本文整理汇总了Golang中golang.org/x/crypto/ssh.ParseAuthorizedKey函数的典型用法代码示例。如果您正苦于以下问题:Golang ParseAuthorizedKey函数的具体用法?Golang ParseAuthorizedKey怎么用?Golang ParseAuthorizedKey使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ParseAuthorizedKey函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: TestSaveForeverCertAllowed
func TestSaveForeverCertAllowed(t *testing.T) {
allConfig := SetupSignerdConfig(1, 0)
environment := "testing"
envConfig := allConfig[environment]
requestHandler := makeCertRequestHandler(allConfig)
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(foreverUserCertString))
if err != nil {
t.Fatalf("Parsing canned cert failed: %v", err)
}
cert := pubKey.(*ssh.Certificate)
err = requestHandler.saveSigningRequest(envConfig, environment, "reason: testing", "DEADBEEFDEADBEEF", 1, cert)
if err != nil {
t.Fatalf("Should have worked, failed with: %v", err)
}
pubKey, _, _, _, err = ssh.ParseAuthorizedKey([]byte(twentyTwentyFiveCertString))
if err != nil {
t.Fatalf("Parsing canned cert failed: %v", err)
}
cert = pubKey.(*ssh.Certificate)
err = requestHandler.saveSigningRequest(envConfig, environment, "reason: testing", "DEADBEEFDEADBEEF2", 1, cert)
if err != nil {
t.Fatalf("Should have worked, failed with: %v", err)
}
}示例2: getTwoBoringCerts
func getTwoBoringCerts(t *testing.T) (*ssh.Certificate, *ssh.Certificate) {
pubKeyOne, _, _, _, err := ssh.ParseAuthorizedKey([]byte(boringUserCertString))
if err != nil {
t.Fatalf("Parsing canned cert failed: %v", err)
}
boringCertOne := pubKeyOne.(*ssh.Certificate)
pubKeyTwo, _, _, _, err := ssh.ParseAuthorizedKey([]byte(boringUserCertString))
if err != nil {
t.Fatalf("Parsing canned cert failed: %v", err)
}
boringCertTwo := pubKeyTwo.(*ssh.Certificate)
return boringCertOne, boringCertTwo
}示例3: findKeyLocally
func findKeyLocally(key ssh.PublicKey) (string, error) {
sshDir := os.Getenv("HOME") + "/.ssh"
dirEntries, err := ioutil.ReadDir(sshDir)
if err != nil {
return "", fmt.Errorf("Could not read your .ssh directory %s: %s\n", sshDir, err)
}
for idx := range dirEntries {
entry := dirEntries[idx]
if strings.HasSuffix(entry.Name(), ".pub") {
pubKeyPath := sshDir + "/" + entry.Name()
pubBuf, err := ioutil.ReadFile(pubKeyPath)
if err != nil {
fmt.Printf("Trouble reading public key %s: %s\n", pubKeyPath, err)
continue
}
pubKey, _, _, _, err := ssh.ParseAuthorizedKey(pubBuf)
if err != nil {
fmt.Printf("Trouble parsing public key %s (might be unsupported format): %s\n", pubKeyPath, err)
continue
}
if bytes.Equal(pubKey.Marshal(), key.Marshal()) {
return pubKeyPath, nil
}
}
}
return "", fmt.Errorf("Couldn't find ssh key for cert.\n")
}示例4: RunKeyImport
// RunKeyImport imports a key from a file
func RunKeyImport(ns string, out io.Writer) error {
client := doit.DoitConfig.GetGodoClient()
keyPath := doit.DoitConfig.GetString(ns, doit.ArgKeyPublicKeyFile)
keyName := doit.DoitConfig.GetString(ns, doit.ArgKeyName)
keyFile, err := ioutil.ReadFile(keyPath)
if err != nil {
return err
}
_, comment, _, _, err := ssh.ParseAuthorizedKey(keyFile)
if err != nil {
return err
}
if len(keyName) < 1 {
keyName = comment
}
kcr := &godo.KeyCreateRequest{
Name: keyName,
PublicKey: string(keyFile),
}
r, _, err := client.Keys.Create(kcr)
if err != nil {
return err
}
return doit.DisplayOutput(r, out)
}示例5: authorizeKey
func (ctrl *Controller) authorizeKey(conn ssh.ConnMetadata, key ssh.PublicKey) (
*ssh.Permissions, error) {
marshaledKey := key.Marshal()
for _, authorizedKey := range ctrl.authorizedKeys {
if bytes.Compare(authorizedKey.Marshal(), marshaledKey) == 0 {
return &ssh.Permissions{}, nil
}
}
nodes, err := ctrl.cluster.GetDir("console/authorized_keys")
if err != nil {
if err == cluster.ErrNotFound {
return nil, fmt.Errorf("unauthorized")
}
return nil, err
}
for path, value := range nodes {
key, _, _, _, err := ssh.ParseAuthorizedKey([]byte(value))
if err != nil {
fmt.Printf("bad authorized key from etcd: %s: %s\n", path, err)
}
