ssh

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2026 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package ssh provides an SSH-based object signer for creating armored SSH signatures using the sshsig protocol, as defined at: https://github.com/openssh/openssh-portable/blob/V_10_2/PROTOCOL.sshsig

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNilSigner is returned when the [Signer] provided is nil.
	ErrNilSigner = errors.New("signer is nil")
	// ErrNilMessage is returned when a nil message is passed to Sign.
	ErrNilMessage = errors.New("message is nil")
	// ErrUnsupportedHashAlgorithm is returned when an unsupported [HashAlgorithm] is used.
	ErrUnsupportedHashAlgorithm = errors.New("unsupported hash algorithm")
)

Sentinel errors.

Functions

func FromKey 

func FromKey(sshSigner gossh.Signer, opts ...Option) (*signer, error)

FromKey creates a new SSH signer that uses the provided ssh.Signer and hash algorithm to produce armored SSH signatures.

Example 
package main

import (
	"crypto/ed25519"
	"crypto/rand"
	"fmt"
	"strings"

	gossh "golang.org/x/crypto/ssh"

	"github.com/go-git/x/plugin/objectsigner/ssh"
)

func main() {
	// Generate an ed25519 key for demonstration. In practice this would
	// come from a file (via ssh.ParsePrivateKey).
	_, priv, err := ed25519.GenerateKey(rand.Reader)
	if err != nil {
		panic(err)
	}

	key, err := gossh.NewSignerFromKey(priv)
	if err != nil {
		panic(err)
	}

	signer, err := ssh.FromKey(key)
	if err != nil {
		panic(err)
	}

	sig, err := signer.Sign(strings.NewReader("signed commit message\n"))
	if err != nil {
		panic(err)
	}

	fmt.Println(strings.Contains(string(sig), "-----BEGIN SSH SIGNATURE-----"))
	fmt.Println(strings.Contains(string(sig), "-----END SSH SIGNATURE-----"))
}

Output:
true
true

Types

type HashAlgorithm 

type HashAlgorithm = sshsig.HashAlgorithm

HashAlgorithm is the hash algorithm used when creating SSH signatures. This is an alias for sshsig.HashAlgorithm. 

const (

	// SHA512 is the SHA-512 hash algorithm.
	SHA512 HashAlgorithm = sshsig.HashSHA512
	// SHA256 is the SHA-256 hash algorithm.
	SHA256 HashAlgorithm = sshsig.HashSHA256
)

type Option 

type Option func(*options)

Option configures a [signer].

func WithHashAlgorithm 

func WithHashAlgorithm(algorithm HashAlgorithm) Option

WithHashAlgorithm returns an Option that sets the hash algorithm to be used for signing operations.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.