本文整理汇总了Golang中crypto/x509.IsEncryptedPEMBlock函数的典型用法代码示例。如果您正苦于以下问题:Golang IsEncryptedPEMBlock函数的具体用法?Golang IsEncryptedPEMBlock怎么用?Golang IsEncryptedPEMBlock使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了IsEncryptedPEMBlock函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: ParsePEMPrivateKey
// ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It
// only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.
func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (*data.PrivateKey, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("no valid private key found")
}
switch block.Type {
case "RSA PRIVATE KEY":
var privKeyBytes []byte
var err error
if x509.IsEncryptedPEMBlock(block) {
privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, errors.New("could not decrypt private key")
}
} else {
privKeyBytes = block.Bytes
}
rsaPrivKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes)
if err != nil {
return nil, fmt.Errorf("could not parse DER encoded key: %v", err)
}
tufRSAPrivateKey, err := RSAToPrivateKey(rsaPrivKey, data.RSAKey)
if err != nil {
return nil, fmt.Errorf("could not convert rsa.PrivateKey to data.PrivateKey: %v", err)
}
return tufRSAPrivateKey, nil
case "EC PRIVATE KEY":
var privKeyBytes []byte
var err error
if x509.IsEncryptedPEMBlock(block) {
privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, errors.New("could not decrypt private key")
}
} else {
privKeyBytes = block.Bytes
}
ecdsaPrivKey, err := x509.ParseECPrivateKey(privKeyBytes)
if err != nil {
return nil, fmt.Errorf("could not parse DER encoded private key: %v", err)
}
tufECDSAPrivateKey, err := ECDSAToPrivateKey(ecdsaPrivKey, data.ECDSAKey)
if err != nil {
return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
}
return tufECDSAPrivateKey, nil
default:
return nil, fmt.Errorf("unsupported key type %q", block.Type)
}
}
开发者ID:RichardScothern,项目名称:notary,代码行数:62,代码来源:x509utils.go
示例2: ReadPEMData
// Read a PEM file and ask for a password to decrypt it if needed
func ReadPEMData(pemFile string, pemPass []byte) ([]byte, error) {
pemData, err := ioutil.ReadFile(pemFile)
if err != nil {
return pemData, err
}
// We should really just get the pem.Block back here, if there's other
// junk on the end, warn about it.
pemBlock, rest := pem.Decode(pemData)
if len(rest) > 0 {
log.Warning("Didn't parse all of", pemFile)
}
if x509.IsEncryptedPEMBlock(pemBlock) {
// Decrypt and get the ASN.1 DER bytes here
pemData, err = x509.DecryptPEMBlock(pemBlock, pemPass)
if err != nil {
return pemData, err
} else {
log.Info("Decrypted", pemFile, "successfully")
}
// Shove the decrypted DER bytes into a new pem Block with blank headers
var newBlock pem.Block
newBlock.Type = pemBlock.Type
newBlock.Bytes = pemData
// This is now like reading in an uncrypted key from a file and stuffing it
// into a byte stream
pemData = pem.EncodeToMemory(&newBlock)
}
return pemData, nil
}
开发者ID:BrianIp,项目名称:orchestrator,代码行数:32,代码来源:ssl.go
示例3: PEMtoPublicKey
// PEMtoPublicKey unmarshals a pem to public key
func PEMtoPublicKey(raw []byte, pwd []byte) (interface{}, error) {
if len(raw) == 0 {
return nil, errors.New("Invalid PEM. It must be diffrent from nil.")
