├── .editorconfig ├── .github ├── CODEOWNERS └── workflows │ └── ruby.yml ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Gemfile ├── Gemfile.lock ├── LICENSE.md ├── README.md ├── lib ├── ssh_data.rb └── ssh_data │ ├── certificate.rb │ ├── encoding.rb │ ├── error.rb │ ├── private_key.rb │ ├── private_key │ ├── base.rb │ ├── dsa.rb │ ├── ecdsa.rb │ ├── ed25519.rb │ └── rsa.rb │ ├── public_key.rb │ ├── public_key │ ├── base.rb │ ├── dsa.rb │ ├── ecdsa.rb │ ├── ed25519.rb │ ├── rsa.rb │ ├── security_key.rb │ ├── skecdsa.rb │ └── sked25519.rb │ ├── signature.rb │ └── version.rb ├── spec ├── certificate_spec.rb ├── encoding_spec.rb ├── fixtures │ ├── bad_signature-cert.pub │ ├── dsa.encrypted.pem │ ├── dsa.plaintext.pem │ ├── dsa_ca │ ├── dsa_ca.pub │ ├── dsa_leaf_for_rsa_ca │ ├── dsa_leaf_for_rsa_ca-cert.pub │ ├── dsa_leaf_for_rsa_ca.pub │ ├── ecdsa.encrypted.pem │ ├── ecdsa.plaintext.pem │ ├── ecdsa_ca │ ├── ecdsa_ca.pub │ ├── ecdsa_leaf_for_rsa_ca │ ├── ecdsa_leaf_for_rsa_ca-cert.pub │ ├── ecdsa_leaf_for_rsa_ca.pub │ ├── ed25519_ca │ ├── ed25519_ca.pub │ ├── ed25519_leaf_for_rsa_ca │ ├── ed25519_leaf_for_rsa_ca-cert.pub │ ├── ed25519_leaf_for_rsa_ca.pub │ ├── gen.sh │ ├── invalid_force_command │ ├── invalid_force_command-cert.pub │ ├── invalid_force_command.pub │ ├── invalid_source_address_bad_ip │ ├── invalid_source_address_bad_ip-cert.pub │ ├── invalid_source_address_bad_ip.pub │ ├── invalid_source_address_flag │ ├── invalid_source_address_flag-cert.pub │ ├── invalid_source_address_flag.pub │ ├── multiple_cidr_source_address │ ├── multiple_cidr_source_address-cert.pub │ ├── multiple_cidr_source_address.pub │ ├── rsa.encrypted.pem │ ├── rsa.plaintext.pem │ ├── rsa_ca │ ├── rsa_ca.pub │ ├── rsa_leaf_for_dsa_ca │ ├── rsa_leaf_for_dsa_ca-cert.pub │ ├── rsa_leaf_for_dsa_ca.pub │ ├── rsa_leaf_for_ecdsa_ca │ ├── rsa_leaf_for_ecdsa_ca-cert.pub │ ├── rsa_leaf_for_ecdsa_ca.pub │ ├── rsa_leaf_for_ed25519_ca │ ├── rsa_leaf_for_ed25519_ca-cert.pub │ ├── rsa_leaf_for_ed25519_ca.pub │ ├── rsa_leaf_for_rsa_ca │ ├── rsa_leaf_for_rsa_ca-cert.pub │ ├── rsa_leaf_for_rsa_ca.pub │ ├── rsa_leaf_for_rsa_ca_sha2_256 │ ├── rsa_leaf_for_rsa_ca_sha2_256-cert.pub │ ├── rsa_leaf_for_rsa_ca_sha2_256.pub │ ├── rsa_leaf_for_rsa_ca_sha2_512 │ ├── rsa_leaf_for_rsa_ca_sha2_512-cert.pub │ ├── rsa_leaf_for_rsa_ca_sha2_512.pub │ ├── rsa_leaf_for_skecdsa_ca │ ├── rsa_leaf_for_skecdsa_ca-cert.pub │ ├── rsa_leaf_for_skecdsa_ca.pub │ ├── rsa_leaf_for_sked25519_ca │ ├── rsa_leaf_for_sked25519_ca-cert.pub │ ├── rsa_leaf_for_sked25519_ca.pub │ ├── signatures │ │ ├── create-signatures.sh │ │ ├── ecdsa-256-ca-no-options-certificate.key │ │ ├── ecdsa-256-ca-no-options-certificate.key.pub │ │ ├── ecdsa-256-no-options-individual.key │ │ ├── ecdsa-256-no-options-individual.key.pub │ │ ├── ecdsa-256-rsa-2048-leaf-no-options-certificate.key │ │ ├── ecdsa-256-rsa-2048-leaf-no-options-certificate.key-cert.pub │ │ ├── ecdsa-256-rsa-2048-leaf-no-options-certificate.key.pub │ │ ├── ecdsa-384-no-options-individual.key │ │ ├── ecdsa-384-no-options-individual.key.pub │ │ ├── ecdsa-521-no-options-individual.key │ │ ├── ecdsa-521-no-options-individual.key.pub │ │ ├── ecdsa-sk-256-ca-no-options-certificate.key │ │ ├── ecdsa-sk-256-ca-no-options-certificate.key.pub │ │ ├── ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key │ │ ├── ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key-cert.pub │ │ ├── ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key.pub │ │ ├── ecdsa-sk-256-no-options-individual.key │ │ ├── ecdsa-sk-256-no-options-individual.key.pub │ │ ├── ecdsa-sk-256-no-touch-required-individual.key │ │ ├── ecdsa-sk-256-no-touch-required-individual.key.pub │ │ ├── ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key │ │ ├── ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key-cert.pub │ │ ├── ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key.pub │ │ ├── ecdsa-sk-256-verify-required-individual.key │ │ ├── ecdsa-sk-256-verify-required-individual.key.pub │ │ ├── ed25519-256-no-options-individual.key │ │ ├── ed25519-256-no-options-individual.key.pub │ │ ├── ed25519-sk-256-ca-no-options-certificate.key │ │ ├── ed25519-sk-256-ca-no-options-certificate.key.pub │ │ ├── ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key │ │ ├── ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key-cert.pub │ │ ├── ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key.pub │ │ ├── ed25519-sk-256-no-options-individual.key │ │ ├── ed25519-sk-256-no-options-individual.key.pub │ │ ├── ed25519-sk-256-no-touch-required-individual.key │ │ ├── ed25519-sk-256-no-touch-required-individual.key.pub │ │ ├── ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key │ │ ├── ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key-cert.pub │ │ ├── ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key.pub │ │ ├── ed25519-sk-256-verify-required-individual.key │ │ ├── ed25519-sk-256-verify-required-individual.key.pub │ │ ├── message │ │ ├── message.ecdsa-256-no-options-individual.sig │ │ ├── message.ecdsa-256-rsa-2048-leaf-no-options-certificate.sig │ │ ├── message.ecdsa-384-no-options-individual.sig │ │ ├── message.ecdsa-521-no-options-individual.sig │ │ ├── message.ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.sig │ │ ├── message.ecdsa-sk-256-no-options-individual.sig │ │ ├── message.ecdsa-sk-256-no-touch-required-individual.sig │ │ ├── message.ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.sig │ │ ├── message.ecdsa-sk-256-verify-required-individual.sig │ │ ├── message.ed25519-256-no-options-individual.sig │ │ ├── message.ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.sig │ │ ├── message.ed25519-sk-256-no-options-individual.sig │ │ ├── message.ed25519-sk-256-no-touch-required-individual.sig │ │ ├── message.ed25519-sk-256-rsa-2048-leaf-no-options-certificate.sig │ │ ├── message.ed25519-sk-256-verify-required-individual.sig │ │ ├── message.rsa-2048-ecdsa-256-leaf-no-options-certificate.sig │ │ ├── message.rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.sig │ │ ├── message.rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.sig │ │ ├── message.rsa-2048-no-options-individual.sig │ │ ├── rsa-2048-ca-no-options-certificate.key │ │ ├── rsa-2048-ca-no-options-certificate.key.pub │ │ ├── rsa-2048-ecdsa-256-leaf-no-options-certificate.key │ │ ├── rsa-2048-ecdsa-256-leaf-no-options-certificate.key-cert.pub │ │ ├── rsa-2048-ecdsa-256-leaf-no-options-certificate.key.pub │ │ ├── rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key │ │ ├── rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key-cert.pub │ │ ├── rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key.pub │ │ ├── rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key │ │ ├── rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key-cert.pub │ │ ├── rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key.pub │ │ ├── rsa-2048-no-options-individual.key │ │ └── rsa-2048-no-options-individual.key.pub │ ├── single_cidr_source_address │ ├── single_cidr_source_address-cert.pub │ ├── single_cidr_source_address.pub │ ├── single_source_address │ ├── single_source_address-cert.pub │ ├── single_source_address.pub │ ├── skecdsa_ca │ ├── skecdsa_ca.pub │ ├── skecdsa_leaf_for_rsa_ca │ ├── skecdsa_leaf_for_rsa_ca-cert.pub │ ├── skecdsa_leaf_for_rsa_ca.pub │ ├── sked25519_ca │ ├── sked25519_ca.pub │ ├── sked25519_leaf_for_rsa_ca │ ├── sked25519_leaf_for_rsa_ca-cert.pub │ ├── sked25519_leaf_for_rsa_ca.pub │ ├── spaces_source_address │ ├── spaces_source_address-cert.pub │ ├── spaces_source_address.pub │ ├── valid_force_command │ ├── valid_force_command-cert.pub │ └── valid_force_command.pub ├── private_key │ ├── dsa_spec.rb │ ├── ecdsa_spec.rb │ ├── ed25519_spec.rb │ └── rsa_spec.rb ├── private_key_spec.rb ├── public_key │ ├── dsa_spec.rb │ ├── ecdsa_spec.rb │ ├── ed25519_spec.rb │ ├── rsa_spec.rb │ ├── skecdsa_spec.rb │ └── sked25519_spec.rb ├── public_key_spec.rb ├── signature_spec.rb └── spec_helper.rb └── ssh_data.gemspec /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | insert_final_newline = true 5 | 6 | [*.rb] 7 | indent_size = 2 8 | indent_style = space 9 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @github/prodsec-services @github/prodsec-engineering @github/authentication 2 | -------------------------------------------------------------------------------- /.github/workflows/ruby.yml: -------------------------------------------------------------------------------- 1 | name: Ruby 2 | 3 | on: [push, pull_request] 4 | 5 | permissions: 6 | contents: read 7 | 8 | jobs: 9 | build: 10 | 11 | runs-on: ubuntu-latest 12 | strategy: 13 | matrix: 14 | ruby: [ '3.1', '3.2', '3.3', '3.4' ] 15 | 16 | steps: 17 | - uses: actions/checkout@v4 18 | - name: Set up Ruby ${{ matrix.ruby }} 19 | uses: ruby/setup-ruby@4a9ddd6f338a97768b8006bf671dfbad383215f4 20 | with: 21 | ruby-version: ${{ matrix.ruby }} 22 | - name: Build and test 23 | run: | 24 | bundle install --jobs 4 --retry 3 25 | find ./spec/fixtures -type f -exec chmod 600 -- {} + 26 | bundle exec rspec 27 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.gem 2 | *.rbc 3 | /.config 4 | /coverage/ 5 | /InstalledFiles 6 | /pkg/ 7 | /spec/reports/ 8 | /spec/examples.txt 9 | /test/tmp/ 10 | /test/version_tmp/ 11 | /tmp/ 12 | 13 | # Used by dotenv library to load environment variables. 14 | # .env 15 | 16 | # Ignore Byebug command history file. 17 | .byebug_history 18 | 19 | ## Specific to RubyMotion: 20 | .dat* 21 | .repl_history 22 | build/ 23 | *.bridgesupport 24 | build-iPhoneOS/ 25 | build-iPhoneSimulator/ 26 | 27 | ## Specific to RubyMotion (use of CocoaPods): 28 | # 29 | # We recommend against adding the Pods directory to your .gitignore. However 30 | # you should judge for yourself, the pros and cons are mentioned at: 31 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 32 | # 33 | # vendor/Pods/ 34 | 35 | ## Documentation cache and generated files: 36 | /.yardoc/ 37 | /_yardoc/ 38 | /doc/ 39 | /rdoc/ 40 | 41 | ## Environment normalization: 42 | /.bundle/ 43 | /vendor/bundle 44 | /lib/bundler/man/ 45 | 46 | # for a library or gem, you might want to ignore these files since the code is 47 | # intended to run in multiple environments; otherwise, check them in: 48 | # Gemfile.lock 49 | # .ruby-version 50 | # .ruby-gemset 51 | 52 | # unless supporting rvm < 1.11.0 or doing something fancy, ignore this: 53 | .rvmrc 54 | 55 | # macOS generated files 56 | .DS_Store 57 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## Contributing 2 | 3 | [fork]: https://github.com/github/ssh_data/fork 4 | [pr]: https://github.com/github/ssh_data/compare 5 | [style]: https://github.com/styleguide/ruby 6 | [code-of-conduct]: CODE_OF_CONDUCT.md 7 | 8 | Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. 9 | 10 | Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE.md). 11 | 12 | Please note that this project is released with a [Contributor Code of Conduct][code-of-conduct]. By participating in this project you agree to abide by its terms. 13 | 14 | ## Submitting a pull request 15 | 16 | 0. [Fork][fork] and clone the repository 17 | 0. Configure and install the dependencies: `bundle install` 18 | 0. Make sure the tests pass on your machine: `bundle exec rspec` 19 | 0. Create a new branch: `git checkout -b my-branch-name` 20 | 0. Make your change, add tests, and make sure the tests still pass 21 | 0. Push to your fork and [submit a pull request][pr] 22 | 0. Pat your self on the back and wait for your pull request to be reviewed and merged. 23 | 24 | Here are a few things you can do that will increase the likelihood of your pull request being accepted: 25 | 26 | - Follow the [style guide][style]. 27 | - Write tests. 28 | - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. 29 | - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). 30 | 31 | ## Resources 32 | 33 | - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) 34 | - [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) 35 | - [GitHub Help](https://help.github.com) 36 | 37 | ## Releasing 38 | 39 | If you are the current maintainer of this gem: 40 | 41 | - Merge whatever PRs are to be included in your new version into the `master` branch. 42 | - Increment the version in [`lib/ssh_data/version.rb`](lib/ssh_data/version.rb), following [SemVer](https://semver.org/). 43 | - Run `bundle install` to update the version in `Gemfile.lock`. 44 | - Make a commit with a message lik `bump version to 0.0.1` and push this to `master`. 45 | - Run `gem build ssh_data.gemspec` to build a new `ssh_data-.gem`. 46 | - Run `gem push ssh_data-.gem` to publish the new version to rubygems.org. 47 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source "https://rubygems.org" 2 | 3 | gemspec 4 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | PATH 2 | remote: . 3 | specs: 4 | ssh_data (2.0.0) 5 | base64 (~> 0.1) 6 | 7 | GEM 8 | remote: https://rubygems.org/ 9 | specs: 10 | ast (2.4.2) 11 | base64 (0.2.0) 12 | binding_of_caller (1.0.0) 13 | debug_inspector (>= 0.0.1) 14 | coderay (1.1.3) 15 | debug_inspector (1.2.0) 16 | diff-lcs (1.5.0) 17 | ed25519 (1.3.0) 18 | method_source (1.0.0) 19 | parser (3.2.2.4) 20 | ast (~> 2.4.1) 21 | racc 22 | proc_to_ast (0.1.0) 23 | coderay 24 | parser 25 | unparser 26 | pry (0.14.2) 27 | coderay (~> 1.1) 28 | method_source (~> 1.0) 29 | racc (1.7.3) 30 | rspec (3.12.0) 31 | rspec-core (~> 3.12.0) 32 | rspec-expectations (~> 3.12.0) 33 | rspec-mocks (~> 3.12.0) 34 | rspec-core (3.12.2) 35 | rspec-support (~> 3.12.0) 36 | rspec-expectations (3.12.3) 37 | diff-lcs (>= 1.2.0, < 2.0) 38 | rspec-support (~> 3.12.0) 39 | rspec-mocks (3.12.6) 40 | diff-lcs (>= 1.2.0, < 2.0) 41 | rspec-support (~> 3.12.0) 42 | rspec-parameterized (1.0.0) 43 | rspec-parameterized-core (< 2) 44 | rspec-parameterized-table_syntax (< 2) 45 | rspec-parameterized-core (1.0.0) 46 | parser 47 | proc_to_ast 48 | rspec (>= 2.13, < 4) 49 | unparser 50 | rspec-parameterized-table_syntax (1.0.1) 51 | binding_of_caller 52 | rspec-parameterized-core (< 2) 53 | rspec-support (3.12.1) 54 | unparser (0.6.10) 55 | diff-lcs (~> 1.3) 56 | parser (>= 3.2.2.4) 57 | 58 | PLATFORMS 59 | ruby 60 | 61 | DEPENDENCIES 62 | ed25519 (~> 1.2) 63 | pry (~> 0.14) 64 | rspec (~> 3.10) 65 | rspec-mocks (~> 3.10) 66 | rspec-parameterized (~> 1.0) 67 | ssh_data! 68 | 69 | BUNDLED WITH 70 | 2.4.22 71 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 GitHub, Inc. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ssh_data [docs](https://rubydoc.info/github/github/ssh_data/master) 2 | 3 | This is a Ruby library for processing SSH keys and certificates. 4 | 5 | The scope of this project is limited to processing and directly using keys and certificates. It can be used to generate SSH private keys, verify signatures using public keys, sign data using private keys, issue certificates using private keys, and parse certificates and public and private keys. This library supports RSA, DSA, ECDSA, and ED25519[*](#ed25519-support) keys. This library does not offer or intend to offer functionality for SSH connectivity, processing of SSH wire protocol data, or processing of other key formats or types. 6 | 7 | **Project Status:** Used by @github in production 8 | 9 | ## Installation 10 | 11 | ``` 12 | gem install ssh_data 13 | ``` 14 | 15 | ## Usage 16 | 17 | ```ruby 18 | require "ssh_data" 19 | 20 | key_data = File.read("~/.ssh/id_rsa.pub") 21 | key = SSHData::PublicKey.parse_openssh(key_data) 22 | #=> 23 | 24 | cert_data = = File.read("~/.ssh/id_rsa-cert.pub") 25 | cert = SSHData::Certificate.parse_openssh(cert_data) 26 | #=> 27 | 28 | cert.key_id 29 | #=> "mastahyeti" 30 | 31 | cert.public_key 32 | #=> 33 | ``` 34 | 35 | ## ED25519 support 36 | 37 | Ruby's standard library does not include support for ED25519, though the algorithm is implemented by the [`ed25519` Gem](https://rubygems.org/gems/ed25519). This library can parse ED25519 public and private keys itself, but in order to generate keys or sign or verify messages, the calling application must load the `ed25519` Gem itself. This avoids the necessity of installing or loading this third party dependency when the calling application is only interested in parsing keys. 38 | 39 | ```ruby 40 | require "ssh_data" 41 | 42 | key_data = File.read("~/.ssh/id_ed25519") 43 | key = SSHData::PrivateKey.parse_openssh(key_data) 44 | #=> 45 | 46 | SSHData::PrivateKey::ED25519.generate 47 | #=> raises SSHData::AlgorithmError 48 | 49 | require "ed25519" 50 | 51 | SSHData::PrivateKey::ED25519.generate 52 | #=> 53 | ``` 54 | 55 | ## Contributions 56 | 57 | This project is not currently seeking contributions for new features or functionality, though bug fixes are welcome. See [CONTRIBUTING.md](CONTRIBUTING.md) for more information. 58 | 59 | ## License 60 | 61 | This project is published under the MIT license. See [LICENSE.md](LICENSE.md) for mor information. 62 | -------------------------------------------------------------------------------- /lib/ssh_data.rb: -------------------------------------------------------------------------------- 1 | require "openssl" 2 | require "base64" 3 | 4 | module SSHData 5 | # Break down a key in OpenSSH authorized_keys format (see sshd(8) manual 6 | # page). 7 | # 8 | # key - An OpenSSH formatted public key or certificate, including algo, 9 | # base64 encoded key and optional comment. 10 | # 11 | # Returns an Array containing the algorithm String , the raw key or 12 | # certificate String and the comment String or nil. 13 | def key_parts(key) 14 | algo, b64, comment = key.strip.split(" ", 3) 15 | if algo.nil? || b64.nil? 16 | raise DecodeError, "bad data format" 17 | end 18 | 19 | raw = begin 20 | Base64.strict_decode64(b64) 21 | rescue ArgumentError 22 | raise DecodeError, "bad data format" 23 | end 24 | 25 | [algo, raw, comment] 26 | end 27 | 28 | extend self 29 | end 30 | 31 | require "ssh_data/version" 32 | require "ssh_data/error" 33 | require "ssh_data/certificate" 34 | require "ssh_data/public_key" 35 | require "ssh_data/private_key" 36 | require "ssh_data/encoding" 37 | require "ssh_data/signature" 38 | -------------------------------------------------------------------------------- /lib/ssh_data/error.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | Error = Class.new(StandardError) 3 | DecodeError = Class.new(Error) 4 | VerifyError = Class.new(Error) 5 | AlgorithmError = Class.new(Error) 6 | DecryptError = Class.new(Error) 7 | UnsupportedError = Class.new(Error) 8 | end 9 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | OPENSSH_PEM_TYPE = "OPENSSH PRIVATE KEY" 4 | RSA_PEM_TYPE = "RSA PRIVATE KEY" 5 | DSA_PEM_TYPE = "DSA PRIVATE KEY" 6 | ECDSA_PEM_TYPE = "EC PRIVATE KEY" 7 | ENCRYPTED_PEM_TYPE = "ENCRYPTED PRIVATE KEY" 8 | 9 | # Parse an SSH private key. 10 | # 11 | # key - A PEM or OpenSSH encoded private key. 12 | # 13 | # Returns an Array of PrivateKey::Base subclass instances. 14 | def self.parse(key) 15 | pem_type = Encoding.pem_type(key) 16 | case pem_type 17 | when OPENSSH_PEM_TYPE 18 | parse_openssh(key) 19 | when RSA_PEM_TYPE 20 | [RSA.from_openssl(OpenSSL::PKey::RSA.new(key, ""))] 21 | when DSA_PEM_TYPE 22 | [DSA.from_openssl(OpenSSL::PKey::DSA.new(key, ""))] 23 | when ECDSA_PEM_TYPE 24 | [ECDSA.from_openssl(OpenSSL::PKey::EC.new(key, ""))] 25 | when ENCRYPTED_PEM_TYPE 26 | raise DecryptError, "cannot decode encrypted private keys" 27 | else 28 | raise AlgorithmError, "unknown PEM type: #{pem_type.inspect}" 29 | end 30 | rescue OpenSSL::PKey::PKeyError => e 31 | raise DecodeError, "bad private key. maybe encrypted?" 32 | end 33 | 34 | # Parse an OpenSSH formatted private key. 35 | # 36 | # key - An OpenSSH encoded private key. 37 | # 38 | # Returns an Array of PrivateKey::Base subclass instances. 39 | def self.parse_openssh(key) 40 | raw = Encoding.decode_pem(key, OPENSSH_PEM_TYPE) 41 | 42 | data, read = Encoding.decode_openssh_private_key(raw) 43 | unless read == raw.bytesize 44 | raise DecodeError, "unexpected trailing data" 45 | end 46 | 47 | from_data(data) 48 | end 49 | 50 | def self.from_data(data) 51 | data[:private_keys].map do |priv| 52 | case priv[:algo] 53 | when PublicKey::ALGO_RSA 54 | RSA.new(**priv) 55 | when PublicKey::ALGO_DSA 56 | DSA.new(**priv) 57 | when PublicKey::ALGO_ECDSA256, PublicKey::ALGO_ECDSA384, PublicKey::ALGO_ECDSA521 58 | ECDSA.new(**priv) 59 | when PublicKey::ALGO_ED25519 60 | ED25519.new(**priv) 61 | else 62 | raise DecodeError, "unkown algo: #{priv[:algo].inspect}" 63 | end 64 | end 65 | end 66 | end 67 | end 68 | 69 | require "ssh_data/private_key/base" 70 | require "ssh_data/private_key/rsa" 71 | require "ssh_data/private_key/dsa" 72 | require "ssh_data/private_key/ecdsa" 73 | require "ssh_data/private_key/ed25519" 74 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key/base.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | class Base 4 | attr_reader :algo, :comment, :public_key 5 | 6 | def initialize(**kwargs) 7 | @algo = kwargs[:algo] 8 | @comment = kwargs[:comment] 9 | end 10 | 11 | # Generate a new private key. 12 | # 13 | # Returns a PublicKey::Base subclass instance. 14 | def self.generate(**kwargs) 15 | raise "implement me" 16 | end 17 | 18 | # Make an SSH signature. 19 | # 20 | # signed_data - The String message over which to calculated the signature. 21 | # algo: - Optionally specify the signature algorithm to use. 22 | # 23 | # Returns a binary String signature. 24 | def sign(signed_data, algo: nil) 25 | raise "implement me" 26 | end 27 | 28 | # Issue a certificate using this private key. 29 | # 30 | # signature_algo: - Optionally specify the signature algorithm to use. 31 | # kwargs - See SSHData::Certificate.new. 32 | # 33 | # Returns a SSHData::Certificate instance. 