You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While x/crypto/ssh has at present ParseKnownHosts and ParseAuthorizedKey functions, it lacks support for parsing the allowed_signers format as documented in the ssh-keygen(1) manual page.
Proposal is to add a ParseAllowedSigners function, with a likewise signature as ParseKnownHosts:
// ParseAllowedSigners parses an entry in the format of the allowed_signers file.//// The allowed_signers format is documented in the ssh-keygen(1) manual page.// This function will parse a single entry from in. On successful return,// principals will contain the list of principals that this entry matches,// options will contain the list of options that this entry matches (i.e.// "cert-authority", "namespaces=file,git"), and pubKey will contain the// public key. See the ssh-keygen(1) manual page for the various forms that a// principal string can take, and further details on the options.//// The unparsed remainder of the input will be returned in rest. This function// can be called repeatedly to parse multiple entries.//// If no entries were found in the input then err will be io.EOF. Otherwise, a// non-nil err value indicates a parse error.funcParseAllowedSigners(in []byte) (principals []string, options []string, pubKey ssh.PublicKey, rest []byte, errerror)
Adding this would compliment the existing API, and would help facilitate working with the SSH signing features the library has to offer. While leaving the implementation of the actual SSH Signature format as an exercise for another time.
The text was updated successfully, but these errors were encountered:
While
x/crypto/ssh
has at presentParseKnownHosts
andParseAuthorizedKey
functions, it lacks support for parsing theallowed_signers
format as documented in the ssh-keygen(1) manual page.Proposal is to add a
ParseAllowedSigners
function, with a likewise signature asParseKnownHosts
:Adding this would compliment the existing API, and would help facilitate working with the SSH signing features the library has to offer. While leaving the implementation of the actual SSH Signature format as an exercise for another time.
The text was updated successfully, but these errors were encountered: