sshkey

package
v0.0.0-...-2be5f8e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 14, 2022 License: Apache-2.0, Apache-2.0 Imports: 29 Imported by: 1

README

sshkey: a small package for loading OpenSSH ECDSA and RSA keys.

The key may be loaded via file, HTTP(S), or as byte slices.

Example:

    pub, keytype, err := sshkey.LoadPublicKeyFile("/home/user/.ssh/id_rsa.pub", false)
    switch keytype {
    case KEY_RSA: doSomethingRSA(pub.(*rsa.PublicKey))
    case KEY_ECDSA: doSomethingEC(pub.(*ecdsa.PublicKey))
    default: // unknown key type
    }

    priv, keytype, err := sshkey.LoadPrivateKeyFile("/home/user/.ssh/id_rsa")
    switch keytype {
    case KEY_RSA: doSomethingSecretRSA(pub.(*rsa.PrivateKey))
    case KEY_ECDSA: doSomethingSecretEC(pub.(*ecdsa.PrivateKey))
    default: // unknown key type
    }

Documentation

Overview

/* ============================================================= * @Author: Wayne Wang <net_use@bzhy.com> * * @Copyright (c) 2022 Bzhy Network. All rights reserved. * @HomePage http://www.sysadm.cn * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * http://www.apache.org/licenses/LICENSE-2.0 * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and limitations under the License. * @License GNU Lesser General Public License https://www.sysadm.cn/lgpl.html

Package sshkey provides Go handling of OpenSSH keys. It handles RSA (protocol 2 only) and ECDSA keys, and aims to provide interoperability between OpenSSH and Go programs.

The package can import public and private keys using the LoadPublicKey and LoadPrivateKey functions; the LoadPublicKeyFile and LoadPrivateKeyfile functions are wrappers around these functions to load the key from a file. For example:

// true tells LoadPublicKey to load the file locally; if false, it
// will try to load the key over HTTP.
pub, err := LoadPublicKeyFile("/home/user/.ssh/id_ecdsa.pub", true)
if err != nil {
    fmt.Println(err.Error())
    return
}

In this example, the ECDSA key is in pub.Key. In order to be used in functions that require a *ecdsa.PublicKey type, it must be typecast:

ecpub := pub.Key.(*ecdsa.PublicKey)

The SSHPublicKey can be marshalled to OpenSSH format by using MarshalPublicKey.

The package also provides support for generating new keys. The GenerateSSHKey function can be used to generate a new key in the appropriate Go package format (e.g. *ecdsa.PrivateKey). This key can be marshalled into a PEM-encoded OpenSSH key using the MarshalPrivate function.

=============================================================

* @Author: Wayne Wang <net_use@bzhy.com> * * @Copyright (c) 2022 Bzhy Network. All rights reserved. * @HomePage http://www.sysadm.cn * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * http://www.apache.org/licenses/LICENSE-2.0 * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and limitations under the License. * @License GNU Lesser General Public License https://www.sysadm.cn/lgpl.html

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidDEK      = fmt.Errorf("sshkey: invalid DEK info")
	ErrUnableToDecrypt = fmt.Errorf("sshkey: unable to decrypt key")
)
View Source
var (
	ErrInvalidDigest         = fmt.Errorf("sshkey: invalid digest algorithm")
	ErrInvalidKeySize        = fmt.Errorf("sshkey: invalid private key size")
	ErrInvalidPrivateKey     = fmt.Errorf("sshkey: invalid private key")
	ErrInvalidPublicKey      = fmt.Errorf("sshkey: invalid public key")
	ErrUnsupportedPublicKey  = fmt.Errorf("sshkey: unsupported public key type")
	ErrUnsupportedPrivateKey = fmt.Errorf("sshkey: unsupported private key type")
)

PRNG contains the random data source to be used in key generation. It defaults to crypto/rand.Reader.

View Source
var PasswordPrompt func(prompt string) (password string, err error) = DefaultPasswordPrompt

The PasswordPrompt function is the function that is called to prompt the user for a password.

Functions

func DefaultPasswordPrompt

func DefaultPasswordPrompt(prompt string) (password string, err error)

DefaultPasswordPrompt is a simple (but echoing) password entry function that takes a prompt and reads the password.

func Fingerprint

func Fingerprint(pub *SSHPublicKey, hashalgo crypto.Hash) (fpr []byte, err error)

Return the fingerprint of the key in a raw format.

func FingerprintPretty

func FingerprintPretty(pub *SSHPublicKey, hashalgo crypto.Hash) (fpr string, err error)

Return a string containing a printable form of the key's fingerprint.

func GenerateKey

func GenerateKey(keytype Type, size int) (key interface{}, err error)

Generates a compatible OpenSSH private key. The key is in the raw Go key format. To convert this to a PEM encoded key, see MarshalPrivate.

func MarshalPrivate

func MarshalPrivate(priv interface{}, password string) (out []byte, err error)

Given a private key and a (possibly empty) password, returns a byte slice containing a PEM-encoded private key in the appropriate OpenSSH format.

func MarshalPublic

func MarshalPublic(pub *SSHPublicKey) (out []byte)

MarshalPublic returns a byte slice containing an OpenSSH public key built from the SSHPublicKey.

Types

type SSHPublicKey

type SSHPublicKey struct {
	Type    Type
	Key     interface{}
	Comment string
}

Representation of an SSH public key in the library.

func LoadPublicKeyFile

func LoadPublicKeyFile(name string, local bool) (key *SSHPublicKey, err error)

LoadPublicKey loads an OpenSSH public key from a file or via HTTP. If local is false, the key will be fetched over HTTP.

func NewPublic

func NewPublic(priv interface{}, comment string) *SSHPublicKey

Given a private key and comment, NewPublic will return a new SSHPublicKey.

func UnmarshalPublic

func UnmarshalPublic(raw []byte) (key *SSHPublicKey, err error)

UnmarshalPublic decodes a byte slice containing an OpenSSH public key into an public key. It supports RSA and ECDSA keys.

func (*SSHPublicKey) Size

func (key *SSHPublicKey) Size() int

Return the bitsize of the underlying public key.

type Type

type Type int

Representation of type of SSH Key

const (
	KEY_UNSUPPORTED Type = iota - 1
	KEY_ECDSA
	KEY_RSA
	KEY_DSA
	KEY_ED25519
)

These constants are used as the key type in the SSHPublicKey.

func LoadPrivateKeyFile

func LoadPrivateKeyFile(name string) (key interface{}, keytype Type, err error)

Load an OpenSSH private key from a file.

func UnmarshalPrivate

func UnmarshalPrivate(raw []byte) (key interface{}, keytype Type, err error)

Load an OpenSSH private key from a byte slice.

Directories

Path Synopsis
Package readpass provides password reading functionality.
Package readpass provides password reading functionality.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL