-
Notifications
You must be signed in to change notification settings - Fork 24
/
keys.go
117 lines (91 loc) · 2.79 KB
/
keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package ssh
import (
"bytes"
"encoding/base64"
"golang.org/x/crypto/ssh"
"github.com/tjfoc/gmsm/sm2"
)
func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey ssh.PublicKey, comment string, rest []byte, err error) {
return ssh.ParseKnownHosts(in)
}
// 创建 key
func MarshalAuthorizedKey(key ssh.PublicKey) []byte {
return ssh.MarshalAuthorizedKey(key)
}
// 创建带信息的 key
func MarshalAuthorizedKeyWithComment(key ssh.PublicKey, comment string) []byte {
b := &bytes.Buffer{}
// type
b.WriteString(key.Type())
b.WriteByte(' ')
// key
e := base64.NewEncoder(base64.StdEncoding, b)
e.Write(key.Marshal())
e.Close()
// comment
b.WriteByte(' ')
b.WriteString(comment)
b.WriteByte('\n')
return b.Bytes()
}
// RSA | DSA | SM2 | ECDSA | SKECDSA | ED25519 | SKEd25519
// CertAlgoRSAv01 | CertAlgoDSAv01
// CertAlgoECDSA256v01 | CertAlgoECDSA384v01
// CertAlgoECDSA521v01 | CertAlgoSKECDSA256v01
// CertAlgoED25519v01 | CertAlgoSKED25519v01
func NewPublicKey(key any) (out ssh.PublicKey, err error) {
switch k := key.(type) {
case *sm2.PublicKey:
return NewSM2PublicKey(k), nil
}
return ssh.NewPublicKey(key)
}
func ParseAuthorizedKey(in []byte) (out ssh.PublicKey, comment string, options []string, rest []byte, err error) {
out, comment, options, rest, err = ssh.ParseAuthorizedKey(in)
if err != nil {
out, comment, options, rest, err = ParseSM2AuthorizedKey(in)
}
return
}
func ParsePublicKey(in []byte) (out ssh.PublicKey, err error) {
out, err = ssh.ParsePublicKey(in)
if err != nil {
out, err = ParseSM2PublicKey(in)
}
return
}
func NewSignerFromKey(key any) (out ssh.Signer, err error) {
switch k := key.(type) {
case *sm2.PrivateKey:
return NewSM2PrivateKey(k), nil
}
return ssh.NewSignerFromKey(key)
}
func ParsePrivateKey(pemBytes []byte) (ssh.Signer, error) {
key, err := ParseRawPrivateKey(pemBytes)
if err != nil {
return nil, err
}
return NewSignerFromKey(key)
}
func ParsePrivateKeyWithPassphrase(pemBytes, passphrase []byte) (ssh.Signer, error) {
key, err := ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase)
if err != nil {
return nil, err
}
return NewSignerFromKey(key)
}
func ParseRawPrivateKey(pemBytes []byte) (out any, err error) {
out, err = ssh.ParseRawPrivateKey(pemBytes)
if err != nil {
out, err = ParseSM2RawPrivateKey(pemBytes)
}
return
}
func ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (out any, err error) {
out, err = ssh.ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase)
if err != nil {
out, err = ParseSM2RawPrivateKeyWithPassphrase(pemBytes, passphrase)
}
return
}