}
block, _ := pem.Decode(raw)
if block == nil {
return nil, fmt.Errorf("Failed decoding. Block must be different from nil. [% x]", raw)
}
// TODO: derive from header the type of the key
if x509.IsEncryptedPEMBlock(block) {
if len(pwd) == 0 {
return nil, errors.New("Encrypted Key. Password must be different from nil")
}
decrypted, err := x509.DecryptPEMBlock(block, pwd)
if err != nil {
return nil, fmt.Errorf("Failed PEM decryption. [%s]", err)
}
key, err := DERToPublicKey(decrypted)
if err != nil {
return nil, err
}
return key, err
}
cert, err := DERToPublicKey(block.Bytes)
if err != nil {
return nil, err
}
return cert, err
}
开发者ID:hyperledger,项目名称:fabric,代码行数:34,代码来源:keys.go
示例4: readKey
// readKey returns the decrypted key pem bytes, and enforces the KEK if applicable
// (writes it back with the correct encryption if it is not correctly encrypted)
func (k *KeyReadWriter) readKey() (*pem.Block, error) {
keyBlock, err := k.readKeyblock()
if err != nil {
return nil, err
}
if !x509.IsEncryptedPEMBlock(keyBlock) {
return keyBlock, nil
}
// If it's encrypted, we can't read without a passphrase (we're assuming
// empty passphrases iare invalid)
if k.kekData.KEK == nil {
return nil, ErrInvalidKEK{Wrapped: x509.IncorrectPasswordError}
}
derBytes, err := x509.DecryptPEMBlock(keyBlock, k.kekData.KEK)
if err != nil {
return nil, ErrInvalidKEK{Wrapped: err}
}
// remove encryption PEM headers
headers := make(map[string]string)
mergePEMHeaders(headers, keyBlock.Headers)
return &pem.Block{
Type: keyBlock.Type, // the key type doesn't change
Bytes: derBytes,
Headers: headers,
}, nil
}
开发者ID:harche,项目名称:docker,代码行数:32,代码来源:keyreadwriter.go
示例5: addKeyAuth
func addKeyAuth(auths []ssh.AuthMethod, keypath string) []ssh.AuthMethod {
if len(keypath) == 0 {
return auths
}
keypath = expandPath(keypath)
// read the file
pemBytes, err := ioutil.ReadFile(keypath)
if err != nil {
log.Print(err)
os.Exit(1)
}
// get first pem block
block, _ := pem.Decode(pemBytes)
if block == nil {
log.Printf("no key found in %s", keypath)
return auths
}
// handle plain and encrypted keyfiles
if x509.IsEncryptedPEMBlock(block) {
log.Printf("warning: ignoring encrypted key '%s'", keypath)
return auths
} else {
signer, err := ssh.ParsePrivateKey(pemBytes)
if err != nil {
log.Print(err)
return auths
}
return append(auths, ssh.PublicKeys(signer))
}
}
开发者ID:rapidloop,项目名称:rtop-bot,代码行数:34,代码来源:sshhelper.go
示例6: PEMtoPublicKey
// PEMtoPublicKey unmarshals a pem to public key
func PEMtoPublicKey(raw []byte, pwd []byte) (interface{}, error) {
if len(raw) == 0 {
return nil, utils.ErrNilArgument
}
block, _ := pem.Decode(raw)
if block == nil {
return nil, fmt.Errorf("Failed decoding [% x]", raw)
}
// TODO: derive from header the type of the key
if x509.IsEncryptedPEMBlock(block) {
if len(pwd) == 0 {
return nil, errors.New("Encrypted Key. Need a password!!!")
}
decrypted, err := x509.DecryptPEMBlock(block, pwd)
if err != nil {
return nil, errors.New("Failed decryption!!!")
}
key, err := DERToPublicKey(decrypted)
if err != nil {
return nil, err
}
return key, err
}
cert, err := DERToPublicKey(block.Bytes)
if err != nil {
return nil, err
}
return cert, err
}
开发者ID:C0rWin,项目名称:fabric,代码行数:34,代码来源:keys.go
示例7: ReadPrivateKey
// ReadPrivateKey attempts to read your private key and possibly decrypt it if it
// requires a passphrase.
