WithSignatureKey filters certificate not signed by the given signing keys.
(keys []ssh.PublicKey)
| 30 | |
| 31 | // WithSignatureKey filters certificate not signed by the given signing keys. |
| 32 | func WithSignatureKey(keys []ssh.PublicKey) AgentOption { |
| 33 | signingKeys := make([][]byte, len(keys)) |
| 34 | for i, k := range keys { |
| 35 | signingKeys[i] = k.Marshal() |
| 36 | } |
| 37 | return func(o *options) { |
| 38 | o.filterBySignatureKey = func(k *agent.Key) bool { |
| 39 | cert, err := ParseCertificate(k.Marshal()) |
| 40 | if err != nil { |
| 41 | return false |
| 42 | } |
| 43 | b := cert.SignatureKey.Marshal() |
| 44 | for _, sb := range signingKeys { |
| 45 | if bytes.Equal(b, sb) { |
| 46 | return true |
| 47 | } |
| 48 | } |
| 49 | return false |
| 50 | } |
| 51 | } |
| 52 | } |
| 53 | |
| 54 | // WithCertsOnly filters only those keys accompanied by a certificate. |
| 55 | func WithCertsOnly() AgentOption { |
no test coverage detected
searching dependent graphs…