-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssh-key: make decode_as
a public API
#211
ssh-key: make decode_as
a public API
#211
Conversation
4ba151b
to
4fcd7d5
Compare
4fcd7d5
to
ea2da09
Compare
I'd love to have this backported and released to a |
Great to see this filed! Thanks a lot @baloo 🙇 I think in general all these "first string ID (algorithm), then we decide what to do" should have a In other words the And if so the question is what to do with other types which are used in SSH agent protocol. Maybe they could also be moved here after they "stabilize" a bit? This is all just ideas for far future but in the short-term it'd be really nice to have this merged. 🙏 Thanks for your time! 👋 |
I don't think it will be ever used outside the agent protocol. This is only used because encoding of private keys changes whether they are tied to certificates or not. I believe agent protocol is the only one that involves private keys. |
Are you suggesting a new method, or if not, can you link in the source code to the method you're talking about? As far as I can tell, there is no |
This is used for parsing the ssh-agent protocol. https://github.com/wiktor-k/ssh-agent-lib/pull/33/files#r1554798031 |
Aah sorry, catching up on PRs and I missed this was extracting a |
Added: - impl `decode_as` for `KeypairData` ([RustCrypto#211]) Changed: - clarify SSH vs OpenSSH formats ([RustCrypto#206]) Fixed: - fix `certificate::OptionsMap` encoding ([RustCrypto#207]) - fixup `EcdsaPrivateKey` Debug impl ([RustCrypto#210]) [RustCrypto#206]: RustCrypto#206 [RustCrypto#207]: RustCrypto#207 [RustCrypto#210]: RustCrypto#210 [RustCrypto#211]: RustCrypto#211
When parsing ssh keys from the SSH agent protocol, you need to read the first element of the protocol (the
ssh_key::Algorithm
(encoded as a String) to make a decision whether what comes next is supposed to be parsed as anssh_key::Certificate
or as anssh_key::private::KeypairData
.Because the content has already been consumed from the reader, and because you can't go backwards in the reader. This requires
decode_as
to be exposed onssh_key::private::KeypairData
.