// This function will prompt for a passphrase on STDIN if the environment variable (`IDENTITY_PASSPHRASE`),
// is not set.
func ReadPrivateKey(path string) ([]byte, error) {
privateKey, err := ioutil.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("failed to load identity: %v", err)
}
block, rest := pem.Decode(privateKey)
if len(rest) > 0 {
return nil, fmt.Errorf("extra data when decoding private key")
}
if !x509.IsEncryptedPEMBlock(block) {
return privateKey, nil
}
passphrase := os.Getenv("IDENTITY_PASSPHRASE")
if passphrase == "" {
passphrase, err = gopass.GetPass("Enter passphrase: ")
if err != nil {
return nil, fmt.Errorf("couldn't read passphrase: %v", err)
}
}
der, err := x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, fmt.Errorf("decrypt failed: %v", err)
}
privateKey = pem.EncodeToMemory(&pem.Block{
Type: block.Type,
Bytes: der,
})
return privateKey, nil
}
开发者ID:dream1986,项目名称:ssh-chat,代码行数:37,代码来源:key.go
示例8: PEMtoPublicKey
// PEMtoPublicKey unmarshals a pem to public key
func PEMtoPublicKey(raw []byte, pwd []byte) (interface{}, error) {
block, _ := pem.Decode(raw)
// TODO: derive from header the type of the key
if x509.IsEncryptedPEMBlock(block) {
if pwd == nil {
return nil, errors.New("Encrypted Key. Need a password!!!")
}
decrypted, err := x509.DecryptPEMBlock(block, pwd)
if err != nil {
return nil, errors.New("Failed decryption!!!")
}
key, err := DERToPublicKey(decrypted)
if err != nil {
return nil, err
}
return key, err
}
cert, err := DERToPublicKey(block.Bytes)
if err != nil {
return nil, err
}
return cert, err
}
开发者ID:RicHernandez2,项目名称:fabric,代码行数:28,代码来源:keys.go
示例9: SSHConfigPubKeyFile
// SSHConfigPubKeyFile is a convience function that takes a username, private key
// and passphrase and returns a new ssh.ClientConfig setup to pass credentials
// to DialSSH
func SSHConfigPubKeyFile(user string, file string, passphrase string) (*ssh.ClientConfig, error) {
buf, err := ioutil.ReadFile(file)
if err != nil {
return nil, err
}
block, rest := pem.Decode(buf)
if len(rest) > 0 {
return nil, fmt.Errorf("pem: unable to decode file %s", file)
}
if x509.IsEncryptedPEMBlock(block) {
b := block.Bytes
b, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, err
}
buf = pem.EncodeToMemory(&pem.Block{
Type: block.Type,
Bytes: b,
})
}
key, err := ssh.ParsePrivateKey(buf)
if err != nil {
return nil, err
}
return &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{
ssh.PublicKeys(key),
},
}, nil
}
开发者ID:Juniper,项目名称:go-netconf,代码行数:37,代码来源:transport_ssh.go
示例10: processPrivateKeyFile
// processPrivateKeyFile takes a private key file and an optional passphrase
// and decodes it to a byte slice.
func processPrivateKeyFile(privateKeyFile, passphrase string) ([]byte, error) {
rawPrivateKeyBytes, err := ioutil.ReadFile(privateKeyFile)
if err != nil {
return nil, fmt.Errorf("Failed loading private key file: %s", err)
}
PEMBlock, _ := pem.Decode(rawPrivateKeyBytes)
if PEMBlock == nil {
return nil, fmt.Errorf(
"%s does not contain a vaild private key", privateKeyFile)
}
if x509.IsEncryptedPEMBlock(PEMBlock) {
if passphrase == "" {
return nil, errors.New("a passphrase must be specified when using an encrypted private key")
}
decryptedPrivateKeyBytes, err := x509.DecryptPEMBlock(PEMBlock, []byte(passphrase))
if err != nil {
return nil, fmt.Errorf("Failed decrypting private key: %s", err)
}
b := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: decryptedPrivateKeyBytes,
}
return pem.EncodeToMemory(b), nil
}
return rawPrivateKeyBytes, nil
}
开发者ID:JNPRAutomate,项目名称:packer,代码行数:33,代码来源:private_key.go
示例11: server
func server(config Config) {
// open receive port
readSocket := openUDPSocket(`r`, net.UDPAddr{
IP: net.IPv4(0, 0, 0, 0),
Port: config.Port,
})
fmt.Printf("Listening on UDP port %d...\n", config.Port)
defer readSocket.Close()
// main loop
for {
data := make([]byte, UDP_MSG_SIZE)
size, clientAddr, err := readSocket.ReadFromUDP(data)
if err != nil {
fmt.Println("Error reading from receive port: ", err)
}
clientMsg := data[0:size]
if string(clientMsg) == KEY_REQUEST_TEXT {
fmt.Printf("Received key request from %s, sending key.\n",
clientAddr.IP)
// reply to the client on the same port
writeSocket := openUDPSocket(`w`, net.UDPAddr{
IP: clientAddr.IP,
Port: clientAddr.Port + 1,
})
var keyData []byte
keyData = []byte(os.Getenv(KEY_DATA_ENV_VAR))
if len(keyData) == 0 {
keyData, err = ioutil.ReadFile(config.KeyPath)
if err != nil {
fmt.Printf("ERROR reading keyfile %s: %s!\n", config.KeyPath, err)
}
}
pemBlock, _ := pem.Decode(keyData)
if pemBlock != nil {
if x509.IsEncryptedPEMBlock(pemBlock) {
fmt.Println("Decrypting private key with passphrase...")
