[][src]Crate rustica_keys

The rustica-keys crate provides types and methods for parsing OpenSSH public keys, and parsing then verifying SSH certificates.

The following public key types are supported.

  • RSA
  • ECDSA
  • ED25519

The following OpenSSH certificate types are supported as well.

  • ssh-rsa-cert-v01@openssh.com
  • ecdsa-sha2-nistp256-cert-v01@openssh.com
  • ecdsa-sha2-nistp384-cert-v01@openssh.com
  • ecdsa-sha2-nistp512-cert-v01@openssh.com (Not yet)
  • ssh-ed25519-cert-v01@openssh.com

The crate also provides functionality for provision key slots on Yubikeys to handle signing operations. This is provided in yubikey module.

Modules

ssh

Functions or structs for dealing with SSH Certificates. Parsing, and creating certs happens here. This module is a heavily modified version of the sshkeys crate that adds certificate verification, and many other things to support that. The original licence for the code is in the source code provided

utils

Utility functions for dealing with SSH certificates, signatures or conversions

yubikey

Functions for dealing with Yubikey signing. Also contains an SSH submodule containing helper functions to generate SSH encoded versions of it's normal functions.

Structs

Certificate

A type which represents an OpenSSH certificate key. Please refer to [PROTOCOL.certkeys] for more details about OpenSSH certificates. [PROTOCOL.certkeys]: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD

PublicKey

A type which represents an OpenSSH public key.