if bytes.Compare(key.Marshal(), marshaledKey) == 0 {
return &ssh.Permissions{}, nil
}
}
return nil, fmt.Errorf("unauthorized")
}示例6: ParsePublicKey
func (d *SDeployKeys) ParsePublicKey(b []byte) (ssh.PublicKey, error) {
s, _, _, _, err := ssh.ParseAuthorizedKey(b)
if err != nil {
return nil, errors.New("Invalid RSA public key format")
}
return s, nil
}示例7: TestAgentForward
func TestAgentForward(t *testing.T) {
server := newServer(t)
defer server.Shutdown()
conn := server.Dial(clientConfig())
defer conn.Close()
keyring := agent.NewKeyring()
keyring.Add(testPrivateKeys["dsa"], nil, "")
pub := testPublicKeys["dsa"]
sess, err := conn.NewSession()
if err != nil {
t.Fatalf("NewSession: %v", err)
}
if err := agent.RequestAgentForwarding(sess); err != nil {
t.Fatalf("RequestAgentForwarding: %v", err)
}
if err := agent.ForwardToAgent(conn, keyring); err != nil {
t.Fatalf("SetupForwardKeyring: %v", err)
}
out, err := sess.CombinedOutput("ssh-add -L")
if err != nil {
t.Fatalf("running ssh-add: %v, out %s", err, out)
}
key, _, _, _, err := ssh.ParseAuthorizedKey(out)
if err != nil {
t.Fatalf("ParseAuthorizedKey(%q): %v", out, err)
}
if !bytes.Equal(key.Marshal(), pub.Marshal()) {
t.Fatalf("got key %s, want %s", ssh.MarshalAuthorizedKey(key), ssh.MarshalAuthorizedKey(pub))
}
}示例8: PublicKeyToAuthorizedKeysFormat
// Converts a public key to authorized keys format.
func PublicKeyToAuthorizedKeysFormat(in string) (string, error) {
s := strings.Replace(strings.Replace(strings.TrimSpace(in), "\r\n", "\n", -1), "\r", "\n", -1)
lines := strings.Split(s, "\n")
if len(lines) == 1 {
publicKey, comment, _, _, err := ssh.ParseAuthorizedKey([]byte(lines[0]))
if err != nil {
return "", fmt.Errorf("failed to parse public key from authorized keys format: %v", err)
}
encodedKey := base64.StdEncoding.EncodeToString(publicKey.Marshal())
return fmt.Sprintf("%s %s %s", publicKey.Type(), encodedKey, comment), nil
} else {
var encodedKey string
continuationLine := false
for _, line := range lines {
if continuationLine || strings.ContainsAny(line, ":-") {
continuationLine = strings.HasSuffix(line, "\\")
} else {
encodedKey += line
}
}
rawKey, err := base64.StdEncoding.DecodeString(encodedKey)
fmt.Println(encodedKey)
if err != nil {
return "", fmt.Errorf("detected SSH2 format, but contains invalid base64 content: %v", err)
}
fmt.Println(string(base64.StdEncoding.EncodeToString(rawKey)))
publicKey, err := ssh.ParsePublicKey(rawKey)
if err != nil {
return "", fmt.Errorf("failed to parse public key from SSH2 format: %v", err)
}
newEncodedKey := base64.StdEncoding.EncodeToString(publicKey.Marshal())
return fmt.Sprintf("%s %s [email protected]", publicKey.Type(), newEncodedKey), nil
}
}示例9: getPubKeyForUser
func getPubKeyForUser(username string) (ssh.PublicKey, error) {
cwd, err := os.Getwd()
if err != nil {
log.Printf("(getPubKeyForUser) >> Error: Could not figure out current working directory: %s", err.Error())
return nil, err
}
pubKeyPath := fmt.Sprintf("%s/data/%s/id_rsa.pub", cwd, username)
pubKeyFile, err := os.Open(pubKeyPath)
if err != nil {
log.Printf("(getPubKeyForUser) >> Error opening pub key file '%s' for user '%s': %s", pubKeyPath, username, err.Error())
return nil, fmt.Errorf("(getPubKeyForUser) >> Error opening pub key file '%s'", pubKeyPath)
}
defer pubKeyFile.Close()
var authorizedPubKeyBuf []byte
authorizedPubKeyBuf, err = ioutil.ReadAll(pubKeyFile)
if err != nil {
log.Printf("(getPubKeyForUser) >> Error: Could not read PubKey at path: %s", pubKeyPath)
return nil, err
}
authorizedPubKey, _, _, _, err = ssh.ParseAuthorizedKey(authorizedPubKeyBuf)
if err != nil {
log.Printf("(getPubKeyForUser) >> Error: Unable to parse AuthorizedPubKey: '%s'. Error: %s", pubKeyPath, err.Error())
return nil, err
}
log.Printf("(getPubKeyForUser) >> Successfully parsed authorized PubKey: %s\n", pubKeyPath)
return authorizedPubKey, nil
}示例10: parseAuthFile
func parseAuthFile(filename string) ([]*sshmux.User, error) {