decoded, err := x509.DecryptPEMBlock(pemBlock, []byte(config.Pwd))
if err == nil {
header := `PRIVATE KEY` // default key type in header
matcher := regexp.MustCompile("-----BEGIN (.*)-----")
if matches := matcher.FindSubmatch(keyData); len(matches) > 1 {
header = string(matches[1])
}
keyData = pem.EncodeToMemory(
&pem.Block{Type: header, Bytes: decoded})
} else {
fmt.Printf("Error decrypting PEM-encoded secret: %s\n", err)
}
}
}
_, err = writeSocket.Write(keyData)
if err != nil {
fmt.Printf("ERROR writing data to socket:%s!\n", err)
}
writeSocket.Close()
}
}
}
开发者ID:mdsol,项目名称:docker-ssh-exec,代码行数:60,代码来源:server.go
示例12: readPEMFile
func readPEMFile(path, passphrase string) ([]byte, error) {
pass := []byte(passphrase)
var blocks []*pem.Block
content, err := ioutil.ReadFile(path)
if err != nil {
return nil, err
}
for len(content) > 0 {
var block *pem.Block
block, content = pem.Decode(content)
if block == nil {
if len(blocks) == 0 {
return nil, errors.New("no pem file")
}
break
}
if x509.IsEncryptedPEMBlock(block) {
var buffer []byte
var err error
if len(pass) == 0 {
err = errors.New("No passphrase available")
} else {
// Note, decrypting pem might succeed even with wrong password, but
// only noise will be stored in buffer in this case.
buffer, err = x509.DecryptPEMBlock(block, pass)
}
if err != nil {
logp.Err("Dropping encrypted pem '%v' block read from %v. %v",
block.Type, path, err)
continue
}
// DEK-Info contains encryption info. Remove header to mark block as
// unencrypted.
delete(block.Headers, "DEK-Info")
block.Bytes = buffer
}
blocks = append(blocks, block)
}
if len(blocks) == 0 {
return nil, errors.New("no PEM blocks")
}
// re-encode available, decrypted blocks
buffer := bytes.NewBuffer(nil)
for _, block := range blocks {
err := pem.Encode(buffer, block)
if err != nil {
return nil, err
}
}
return buffer.Bytes(), nil
}
开发者ID:ruflin,项目名称:beats,代码行数:59,代码来源:tls.go
示例13: ParsePEMPrivateKey
// ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It
// only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.
