sshkeys

package module

v1.2.0 Latest Latest Go to latest Published: Oct 17, 2022 License: Apache-2.0 Imports: 15 Imported by: 34

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ScaleFT/sshkeys

Links

Open Source Insights

README ¶

sshkeys

sshkeys provides utilities for parsing and marshalling cryptographic keys used for SSH, in both cleartext and encrypted formats.

ssh.ParseRawPrivateKey only supports parsing a subset of the formats sshkeys supports, does not support parsing encrypted private keys, and does not support marshalling.

Supported Formats

OpenSSH's PROTOCOL.key for RSA and ED25519 keys.
OpenSSH version >= 7.6 using aes256-ctr encryption
"Classic" PEM containing RSA (PKCS#1), DSA (OpenSSL), and ECDSA private keys.

Documentation ¶

Index ¶

Variables
func Marshal(pk interface{}, opts *MarshalOptions) ([]byte, error)
func ParseEncryptedPrivateKey(data []byte, passphrase []byte) (ssh.Signer, error)
func ParseEncryptedRawPrivateKey(data []byte, passphrase []byte) (interface{}, error)
type Format
type MarshalOptions

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrIncorrectPassword = x509.IncorrectPasswordError

ErrIncorrectPassword is returned when the supplied passphrase was not correct for an encrypted private key.

Functions ¶

func Marshal ¶

func Marshal(pk interface{}, opts *MarshalOptions) ([]byte, error)

Marshal converts a private key into an optionally encrypted format.

func ParseEncryptedPrivateKey ¶

func ParseEncryptedPrivateKey(data []byte, passphrase []byte) (ssh.Signer, error)

ParseEncryptedPrivateKey returns a Signer from an encrypted private key. It supports the same keys as ParseEncryptedRawPrivateKey.

func ParseEncryptedRawPrivateKey ¶

func ParseEncryptedRawPrivateKey(data []byte, passphrase []byte) (interface{}, error)

ParseEncryptedRawPrivateKey returns a private key from an encrypted private key. It supports RSA (PKCS#1 or OpenSSH), DSA (OpenSSL), and ECDSA private keys.

ErrIncorrectPassword will be returned if the supplied passphrase is wrong, but some formats like RSA in PKCS#1 detecting a wrong passphrase is difficult, and other parse errors may be returned.

Types ¶

type Format ¶

type Format int

Format of private key to use when Marshaling.

const (
	// FormatOpenSSHv1 encodes a private key using OpenSSH's PROTOCOL.key format: https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key
	FormatOpenSSHv1 Format = iota
	// FormatClassicPEM encodes private keys in PEM, with a key-specific encoding, as used by OpenSSH.
	FormatClassicPEM
)

type MarshalOptions ¶

type MarshalOptions struct {
	// Passphrase to encrypt private key with, if nil, the key will not be encrypted.
	Passphrase []byte
	// Format to encode the private key in.
	Format Format
}

MarshalOptions provides the Marshal function format and encryption options.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL