0 

func (this AuthorizedKeysFile) Get() ([]AuthorizedKeyWithOptions, error)

func (AuthorizedKeysFile) IsEqualTo added in v0.2.0 

func (this AuthorizedKeysFile) IsEqualTo(other any) bool

func (AuthorizedKeysFile) IsZero added in v0.2.0 

func (this AuthorizedKeysFile) IsZero() bool

func (AuthorizedKeysFile) Validate added in v0.2.0 

func (this AuthorizedKeysFile) Validate() error

type DsaRestriction 

type DsaRestriction uint8
const (
	DsaRestrictionNone DsaRestriction = iota
	DsaRestrictionAll
	DsaRestrictionAtLeast1024Bits
	DsaRestrictionAtLeast2048Bits
	DsaRestrictionAtLeast3072Bits
)

func (DsaRestriction) BitsAllowed 

func (this DsaRestriction) BitsAllowed(in int) bool

func (DsaRestriction) IsEqualTo 

func (this DsaRestriction) IsEqualTo(other any) bool

func (DsaRestriction) IsZero 

func (this DsaRestriction) IsZero() bool

func (DsaRestriction) KeyAllowed 

func (this DsaRestriction) KeyAllowed(in any) (bool, error)

func (DsaRestriction) MarshalText 

func (this DsaRestriction) MarshalText() (text []byte, err error)

func (*DsaRestriction) Set 

func (this *DsaRestriction) Set(text string) error

func (DsaRestriction) String 

func (this DsaRestriction) String() string

func (*DsaRestriction) UnmarshalText 

func (this *DsaRestriction) UnmarshalText(text []byte) error

func (DsaRestriction) Validate 

func (this DsaRestriction) Validate() error

type EcdsaRestriction 

type EcdsaRestriction uint8
const (
	EcdsaRestrictionNone EcdsaRestriction = iota
	EcdsaRestrictionAll
	EcdsaRestrictionAtLeast256Bits
	EcdsaRestrictionAtLeast384Bits
	EcdsaRestrictionAtLeast521Bits
)

func (EcdsaRestriction) BitsAllowed 

func (this EcdsaRestriction) BitsAllowed(in int) bool

func (EcdsaRestriction) IsEqualTo 

func (this EcdsaRestriction) IsEqualTo(other any) bool

func (EcdsaRestriction) IsZero 

func (this EcdsaRestriction) IsZero() bool

func (EcdsaRestriction) KeyAllowed 

func (this EcdsaRestriction) KeyAllowed(in any) (bool, error)

func (EcdsaRestriction) MarshalText 

func (this EcdsaRestriction) MarshalText() (text []byte, err error)

func (*EcdsaRestriction) Set 

func (this *EcdsaRestriction) Set(text string) error

func (EcdsaRestriction) String 

func (this EcdsaRestriction) String() string

func (*EcdsaRestriction) UnmarshalText 

func (this *EcdsaRestriction) UnmarshalText(text []byte) error

func (EcdsaRestriction) Validate 

func (this EcdsaRestriction) Validate() error

type Ed25519Restriction 

type Ed25519Restriction uint8
const (
	Ed25519RestrictionNone Ed25519Restriction = iota
	Ed25519RestrictionAll
	Ed25519RestrictionAtLeast256Bits
)

func (Ed25519Restriction) BitsAllowed 

func (this Ed25519Restriction) BitsAllowed(in int) bool

func (Ed25519Restriction) IsEqualTo 

func (this Ed25519Restriction) IsEqualTo(other any) bool

func (Ed25519Restriction) IsZero 

func (this Ed25519Restriction) IsZero() bool

func (Ed25519Restriction) KeyAllowed 

func (this Ed25519Restriction) KeyAllowed(in any) (bool, error)

func (Ed25519Restriction) MarshalText 

func (this Ed25519Restriction) MarshalText() (text []byte, err error)

func (*Ed25519Restriction) Set 

func (this *Ed25519Restriction) Set(text string) error

func (Ed25519Restriction) String 

func (this Ed25519Restriction) String() string

func (*Ed25519Restriction) UnmarshalText 

func (this *Ed25519Restriction) UnmarshalText(text []byte) error

func (Ed25519Restriction) Validate 

func (this Ed25519Restriction) Validate() error

type EllipticCurveType 

type EllipticCurveType uint8
const (
	EllipticCurveTypeP224 EllipticCurveType = iota
	EllipticCurveTypeP256
	EllipticCurveTypeP384
	EllipticCurveTypeP521
)

func (EllipticCurveType) Curve 

func (this EllipticCurveType) Curve() (elliptic.Curve, error)

func (EllipticCurveType) String 

func (this EllipticCurveType) String() string

type Htpasswd added in v0.2.0 

type Htpasswd struct {
	// contains filtered or unexported fields
}

func (Htpasswd) IsEqualTo added in v0.2.0 

func (this Htpasswd) IsEqualTo(other any) bool

func (Htpasswd) IsZero added in v0.2.0 

func (this Htpasswd) IsZero() bool

func (Htpasswd) MarshalText added in v0.2.0 

func (this Htpasswd) MarshalText() (text []byte, err error)