34 | def issue_certificate(signature_algo: nil, **kwargs) 35 | Certificate.new(**kwargs).tap { |c| c.sign(self, algo: signature_algo) } 36 | end 37 | end 38 | end 39 | end 40 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key/dsa.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | class DSA < Base 4 | attr_reader :p, :q, :g, :x, :y, :openssl 5 | 6 | # Generate a new private key. 7 | # 8 | # Returns a PublicKey::Base subclass instance. 9 | def self.generate 10 | openssl_key = 11 | if defined?(OpenSSL::PKey.generate_parameters) 12 | dsa_parameters = OpenSSL::PKey.generate_parameters("DSA", { 13 | dsa_paramgen_bits: 1024, 14 | dsa_paramgen_q_bits: 160 15 | }) 16 | 17 | OpenSSL::PKey.generate_key(dsa_parameters) 18 | else 19 | OpenSSL::PKey::DSA.generate(1024) 20 | end 21 | 22 | from_openssl(openssl_key) 23 | end 24 | 25 | # Import an openssl private key. 26 | # 27 | # key - An OpenSSL::PKey::DSA instance. 28 | # 29 | # Returns a DSA instance. 30 | def self.from_openssl(key) 31 | new( 32 | algo: PublicKey::ALGO_DSA, 33 | p: key.params["p"], 34 | q: key.params["q"], 35 | g: key.params["g"], 36 | y: key.params["pub_key"], 37 | x: key.params["priv_key"], 38 | comment: "", 39 | ) 40 | end 41 | 42 | def initialize(algo:, p:, q:, g:, x:, y:, comment:) 43 | unless algo == PublicKey::ALGO_DSA 44 | raise DecodeError, "bad algorithm: #{algo.inspect}" 45 | end 46 | 47 | @p = p 48 | @q = q 49 | @g = g 50 | @x = x 51 | @y = y 52 | 53 | super(algo: algo, comment: comment) 54 | 55 | @openssl = OpenSSL::PKey::DSA.new(asn1.to_der) 56 | 57 | @public_key = PublicKey::DSA.new(algo: algo, p: p, q: q, g: g, y: y) 58 | end 59 | 60 | # Make an SSH signature. 61 | # 62 | # signed_data - The String message over which to calculated the signature. 63 | # 64 | # Returns a binary String signature. 65 | def sign(signed_data, algo: nil) 66 | algo ||= self.algo 67 | raise AlgorithmError unless algo == self.algo 68 | openssl_sig = openssl.sign(OpenSSL::Digest::SHA1.new, signed_data) 69 | raw_sig = PublicKey::DSA.ssh_signature(openssl_sig) 70 | Encoding.encode_signature(algo, raw_sig) 71 | end 72 | 73 | private 74 | 75 | def asn1 76 | OpenSSL::ASN1::Sequence.new([ 77 | OpenSSL::ASN1::Integer.new(0), 78 | OpenSSL::ASN1::Integer.new(p), 79 | OpenSSL::ASN1::Integer.new(q), 80 | OpenSSL::ASN1::Integer.new(g), 81 | OpenSSL::ASN1::Integer.new(y), 82 | OpenSSL::ASN1::Integer.new(x), 83 | ]) 84 | end 85 | end 86 | end 87 | end 88 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key/ecdsa.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | class ECDSA < Base 4 | attr_reader :curve, :public_key_bytes, :private_key_bytes, :openssl 5 | 6 | # Generate a new private key. 7 | # 8 | # curve - The String curve to use. One of SSHData::PublicKey::NISTP256, 9 | # SSHData::PublicKey::NISTP384, or SSHData::PublicKey::NISTP521. 10 | # 11 | # Returns a PublicKey::Base subclass instance. 12 | def self.generate(curve) 13 | openssl_curve = PublicKey::ECDSA::OPENSSL_CURVE_NAME_FOR_CURVE[curve] 14 | raise AlgorithmError, "unknown curve: #{curve}" if openssl_curve.nil? 15 | 16 | openssl_key = OpenSSL::PKey::EC.generate(openssl_curve) 17 | from_openssl(openssl_key) 18 | end 19 | 20 | # Import an openssl private key. 21 | # 22 | # key - An OpenSSL::PKey::EC instance. 23 | # 24 | # Returns a DSA instance. 25 | def self.from_openssl(key) 26 | curve = PublicKey::ECDSA::CURVE_FOR_OPENSSL_CURVE_NAME[key.group.curve_name] 27 | algo = "ecdsa-sha2-#{curve}" 28 | 29 | new( 30 | algo: algo, 31 | curve: curve, 32 | public_key: key.public_key.to_bn.to_s(2), 33 | private_key: key.private_key, 34 | comment: "", 35 | ) 36 | end 37 | 38 | def initialize(algo:, curve:, public_key:, private_key:, comment:) 39 | unless [PublicKey::ALGO_ECDSA256, PublicKey::ALGO_ECDSA384, PublicKey::ALGO_ECDSA521].include?(algo) 40 | raise DecodeError, "bad algorithm: #{algo.inspect}" 41 | end 42 | 43 | unless algo == "ecdsa-sha2-#{curve}" 44 | raise DecodeError, "bad curve: #{curve.inspect}" 45 | end 46 | 47 | @curve = curve 48 | @public_key_bytes = public_key 49 | @private_key_bytes = private_key 50 | 51 | super(algo: algo, comment: comment) 52 | 53 | @openssl = begin 54 | OpenSSL::PKey::EC.new(asn1.to_der) 55 | rescue ArgumentError 56 | raise DecodeError, "bad key data" 57 | end 58 | 59 | @public_key = PublicKey::ECDSA.new( 60 | algo: algo, 61 | curve: curve, 62 | public_key: public_key_bytes 63 | ) 64 | end 65 | 66 | # Make an SSH signature. 67 | # 68 | # signed_data - The String message over which to calculated the signature. 69 | # 70 | # Returns a binary String signature. 71 | def sign(signed_data, algo: nil) 72 | algo ||= self.algo 73 | raise AlgorithmError unless algo == self.algo 74 | openssl_sig = openssl.sign(public_key.digest.new, signed_data) 75 | raw_sig = PublicKey::ECDSA.ssh_signature(openssl_sig) 76 | Encoding.encode_signature(algo, raw_sig) 77 | end 78 | 79 | private 80 | 81 | def asn1 82 | unless name = PublicKey::ECDSA::OPENSSL_CURVE_NAME_FOR_CURVE[curve] 83 | raise DecodeError, "unknown curve: #{curve.inspect}" 84 | end 85 | 86 | OpenSSL::ASN1::Sequence.new([ 87 | OpenSSL::ASN1::Integer.new(1), 88 | OpenSSL::ASN1::OctetString.new(private_key_bytes.to_s(2)), 89 | OpenSSL::ASN1::ObjectId.new(name, 0, :EXPLICIT, :CONTEXT_SPECIFIC), 90 | OpenSSL::ASN1::BitString.new(public_key_bytes, 1, :EXPLICIT, :CONTEXT_SPECIFIC) 91 | ]) 92 | end 93 | end 94 | end 95 | end 96 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key/ed25519.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | class ED25519 < Base 4 | attr_reader :pk, :sk, :ed25519_key 5 | 6 | # Generate a new private key. 7 | # 8 | # Returns a PublicKey::Base subclass instance. 9 | def self.generate 10 | PublicKey::ED25519.ed25519_gem_required! 11 | from_ed25519(Ed25519::SigningKey.generate) 12 | end 13 | 14 | # Create from a ::Ed25519::SigningKey instance. 15 | # 16 | # key - A ::Ed25519::SigningKey instance. 17 | # 18 | # Returns a ED25519 instance. 19 | def self.from_ed25519(key) 20 | new( 21 | algo: PublicKey::ALGO_ED25519, 22 | pk: key.verify_key.to_bytes, 23 | sk: key.to_bytes + key.verify_key.to_bytes, 24 | comment: "", 25 | ) 26 | end 27 | 28 | def initialize(algo:, pk:, sk:, comment:) 29 | unless algo == PublicKey::ALGO_ED25519 30 | raise DecodeError, "bad algorithm: #{algo.inspect}" 31 | end 32 | 33 | # openssh stores the pk twice, once as half of the sk... 34 | if sk.bytesize != 64 || sk.byteslice(32, 32) != pk 35 | raise DecodeError, "bad sk" 36 | end 37 | 38 | @pk = pk 39 | @sk = sk 40 | 41 | super(algo: algo, comment: comment) 42 | 43 | if PublicKey::ED25519.enabled? 44 | @ed25519_key = Ed25519::SigningKey.new(sk.byteslice(0, 32)) 45 | 46 | if @ed25519_key.verify_key.to_bytes != pk 47 | raise DecodeError, "bad pk" 48 | end 49 | end 50 | 51 | @public_key = PublicKey::ED25519.new(algo: algo, pk: pk) 52 | end 53 | 54 | # Make an SSH signature. 55 | # 56 | # signed_data - The String message over which to calculated the signature. 57 | # 58 | # Returns a binary String signature. 59 | def sign(signed_data, algo: nil) 60 | PublicKey::ED25519.ed25519_gem_required! 61 | algo ||= self.algo 62 | raise AlgorithmError unless algo == self.algo 63 | raw_sig = ed25519_key.sign(signed_data) 64 | Encoding.encode_signature(algo, raw_sig) 65 | end 66 | end 67 | end 68 | end 69 | -------------------------------------------------------------------------------- /lib/ssh_data/private_key/rsa.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PrivateKey 3 | class RSA < Base 4 | attr_reader :n, :e, :d, :iqmp, :p, :q, :openssl 5 | 6 | 7 | # Generate a new private key. 8 | # 9 | # size - The Integer key size to generate. 10 | # unsafe_allow_small_key: - Bool of whether to allow keys of less than 11 | # 2048 bits. 12 | # 13 | # Returns a PublicKey::Base subclass instance. 14 | def self.generate(size, unsafe_allow_small_key: false) 15 | unless size >= 2048 || unsafe_allow_small_key 16 | raise AlgorithmError, "key too small" 17 | end 18 | 19 | from_openssl(OpenSSL::PKey::RSA.generate(size)) 20 | end 21 | 22 | # Import an openssl private key. 23 | # 24 | # key - An OpenSSL::PKey::RSA instance. 25 | # 26 | # Returns a RSA instance. 27 | def self.from_openssl(key) 28 | new( 29 | algo: PublicKey::ALGO_RSA, 30 | n: key.params["n"], 31 | e: key.params["e"], 32 | d: key.params["d"], 33 | iqmp: key.params["iqmp"], 34 | p: key.params["p"], 35 | q: key.params["q"], 36 | comment: "", 37 | ) 38 | end 39 | 40 | def initialize(algo:, n:, e:, d:, iqmp:, p:, q:, comment:) 41 | unless algo == PublicKey::ALGO_RSA 42 | raise DecodeError, "bad algorithm: #{algo.inspect}" 43 | end 44 | 45 | @n = n 46 | @e = e 47 | @d = d 48 | @iqmp = iqmp 49 | @p = p 50 | @q = q 51 | 52 | super(algo: algo, comment: comment) 53 | 54 | @openssl = OpenSSL::PKey::RSA.new(asn1.to_der) 55 | 56 | @public_key = PublicKey::RSA.new(algo: algo, e: e, n: n) 57 | end 58 | 59 | # Make an SSH signature. 60 | # 61 | # signed_data - The String message over which to calculated the signature. 62 | # 63 | # Returns a binary String signature. 64 | def sign(signed_data, algo: nil) 65 | algo ||= self.algo 66 | digest = PublicKey::RSA::ALGO_DIGESTS[algo] 67 | raise AlgorithmError if digest.nil? 68 | raw_sig = openssl.sign(digest.new, signed_data) 69 | Encoding.encode_signature(algo, raw_sig) 70 | end 71 | 72 | private 73 | 74 | # CRT coefficient for faster RSA operations. Used by OpenSSL, but not 75 | # OpenSSH. 76 | # 77 | # Returns an OpenSSL::BN instance. 78 | def dmp1 79 | d % (p - 1) 80 | end 81 | 82 | # CRT coefficient for faster RSA operations. Used by OpenSSL, but not 83 | # OpenSSH. 84 | # 85 | # Returns an OpenSSL::BN instance. 86 | def dmq1 87 | d % (q - 1) 88 | end 89 | 90 | def asn1 91 | OpenSSL::ASN1::Sequence.new([ 92 | OpenSSL::ASN1::Integer.new(0), 93 | OpenSSL::ASN1::Integer.new(n), 94 | OpenSSL::ASN1::Integer.new(e), 95 | OpenSSL::ASN1::Integer.new(d), 96 | OpenSSL::ASN1::Integer.new(p), 97 | OpenSSL::ASN1::Integer.new(q), 98 | OpenSSL::ASN1::Integer.new(dmp1), 99 | OpenSSL::ASN1::Integer.new(dmq1), 100 | OpenSSL::ASN1::Integer.new(iqmp), 101 | ]) 102 | end 103 | 104 | end 105 | end 106 | end 107 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | # Public key algorithm identifiers 4 | ALGO_RSA = "ssh-rsa" 5 | ALGO_DSA = "ssh-dss" 6 | ALGO_ECDSA256 = "ecdsa-sha2-nistp256" 7 | ALGO_ECDSA384 = "ecdsa-sha2-nistp384" 8 | ALGO_ECDSA521 = "ecdsa-sha2-nistp521" 9 | ALGO_ED25519 = "ssh-ed25519" 10 | ALGO_SKED25519 = "sk-ssh-ed25519@openssh.com" 11 | ALGO_SKECDSA256 = "sk-ecdsa-sha2-nistp256@openssh.com" 12 | 13 | # RSA SHA2 *signature* algorithms used with ALGO_RSA keys. 14 | # https://tools.ietf.org/html/draft-rsa-dsa-sha2-256-02 15 | ALGO_RSA_SHA2_256 = "rsa-sha2-256" 16 | ALGO_RSA_SHA2_512 = "rsa-sha2-512" 17 | 18 | ALGOS = [ 19 | ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521, 20 | ALGO_ED25519, ALGO_SKECDSA256, ALGO_SKED25519 21 | ] 22 | 23 | # Parse an OpenSSH public key in authorized_keys format (see sshd(8) manual 24 | # page). 