pub struct PublicKey {
pub options: Option<String>,
pub data: Data,
pub comment: Option<String>,
}Expand description
PublicKey is the struct representation of an ssh public key.
Fields§
§options: Option<String>§data: Data§comment: Option<String>Implementations§
Source§impl PublicKey
impl PublicKey
Sourcepub fn parse(key: &str) -> Result<Self>
pub fn parse(key: &str) -> Result<Self>
parse takes a string and parses it as a public key from an authorized keys file. the format it expects is described here https://tools.ietf.org/html/rfc4253#section-6.6 and here https://man.openbsd.org/sshd#AUTHORIZED_KEYS_FILE_FORMAT
sshd describes an additional, optional “options” field for public keys in the authorized_keys file. This field allows for passing of options to sshd that only apply to that particular public key. This means that a public key in an authorized keys file is a strict superset of the public key format described in rfc4253. Another superset of a public key is what is present in the known_hosts file. This file has a hostname as the first thing on the line. This parser treats the hostname the same as an option field. When one of these things is found at the beginning of a line, it is treated as a semi-opaque string that is carried with the public key and reproduced when the key is printed. It is not entirely opaque, since the parser needs to be aware of quoting semantics within the option fields, since options surrounded by double quotes can contain spaces, which are otherwise the main delimiter of the parts of a public key.
You can parse and output ssh keys like this
let rsa_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCcMCOEryBa8IkxXacjIawaQPp08hR5h7+4vZePZ7DByTG3tqKgZYRJ86BaR+4fmdikFoQjvLJVUmwniq3wixhkP7VLCbqip3YHzxXrzxkbPC3w3O1Bdmifwn9cb8RcZXfXncCsSu+h5XCtQ5BOi41Iit3d13gIe/rfXVDURmRanV6R7Voljxdjmp/zyReuzc2/w5SI6Boi4tmcUlxAI7sFuP1kA3pABDhPtc3TDgAcPUIBoDCoY8q2egI197UuvbgsW2qraUcuQxbMvJOMSFg2FQrE2bpEqC4CtBn7+HiJrkVOHjV7bvSv7jd1SuX5XqkwMCRtdMuRpJr7CyZoFL5n demos@anduin";
let key = openssh_keys::PublicKey::parse(rsa_key).unwrap();
let out = key.to_string();
assert_eq!(rsa_key, out);parse somewhat attempts to keep track of comments, but it doesn’t fully comply with the rfc in that regard.
Sourcepub fn read_keys<R>(r: R) -> Result<Vec<Self>>where
R: Read,
pub fn read_keys<R>(r: R) -> Result<Vec<Self>>where
R: Read,
read_keys takes a reader and parses it as an authorized_keys file. it returns an error if it can’t read or parse any of the public keys in the list.
Sourcepub fn from_dsa(p: Vec<u8>, q: Vec<u8>, g: Vec<u8>, pkey: Vec<u8>) -> Self
pub fn from_dsa(p: Vec<u8>, q: Vec<u8>, g: Vec<u8>, pkey: Vec<u8>) -> Self
get an ssh public key from dsa components
Sourcepub fn keytype(&self) -> &'static str
pub fn keytype(&self) -> &'static str
keytype returns the type of key in the format described by rfc4253 The output will be ssh-{type} where type is [rsa,ed25519,ecdsa,dsa]
Sourcepub fn data(&self) -> Vec<u8> ⓘ
pub fn data(&self) -> Vec<u8> ⓘ
data returns the data section of the key in the format described by rfc4253 the contents of the data section depend on the keytype. For RSA keys it contains the keytype, exponent, and modulus in that order. Other types have other data sections. This function doesn’t base64 encode the data, that task is left to the consumer of the output.
pub fn set_comment(&mut self, comment: &str)
Sourcepub fn to_key_format(&self) -> String
pub fn to_key_format(&self) -> String
to_key_format returns a string representation of the ssh key. this string output is appropriate to use as a public key file. it adheres to the format described in https://tools.ietf.org/html/rfc4253#section-6.6
an ssh key consists of four pieces:
[options] ssh-keytype data comment
the output of the data section is described in the documentation for the data function. the options section is optional, and is not part of the spec. rather, it is a field present in authorized_keys files or known_hosts files.
Sourcepub fn size(&self) -> usize
pub fn size(&self) -> usize
size returns the size of the stored ssh key. for rsa keys this is determined by the number of bits in the modulus. for dsa keys it’s the number of bits in the prime p.
see https://github.com/openssh/openssh-portable/blob/master/sshkey.c#L261 for more details
Sourcepub fn fingerprint(&self) -> String
pub fn fingerprint(&self) -> String
fingerprint returns a string representing the fingerprint of the ssh key the format of the fingerprint is described tersely in https://tools.ietf.org/html/rfc4716#page-6. This uses the ssh-keygen defaults of a base64 encoded SHA256 hash.
Sourcepub fn to_fingerprint_string(&self) -> String
pub fn to_fingerprint_string(&self) -> String
to_fingerprint_string prints out the fingerprint in the same format used
by ssh-keygen -l -f key, specifically the implementation here -
https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c#L842
right now it just sticks with the defaults of a base64 encoded SHA256
hash.
Sourcepub fn fingerprint_md5(&self) -> String
pub fn fingerprint_md5(&self) -> String
fingerprint_m5 returns a string representing the fingerprint of the ssh key
the format of the fingerprint is MD5, and the output looks like,
fb:a0:5b:a0:21:01:47:33:3b:8d:9e:14:1a:4c:db:6d .
Sourcepub fn to_fingerprint_md5_string(&self) -> String
pub fn to_fingerprint_md5_string(&self) -> String
to_fingerprint_m5_string prints out the fingerprint in the in hex format used
by ssh-keygen -l -E md5 -f key, and the output looks like,
2048 MD5:fb:a0:5b:a0:21:01:47:33:3b:8d:9e:14:1a:4c:db:6d demos@anduin (RSA) .
Trait Implementations§
Source§impl PartialEq for PublicKey
Two public keys are equivalent if their data sections are equivalent,
ignoring their comment section.
impl PartialEq for PublicKey
Two public keys are equivalent if their data sections are equivalent, ignoring their comment section.