func (Htpasswd) Match added in v0.2.0 

func (this Htpasswd) Match(username, password string) bool

func (*Htpasswd) Set added in v0.2.0 

func (this *Htpasswd) Set(text string) error

func (Htpasswd) String added in v0.2.0 

func (this Htpasswd) String() string

func (*Htpasswd) UnmarshalText added in v0.2.0 

func (this *Htpasswd) UnmarshalText(text []byte) error

func (Htpasswd) Validate added in v0.2.0 

func (this Htpasswd) Validate() error

type HtpasswdFile added in v0.2.0 

type HtpasswdFile struct {
	// contains filtered or unexported fields
}

func (HtpasswdFile) IsEqualTo added in v0.2.0 

func (this HtpasswdFile) IsEqualTo(other any) bool

func (HtpasswdFile) IsZero added in v0.2.0 

func (this HtpasswdFile) IsZero() bool

func (HtpasswdFile) MarshalText added in v0.2.0 

func (this HtpasswdFile) MarshalText() (text []byte, err error)

func (HtpasswdFile) Match added in v0.2.0 

func (this HtpasswdFile) Match(username, password string) bool

func (*HtpasswdFile) Set added in v0.2.0 

func (this *HtpasswdFile) Set(text string) error

func (HtpasswdFile) String added in v0.2.0 

func (this HtpasswdFile) String() string

func (*HtpasswdFile) UnmarshalText added in v0.2.0 

func (this *HtpasswdFile) UnmarshalText(text []byte) error

func (HtpasswdFile) Validate added in v0.2.0 

func (this HtpasswdFile) Validate() error

type KeyRequirement 

type KeyRequirement struct {
	Type KeyType

	// BitSize is used for RSA keys. Default is DefaultKeyBitSize
	BitSize *int

	// DsaParameterSize is used for KeyTypeDsa. Default is DefaultDsaParameterSize
	DsaParameterSize *dsa.ParameterSizes

	// EllipticCurveType is used for KeyTypeEcdsa. Default is DefaultEllipticCurveType
	EllipticCurveType *EllipticCurveType
}

func (KeyRequirement) CreateFile 

func (this KeyRequirement) CreateFile(rand io.Reader, fn string) (crypto.Signer, error)

func (KeyRequirement) GenerateKey 

func (this KeyRequirement) GenerateKey(rand io.Reader) (crypto.Signer, error)

type KeyType 

type KeyType uint8
const (
	KeyTypeRsa KeyType = iota
	KeyTypeDsa
	KeyTypeEcdsa
	KeyTypeEd25519
)

func (KeyType) String 

func (this KeyType) String() string

type Password added in v0.2.0 

type Password []byte

func (Password) Compare added in v0.2.0 

func (this Password) Compare(withPassword []byte) (bool, error)

func (Password) IsEqualTo added in v0.2.0 

func (this Password) IsEqualTo(other any) bool

func (Password) IsZero added in v0.2.0 

func (this Password) IsZero() bool

func (Password) MarshalText added in v0.2.0 

func (this Password) MarshalText() ([]byte, error)

func (*Password) Set added in v0.2.0 

func (this *Password) Set(plain string) error

func (*Password) SetPassword added in v0.2.0 

func (this *Password) SetPassword(t PasswordType, password []byte) error

func (Password) String added in v0.2.0 

func (this Password) String() string

func (*Password) UnmarshalText added in v0.2.0 

func (this *Password) UnmarshalText(b []byte) error

func (Password) Validate added in v0.2.0 

func (this Password) Validate() error

type PasswordType added in v0.2.0 

type PasswordType uint8
const (
	PasswordTypePlain PasswordType = iota
	PasswordTypeBcrypt
)

func (PasswordType) Compare added in v0.2.0 

func (this PasswordType) Compare(encoded, password []byte) (bool, error)

func (PasswordType) Encode added in v0.2.0 

func (this PasswordType) Encode(password []byte) ([]byte, error)

func (PasswordType) IsEqualTo added in v0.2.0 

func (this PasswordType) IsEqualTo(other any) bool

func (PasswordType) MarshalText added in v0.2.0 

func (this PasswordType) MarshalText() ([]byte, error)

func (*PasswordType) Set added in v0.2.0 

func (this *PasswordType) Set(plain string) error

func (PasswordType) String added in v0.2.0 

func (this PasswordType) String() string

func (*PasswordType) UnmarshalText added in v0.2.0 

func (this *PasswordType) UnmarshalText(b []byte) error

func (PasswordType) Validate added in v0.2.0 

func (this PasswordType) Validate() error

type Restriction 

type Restriction interface {
	KeyAllowed(crypto.Signer) (bool, error)
}

type RsaRestriction 

type RsaRestriction uint8
const (
	RsaRestrictionNone RsaRestriction = iota
	RsaRestrictionAll
	RsaRestrictionAtLeast1024Bits
	RsaRestrictionAtLeast2048Bits
	RsaRestrictionAtLeast3072Bits
	RsaRestrictionAtLeast4096Bits
)

func (RsaRestriction) BitsAllowed 

func (this RsaRestriction) BitsAllowed(in int) bool

func (RsaRestriction) IsEqualTo 

func (this RsaRestriction) IsEqualTo(other any) bool

func (RsaRestriction) IsZero 

func (this RsaRestriction) IsZero() bool

func (RsaRestriction) KeyAllowed 

func (this RsaRestriction) KeyAllowed(in any) (bool, error)

func (RsaRestriction) MarshalText 

func (this RsaRestriction) MarshalText() (text []byte, err error)

func (*RsaRestriction) Set 

func (this *RsaRestriction) Set(text string) error

func (RsaRestriction) String 

func (this RsaRestriction) String() string

func (*RsaRestriction) UnmarshalText 

func (this *RsaRestriction) UnmarshalText(text []byte) error

func (RsaRestriction) Validate 

func (this RsaRestriction) Validate() error

Source Files

View all Source files

Directories

Path Synopsis
unix
password

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.