25 | # 26 | # key - An OpenSSH formatted public key, including algo, base64 encoded key 27 | # and optional comment. 28 | # 29 | # Returns a PublicKey::Base subclass instance. 30 | def self.parse_openssh(key) 31 | algo, raw, _ = SSHData.key_parts(key) 32 | parsed = parse_rfc4253(raw) 33 | 34 | if parsed.algo != algo 35 | raise DecodeError, "algo mismatch: #{parsed.algo.inspect}!=#{algo.inspect}" 36 | end 37 | 38 | parsed 39 | end 40 | 41 | # Deprecated 42 | singleton_class.send(:alias_method, :parse, :parse_openssh) 43 | 44 | # Parse an RFC 4253 binary SSH public key. 45 | # 46 | # key - A RFC 4253 binary public key String. 47 | # 48 | # Returns a PublicKey::Base subclass instance. 49 | def self.parse_rfc4253(raw) 50 | data, read = Encoding.decode_public_key(raw) 51 | 52 | if read != raw.bytesize 53 | raise DecodeError, "unexpected trailing data" 54 | end 55 | 56 | from_data(data) 57 | end 58 | 59 | def self.from_data(data) 60 | case data[:algo] 61 | when ALGO_RSA 62 | RSA.new(**data) 63 | when ALGO_DSA 64 | DSA.new(**data) 65 | when ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521 66 | ECDSA.new(**data) 67 | when ALGO_ED25519 68 | ED25519.new(**data) 69 | when ALGO_SKED25519 70 | SKED25519.new(**data) 71 | when ALGO_SKECDSA256 72 | SKECDSA.new(**data) 73 | else 74 | raise DecodeError, "unkown algo: #{data[:algo].inspect}" 75 | end 76 | end 77 | end 78 | end 79 | 80 | require "ssh_data/public_key/base" 81 | require "ssh_data/public_key/security_key" 82 | require "ssh_data/public_key/rsa" 83 | require "ssh_data/public_key/dsa" 84 | require "ssh_data/public_key/ecdsa" 85 | require "ssh_data/public_key/ed25519" 86 | require "ssh_data/public_key/sked25519" 87 | require "ssh_data/public_key/skecdsa" 88 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/base.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | class Base 4 | attr_reader :algo 5 | 6 | def initialize(**kwargs) 7 | @algo = kwargs[:algo] 8 | end 9 | 10 | # Calculate the fingerprint of this public key. 11 | # 12 | # md5: - Bool of whether to generate an MD5 fingerprint instead of the 13 | # default SHA256. 14 | # 15 | # Returns a String fingerprint. 16 | def fingerprint(md5: false) 17 | if md5 18 | # colon separated, hex encoded md5 digest 19 | OpenSSL::Digest::MD5.digest(rfc4253).unpack("H2" * 16).join(":") 20 | else 21 | # base64 encoded sha256 digest with b64 padding stripped 22 | Base64.strict_encode64(OpenSSL::Digest::SHA256.digest(rfc4253))[0...-1] 23 | end 24 | end 25 | 26 | # Make an SSH signature. 27 | # 28 | # signed_data - The String message over which to calculated the signature. 29 | # 30 | # Returns a binary String signature. 31 | def sign(signed_data) 32 | raise "implement me" 33 | end 34 | 35 | # Verify an SSH signature. 36 | # 37 | # signed_data - The String message that the signature was calculated over. 38 | # signature - The binary String signature with SSH encoding. 39 | # 40 | # Returns boolean. 41 | def verify(signed_data, signature) 42 | raise "implement me" 43 | end 44 | 45 | # RFC4253 binary encoding of the public key. 46 | # 47 | # Returns a binary String. 48 | def rfc4253 49 | raise "implement me" 50 | end 51 | 52 | # OpenSSH public key in authorized_keys format (see sshd(8) manual page). 53 | # 54 | # comment - Optional String comment to append. 55 | # 56 | # Returns a String key. 57 | def openssh(comment: nil) 58 | [algo, Base64.strict_encode64(rfc4253), comment].compact.join(" ") 59 | end 60 | 61 | # Is this public key equal to another public key? 62 | # 63 | # other - Another SSHData::PublicKey::Base instance to compare with. 64 | # 65 | # Returns boolean. 66 | def ==(other) 67 | other.class == self.class 68 | end 69 | end 70 | end 71 | end 72 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/ed25519.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | class ED25519 < Base 4 | attr_reader :pk, :ed25519_key 5 | 6 | # ed25519 isn't a hard requirement for using this Gem. We only do actual 7 | # validation with the key if the ed25519 Gem has been loaded. 8 | def self.enabled? 9 | Object.const_defined?(:Ed25519) 10 | end 11 | 12 | # Assert that the ed25519 gem has been loaded. 13 | # 14 | # Returns nothing, raises AlgorithmError. 15 | def self.ed25519_gem_required! 16 | raise AlgorithmError, "the ed25519 gem is not loaded" unless enabled? 17 | end 18 | 19 | def self.algorithm_identifier 20 | ALGO_ED25519 21 | end 22 | 23 | def initialize(algo:, pk:) 24 | unless algo == self.class.algorithm_identifier 25 | raise DecodeError, "bad algorithm: #{algo.inspect}" 26 | end 27 | 28 | @pk = pk 29 | 30 | if self.class.enabled? 31 | @ed25519_key = Ed25519::VerifyKey.new(pk) 32 | end 33 | 34 | super(algo: algo) 35 | end 36 | 37 | # Verify an SSH signature. 38 | # 39 | # signed_data - The String message that the signature was calculated over. 40 | # signature - The binary String signature with SSH encoding. 41 | # 42 | # Returns boolean. 43 | def verify(signed_data, signature) 44 | self.class.ed25519_gem_required! 45 | 46 | sig_algo, raw_sig, _ = Encoding.decode_signature(signature) 47 | if sig_algo != self.class.algorithm_identifier 48 | raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}" 49 | end 50 | 51 | begin 52 | ed25519_key.verify(raw_sig, signed_data) 53 | rescue Ed25519::VerifyError 54 | false 55 | end 56 | end 57 | 58 | # RFC4253 binary encoding of the public key. 59 | # 60 | # Returns a binary String. 61 | def rfc4253 62 | Encoding.encode_fields( 63 | [:string, algo], 64 | [:string, pk], 65 | ) 66 | end 67 | 68 | # Is this public key equal to another public key? 69 | # 70 | # other - Another SSHData::PublicKey::Base instance to compare with. 71 | # 72 | # Returns boolean. 73 | def ==(other) 74 | super && other.pk == pk 75 | end 76 | end 77 | end 78 | end 79 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/rsa.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | class RSA < Base 4 | attr_reader :e, :n, :openssl 5 | 6 | ALGO_DIGESTS = { 7 | ALGO_RSA => OpenSSL::Digest::SHA1, 8 | ALGO_RSA_SHA2_256 => OpenSSL::Digest::SHA256, 9 | ALGO_RSA_SHA2_512 => OpenSSL::Digest::SHA512 10 | } 11 | 12 | def initialize(algo:, e:, n:) 13 | unless algo == ALGO_RSA 14 | raise DecodeError, "bad algorithm: #{algo.inspect}" 15 | end 16 | 17 | @algo = algo 18 | @e = e 19 | @n = n 20 | 21 | @openssl = OpenSSL::PKey::RSA.new(asn1.to_der) 22 | 23 | super(algo: algo) 24 | end 25 | 26 | # Verify an SSH signature. 27 | # 28 | # signed_data - The String message that the signature was calculated over. 29 | # signature - The binary String signature with SSH encoding. 30 | # 31 | # Returns boolean. 32 | def verify(signed_data, signature) 33 | sig_algo, raw_sig, _ = Encoding.decode_signature(signature) 34 | digest = ALGO_DIGESTS[sig_algo] 35 | 36 | if digest.nil? 37 | raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}" 38 | end 39 | 40 | # OpenSSH compatibility: if a the number of bytes in the signature is less than the number of bytes of the RSA 41 | # modulus, prepend the signature with zeros. 42 | # See https://github.com/openssh/openssh-portable/blob/ac383f3a5c6f529a2e8a5bc44af79a08c7da294e/ssh-rsa.c#L531 43 | difference = n.num_bytes - raw_sig.bytesize 44 | raw_sig = "\0" * difference + raw_sig if difference.positive? 45 | 46 | openssl.verify(digest.new, raw_sig, signed_data) 47 | end 48 | 49 | # RFC4253 binary encoding of the public key. 50 | # 51 | # Returns a binary String. 52 | def rfc4253 53 | Encoding.encode_fields( 54 | [:string, algo], 55 | [:mpint, e], 56 | [:mpint, n] 57 | ) 58 | end 59 | 60 | # Is this public key equal to another public key? 61 | # 62 | # other - Another SSHData::PublicKey::Base instance to compare with. 63 | # 64 | # Returns boolean. 65 | def ==(other) 66 | super && other.e == e && other.n == n 67 | end 68 | 69 | private 70 | 71 | def asn1 72 | OpenSSL::ASN1::Sequence.new([ 73 | OpenSSL::ASN1::Sequence.new([ 74 | OpenSSL::ASN1::ObjectId.new("rsaEncryption"), 75 | OpenSSL::ASN1::Null.new(nil), 76 | ]), 77 | OpenSSL::ASN1::BitString.new(OpenSSL::ASN1::Sequence.new([ 78 | OpenSSL::ASN1::Integer.new(n), 79 | OpenSSL::ASN1::Integer.new(e), 80 | ]).to_der), 81 | ]) 82 | end 83 | end 84 | end 85 | end 86 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/security_key.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | module SecurityKey 4 | 5 | # Defaults to match OpenSSH, user presence is required by verification is not. 6 | DEFAULT_SK_VERIFY_OPTS = { 7 | user_presence_required: true, 8 | user_verification_required: false 9 | } 10 | 11 | SK_FLAG_USER_PRESENCE = 0b001 12 | SK_FLAG_USER_VERIFICATION = 0b100 13 | 14 | def build_signing_blob(application, signed_data, signature) 15 | read = 0 16 | sig_algo, raw_sig, signature_read = Encoding.decode_signature(signature) 17 | read += signature_read 18 | sk_flags, sk_flags_read = Encoding.decode_uint8(signature, read) 19 | read += sk_flags_read 20 | counter, counter_read = Encoding.decode_uint32(signature, read) 21 | read += counter_read 22 | 23 | if read != signature.bytesize 24 | raise DecodeError, "unexpected trailing data" 25 | end 26 | 27 | application_hash = OpenSSL::Digest::SHA256.digest(application) 28 | message_hash = OpenSSL::Digest::SHA256.digest(signed_data) 29 | 30 | blob = 31 | application_hash + 32 | Encoding.encode_uint8(sk_flags) + 33 | Encoding.encode_uint32(counter) + 34 | message_hash 35 | 36 | [sig_algo, raw_sig, sk_flags, blob] 37 | end 38 | end 39 | end 40 | end 41 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/skecdsa.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | class SKECDSA < ECDSA 4 | include SecurityKey 5 | attr_reader :application 6 | 7 | OPENSSL_CURVE_NAME_FOR_CURVE = { 8 | NISTP256 => "prime256v1", 9 | } 10 | 11 | def self.check_algorithm!(algo, curve) 12 | unless algo == ALGO_SKECDSA256 13 | raise DecodeError, "bad algorithm: #{algo.inspect}" 14 | end 15 | 16 | unless algo == "sk-ecdsa-sha2-#{curve}@openssh.com" 17 | raise DecodeError, "bad curve: #{curve.inspect}" 18 | end 19 | end 20 | 21 | def initialize(algo:, curve:, public_key:, application:) 22 | @application = application 23 | super(algo: algo, curve: curve, public_key: public_key) 24 | end 25 | 26 | # RFC4253 binary encoding of the public key. 27 | # 28 | # Returns a binary String. 29 | def rfc4253 30 | Encoding.encode_fields( 31 | [:string, algo], 32 | [:string, curve], 33 | [:string, public_key_bytes], 34 | [:string, application], 35 | ) 36 | end 37 | 38 | def verify(signed_data, signature, **opts) 39 | opts = DEFAULT_SK_VERIFY_OPTS.merge(opts) 40 | unknown_opts = opts.keys - DEFAULT_SK_VERIFY_OPTS.keys 41 | raise UnsupportedError, "Verification options #{unknown_opts.inspect} are not supported." unless unknown_opts.empty? 