func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (data.PrivateKey, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("no valid private key found")
}
var privKeyBytes []byte
var err error
if x509.IsEncryptedPEMBlock(block) {
privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, errors.New("could not decrypt private key")
}
} else {
privKeyBytes = block.Bytes
}
switch block.Type {
case "RSA PRIVATE KEY":
rsaPrivKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes)
if err != nil {
return nil, fmt.Errorf("could not parse DER encoded key: %v", err)
}
tufRSAPrivateKey, err := RSAToPrivateKey(rsaPrivKey)
if err != nil {
return nil, fmt.Errorf("could not convert rsa.PrivateKey to data.PrivateKey: %v", err)
}
return tufRSAPrivateKey, nil
case "EC PRIVATE KEY":
ecdsaPrivKey, err := x509.ParseECPrivateKey(privKeyBytes)
if err != nil {
return nil, fmt.Errorf("could not parse DER encoded private key: %v", err)
}
tufECDSAPrivateKey, err := ECDSAToPrivateKey(ecdsaPrivKey)
if err != nil {
return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
}
return tufECDSAPrivateKey, nil
case "ED25519 PRIVATE KEY":
// We serialize ED25519 keys by concatenating the private key
// to the public key and encoding with PEM. See the
// ED25519ToPrivateKey function.
tufECDSAPrivateKey, err := ED25519ToPrivateKey(privKeyBytes)
if err != nil {
return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
}
return tufECDSAPrivateKey, nil
default:
return nil, fmt.Errorf("unsupported key type %q", block.Type)
}
}
开发者ID:beerbubble,项目名称:docker,代码行数:59,代码来源:x509utils.go
示例14: unencryptPrivateKey
func unencryptPrivateKey(block *pem.Block, password string) (crypto.PrivateKey, error) {
if x509.IsEncryptedPEMBlock(block) {
bytes, err := x509.DecryptPEMBlock(block, []byte(password))
if err != nil {
return nil, ErrFailedToDecryptKey
}
return parsePrivateKey(bytes)
}
return parsePrivateKey(block.Bytes)
}
开发者ID:sideshow,项目名称:apns2,代码行数:10,代码来源:certificate.go
示例15: IsEncryptedPEM
// Determine if PEM file is encrypted
func IsEncryptedPEM(pemFile string) bool {
pemData, err := ioutil.ReadFile(pemFile)
if err != nil {
return false
}
pemBlock, _ := pem.Decode(pemData)
if len(pemBlock.Bytes) == 0 {
return false
}
return x509.IsEncryptedPEMBlock(pemBlock)
}
开发者ID:BrianIp,项目名称:orchestrator,代码行数:12,代码来源:ssl.go
示例16: loadPrivateKey
func loadPrivateKey(path string) (ssh.AuthMethod, error) {
// Read file
keyData, err := ioutil.ReadFile(path)
if err != nil {
log.Printf("error: could not read key file '%s': %s", path, err)
return nil, err
}
// Get first PEM block
block, _ := pem.Decode(keyData)
if err != nil {
log.Printf("error: no key found in file '%s': %s", path, err)
return nil, err
}
// If it's encrypted...
var (
signer ssh.Signer
signerErr error
)
if x509.IsEncryptedPEMBlock(block) {
// Get the passphrase
prompt := fmt.Sprintf("Enter passphrase for key '%s': ", path)
pass, err := speakeasy.Ask(prompt)
if err != nil {
log.Printf("error: error getting passphrase: %s", err)
return nil, err
}
block.Bytes, err = x509.DecryptPEMBlock(block, []byte(pass))
if err != nil {
log.Printf("error: error decrypting key: %s", err)
return nil, err
}
key, err := ParsePEMBlock(block)
if err != nil {
log.Printf("error: could not parse PEM block: %s", err)
return nil, err
}
signer, signerErr = ssh.NewSignerFromKey(key)
} else {
signer, signerErr = ssh.ParsePrivateKey(keyData)
}
if signerErr != nil {
log.Printf("error: error parsing private key '%s': %s", path, signerErr)
return nil, signerErr
}
return ssh.PublicKeys(signer), nil
}
开发者ID:andrew-d,项目名称:rssh,代码行数:54,代码来源:main.go
示例17: checkRootKeyIsEncrypted
// checkRootKeyIsEncrypted makes sure the root key is encrypted. We have
// internal assumptions that depend on this.