var users []*sshmux.User
authFile, err := ioutil.ReadFile(filename)
if err != nil {
return nil, err
}
// Parse authfile as authorized_key
for len(authFile) > 0 {
var (
pk ssh.PublicKey
comment string
)
pk, comment, _, authFile, err = ssh.ParseAuthorizedKey(authFile)
if err != nil {
return nil, err
}
u := &sshmux.User{
PublicKey: pk,
Name: comment,
}
users = append(users, u)
}
return users, nil
}示例11: TestRejectRequestAfterSigning
func TestRejectRequestAfterSigning(t *testing.T) {
allConfig := SetupSignerdConfig(2, 0)
environment := "testing"
envConfig := allConfig[environment]
requestHandler := makeCertRequestHandler(allConfig)
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(boringUserCertString))
if err != nil {
t.Fatalf("Parsing canned cert failed: %v", err)
}
cert := pubKey.(*ssh.Certificate)
err = requestHandler.saveSigningRequest(envConfig, environment, "reason: testing", "DEADBEEFDEADBEEF", 1, cert)
if err != nil {
t.Fatalf("Should have succeeded. Failed with: %v", err)
}
err = requestHandler.addConfirmation("DEADBEEFDEADBEEF", "23:10:8d:d0:54:90:d5:d1:2e:4d:05:fe:4b:54:29:e4", envConfig, false)
if err != nil {
t.Fatalf("Sign should have worked. It failed: %v", err)
}
err = requestHandler.rejectRequest("DEADBEEFDEADBEEF", "23:10:8d:d0:54:90:d5:d1:2e:4d:05:fe:4b:54:29:e4", envConfig)
if err != nil {
t.Fatalf("Should have succeeded. Failed with: %v", err)
}
err = requestHandler.addConfirmation("DEADBEEFDEADBEEF", "23:10:8d:d0:54:90:d5:d1:2e:4d:05:fe:4b:54:29:e4", envConfig, false)
if err == nil {
t.Fatalf("Sign after reject should fail.")
}
}示例12: TestCompareCertsPublicKey
func TestCompareCertsPublicKey(t *testing.T) {
boringCertOne, boringCertTwo := getTwoBoringCerts(t)
boringCertTwo.Key, _, _, _, _ = ssh.ParseAuthorizedKey([]byte(signerPublicKeyString))
if compareCerts(boringCertOne, boringCertTwo) {
t.Fatalf("Certs should not have been equal.")
}
}示例13: addKeys
func (s *GandalfServer) addKeys(w http.ResponseWriter, r *http.Request) {
userName := r.URL.Query().Get(":name")
var keys map[string]string
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&keys)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
s.usersLock.Lock()
defer s.usersLock.Unlock()
userKeys, ok := s.keys[userName]
if !ok {
http.Error(w, user.ErrUserNotFound.Error(), http.StatusNotFound)
return
}
for name, body := range keys {
if _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(body)); err != nil {
http.Error(w, user.ErrInvalidKey.Error(), http.StatusBadRequest)
return
}
for _, userKey := range userKeys {
if name == userKey.Name {
http.Error(w, user.ErrDuplicateKey.Error(), http.StatusConflict)
return
}
}
}
for name, body := range keys {
userKeys = append(userKeys, key{Name: name, Body: body})
}
s.keys[userName] = userKeys
}示例14: TestCanCreateHostFingerPrint
func TestCanCreateHostFingerPrint(t *testing.T) {
var key = []byte("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEbKq5U57fhzQ3SBbs3NVmgY2ouYZfPhc6cXBNEFpRT3T100fnbkYw+EHi76nwsp+uGxk08kh4GG881DrgotptrJj2dJxXpWp/SFdVu5S9fFU6l6dCTC9IBYYCCV8PvXbBZ3oDZyyyJT7/vXSaUdbk3x9MeNlYrgItm2KY6MdHYEg8R994Sspn1sE4Ydey5DfG/WNWVrzFCI0sWI3yj4zuCcUXFz9sEG8fIYikD9rNuohiMenWjkj6oLTwZGVW2q4wRL0051XBkmfnPD/H6gqOML9MbZQ8D6/+az0yF9oD61SkifhBNBRRNaIab/Np7XD61siR8zNMG/vCKjFGICnp [email protected]")
publicKey, _, _, _, _ := ssh.ParseAuthorizedKey(key)
in, out := sshTunnel.formatHostFingerprint(publicKey), "65:30:38:96:35:56:4f:64:64:e8:e3:a4:7d:59:3e:19"
if in != out {
t.Errorf("sshTunnel.formatHostFingerprint(key) = %v, want %v", in, out)
}
}示例15: toPublicKey
// toPublicKey parses a public key and returns an *rsa.PublicKey.
// credit to stackoverflow http://stackoverflow.com/q/31593329
func toPublicKey(key string) (*rsa.PublicKey, error) {
raw := []byte(key)
pub, _, _, _, err := ssh.ParseAuthorizedKey(raw)
if err != nil {
return nil, err
}
return reflect.ValueOf(pub).
Convert(reflect.TypeOf(new(rsa.PublicKey))).Interface().(*rsa.PublicKey), nil
}