42 | 43 | sig_algo, raw_sig, sk_flags, blob = build_signing_blob(application, signed_data, signature) 44 | self.class.check_algorithm!(sig_algo, curve) 45 | 46 | openssl_sig = self.class.openssl_signature(raw_sig) 47 | digest = DIGEST_FOR_CURVE[curve] 48 | 49 | result = openssl.verify(digest.new, openssl_sig, blob) 50 | 51 | # We don't know that the flags are correct until after we've validated the signature 52 | # which embeds the flags, so always verify the signature first. 53 | return false if opts[:user_presence_required] && (sk_flags & SK_FLAG_USER_PRESENCE != SK_FLAG_USER_PRESENCE) 54 | return false if opts[:user_verification_required] && (sk_flags & SK_FLAG_USER_VERIFICATION != SK_FLAG_USER_VERIFICATION) 55 | 56 | result 57 | end 58 | 59 | def ==(other) 60 | super && other.application == application 61 | end 62 | end 63 | end 64 | end 65 | -------------------------------------------------------------------------------- /lib/ssh_data/public_key/sked25519.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | module PublicKey 3 | class SKED25519 < ED25519 4 | include SecurityKey 5 | attr_reader :application 6 | 7 | def initialize(algo:, pk:, application:) 8 | @application = application 9 | super(algo: algo, pk: pk) 10 | end 11 | 12 | def self.algorithm_identifier 13 | ALGO_SKED25519 14 | end 15 | 16 | # RFC4253 binary encoding of the public key. 17 | # 18 | # Returns a binary String. 19 | def rfc4253 20 | Encoding.encode_fields( 21 | [:string, algo], 22 | [:string, pk], 23 | [:string, application], 24 | ) 25 | end 26 | 27 | def verify(signed_data, signature, **opts) 28 | self.class.ed25519_gem_required! 29 | opts = DEFAULT_SK_VERIFY_OPTS.merge(opts) 30 | unknown_opts = opts.keys - DEFAULT_SK_VERIFY_OPTS.keys 31 | raise UnsupportedError, "Verification options #{unknown_opts.inspect} are not supported." unless unknown_opts.empty? 32 | 33 | sig_algo, raw_sig, sk_flags, blob = build_signing_blob(application, signed_data, signature) 34 | 35 | if sig_algo != self.class.algorithm_identifier 36 | raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}" 37 | end 38 | 39 | result = begin 40 | ed25519_key.verify(raw_sig, blob) 41 | rescue Ed25519::VerifyError 42 | false 43 | end 44 | 45 | # We don't know that the flags are correct until after we've validated the signature 46 | # which embeds the flags, so always verify the signature first. 47 | return false if opts[:user_presence_required] && (sk_flags & SK_FLAG_USER_PRESENCE != SK_FLAG_USER_PRESENCE) 48 | return false if opts[:user_verification_required] && (sk_flags & SK_FLAG_USER_VERIFICATION != SK_FLAG_USER_VERIFICATION) 49 | 50 | result 51 | end 52 | 53 | def ==(other) 54 | super && other.application == application 55 | end 56 | end 57 | end 58 | end 59 | -------------------------------------------------------------------------------- /lib/ssh_data/version.rb: -------------------------------------------------------------------------------- 1 | module SSHData 2 | VERSION = "2.0.0" 3 | end 4 | -------------------------------------------------------------------------------- /spec/fixtures/bad_signature-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgz7J4Tvkp0uFV0rIfOV2pwQr91qRpMQY9hu397raEa0QAAAADAQABAAABAQCnaotqngOu8h1rOgbbkp9zy2rJc8PmryWmqq5C77POReUgXiqZayaSIVF3Q6y4oASmZcs/qiAFjG4fFBFS1dq+jStNJd6WSzmQbAzfDsKau0lunsKtxbL+BhbjELXQi3Xv4+5e6od+dxCfTCSCN0RQosa5fAJWyT/kKOOV0vf1a07dx3eUXW2nnWcNd0Ys8wK0Db5pKuihIZgYxmKOS+7QpJSoMpuAkbas9tkcBu7gO6nUtHyirGpoER+gYAwarLDFJYsk3RfU82lg4Chu5XGyx4mc8k3nnuXr4qzQiA1l3Zs3Db81Nhgas3J1tJtbiRcX5DaE5/wvcg1jLA2gEZTjAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJtKNSHNYXYT3kRUideU/9tFjTAaImB/EIjwVe0r+Rf9AAAAUwAAAAtzc2gtZWQyNTUxOQAAAEAxEqTKJbnrz1TQVbUV+9KgPKBPOguhMEAjUwAXd/TSWKmZpB1nk/IAhpJPdKqlyoW3bpFv9n+8jgKc8FRkRm76 mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/dsa.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,CF19675A47CDE014EA0C81A59C6B6269 4 | 5 | k1xSi/SoTdSQkoTeEvNsTR211f2rwsn4fso5dGmVkIKVXJ6onPOeHBz+Z5P3Uj/a 6 | WHw6su+RZ4fjnOlKthhfTcuKawu+oq0RFKTkVzV+b43dEmNy8u5hn/VXVsg9Tubo 7 | PxI08zyhg3FkY4P0YjkQJCBZZbRzd9k/eciPhHU04d6EX0m2eDXjUP7U4EO86bK4 8 | o3nIeY6xnclci6+b4bo+pR1+z+9aChIB5wErsmlZtf2Lvpy3gpHrLXgaPl/Rpl2I 9 | IzosnT4QO0NOUtIgvnl8E0/L7NGiJ1cp9Drdt6Vx8mjbA2f3A8Uv0YbbF9PZiurv 10 | MuYuDi2D6LRrc1wWUSEQo51ExZZpHpzB7rgB99P2chl7R6Xwz8uAByeFA5nKtwzc 11 | Z/081h7v9UfLiAoCGc8oT26xuAvNSrTsRil/gegyR4tiwN5upYNNlWOu0SxszszG 12 | k32GIFZMxKnFBIzCOHHlMw7ZV8dm6bciJREn9IlLNlthoaQSylIHO6kIlhEFcUA8 13 | 7csp0Q5y411C50dSSNx54l45KsXuUTZ9gMKHkVGPdpRLXyidOVna3puSvq6f+W30 14 | SdlnbFjV+r3EjzB5rzuDT8gTmPmwI5kgClaL1MuJWgg= 15 | -----END DSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /spec/fixtures/dsa.plaintext.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBvAIBAAKBgQDxVX7EnH7JSoqL20g3eMhfZN0IeaIMHZdF2L8QFxwAUEr6oh2M 3 | 3YTDS6iuhbT7W8TQgeUDD/2PPaHDeFVhyOKwHzlfdHwSl8eEcWRSYv6udVZoBfwW 4 | YApgWQloKw24noMpeFrBYITG9XtJ4zV6To9zXoNio/SXbHommjlirvnLKwIVAMw9 5 | 7lVT+UR/yB6cHj7JFSrOaubjAoGBAOAt8s32b6NQBVHK3CIG5s1H/OEEQNNCzm37 6 | LdwINrWqAnS3s3jGR43JrXqRmRbhe2jbXr404xXHpKAJc0LsgYyw01JS0hJ/AFQo 7 | dDKkSTF2QWBV05h1em7+AGv8qz/bywO2HlAHtvDiBlq9gk2MYnqbTBbWHnCvEXtt 8 | mY1LA3ArAoGBAI5XYEdozb9XH0eFiMv1yPyrbPbM37Sp++OPLmvCzadJzbGGDvA7 9 | ymxopqJajV6lET+ZBavIKnKlWuJWYhDsoGfm59Jy3o5zKatjTDN3JJak2aGxYp+j 10 | Lvn6S95wOVDdPv5Df3AtBeNqRefnpxs2NjVewRGX82yO5qS0lM8htZTBAhQPwe3T 11 | xwl1zb83tbIYbtgcuwaw5g== 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /spec/fixtures/dsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABsgAAAAdzc2gtZH 3 | NzAAAAgQDbk+2NFXUKPH/9Y06/diM0j6YQt6cF/eOjbZlv2IxOsErQBA09D1OERCjItI7m 4 | kudWuwlE/bAdRW/uWPzDFnuchcKh0CWylNZIQ6L8sqDG6Aai4k2+HVovxgI+fr0K3coxvC 5 | vKT3e9KN+QfdtBPDCKFTW8nkySWzA7P/GQ/4sVMQAAABUAnCzqnSpZykWceXkamqYKCD30 6 | Q30AAACBAMoKqnQK/KqDFSgEIM4S7n3r4HGClWXIDRFyCrD/1ADFo0McaSmhw/jegSWpGO 7 | 9FFn55FJtf8B+FFktQ4bmkGSjcCBx1j9JqbsZbA3MTK0BOBATvOTp4q3u+POeObQHp9LgL 8 | kU9nY6R/B+3cxBjw4+pk+BSd3uqBr7B/ocVBbH4KAAAAgGrqXGJ7ZvcVNvU9B3UW6pXogn 9 | jyfisNW7R6RLuEcs5QSNqxPNvZf9/K6Bks41at2v/ARthkOdwBdwt20Q4QPlhUm2MS2uph 10 | r+gZWkluUZrGWLJ3X/wJT4uEH4TmawSHZ0FzafSmc/ZYQ5edOuOSQ5cuFe4mNL6FkgeZlK 11 | 9j4ZSiAAACAKA0HUqgNB1KAAAAB3NzaC1kc3MAAACBANuT7Y0VdQo8f/1jTr92IzSPphC3 12 | pwX946NtmW/YjE6wStAEDT0PU4REKMi0juaS51a7CUT9sB1Fb+5Y/MMWe5yFwqHQJbKU1k 13 | hDovyyoMboBqLiTb4dWi/GAj5+vQrdyjG8K8pPd70o35B920E8MIoVNbyeTJJbMDs/8ZD/ 14 | ixUxAAAAFQCcLOqdKlnKRZx5eRqapgoIPfRDfQAAAIEAygqqdAr8qoMVKAQgzhLufevgcY 15 | KVZcgNEXIKsP/UAMWjQxxpKaHD+N6BJakY70UWfnkUm1/wH4UWS1DhuaQZKNwIHHWP0mpu 16 | xlsDcxMrQE4EBO85Onire748545tAen0uAuRT2djpH8H7dzEGPDj6mT4FJ3e6oGvsH+hxU 17 | FsfgoAAACAaupcYntm9xU29T0HdRbqleiCePJ+Kw1btHpEu4RyzlBI2rE829l/38roGSzj 18 | Vq3a/8BG2GQ53AF3C3bRDhA+WFSbYxLa6mGv6BlaSW5RmsZYsndf/AlPi4QfhOZrBIdnQX 19 | Np9KZz9lhDl50645JDly4V7iY0voWSB5mUr2PhlKIAAAAUbMzKixBKH1Jj9KIoe81VwBPt 20 | MawAAAAmbWFzdGFoeWV0aUBCZW5qYW1pbnMtTWFjQm9vay1Qcm8ubG9jYWwBAgME 21 | -----END OPENSSH PRIVATE KEY----- 22 | -------------------------------------------------------------------------------- /spec/fixtures/dsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-dss AAAAB3NzaC1kc3MAAACBANuT7Y0VdQo8f/1jTr92IzSPphC3pwX946NtmW/YjE6wStAEDT0PU4REKMi0juaS51a7CUT9sB1Fb+5Y/MMWe5yFwqHQJbKU1khDovyyoMboBqLiTb4dWi/GAj5+vQrdyjG8K8pPd70o35B920E8MIoVNbyeTJJbMDs/8ZD/ixUxAAAAFQCcLOqdKlnKRZx5eRqapgoIPfRDfQAAAIEAygqqdAr8qoMVKAQgzhLufevgcYKVZcgNEXIKsP/UAMWjQxxpKaHD+N6BJakY70UWfnkUm1/wH4UWS1DhuaQZKNwIHHWP0mpuxlsDcxMrQE4EBO85Onire748545tAen0uAuRT2djpH8H7dzEGPDj6mT4FJ3e6oGvsH+hxUFsfgoAAACAaupcYntm9xU29T0HdRbqleiCePJ+Kw1btHpEu4RyzlBI2rE829l/38roGSzjVq3a/8BG2GQ53AF3C3bRDhA+WFSbYxLa6mGv6BlaSW5RmsZYsndf/AlPi4QfhOZrBIdnQXNp9KZz9lhDl50645JDly4V7iY0voWSB5mUr2PhlKI= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/dsa_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABsgAAAAdzc2gtZH 3 | NzAAAAgQCmHafxCuaBXIytFRtrNRS2GuZTWDpzKaQhsEydeaFX5YMzH4MadRpBjxh3vFp6 4 | L7s+f4fG+d1uf5rqE2VenPJp3MeGY7JebwkK8B51qWbtbOKkPdTUOOoJPTDI39hGuE/bxr 5 | oMbXkR9AJIkzuJ2hXJRU8VeKtCOI+AZaC0Gr0sxwAAABUAr77BAtcFi2jTjBAPZaPQWUDj 6 | fmcAAACBAIq15p+3MVFIXhC50K4+lA8va0Kk+tjJuMpDlol1pr3zHG1CN1/l/cP5SDuBDQ 7 | zTlzb/rXXDvIhTd70FIdC41FJSwkb5eU2C4kMto0AL//0jRzcuo1nPcP7RD6Rbjntz0hey 8 | Xy1rhE6fQtWFrDcgrB9q3BlBECw3dLhBf0iaPpFmAAAAgE3QhPuyakdK9uCRNkD4mnTlFe 9 | j4SLfCNpshN+eY4b09zmantNd3l4ZUL5LxlrZLEeJusmDVSIb42xgILJ7ONsl2MujdWlJw 10 | +R/wQr2crjCOTr309uW153WaM7VW14PjDuCVgoJH4NPCNF3NcPKPUJzul06gn3e97X/h0U 11 | dQfbIaAAACAFHVHkJR1R5CAAAAB3NzaC1kc3MAAACBAKYdp/EK5oFcjK0VG2s1FLYa5lNY 12 | OnMppCGwTJ15oVflgzMfgxp1GkGPGHe8Wnovuz5/h8b53W5/muoTZV6c8mncx4Zjsl5vCQ 13 | rwHnWpZu1s4qQ91NQ46gk9MMjf2Ea4T9vGugxteRH0AkiTO4naFclFTxV4q0I4j4BloLQa 14 | vSzHAAAAFQCvvsEC1wWLaNOMEA9lo9BZQON+ZwAAAIEAirXmn7cxUUheELnQrj6UDy9rQq 15 | T62Mm4ykOWiXWmvfMcbUI3X+X9w/lIO4ENDNOXNv+tdcO8iFN3vQUh0LjUUlLCRvl5TYLi 16 | Qy2jQAv//SNHNy6jWc9w/tEPpFuOe3PSF7JfLWuETp9C1YWsNyCsH2rcGUEQLDd0uEF/SJ 17 | o+kWYAAACATdCE+7JqR0r24JE2QPiadOUV6PhIt8I2myE355jhvT3OZqe013eXhlQvkvGW 18 | tksR4m6yYNVIhvjbGAgsns42yXYy6N1aUnD5H/BCvZyuMI5OvfT25bXndZoztVbXg+MO4J 19 | WCgkfg08I0Xc1w8o9QnO6XTqCfd73tf+HRR1B9shoAAAAUSOaiECsJZPnOg6/gKC/Yq9+O 20 | v+UAAAAmbWFzdGFoeWV0aUBCZW5qYW1pbnMtTWFjQm9vay1Qcm8ubG9jYWwBAgME 21 | -----END OPENSSH PRIVATE KEY----- 22 | -------------------------------------------------------------------------------- /spec/fixtures/dsa_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgUkjLcGrKO/qDF746TgEghhmwyHREguZ3/L1Pj8tI0f4AAACBAKYdp/EK5oFcjK0VG2s1FLYa5lNYOnMppCGwTJ15oVflgzMfgxp1GkGPGHe8Wnovuz5/h8b53W5/muoTZV6c8mncx4Zjsl5vCQrwHnWpZu1s4qQ91NQ46gk9MMjf2Ea4T9vGugxteRH0AkiTO4naFclFTxV4q0I4j4BloLQavSzHAAAAFQCvvsEC1wWLaNOMEA9lo9BZQON+ZwAAAIEAirXmn7cxUUheELnQrj6UDy9rQqT62Mm4ykOWiXWmvfMcbUI3X+X9w/lIO4ENDNOXNv+tdcO8iFN3vQUh0LjUUlLCRvl5TYLiQy2jQAv//SNHNy6jWc9w/tEPpFuOe3PSF7JfLWuETp9C1YWsNyCsH2rcGUEQLDd0uEF/SJo+kWYAAACATdCE+7JqR0r24JE2QPiadOUV6PhIt8I2myE355jhvT3OZqe013eXhlQvkvGWtksR4m6yYNVIhvjbGAgsns42yXYy6N1aUnD5H/BCvZyuMI5OvfT25bXndZoztVbXg+MO4JWCgkfg08I0Xc1w8o9QnO6XTqCfd73tf+HRR1B9shoAAAAAAAAAewAAAAEAAAAIbXktaWRlbnQAAAAMAAAAAnAxAAAAAnAyAAAAAAAAAAD//////////wAAABIAAAADZm9vAAAABwAAAANiYXIAAAAwAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAADYmF6AAAACAAAAARxd2VyAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEPAAAAB3NzaC1yc2EAAAEAhc6Mx/zLtH4QQ2ZVyHOG0a0sJ4JJzJY0WmSGY7F+I49sPp3zaPDsX1+fh25W/WwRvw9pugtjkHmZlT1cwtd7noBnIPIIf+53U0P5OsfuuWhh2fDHieRAG86NodAbTRrPl7vIJ5Tw83NEDa3MlRlXuP1f7FGE/MsdoCgKqJ/GUxxxGYfr1yCdLHJElir3PE7K7psli84BZvkdgTIHmn6AKPCP7oVMzrln9h5+/iBDvLoCJtS0MZjek7JmYfCd8vpYPc6L+HRmX2kEvU6BAF7X84t2M0nlprb/KwddMEZRCZ8xibiHjunZvdj+K5TqkBFjl0tYLgz1dnnmtadumX/LuQ== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/dsa_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-dss AAAAB3NzaC1kc3MAAACBAKYdp/EK5oFcjK0VG2s1FLYa5lNYOnMppCGwTJ15oVflgzMfgxp1GkGPGHe8Wnovuz5/h8b53W5/muoTZV6c8mncx4Zjsl5vCQrwHnWpZu1s4qQ91NQ46gk9MMjf2Ea4T9vGugxteRH0AkiTO4naFclFTxV4q0I4j4BloLQavSzHAAAAFQCvvsEC1wWLaNOMEA9lo9BZQON+ZwAAAIEAirXmn7cxUUheELnQrj6UDy9rQqT62Mm4ykOWiXWmvfMcbUI3X+X9w/lIO4ENDNOXNv+tdcO8iFN3vQUh0LjUUlLCRvl5TYLiQy2jQAv//SNHNy6jWc9w/tEPpFuOe3PSF7JfLWuETp9C1YWsNyCsH2rcGUEQLDd0uEF/SJo+kWYAAACATdCE+7JqR0r24JE2QPiadOUV6PhIt8I2myE355jhvT3OZqe013eXhlQvkvGWtksR4m6yYNVIhvjbGAgsns42yXYy6N1aUnD5H/BCvZyuMI5OvfT25bXndZoztVbXg+MO4JWCgkfg08I0Xc1w8o9QnO6XTqCfd73tf+HRR1B9sho= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,2866C4AEE9C2595C6082806F9D1622B5 4 | 5 | vvetCE7TqlG74iCO3kR3f1MY9+pVMkkcsDToPxer7iDI+lnqgOjKUebuTDdjB6Vi 6 | 6Hq0n6EeoaQdDfhcGvFamNPf/FGk9ptXIEztvC0T59xrxqgi4mkJgTMhAnyFRFn+ 7 | jVywGSwcge/9xTjbJxcJfr4oqZty7JIZpEFyiBc+9Ww= 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa.plaintext.