forked from TrueCloudLab/certificates
89 lines
2.1 KiB
Go
89 lines
2.1 KiB
Go
package sshutil
|
|
|
|
import (
|
|
"encoding/json"
|
|
"strings"
|
|
|
|
"github.com/pkg/errors"
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
// Hosts are tagged with k,v pairs. These tags are how a user is ultimately
|
|
// associated with a host.
|
|
type HostTag struct {
|
|
ID string
|
|
Name string
|
|
Value string
|
|
}
|
|
|
|
// Host defines expected attributes for an ssh host.
|
|
type Host struct {
|
|
HostID string `json:"hid"`
|
|
HostTags []HostTag `json:"host_tags"`
|
|
Hostname string `json:"hostname"`
|
|
}
|
|
|
|
// CertType defines the certificate type, it can be a user or a host
|
|
// certificate.
|
|
type CertType uint32
|
|
|
|
const (
|
|
// UserCert defines a user certificate.
|
|
UserCert CertType = ssh.UserCert
|
|
|
|
// HostCert defines a host certificate.
|
|
HostCert CertType = ssh.HostCert
|
|
)
|
|
|
|
const (
|
|
userString = "user"
|
|
hostString = "host"
|
|
)
|
|
|
|
// CertTypeFromString returns the CertType for the string "user" and "host".
|
|
func CertTypeFromString(s string) (CertType, error) {
|
|
switch strings.ToLower(s) {
|
|
case userString:
|
|
return UserCert, nil
|
|
case hostString:
|
|
return HostCert, nil
|
|
default:
|
|
return 0, errors.Errorf("unknown certificate type '%s'", s)
|
|
}
|
|
}
|
|
|
|
// String returns "user" for user certificates and "host" for host certificates.
|
|
// It will return the empty string for any other value.
|
|
func (c CertType) String() string {
|
|
switch c {
|
|
case UserCert:
|
|
return userString
|
|
case HostCert:
|
|
return hostString
|
|
default:
|
|
return ""
|
|
}
|
|
}
|
|
|
|
// MarshalJSON implements the json.Marshaler interface for CertType. UserCert
|
|
// will be marshaled as the string "user" and HostCert as "host".
|
|
func (c CertType) MarshalJSON() ([]byte, error) {
|
|
if s := c.String(); s != "" {
|
|
return []byte(`"` + s + `"`), nil
|
|
}
|
|
return nil, errors.Errorf("unknown certificate type %d", c)
|
|
}
|
|
|
|
// UnmarshalJSON implements the json.Unmarshaler interface for CertType.
|
|
func (c *CertType) UnmarshalJSON(data []byte) error {
|
|
var s string
|
|
if err := json.Unmarshal(data, &s); err != nil {
|
|
return errors.Wrap(err, "error unmarshaling certificate type")
|
|
}
|
|
certType, err := CertTypeFromString(s)
|
|
if err != nil {
|
|
return errors.Errorf("error unmarshaling '%s' as a certificate type", s)
|
|
}
|
|
*c = certType
|
|
return nil
|
|
}
|