go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/connection/ssh/signers/privatekey.go (about)

     1  // Copyright (c) Mondoo, Inc.
     2  // SPDX-License-Identifier: BUSL-1.1
     3  
     4  package signers
     5  
     6  import (
     7  	"encoding/pem"
     8  	"errors"
     9  	"strings"
    10  
    11  	"golang.org/x/crypto/ssh"
    12  )
    13  
    14  func GetSignerFromPrivateKeyWithPassphrase(pemBytes []byte, passphrase []byte) (ssh.Signer, error) {
    15  	// check if the key is encrypted
    16  	block, _ := pem.Decode(pemBytes)
    17  	if block == nil {
    18  		return nil, errors.New("ssh: no key found")
    19  	}
    20  
    21  	var signer ssh.Signer
    22  	var err error
    23  	if strings.Contains(block.Headers["Proc-Type"], "ENCRYPTED") {
    24  		// we may want to support to parse password protected encrypted key
    25  		signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, passphrase)
    26  		if err != nil {
    27  			return nil, err
    28  		}
    29  	} else {
    30  		// parse unencrypted key
    31  		signer, err = ssh.ParsePrivateKey(pemBytes)
    32  		if err != nil {
    33  			return nil, err
    34  		}
    35  	}
    36  
    37  	return signer, nil
    38  }