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIA6w+3yQjVlJToULhwwuKfQkW5sphlGunAdxHYXYKcMSoAoGCCqGSM49 3 | AwEHoUQDQgAEVxneWIp1oQCiPlcQ/B/FBls1C167N2zGh8WzCeM8MrjDl4ir2SBx 4 | in2h+UX0zphNediQqI6NBt8hSBShPjOb2w== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQQgu2oAR/VN95C/ap/sC611dPpWMaga 4 | +bam65Y9yKRPfCMZvezNoDB+kcFOc+yLcLQTx441cgJYjTNkeWvezxFlAAAAwJm4KZWZuC 5 | mVAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCC7agBH9U33kL9q 6 | n+wLrXV0+lYxqBr5tqbrlj3IpE98Ixm97M2gMH6RwU5z7ItwtBPHjjVyAliNM2R5a97PEW 7 | UAAAAgLfv9vQt9rvEmTvytfux/uJCOSmi2EFdI2odjfMafUPwAAAAmbWFzdGFoeWV0aUBC 8 | ZW5qYW1pbnMtTWFjQm9vay1Qcm8ubG9jYWwBAg== 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa_ca.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCC7agBH9U33kL9qn+wLrXV0+lYxqBr5tqbrlj3IpE98Ixm97M2gMH6RwU5z7ItwtBPHjjVyAliNM2R5a97PEWU= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRdWm46l5J4y0+So+s0vtQjIe/XyV8B 4 | 4jG6qThMEaaWgrLe2qX+TycZuXIn0c0JawpmJ8WzqsdrtM28W8ebUfbjAAAAwO4krWvuJK 5 | 1rAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF1abjqXknjLT5Kj 6 | 6zS+1CMh79fJXwHiMbqpOEwRppaCst7apf5PJxm5cifRzQlrCmYnxbOqx2u0zbxbx5tR9u 7 | MAAAAhAMXfHu3e+l0SFuMQ375FAJ5wvsTFt49Cat/VTCHCHVqJAAAAJm1hc3RhaHlldGlA 8 | QmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2FsAQ== 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgMWhh3Pjy/jHi4LJoYi6kK9JU1t3+q2HkCiIsq6gQqIAAAAAIbmlzdHAyNTYAAABBBF1abjqXknjLT5Kj6zS+1CMh79fJXwHiMbqpOEwRppaCst7apf5PJxm5cifRzQlrCmYnxbOqx2u0zbxbx5tR9uMAAAAAAAAAewAAAAEAAAAIbXktaWRlbnQAAAAMAAAAAnAxAAAAAnAyAAAAAAAAAAD//////////wAAABIAAAADZm9vAAAABwAAAANiYXIAAAAwAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAADYmF6AAAACAAAAARxd2VyAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEPAAAAB3NzaC1yc2EAAAEAWuE7hThHGxkEdB2MVXA8rq/mTu5MHlNsCGbXBzkk/bMdVFqSmyOHufe1YvBeP6lCfCH070F0arVS4Nn+u1Plk9u94hJSymG8RQ2Ys8FcBZId3qAhJGHF4frCJXls99T5l1BO3cJHbegrrZeOF7tpkMIvEYTsPTvCbkUtpv0TULtDFu0qBeyfXTsul1pHsPL9UQm07ZxA1hZmvTooIq+mvv1Q9mMxedPKaK0UCF3o814PWvEa8RmTLBkhQr1nmjsn1qta3Zgbdm8DCgbdxgoOSJ6oUsRISWWzmOpPUlwXc2P329EbUM3VvTTbkInNY/HakgA2LBBJ32ySUkSunGJJ/g== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ecdsa_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF1abjqXknjLT5Kj6zS+1CMh79fJXwHiMbqpOEwRppaCst7apf5PJxm5cifRzQlrCmYnxbOqx2u0zbxbx5tR9uM= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ed25519_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACCbSjUhzWF2E95EVInXlP/bRY0wGiJgfxCI8FXtK/kX/QAAALAd23vBHdt7 4 | wQAAAAtzc2gtZWQyNTUxOQAAACCbSjUhzWF2E95EVInXlP/bRY0wGiJgfxCI8FXtK/kX/Q 5 | AAAECViHLLJbECEJdYRemAj1Xx9AS5r5sgEf81lJIeLQpJ6JtKNSHNYXYT3kRUideU/9tF 6 | jTAaImB/EIjwVe0r+Rf9AAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLm 7 | xvY2FsAQIDBAUGBw== 8 | -----END OPENSSH PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/ed25519_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtKNSHNYXYT3kRUideU/9tFjTAaImB/EIjwVe0r+Rf9 mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ed25519_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACByar/CYmX4GwcGLwUJ2/fakk4kHRSOkvM7eCj+y8S3yAAAALDBw/iMwcP4 4 | jAAAAAtzc2gtZWQyNTUxOQAAACByar/CYmX4GwcGLwUJ2/fakk4kHRSOkvM7eCj+y8S3yA 5 | AAAEB0y43pD5IL0XGjNeFLVgcV3q2L24CH9ZJvI3Ii4pltWHJqv8JiZfgbBwYvBQnb99qS 6 | TiQdFI6S8zt4KP7LxLfIAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLm 7 | xvY2FsAQIDBAUGBw== 8 | -----END OPENSSH PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/ed25519_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIPqimoCusew5Uv9JtzScGEMnokil4+kfUlbKIY7sKEyZAAAAIHJqv8JiZfgbBwYvBQnb99qSTiQdFI6S8zt4KP7LxLfIAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAI1fE39Deel2IqVWiyZ1m3i4Zzh2j47xnDuzUfD6IYOrPX96qGgl0bMtCwQA0MKG3yhLYZUBhP5iXl2AP1oP5QUgUUGfrYO3EFgl2vUClqHTXgVm0OOs8dhBMinH3Nvc7roW90o04aGUrmvYwQcdoy9DCPW1zTvXDUnvtbjWANK+ifINb10EC8gbs0uEizgUeL1tWXABDloZt0ns2BHPICJ5KOMMTj1M2AGUx8KN+y7raIE1uwG71rxosvtUAUrh5BERIIne6I6gva1E1NfvvNnwtHtIA0IjVV54BbWPO1p+ml3bdCfb4r9aEoW8DugcoOmeNJj8Tpydn6EFfcyj6ao= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/ed25519_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHJqv8JiZfgbBwYvBQnb99qSTiQdFI6S8zt4KP7LxLfI mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_force_command: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAqywAJgqnv8oeuuqr4Ta7ZDixyePRBnO4wjwP3hH+RD+U7POSTmIH 4 | +LmvAN3M+id9pCmbpiuEFvksuXHISW5+qJHazWuZ7e5NWYwM1qS6sX608/wsce/8/IOZGC 5 | A/7f0fz9KXgSH52IYenHglL7KalwBrwzCUMKoAOFe7kWb/Hb9KrYFzpSfbKN6fkIMP103N 6 | Yiwj6YL+HyJ23Y84u1mH9oNZWtLw+UUk3Z7MnxiFFqAgjXquXKGOkcB4veNDf8QEq7+Q7T 7 | 4iTUA94hfCkLOuV1Dwlew1CQbt+nhbZoEh4huYY1TKphyqc6Xr+dkF5ANqizToXWh9WoNO 8 | PVz+UpGgBQAAA+CicMu7onDLuwAAAAdzc2gtcnNhAAABAQCrLAAmCqe/yh666qvhNrtkOL 9 | HJ49EGc7jCPA/eEf5EP5Ts85JOYgf4ua8A3cz6J32kKZumK4QW+Sy5cchJbn6okdrNa5nt 10 | 7k1ZjAzWpLqxfrTz/Cxx7/z8g5kYID/t/R/P0peBIfnYhh6ceCUvspqXAGvDMJQwqgA4V7 11 | uRZv8dv0qtgXOlJ9so3p+Qgw/XTc1iLCPpgv4fInbdjzi7WYf2g1la0vD5RSTdnsyfGIUW 12 | oCCNeq5coY6RwHi940N/xASrv5DtPiJNQD3iF8KQs65XUPCV7DUJBu36eFtmgSHiG5hjVM 13 | qmHKpzpev52QXkA2qLNOhdaH1ag049XP5SkaAFAAAAAwEAAQAAAQBNnQHkPeiaGfedIVMW 14 | J08Ivnw+4sGgf1BDIiC/vMDiCUJpvneUevbKXMdxSSDsPIPHr+YXjpuyHwGchG8gfK2Jmb 15 | jwc92z+N2xwMMBgGf2m1FJYAp3Dy5TAQil29mg+6k0/nQb5V/4QbgXkpKp8f4Oge5a7ugC 16 | uNKouX8fCuiaf6fYWg8Cbnmz0SuOGfu8KR6vlfFQmw+0QNpHGN1gePjWUm3Gy4kWEhcNwu 17 | t03Fc6qs7/+Yjktnabme4QHFCcFygYkTlC8Jv8WSGvRk4ZEAnNlbtiEhBylxxRu91Xzo1o 18 | OvP+pDD0vjvlpj1DP28j4GkMa92SUF9Y9dgYhSr5V7XxAAAAgQCKCCoZWUnVb05hhi10Si 19 | JRf7WEIz6FG38CFWlAC5B6eHbRtRzYF7wl1MQ5aqoPf3DA95qJ9n1Ty5eiKslGneP3nIFQ 20 | v7dwaj9fhB5xYyAJGKElydZP7GaHZGEzkJX7Ww3YmiIFvDytUZougbB8v0QkCbXUMPAlfr 21 | uohz1KPCSkNgAAAIEA4rY5PlGDCTYjlokNunuPPyYsFVH6+MfL7KNp6WjwV0GJERSQip3l 22 | TTjSlapDZ0a4xCULnhC7wWcZ0HX5xAuw549ZrzZdLVQvXkuF6CoyBx9ZSzUzu3DJsxqzkQ 23 | wnrDe0sc6mtFvRQI+6yGJOQjd2sVv7e7pH6aIrg9VpZXtMrM8AAACBAMFI+CE7izcrquEP 24 | 9OMJnrDBu3mITAYskaaWeGNDMaomAuV3538emEcEroADNDCIPqrHiZ/evD/C43+isUnDDt 25 | bQ2ez7MicjROycQXJ50eKCcD8ADJGtIB79MhHTKmCfD8j3Xt43avBIl0YbjPL+MDEHEjE1 26 | zgg3YpFAczSB7KLrAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_force_command-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg/uUd7j9dIZaug62kubG3uLaEZaH5SepUWhr53g/1wL8AAAADAQABAAABAQCrLAAmCqe/yh666qvhNrtkOLHJ49EGc7jCPA/eEf5EP5Ts85JOYgf4ua8A3cz6J32kKZumK4QW+Sy5cchJbn6okdrNa5nt7k1ZjAzWpLqxfrTz/Cxx7/z8g5kYID/t/R/P0peBIfnYhh6ceCUvspqXAGvDMJQwqgA4V7uRZv8dv0qtgXOlJ9so3p+Qgw/XTc1iLCPpgv4fInbdjzi7WYf2g1la0vD5RSTdnsyfGIUWoCCNeq5coY6RwHi940N/xASrv5DtPiJNQD3iF8KQs65XUPCV7DUJBu36eFtmgSHiG5hjVMqmHKpzpev52QXkA2qLNOhdaH1ag049XP5SkaAFAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAVAAAADWZvcmNlLWNvbW1hbmQAAAAAAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAKVT5p0dl5tYjbf4KC3Li7/GJragrAT+JFCKTCIlusetinvveUN/v01f31xXKqGK3JbUXdZcFrjjt/XyhAEGIUoaY2+GRZk5OSrvHB95xmFgbUUP53xzY1+DbHX9H9TmeHhTioIOXta23tUSHmfoYNW55ETxgxX4ZydRHrnbX3Qk5TlvXFYwztLKpq6NqBBu4bIQ+EKBy6x2dBEu8D9j4Wg3JOYYFUpLmDg/Q8rq5LQD0FEnIcEgoycl7S+B4UCNSJBPcccySfmjuwwcsTuWSp5CNoa0UCLd6qso7g8ZtnPVJJRD9ZdfuWzpaz8RujEnc1Dmnjw+Afp/2O9/3KIo0Lc= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_force_command.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrLAAmCqe/yh666qvhNrtkOLHJ49EGc7jCPA/eEf5EP5Ts85JOYgf4ua8A3cz6J32kKZumK4QW+Sy5cchJbn6okdrNa5nt7k1ZjAzWpLqxfrTz/Cxx7/z8g5kYID/t/R/P0peBIfnYhh6ceCUvspqXAGvDMJQwqgA4V7uRZv8dv0qtgXOlJ9so3p+Qgw/XTc1iLCPpgv4fInbdjzi7WYf2g1la0vD5RSTdnsyfGIUWoCCNeq5coY6RwHi940N/xASrv5DtPiJNQD3iF8KQs65XUPCV7DUJBu36eFtmgSHiG5hjVMqmHKpzpev52QXkA2qLNOhdaH1ag049XP5SkaAF mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_bad_ip: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA7G8r4vhsINJH6uq3mZwZrPwbObo/fUHynwgIAE7ROX/icXwlUy/V 4 | 1VnfNNSinhRcm41QB+057eT0NB7TE7VK6YjIXCppRRz5I7WShoQmV4bhqKP8eTw8FbEcoH 5 | YFGGiFgnaNr84Vfisl8J7DO5t3ZUwcI81lhSGNn66lEOdhvt/sPJN4xDSLNMa4Th92rrzE 6 | wkNvQ41JF3jlDUH94JoH5ZW5lhFJBbHUSk/S1qbAxeNyFlFMUcxrPWmsUUDF0fSem4zWqU 7 | 2yxSa9yqbrY9H2zY26j1Iyd5PtsOUiUYg5fmI24zlh76oniPM92Hv/fp6JJ6oSFqqUtila 8 | ad6UkQporwAAA+Bqvtp5ar7aeQAAAAdzc2gtcnNhAAABAQDsbyvi+Gwg0kfq6reZnBms/B 9 | s5uj99QfKfCAgATtE5f+JxfCVTL9XVWd801KKeFFybjVAH7Tnt5PQ0HtMTtUrpiMhcKmlF 10 | HPkjtZKGhCZXhuGoo/x5PDwVsRygdgUYaIWCdo2vzhV+KyXwnsM7m3dlTBwjzWWFIY2frq 11 | UQ52G+3+w8k3jENIs0xrhOH3auvMTCQ29DjUkXeOUNQf3gmgfllbmWEUkFsdRKT9LWpsDF 12 | 43IWUUxRzGs9aaxRQMXR9J6bjNapTbLFJr3Kputj0fbNjbqPUjJ3k+2w5SJRiDl+YjbjOW 13 | HvqieI8z3Ye/9+noknqhIWqpS2KVpp3pSRCmivAAAAAwEAAQAAAQBeXXypqTcW3na/xxCi 14 | aZBB35lKMBDZAHJCkOUIomyVQ3pwivkmu4fgEG+q2VdSOpQ/rWYM09z0GxZwmwDp88jDbs 15 | lxJ6g+YnL5kqW5tJLNClOUiGbjSGw+yCLB1HjyJf1rdb/VNC6V3cjVwbfwWXuM3ZS5oWfs 16 | e9jXq8/L8F2t3VM6WLFANrjfBNVgi/L+jXvyeYCxBaEjwzMpC4Vi4sQyOTC8cHg0/CR71R 17 | PLf3ObgEI9OybVnLnguzTQlpJSL0DSq36qDzeRX1OU7oMOgHtyr2AIyLe20wEfGzwltsPu 18 | kkDPTohIvGZEEdbhfDF/AU4mdojczbfJM17x1kFTaeWhAAAAgQDe0kkXTLHO49VCHlFrsv 19 | Tuaiq9/YsJxDTEG4uP8PdJ/dZEOwz/yjwGjuawhKqIlMoi9LljSqidnP8LeLMMqJvpX9uq 20 | DF5YucDhKPGt1MuoTlozskM3XLlfxk1oKISxsuLUX6g55R3gVLcIXPJPcu5JUiE99pqnHV 21 | v6A1xjVXoUxQAAAIEA+CbKBKlrEPHNeOWX/+2hjSkIJoWUPsLgqdnhHIFiOQXqiKAN62oz 22 | ARSGvLJqS/2AEkXpuF7u0kq7xjwpXx0J0Kk/9CAUFJ2wWPgOCZPUrmJ3/PAae3L4Wq8VVo 23 | pkCvFO6lPUAseYKVIyV/2aTf4uxmDDTAF8WLlZ9pQE1jJMVZ8AAACBAPPpgtWGoX8jWsMU 24 | YvtzvCaPSJVIEKUoZxxb+m9eS+jvzcTx5ApuvFyIUvNaTCTQLhOWc52IU/oUe6MLBssf0M 25 | pYeV0iD5YGbqSXsqHGjyZPC/dYLQNF/26eIwhNMgs06+wI455yYG+uLxS92jxeSByp3ck7 26 | GYnpschgMEn503LxAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_bad_ip-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgCLml2Sct3oQ3IB7gYfDY9lAxCO7C0NWGNS8qn+ZEZ50AAAADAQABAAABAQDsbyvi+Gwg0kfq6reZnBms/Bs5uj99QfKfCAgATtE5f+JxfCVTL9XVWd801KKeFFybjVAH7Tnt5PQ0HtMTtUrpiMhcKmlFHPkjtZKGhCZXhuGoo/x5PDwVsRygdgUYaIWCdo2vzhV+KyXwnsM7m3dlTBwjzWWFIY2frqUQ52G+3+w8k3jENIs0xrhOH3auvMTCQ29DjUkXeOUNQf3gmgfllbmWEUkFsdRKT9LWpsDF43IWUUxRzGs9aaxRQMXR9J6bjNapTbLFJr3Kputj0fbNjbqPUjJ3k+2w5SJRiDl+YjbjOWHvqieI8z3Ye/9+noknqhIWqpS2KVpp3pSRCmivAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAdAAAADnNvdXJjZS1hZGRyZXNzAAAABwAAAANmb28AAAAAAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEPAAAAB3NzaC1yc2EAAAEAygVdwy80/K65d28IZJfbTGf/5L+GVAvdQFW3vPLCmzoCPz1NzueLv8pwkAkQyvyK50puOpKFn0pPNfdGo3gDQboOzBQ5Cw2m+A8OtlbyVUv5yXsnUjJPM6mi3yacerwWy6cur4yZZ/4fRir6vhC9AGt8+Pk1Lby41Ujdp33x+SiuhrRG2Ma/p+KnsFma8qsTlOT6knKvhQhb9ygYVV6giR7S8lnXrmhqlW026wy3u/JgCgSTRox4Ljf2HJu1B5XnS2xH5XNzO8Zfjsf+UXZ0tnvndwtXqNAd+LEjg5H/S8Mted8L8xzVDfFjeuBBhEhmwzOe4lbUbfFmKP/fzwNZqg== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_bad_ip.