parseSSHIdentityFromPrivateKeyFile returns an age.Identity from the given private key file. If the private key file is encrypted, it will configure the identity to prompt for a passphrase.
(keyPath string)
| 46 | // private key file. If the private key file is encrypted, it will configure |
| 47 | // the identity to prompt for a passphrase. |
| 48 | func parseSSHIdentityFromPrivateKeyFile(keyPath string) (age.Identity, error) { |
| 49 | keyFile, err := os.Open(keyPath) |
| 50 | if err != nil { |
| 51 | return nil, fmt.Errorf("failed to open file: %w", err) |
| 52 | } |
| 53 | defer keyFile.Close() |
| 54 | contents, err := io.ReadAll(keyFile) |
| 55 | if err != nil { |
| 56 | return nil, fmt.Errorf("failed to read file: %w", err) |
| 57 | } |
| 58 | id, err := agessh.ParseIdentity(contents) |
| 59 | if sshErr, ok := err.(*ssh.PassphraseMissingError); ok { |
| 60 | pubKey := sshErr.PublicKey |
| 61 | if pubKey == nil { |
| 62 | pubKey, err = readPublicKeyFile(keyPath) |
| 63 | if err != nil { |
| 64 | return nil, err |
| 65 | } |
| 66 | } |
| 67 | passphrasePrompt := func() ([]byte, error) { |
| 68 | pass, err := pluginTerminalUI.RequestValue("", fmt.Sprintf("Enter passphrase for %q:", keyPath), true) |
| 69 | if err != nil { |
| 70 | return nil, fmt.Errorf("could not read passphrase for %q: %v", keyPath, err) |
| 71 | } |
| 72 | return []byte(pass), nil |
| 73 | } |
| 74 | i, err := agessh.NewEncryptedSSHIdentity(pubKey, contents, passphrasePrompt) |
| 75 | if err != nil { |
| 76 | return nil, fmt.Errorf("could not create encrypted SSH identity: %w", err) |
| 77 | } |
| 78 | return i, nil |
| 79 | } |
| 80 | if err != nil { |
| 81 | return nil, fmt.Errorf("malformed SSH identity in %q: %w", keyPath, err) |
| 82 | } |
| 83 | return id, nil |
| 84 | } |
no test coverage detected