func checkRootKeyIsEncrypted(pemBytes []byte) error {
block, _ := pem.Decode(pemBytes)
if block == nil {
return ErrNoValidPrivateKey
}
if !x509.IsEncryptedPEMBlock(block) {
return ErrRootKeyNotEncrypted
}
return nil
}
开发者ID:ChanderG,项目名称:docker,代码行数:14,代码来源:import_export.go
示例18: signInWithKey
func (a *SAuth) signInWithKey() (*signinResponse, error) {
body := struct {
PublicKey string `json:"publicKey"`
Signature string `json:"signature"`
}{}
bytes, err := ioutil.ReadFile(a.Settings.PrivateKeyPath)
if err != nil {
return nil, err
}
block, _ := pem.Decode(bytes)
if block == nil {
return nil, errors.New("Private key is not PEM-encoded")
}
bytes = block.Bytes
if x509.IsEncryptedPEMBlock(block) {
passphrase := a.Prompts.KeyPassphrase(a.Settings.PrivateKeyPath)
bytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, err
}
}
privateKey, err := x509.ParsePKCS1PrivateKey(bytes)
if err != nil {
return nil, err
}
publicKey, err := ioutil.ReadFile(a.Settings.PrivateKeyPath + ".pub")
if err != nil {
return nil, err
}
body.PublicKey = string(publicKey)
headers := httpclient.GetHeaders(a.Settings.SessionToken, a.Settings.Version, a.Settings.Pod, a.Settings.UsersID)
message := fmt.Sprintf("%s&%s", headers["X-Request-Nonce"][0], headers["X-Request-Timestamp"][0])
hashedMessage := sha256.Sum256([]byte(message))
signature, err := privateKey.Sign(rand.Reader, hashedMessage[:], crypto.SHA256)
if err != nil {
return nil, err
}
body.Signature = base64.StdEncoding.EncodeToString(signature)
b, err := json.Marshal(body)
if err != nil {
return nil, err
}
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/auth/signin/key", a.Settings.AuthHost, a.Settings.AuthHostVersion), headers)
if err != nil {
return nil, err
}
signinResp := &signinResponse{}
return signinResp, httpclient.ConvertResp(resp, statusCode, signinResp)
}
开发者ID:catalyzeio,项目名称:cli,代码行数:52,代码来源:signin.go
示例19: parseKey
func parseKey(block *pem.Block, passphrase []byte) (*rsa.PrivateKey, error) {
var blockBytes []byte
if x509.IsEncryptedPEMBlock(block) {
b, err := x509.DecryptPEMBlock(block, passphrase)
if err != nil {
return nil, err
}
blockBytes = b
} else {
blockBytes = block.Bytes
}
return x509.ParsePKCS1PrivateKey(blockBytes)
}
开发者ID:justinjsmith,项目名称:pkgsign,代码行数:13,代码来源:pkgsign.go
示例20: addKeyAuth
func addKeyAuth(auths []ssh.AuthMethod, keypath string) []ssh.AuthMethod {
if len(keypath) == 0 {
return auths
}
// read the file
pemBytes, err := ioutil.ReadFile(keypath)
if err != nil {
log.Print(err)
os.Exit(1)
}
// get first pem block
block, _ := pem.Decode(pemBytes)
if block == nil {
log.Printf("no key found in %s", keypath)
return auths
}
// handle plain and encrypted keyfiles
if x509.IsEncryptedPEMBlock(block) {
prompt := fmt.Sprintf("Enter passphrase for key '%s': ", keypath)
pass, err := getpass(prompt)
if err != nil {
return auths
}
block.Bytes, err = x509.DecryptPEMBlock(block, []byte(pass))
if err != nil {
log.Print(err)
return auths
}
key, err := ParsePemBlock(block)
if err != nil {
log.Print(err)
return auths
}
signer, err := ssh.NewSignerFromKey(key)
if err != nil {
log.Print(err)
return auths
}
return append(auths, ssh.PublicKeys(signer))
} else {
signer, err := ssh.ParsePrivateKey(pemBytes)
if err != nil {
log.Print(err)
return auths
}
return append(auths, ssh.PublicKeys(signer))
}
}
开发者ID:nsdont,项目名称:rtop,代码行数:51,代码来源:sshhelper.go
注:本文中的crypto/x509.IsEncryptedPEMBlock函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论