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsbyvi+Gwg0kfq6reZnBms/Bs5uj99QfKfCAgATtE5f+JxfCVTL9XVWd801KKeFFybjVAH7Tnt5PQ0HtMTtUrpiMhcKmlFHPkjtZKGhCZXhuGoo/x5PDwVsRygdgUYaIWCdo2vzhV+KyXwnsM7m3dlTBwjzWWFIY2frqUQ52G+3+w8k3jENIs0xrhOH3auvMTCQ29DjUkXeOUNQf3gmgfllbmWEUkFsdRKT9LWpsDF43IWUUxRzGs9aaxRQMXR9J6bjNapTbLFJr3Kputj0fbNjbqPUjJ3k+2w5SJRiDl+YjbjOWHvqieI8z3Ye/9+noknqhIWqpS2KVpp3pSRCmiv mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_flag: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAwNePR8FplXpACjGterqAbAcu0Agef+Qo4fUPE34JPIjg59qn/wNX 4 | sAFqcAt6PBxVtSa9h46JNndpXJTsGGy34CTtTe0e8Ju3fzUsgOIbnog+V9PGQoy7VrK/2V 5 | h2z1OOPB+7PjFC1CosjmBT0XUfpj4XN2n7WXixvoGEwU6BmrzVMQuRfGoSe+JUkN18uTJu 6 | eaMce7MqdfGj3Q0c5ZBnfz4eczgY9LkF/sjEE/oWoHynXt+DPf3FP0wNkg9EWCl2XSKE0s 7 | 3xCL2oAd27ZC5Ui+VrTA8hPXlEJvSFAY1aSimwDtOoA+6+MTCsSIXQAm1JQXKFlPUdaEE/ 8 | pPdqoybxtwAAA+AM4Do1DOA6NQAAAAdzc2gtcnNhAAABAQDA149HwWmVekAKMa16uoBsBy 9 | 7QCB5/5Cjh9Q8Tfgk8iODn2qf/A1ewAWpwC3o8HFW1Jr2Hjok2d2lclOwYbLfgJO1N7R7w 10 | m7d/NSyA4hueiD5X08ZCjLtWsr/ZWHbPU448H7s+MULUKiyOYFPRdR+mPhc3aftZeLG+gY 11 | TBToGavNUxC5F8ahJ74lSQ3Xy5Mm55oxx7syp18aPdDRzlkGd/Ph5zOBj0uQX+yMQT+hag 12 | fKde34M9/cU/TA2SD0RYKXZdIoTSzfEIvagB3btkLlSL5WtMDyE9eUQm9IUBjVpKKbAO06 13 | gD7r4xMKxIhdACbUlBcoWU9R1oQT+k92qjJvG3AAAAAwEAAQAAAQAuk6Hqrd9nmBhhnfAN 14 | pYAhF3cKDfv33c62DK9wgM+QTGst9NUAtfj27NCdcVg7rohQ8aNzW0zu19ad4uZHW/Lpc2 15 | HRoYUIjkO6uMgf9PzAxJ1yLxdCuaUB4riNsV045DCFexCJi/JdNjZ+yOtVutlDGNoYq0Nn 16 | L8yWe8fpvKF3EttqJOIvB55ErkwzE1lutjIXyWOhotsnkZPejt5gW2H3a2k3N84CPoFtDh 17 | e0DFZ7WNwGy3utk+MMdbfqaXFLAOagKO2FusX/uiu7Pr+8tE+lr8QG1HLALte0VTRE3jkP 18 | hExxfJc6aw3j67abh4GnfrHddqwAc6zw3jvFMcgUWW0JAAAAgQCQOZ4jOLODAXJ34eobN3 19 | NU90WrzggR7WdvKD2rFkChQCgCnqR9uo2BeZIByTPGtUc80tWWcA/5QqU9weeA+tmuWpgt 20 | UVsO8WDwR3qyexF1vfbCwK9HDvKEoH5p7phs5Xi63CLKAiYzjaCHJk9u63g9sik4PWTHfm 21 | HH7xPyUW43agAAAIEA579mfbzJJyAzv8gvdQnsmsUS9iQzGKgt/mwv227MVTeq8JizVwga 22 | 4ddbM+DVdn5/zVnWHMaeJeKJIsREwCssUb/wE0hVlW6o/SV+4mItknomt8LwNlV9RDaI2R 23 | hA1rODoA253pXJgKPQCH2JN8mH15Fl9VylKr3iXkOaWN/ON6UAAACBANUF3TlV7RKOaDLq 24 | fQSgg1G9mI2KUtqIxnQH15BeGzB2GRzDz8N1vS6oRMd+Ejp5sAImbOd1v0IzffdeOZigjo 25 | 8gn/R7WAAWesJabhlWCUqqS/WoIfLeg39pIt4owNBp6KWTAvi4MkVQzOiSdfPj0kokfCHe 26 | 4bUaVRoG4jtwOeUrAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_flag-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdcCiTkSRR2kxcL47Q7ygpqw7G4KVmAZ0eY/YdaBrPM4AAAADAQABAAABAQDA149HwWmVekAKMa16uoBsBy7QCB5/5Cjh9Q8Tfgk8iODn2qf/A1ewAWpwC3o8HFW1Jr2Hjok2d2lclOwYbLfgJO1N7R7wm7d/NSyA4hueiD5X08ZCjLtWsr/ZWHbPU448H7s+MULUKiyOYFPRdR+mPhc3aftZeLG+gYTBToGavNUxC5F8ahJ74lSQ3Xy5Mm55oxx7syp18aPdDRzlkGd/Ph5zOBj0uQX+yMQT+hagfKde34M9/cU/TA2SD0RYKXZdIoTSzfEIvagB3btkLlSL5WtMDyE9eUQm9IUBjVpKKbAO06gD7r4xMKxIhdACbUlBcoWU9R1oQT+k92qjJvG3AAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAWAAAADnNvdXJjZS1hZGRyZXNzAAAAAAAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAzwdtEkuEctGoVSRiH+WmEVPNT8LVIgy49goVJzH2LQmHprnCEY5H01Krh83j23nFGlsfzR19Bh0b+3ODTvk2Mf1DwwuntmZkYQ0cv6XOarckbu36gUrK4QQLwHb9dxeS8zJUb/qGVyBAXjTPGXdzSIGqc7THcZARfi7DZLG4rIPYsUyXDm94kmVc0D+L5kB9cL4jtP1hWI/q0t066E+oD8VLmn804XFxbcS1gFwDPn/Wyz/XCR1twABn6IcpUSk3FbMUu8e2JY6ytBMHwIeCr40wJ5OYKW3Sx2j8HkazetnmHyEWcQrm3XnQ1bmdz1ZVJkFgIZ7R1JCJwfppZD/x7wAAAQ8AAAAHc3NoLXJzYQAAAQBEC1BuRCi0wkf0iBTQThg6wK8YW3ROZGVZ19QOYFuFHsQoi1AM+qGaCpzKePf/pOlCk4WPx9UQWHoAwCXGdqzwAHuGspu8/92xbQBN6YKC/KzrHcF4RCebmNNUuQiQNBchU1/rpGxCc966M8DkuO4DhY6+LS4AFbX5JnbqcxkFjOyH48IxKpdmX3u2SGq58kqhSbqQLgst4h279GtQIyN9CVX+svaVZiWJBMRJ83ylk/Eoz3V1w+xr92JPSkbVthoUg1sDG8byP4wPHqHOc2ytdPU5hfnk/dDA/WeeV36djbpbWvbiXsaGZa2EG1LYEBBvN3r9cKaXbLpr3Kn8EmAg mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/invalid_source_address_flag.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA149HwWmVekAKMa16uoBsBy7QCB5/5Cjh9Q8Tfgk8iODn2qf/A1ewAWpwC3o8HFW1Jr2Hjok2d2lclOwYbLfgJO1N7R7wm7d/NSyA4hueiD5X08ZCjLtWsr/ZWHbPU448H7s+MULUKiyOYFPRdR+mPhc3aftZeLG+gYTBToGavNUxC5F8ahJ74lSQ3Xy5Mm55oxx7syp18aPdDRzlkGd/Ph5zOBj0uQX+yMQT+hagfKde34M9/cU/TA2SD0RYKXZdIoTSzfEIvagB3btkLlSL5WtMDyE9eUQm9IUBjVpKKbAO06gD7r4xMKxIhdACbUlBcoWU9R1oQT+k92qjJvG3 mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/multiple_cidr_source_address: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA1xgbFTKIFk8X7cfHsgDYxY2rF2V5DnWIRGqDazm4oGXCRdkoGaxp 4 | oZMHnb+G1yzhJygYfHYrSCQd+n4LmacGzU2OHWwfiaVH3vG/URpJi8XNgGRfxdFn05ne9X 5 | ztz0TVD9OMG/Mx96cPDZ4LK7tqXGV6Wrkgzzl7+zhg+apz8jMYU5WFBSjFfvFYiNKO4gAh 6 | 1QHwr7vX3bt02ofihXLu9vAdE/dTlzj72O+fhZ7iINmvLYI4feIFmEQgmA8ik6z06l6kvZ 7 | 3wpJs846i3XFHuPqbKuRuHmV2fB2/P9eF/5PhJ+1X0byAGqDZMPSjJFdIXlPe3XtvVP+3g 8 | zvmFU7r0vwAAA+BS7yQvUu8kLwAAAAdzc2gtcnNhAAABAQDXGBsVMogWTxftx8eyANjFja 9 | sXZXkOdYhEaoNrObigZcJF2SgZrGmhkwedv4bXLOEnKBh8ditIJB36fguZpwbNTY4dbB+J 10 | pUfe8b9RGkmLxc2AZF/F0WfTmd71fO3PRNUP04wb8zH3pw8Nngsru2pcZXpauSDPOXv7OG 11 | D5qnPyMxhTlYUFKMV+8ViI0o7iACHVAfCvu9fdu3Tah+KFcu728B0T91OXOPvY75+FnuIg 12 | 2a8tgjh94gWYRCCYDyKTrPTqXqS9nfCkmzzjqLdcUe4+psq5G4eZXZ8Hb8/14X/k+En7Vf 13 | RvIAaoNkw9KMkV0heU97de29U/7eDO+YVTuvS/AAAAAwEAAQAAAQEAjnP8m9FXp87CPkyt 14 | yQoehtgIk/o0bosQsJ8KYp1b1X8PZ0sm77nsS4Ig7SzHlQK4K0K21Nc+WwzwfdG0xRKFwr 15 | q2gG33hSXdr53T41bRlqxuKbZQZ6cEaHPj4hnXNgqUQWMNzAUI9sfBhHdDVrdM/dyHaEZr 16 | oFKl9f+k2jU1jRVqkaM5uWUaIfQ8KT4cKvL9fMWpAtBnPr/1sifbgJslvuU/+s/zHW92JI 17 | prF0XsPn6Oly7U2/KGKi1bg+HPr1F/LUytzmwClFL26xRiccg1usnGIrZa5RFJoj8pfzmX 18 | Lk3nUYrKBgs4TyVnY5+7Cs2wer/tXI3ji682lNXKdkxhAQAAAIA8uqZ/Nj8vpmhLpOQty9 19 | 8CAKWrui2K9tKzK8OyizNnZq5fT9G7n3kb8ZXJAr9Jj09iHPV1f0zR98U1m+mYCIa+A6E4 20 | gXTTL8YFD8LOJjvFWVLg7JckkgnBx9Lxc3rJAgulKFpDnfDW4pyXGYnzQURcNTwL3J/qfn 21 | xJa3OJiIT9wgAAAIEA+LT64DRo9ut2oEzwmzCWAidzWWkn1WvSnojubCWWF8kcK9x7dwlc 22 | ET9fyK5WZ/PjTDZKavTIYSxqfxYRj2pap+nRa2NwC9KKtKfElYXz0frQDppnPJB/x0IEdx 23 | gdNbaPGsRVQ+srNbz9UcBidp+AQDXYhHd56P5k3kG20iL5oKEAAACBAN1mzDcJbMPMy3Cl 24 | a9ElzODmd3W/jRW5kGMU3R2F7Mx0wJRhdHc9nECeCoV2DaQSthdXlYjpqsUFjobRTMzilb 25 | Z9i2OcgpWSc11g1z3mQM/I4PHiSBDV+hcqmhvLmyd6Rv1YERCsOJU3ZFmI4frreYcbpT/m 26 | fYyCWb3BohyBhLlfAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/multiple_cidr_source_address-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdIm7qBzfrwc4RAIinot0tSxC9e1mII4htpXMtjeGwOYAAAADAQABAAABAQDXGBsVMogWTxftx8eyANjFjasXZXkOdYhEaoNrObigZcJF2SgZrGmhkwedv4bXLOEnKBh8ditIJB36fguZpwbNTY4dbB+JpUfe8b9RGkmLxc2AZF/F0WfTmd71fO3PRNUP04wb8zH3pw8Nngsru2pcZXpauSDPOXv7OGD5qnPyMxhTlYUFKMV+8ViI0o7iACHVAfCvu9fdu3Tah+KFcu728B0T91OXOPvY75+FnuIg2a8tgjh94gWYRCCYDyKTrPTqXqS9nfCkmzzjqLdcUe4+psq5G4eZXZ8Hb8/14X/k+En7VfRvIAaoNkw9KMkV0heU97de29U/7eDO+YVTuvS/AAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAvAAAADnNvdXJjZS1hZGRyZXNzAAAAGQAAABUxLjEuMS4wLzI0LDIuMi4yLjAvMjQAAAAAAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEPAAAAB3NzaC1yc2EAAAEAv3UU2tNGrdaVs0Z/5Z8WRR2UeY9P2+YCjgN4sQrivfA+oudeYEm8kLi2khuONSRwB4RU+PpAHxiXz3T88v6WP+gNwEQq7hlYyOmzbfPpujE4M4EvR9jJtO9rZt+Wl7TjyR8fai3BXNh90JKGvmrGmnJfnQMxuvoEvEwf/A5RW53H0aJSm1bL+giPFl81ci0ew5ViQGOvIU8npcjAwjMFIP6BfdB1/WWIvlVk0n13z7M4cuUGKlmvORcAf/HuoGZbvlxg4QWNYXInQJycmTcuTRuN1vd7otwHJfuxZeyoCIueIaVzmB2VuvQcvIf3ECG3zcXZWvBRX5tWLrWhhiL7vA== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/multiple_cidr_source_address.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXGBsVMogWTxftx8eyANjFjasXZXkOdYhEaoNrObigZcJF2SgZrGmhkwedv4bXLOEnKBh8ditIJB36fguZpwbNTY4dbB+JpUfe8b9RGkmLxc2AZF/F0WfTmd71fO3PRNUP04wb8zH3pw8Nngsru2pcZXpauSDPOXv7OGD5qnPyMxhTlYUFKMV+8ViI0o7iACHVAfCvu9fdu3Tah+KFcu728B0T91OXOPvY75+FnuIg2a8tgjh94gWYRCCYDyKTrPTqXqS9nfCkmzzjqLdcUe4+psq5G4eZXZ8Hb8/14X/k+En7VfRvIAaoNkw9KMkV0heU97de29U/7eDO+YVTuvS/ mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,B4D888F772E67B66E03C79A4744D73E2 4 | 5 | VBXhsN26cPD3411FTHS8FCPv5efiq64w3ewaFO0g+iuor/AAXf9gCpe2g6njgIh9 6 | HnFkZ6zUd5pNCG4JBz//82SMT7gDzpZCETQw+cPP4jwd2JZFlj48KAqFmKxyUuLu 7 | O8X33qL5y+VP/OQYNyntsUphk2zMAZs4guU/jDoaNz8iHWLW03OxUBEnC3Dw1tJ8 8 | Utg+9Bmb2nO3dBaSMPoyAFY7ad3UHTpcbWbw+Jvhiqm5BFvDAwwKehsOAPpMqLeN 9 | Kdah9rfGchhKk6zAZwAyhRTZ3UcocZ778bd5nvs68kO32A6a3fRyZGVbFhA2KEcQ 10 | 12kX/6u4hw1ROlvicTPsrniWSQLWewcbedpmvZGlXSbsb1dGtnBgdg9yIfWc/w+6 11 | DrJuq4+CWz1pfnMKM5VmbZyoNlgPawE0NwiGhA0gC+qnepWSaMV3OIDYzsLugz1H 12 | qjRThUdy+jeXDiGBTA3WLvR+x9dBaF15uis4DK9Q708VzyJH/QiPw1CSCycBu/Fa 13 | rFGcl3iJwTE7YWOzRCwoNUocBMzTY3LgGhk8NlaCWPRxhVhzQNXR71ddUdQSR9/J 14 | 0nX7te9Sp8xjtVNT6ULqAr1Tq0Vwnq1Sx8xiFjVTeoTs/qdHMPLAjCrfBr6BAKhx 15 | zLOC3q0UTAguWfhoo/Ekv9eTegkSwuzUFJ9T3jFT6pdznfEKuvRe4rplcJQ6FEJO 16 | VT5wrhBszlA2vxN20Gnw4osbccHKYtibU2wkC+OOoMU2gQ2FNXxQ76lYs8T81yCU 17 | KoLUYtG1RqFajSnoen7OsmN0RU7rD5Hd7c5yznx/Npv0R4/yUhv7wfGIZ8auWknS 18 | GTPT9OX85k8KZnLvubVnVmfRi4IlcTg7DywpvR3cPBw+iMXHEhzn1RWg58Hmw92c 19 | 21MBMtg1X+SKgwGWvwWnA3BcvDdjNK7DguJCDlqIQVdT64AXjrAx6MxtsNaJ+OVw 20 | hejaSQuOZaWIx1hW3MWeDWYYQaDeTcmZhKMtLImX7NiX/6WD/KjlugyH7eq9bl8R 21 | kzSyZDlvx0emkBb0crxoY3qq+f7oWMx7G+Frzwg4izk5VZjGLVPCKqvXtQ425HCT 22 | BE5JtCBK6nLiAQO3APSaRgZsAjzY65Yz9ZaITL3djA5C9npeS/zVhPr5TTcsCQpC 23 | ZQKDj89cO3Wpg4DVVpN4SyyLuRVHPzs/XfJy24YdaSCLBJF3UTGiD5MK5+vraJaD 24 | of7dj05VC5mN5e9tNW3O/D3ZdSSzEuYn0GECxDvO0HaSutL93RelwTDfYIhmgqTp 25 | uxe+9ur9MPl6dlE7bLvw509rnzsJEdpaaQQyJfL5kKWDHkjLVBuJ7HhJASucKWl5 26 | CvT3BH1tjuddoW5tXXx50VHS9ystC/0FRqaIr99eoxTtHSRVmEaCEPGBDdA2fgE/ 27 | VoRPsVd2SECqmD1cGW2KvxCq+g6sOgyrH3CJkv4NAh/r1d9xuFAQVuGe1UXTbyYi 28 | 54ouZlnSVygknL9jksPEZgOzqVKZlMcwPJJfAVIAJZWewpjMkDVmV2OJtx63idAB 29 | J/c9ws6jaibgoC3A98GHcknNik+tvF+x2uEjYvqW1fDmmrZsm62hUX3ZO3C19dbw 30 | -----END RSA PRIVATE KEY----- 31 | -------------------------------------------------------------------------------- /spec/fixtures/rsa.plaintext.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAp3ajAPP2/RJJMaJpDvNjd5L1/Le809y2rrLfGyfj5+OlzXKL 3 | TFY/mKRaGu+cJH77THwqzcjjPowr2fJ1g2zH/Jp5YFRdlZqVx3IM+bNKVzv65lK2 4 | PiQ15LS0UZAwa89jJGUG8a4JbmmB/r/3Tfr6UZ1vlxRJhRUfXcqhTOamgAOigaLM 5 | x9fSxWhXMF4I4mdQ2qr67vg+CWC0lZB+3Sc2X2PZKNpNdqsA0sE+ftRmBGVOfI8f 6 | 8JGDi0aCrn7te9mK3Mf3FFLfpv2hVLXVFUbvU87U6DqNNVgyGN6V4bpNQSJaWQ+d 7 | vZiFdVLfpM6W5clHGpNPh4OCRXpBOAtfF6PZgwIDAQABAoIBAQCZS2h7ftghYZPO 8 | 87ToErSCyOyUoj0gU3KHCQZifWmK5EDqiGgrQOiGeixha+WrIvI3WZJ1PeeHYhji 9 | MaiQ3gtTmLRzEcd5I0DoieaGzTDIGgfavuxEhjEvYpuN7kfk6LsAndp1cbMAd2Sg 10 | Jmnj4FM0UsHLsq56PJOx78Mn+huAIleELnkpa0WHSxoRL9khdVjrqiOmfo2Frpno 11 | k/vu7k1yAgFELDefalWD/KylOoFVMMjSM7WLcFsct8TA4rvS1LHqsGrkg/ifjrGp 12 | FS9b2WAZvLtZSxprCNIPN51rWaiLaikPT9bXhjTMElSV1bWP7jpbR/GZUvmNY6es 13 | kM//9rwBAoGBAN8taKBQU6n/XX0Gu+VCN1/UJ+QvU+qYsv+cce59DoybMMTbncAh 14 | 0qMIZVSP/AG6/RvsLNBrGZInKGH6I5NIAi4rrGsDMwiMpzJ+025NS9gtja/MDniR 15 | bFf8Ns0XgCxXt1X7yPcQ9BVuwUkg00RXqyLHPxeJyKLbeP/u2ExKGENBAoGBAMAX 16 | m2Am7pJRJs4pdFmxzxUJXdjsFHxjNes4wusrcjjnvUolGeLMFJlEDR7w5a1yDmOk 17 | O6IsPbW7BTwmCcbfsGy0gu1N/0AyyIQ9qyFf222BR5NIC8U1m6PvWOfx9637Zawl 18 | UfVmKQK9leuwWedwxvGoj7v/NmfLGt73x1CW09/DAoGBAK9QonHc5/wQyEXgtlVf 19 | 8NPsevG7Y/ZTwbkeEjnAL1+wwVzDEGbPqwG7JK6K9PH/C7mVi5alq06uSAC/WJbn 20 | 6B6Q3D6sIrjClM0L59csDTpifnzslSmNQ0jSrdHqdhtfRHvc8H905+i2OkvR52Q2 21 | Yg9N6Xf6GowkUCbsXyl+wxSBAoGAd2G0hMttVa3tqg8FaoEhK/fIRXpjOPMHnYqH 22 | SVSVBlyvvZbVQaiH3MD4TpR0iZjq7G4zSZSpPXpfxIP3a4u1v7ln7UeeLS3ihJ02 23 | 7+T9IE9KRnRuLEAm3HlyDaTJw20MQTJof1Tgg/2DYRkWpsnmOmYB/lqcW2FU7+Ga 24 | E7HJN7UCgYACx0+RjAnI40JzaZzl/m+eh9f06ChpphWoNqrohXjbm0/9tuxjxY8n 25 | b7JmjnvZgMrKTJQIxkSZyF9pU/aCGXOZt+2VI8zuaFEUe686tK+piu337GBjZnIT 26 | 3LjbYETRsWE3FqJG1+KwpzVeZ2QSp9J+SMcNTREFPRzTnXzogwF37w== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAzwdtEkuEctGoVSRiH+WmEVPNT8LVIgy49goVJzH2LQmHprnCEY5H 4 | 01Krh83j23nFGlsfzR19Bh0b+3ODTvk2Mf1DwwuntmZkYQ0cv6XOarckbu36gUrK4QQLwH 5 | b9dxeS8zJUb/qGVyBAXjTPGXdzSIGqc7THcZARfi7DZLG4rIPYsUyXDm94kmVc0D+L5kB9 6 | cL4jtP1hWI/q0t066E+oD8VLmn804XFxbcS1gFwDPn/Wyz/XCR1twABn6IcpUSk3FbMUu8 7 | e2JY6ytBMHwIeCr40wJ5OYKW3Sx2j8HkazetnmHyEWcQrm3XnQ1bmdz1ZVJkFgIZ7R1JCJ 8 | wfppZD/x7wAAA+AmCuZOJgrmTgAAAAdzc2gtcnNhAAABAQDPB20SS4Ry0ahVJGIf5aYRU8 9 | 1PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2 10 | ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+Ls 11 | Nksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+ 12 | f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIR 13 | ZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAAAAwEAAQAAAQAnd9T1Xew8L3gV8z+5 14 | sQA94WoMwKn9OcuxLC7oMAAsidqQkG1NB4Dt6p7E3x2HY+mNor2nTu3c0oPZJiZsUdphIV 15 | Vfw8MPZOnSDrviVWvKsGuDsl7Fc0rGJw1OfeDIaXgcYQXz6yDdT0q2Kv8obbtOoVmrgVVc 16 | cwjCs4uQkMkSKiCVVPV/igTTMdPMWu3Venc8ILG3ap5qnw4GljbqZrX3ZLDTm3kVPGdTZD 17 | qiiVH8cKkfZ2jxhskVdsPNStmpelEWEN3x3NUXX1hh1eWohNfm+ZmlF5beB4QyeKSHb2RT 18 | x8V09uG3MjBCy19dEIQnot1ofdqR36APk8rq2CFAQyahAAAAgQC1819b7T5QsXeuiQt7of 19 | TcryY+7IN8LYNWPGvRQn+nZjZmhGapLPiy9Xo7mDoGyL+2Um6KkgVr8sC+R6RkN1yGL+Ld 20 | WlueMYdiMUZYJ0U8t1/koE5paHA4vBemuenWiyqlsYnbAtt94W88uzG4ojIx+pQxpnEmsC 21 | KNUNhFx4IKVQAAAIEA9j48JaQ1LbH0lahDD5pk+khzH+2GUuO91urtZEAFVWGCFmUqPVJ8 22 | 11GPLqhGRaTdgG1MvDaM2606+rMxyNF65nlX63ATYFLeaHzlH5OF8CxQb9jXlq1DJul8TG 23 | uoCQQ7fr41g6BXRSc0dFUk1XOY/wB84qSnNIIjM4C6794HkPcAAACBANc7bFfqVw2BWrXm 24 | Z2XKRgt8DpKsSeZ5yjzFI+ST7ltoQXtw/f54LmmtKc5WghSF3mGtEgmNBxy+ULDIWu49n0 25 | OHyQcQECaxMwUj/r/s3NiM9a4ENUP2PL0enT9J9Zav6ATZMEhQBwlUVkhfTuMn659EuOmE 26 | InsJ0GpnYOmDgeDJAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/Hv mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_dsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAzJL2lngygHxuhmCOj0+Wfvcdu4abH1CVkVfD6mTDCuOM5E+SQVsY 4 | 0rMZX1xp+nNgIpkPRkzoWI7gJ6AAIqKG+OA41kTCgSS7Ewn1JWLCtu/vwR6BC8bgXjCLej 5 | +fdlxI1G5nkVzOW4SrL97TU0EOcFa6sqptbLH7gMRKtckrw9DjIS77JeN/iNFsWwmDMmpQ 6 | s9cdGP0l1jYtxD0XDA7eDECGAReTAqPBRtB4O7MrpuMoJJgsQpt8qXGDb/pKepnlYWY0Fo 7 | OlOfw2LsfezOe3bbSjEY0VT2GSLJq1cnt0PtoJQie1mLMqi0OLEss/3Yti+5C7N+yEarC9 8 | Bup2opZW0QAAA+Ata/IfLWvyHwAAAAdzc2gtcnNhAAABAQDMkvaWeDKAfG6GYI6PT5Z+9x 9 | 27hpsfUJWRV8PqZMMK44zkT5JBWxjSsxlfXGn6c2AimQ9GTOhYjuAnoAAioob44DjWRMKB 10 | JLsTCfUlYsK27+/BHoELxuBeMIt6P592XEjUbmeRXM5bhKsv3tNTQQ5wVrqyqm1ssfuAxE 11 | q1ySvD0OMhLvsl43+I0WxbCYMyalCz1x0Y/SXWNi3EPRcMDt4MQIYBF5MCo8FG0Hg7syum 12 | 4ygkmCxCm3ypcYNv+kp6meVhZjQWg6U5/DYux97M57dttKMRjRVPYZIsmrVye3Q+2glCJ7 13 | WYsyqLQ4sSyz/di2L7kLs37IRqsL0G6naillbRAAAAAwEAAQAAAQEAjSHyhrpjtOqjYYdp 14 | sorou60GUSI7EG6K0RuoaKOdP3ze7X/L2dTcGjg/D9/0qTlBoHzR4eEbBkWDdTLYBQz1au 15 | tdqs0DFw9dFHRxMJqi1IxRbnz58EMC9VguUWdlPsXJ5OxJ/Sn2n4K2iy8BwdUG/g+He81B 16 | 8pQTe7FwDVu9GrhcfXF3rRqrRjgyh/RL1UXMHXg/Eyk7nVM80f2yuTJ3wi8KCGGtb7dTGN 17 | Bksg6c/WTTggLEQy9+TsGGe+drnmH9Ff8SJYOL1Gpe0C520GuArS0mifr9Opj36PwD75yk 18 | XT5oi4I0fm70AnbnRjdL61JxF9JUsjVkCvgklBjEm+X7ZQAAAIEA45B8DESUVmOvV5jIup 19 | Y0hi8QjwI8pkQjQLz5namyngz9bEDppR/CFLnHGsLg92VspDXNnbciOOgjHjlATV1X1sE6 20 | /Yg5Ik1jl2cDdf4NG7/4bivSDaVZ1uaIzNKmnAcPN+CLTuSLBhcpFizaOuUEk6ZZ1UL5xD 21 | bDjBw6W/pwDfMAAACBAO7QJ6hitjVjG0X+0p0b8BBNp+jU4BnkKvm6NCtFBQC2r9K9XQBr 22 | Bm5VybuJUVJ+4sYseK9EyatPDrkdmgCXisgOepPQHCz1nhcTJyu4UOl+ANCJ37fLPT+kvV 23 | wYJciCkjKRl9vUSwbTsD9nGZEsfMGc76VUHnDaLz//W5IHQFyzAAAAgQDbS/7IwF3XA9l9 24 | BIJ6QActwg+hGEJDzH/RnpaPTJhEMCPVhI+0u38eKKL2aeCfRc7J/QZaSe+6UXr6NwdeRB 25 | NTEYuIsdxsh57tsRabXNL/X7SGrg65Rc0Zx6YDjq7cNZHK2FbppVBRDRLKUdEG5dZLvv1r 26 | f2G2xaqGLCUGYg4IawAAACZtYXN0YWh5ZXRpQEJlbmphbWlucy1NYWNCb29rLVByby5sb2 27 | NhbAECAw== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_dsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgSK38nKPtKdPYaCKCXkhKgogYJQUW5v8EkQCaeVk/ON4AAAADAQABAAABAQDMkvaWeDKAfG6GYI6PT5Z+9x27hpsfUJWRV8PqZMMK44zkT5JBWxjSsxlfXGn6c2AimQ9GTOhYjuAnoAAioob44DjWRMKBJLsTCfUlYsK27+/BHoELxuBeMIt6P592XEjUbmeRXM5bhKsv3tNTQQ5wVrqyqm1ssfuAxEq1ySvD0OMhLvsl43+I0WxbCYMyalCz1x0Y/SXWNi3EPRcMDt4MQIYBF5MCo8FG0Hg7syum4ygkmCxCm3ypcYNv+kp6meVhZjQWg6U5/DYux97M57dttKMRjRVPYZIsmrVye3Q+2glCJ7WYsyqLQ4sSyz/di2L7kLs37IRqsL0G6naillbRAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAGyAAAAB3NzaC1kc3MAAACBANuT7Y0VdQo8f/1jTr92IzSPphC3pwX946NtmW/YjE6wStAEDT0PU4REKMi0juaS51a7CUT9sB1Fb+5Y/MMWe5yFwqHQJbKU1khDovyyoMboBqLiTb4dWi/GAj5+vQrdyjG8K8pPd70o35B920E8MIoVNbyeTJJbMDs/8ZD/ixUxAAAAFQCcLOqdKlnKRZx5eRqapgoIPfRDfQAAAIEAygqqdAr8qoMVKAQgzhLufevgcYKVZcgNEXIKsP/UAMWjQxxpKaHD+N6BJakY70UWfnkUm1/wH4UWS1DhuaQZKNwIHHWP0mpuxlsDcxMrQE4EBO85Onire748545tAen0uAuRT2djpH8H7dzEGPDj6mT4FJ3e6oGvsH+hxUFsfgoAAACAaupcYntm9xU29T0HdRbqleiCePJ+Kw1btHpEu4RyzlBI2rE829l/38roGSzjVq3a/8BG2GQ53AF3C3bRDhA+WFSbYxLa6mGv6BlaSW5RmsZYsndf/AlPi4QfhOZrBIdnQXNp9KZz9lhDl50645JDly4V7iY0voWSB5mUr2PhlKIAAAA3AAAAB3NzaC1kc3MAAAAoblvzoHaWnzbN4vXMTgtA3fiHFKRe+PmV3ysHse6Xkgh73w2p+MkvgA== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_dsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkvaWeDKAfG6GYI6PT5Z+9x27hpsfUJWRV8PqZMMK44zkT5JBWxjSsxlfXGn6c2AimQ9GTOhYjuAnoAAioob44DjWRMKBJLsTCfUlYsK27+/BHoELxuBeMIt6P592XEjUbmeRXM5bhKsv3tNTQQ5wVrqyqm1ssfuAxEq1ySvD0OMhLvsl43+I0WxbCYMyalCz1x0Y/SXWNi3EPRcMDt4MQIYBF5MCo8FG0Hg7syum4ygkmCxCm3ypcYNv+kp6meVhZjQWg6U5/DYux97M57dttKMRjRVPYZIsmrVye3Q+2glCJ7WYsyqLQ4sSyz/di2L7kLs37IRqsL0G6naillbR mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ecdsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAuNLmefikD9jo5sxNf4QrqpTq82PBr5RwYy+ROk7IT2tvSmE/yq3x 4 | jC1zrOrWN3KZCyZ4KRo4YW+0vW2aPnZzVR5Q+toVlsaXB1sWsvIVcnhVvcoGsDZqXUMhm0 5 | nhNBd7oAEVcj6NUF+rPqelgxmnfnqIoC8Zgh+/moV1n+CALXQeneHUzlI7muWU4mMFUCRN 6 | jKSLDLh39yORBXtfX2qHlu5lYk2G2e2ug3TZ4yfD5WOJkhZ7jdn+NY5trUpLoILBmrt5j8 7 | cci68kdSqllktKuZCfo1XqgHX+Hm1H6+7ibhiKE4LQ3rqn2jfCF3GQC2DkCxVpGHFrNijH 8 | 9TRm8RVezQAAA+DQQfNl0EHzZQAAAAdzc2gtcnNhAAABAQC40uZ5+KQP2OjmzE1/hCuqlO 9 | rzY8GvlHBjL5E6TshPa29KYT/KrfGMLXOs6tY3cpkLJngpGjhhb7S9bZo+dnNVHlD62hWW 10 | xpcHWxay8hVyeFW9ygawNmpdQyGbSeE0F3ugARVyPo1QX6s+p6WDGad+eoigLxmCH7+ahX 11 | Wf4IAtdB6d4dTOUjua5ZTiYwVQJE2MpIsMuHf3I5EFe19faoeW7mViTYbZ7a6DdNnjJ8Pl 12 | Y4mSFnuN2f41jm2tSkuggsGau3mPxxyLryR1KqWWS0q5kJ+jVeqAdf4ebUfr7uJuGIoTgt 13 | DeuqfaN8IXcZALYOQLFWkYcWs2KMf1NGbxFV7NAAAAAwEAAQAAAQAtrBg+Pd40+FIdbpEc 14 | GMo9ng0tVhJv1AutxvxpXzyKu67Fv6Bm8nMFQ9oY+fMzwoLlSX1aEtup4FPWl7YNB3Jar2 15 | ItiyTYnHyH2c+TKtV38xqlCr56XwgLweIVIL2hBMiM8pedIq4DFZEYq47wBa/pRlhq1RjF 16 | mhjcE2zMtEqYcHTAgSIdsei3IABurSmIOQJZTM8PumZxiBmFJZ9E1U1ZG/4+tB0XQZJI4o 17 | QHCy2F8GrzlWg7/uFnxU6VjXWMHzyd+7T2OS72ZXni+MO4JXJfBGtiLem48V1FCUmZQokO 18 | 8a6jIi6W/ZCNrSOuD496BQ8bU6n/Uz1ydMToFqB7e5zhAAAAgC7iCK9bj51rXW0yDEFhTT 19 | OGKDvrMFZ3e5mwNZVQAnxOnh6oNWyLwQX7h1f3NZIIqClZsrgzbPCr+Zr3bjFl5Lwasvdl 20 | XV4+OmKaIttGPtUkOWR8JJVAwix3uy7MuZ55QnulrPtCzM/lksPYrS577Tr8YTevMm56xc 21 | KMiVztk9kxAAAAgQDoLY3TCD3dXF1B2F7VQ1wk+tb/8zMfPvlQ4cHKsuEHFmi6GOn5N4Jm 22 | BjCFnJ/oSj1un2zj4F0OjFp9b6eCC7BOhfatWIxSxGuPbrNJ1Lc5PbN6dzzfHi6y3MNFlA 23 | hNgDHKnZNBz8GT0vNlcLVIA50ELUD5UU4AjBsrAEUf+eDT6QAAAIEAy8mH5IReNq2NT4j0 24 | rWlzqL8WpYlyBvsNm1gTnOL39fnKbOpppHBIk9XzBIC23CRDQXhrKAYmTjncR/U80AmQEB 25 | ODzHxOMlnCcorXrW8j9FPn+5LbUX3kfqPNmOZSosDOnd97+tiX3skR6kAYNVpJbcNTFHmN 26 | WGVRxMcZyjpmmUUAAAAmbWFzdGFoeWV0aUBCZW5qYW1pbnMtTWFjQm9vay1Qcm8ubG9jYW 27 | wBAgMEBQ== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ecdsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgteYmKe5pf1kcGd0/Hc/mGAyCGF6XCniNsxAX9l6FXVEAAAADAQABAAABAQC40uZ5+KQP2OjmzE1/hCuqlOrzY8GvlHBjL5E6TshPa29KYT/KrfGMLXOs6tY3cpkLJngpGjhhb7S9bZo+dnNVHlD62hWWxpcHWxay8hVyeFW9ygawNmpdQyGbSeE0F3ugARVyPo1QX6s+p6WDGad+eoigLxmCH7+ahXWf4IAtdB6d4dTOUjua5ZTiYwVQJE2MpIsMuHf3I5EFe19faoeW7mViTYbZ7a6DdNnjJ8PlY4mSFnuN2f41jm2tSkuggsGau3mPxxyLryR1KqWWS0q5kJ+jVeqAdf4ebUfr7uJuGIoTgtDeuqfaN8IXcZALYOQLFWkYcWs2KMf1NGbxFV7NAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCC7agBH9U33kL9qn+wLrXV0+lYxqBr5tqbrlj3IpE98Ixm97M2gMH6RwU5z7ItwtBPHjjVyAliNM2R5a97PEWUAAABkAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAID0p+xLGV17gDhU422IbgkZlmr3WV8Fu1LFz0G5LUN80AAAAIQCK2p+m6KdqXdASHhVQlJG9Q1y7+Vc+lXTdGJO3o0Gy5g== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ecdsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC40uZ5+KQP2OjmzE1/hCuqlOrzY8GvlHBjL5E6TshPa29KYT/KrfGMLXOs6tY3cpkLJngpGjhhb7S9bZo+dnNVHlD62hWWxpcHWxay8hVyeFW9ygawNmpdQyGbSeE0F3ugARVyPo1QX6s+p6WDGad+eoigLxmCH7+ahXWf4IAtdB6d4dTOUjua5ZTiYwVQJE2MpIsMuHf3I5EFe19faoeW7mViTYbZ7a6DdNnjJ8PlY4mSFnuN2f41jm2tSkuggsGau3mPxxyLryR1KqWWS0q5kJ+jVeqAdf4ebUfr7uJuGIoTgtDeuqfaN8IXcZALYOQLFWkYcWs2KMf1NGbxFV7N mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ed25519_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAp2qLap4DrvIdazoG25Kfc8tqyXPD5q8lpqquQu+zzkXlIF4qmWsm 4 | kiFRd0OsuKAEpmXLP6ogBYxuHxQRUtXavo0rTSXelks5kGwM3w7CmrtJbp7CrcWy/gYW4x 5 | C10It17+PuXuqHfncQn0wkgjdEUKLGuXwCVsk/5CjjldL39WtO3cd3lF1tp51nDXdGLPMC 6 | tA2+aSrooSGYGMZijkvu0KSUqDKbgJG2rPbZHAbu4Dup1LR8oqxqaBEfoGAMGqywxSWLJN 7 | 0X1PNpYOAobuVxsseJnPJN557l6+Ks0IgNZd2bNw2/NTYYGrNydbSbW4kXF+Q2hOf8L3IN 8 | YywNoBGU4wAAA+DToS2c06EtnAAAAAdzc2gtcnNhAAABAQCnaotqngOu8h1rOgbbkp9zy2 9 | rJc8PmryWmqq5C77POReUgXiqZayaSIVF3Q6y4oASmZcs/qiAFjG4fFBFS1dq+jStNJd6W 10 | SzmQbAzfDsKau0lunsKtxbL+BhbjELXQi3Xv4+5e6od+dxCfTCSCN0RQosa5fAJWyT/kKO 11 | OV0vf1a07dx3eUXW2nnWcNd0Ys8wK0Db5pKuihIZgYxmKOS+7QpJSoMpuAkbas9tkcBu7g 12 | O6nUtHyirGpoER+gYAwarLDFJYsk3RfU82lg4Chu5XGyx4mc8k3nnuXr4qzQiA1l3Zs3Db 13 | 81Nhgas3J1tJtbiRcX5DaE5/wvcg1jLA2gEZTjAAAAAwEAAQAAAQBo185rfH1uB+3ogrRc 14 | uZvl1lQPyNG8G5+Gmoj7HkYKPbdZ597hqTrEdN0hxV3bWUrQMhtwyUe4cdNc3yJiL88HWj 15 | zt2XNlx8JK8X+2CPZSFEvOXNoqHQ8VChc3J/XUniHDk4hqJJGp30Knn/WVHqtHnEi7TC/i 16 | zbGXXwv3feEO7ZthgMDgZQLuKR0eeJaqvnzbAeLOwi9+ck8tFt3488eeiMQvpv9+u/7lUP 17 | cCOQnRpCFzTcqsbV0mUsmwUcDapNqkkIk4M8gmtnjNL6ha0Pu41/4hEEfJpopZ7iAX1Sug 18 | tOvyyX2okEHCjLfYrAv/9nhJ+Xq7Gsa4G1jI+Fxs9sshAAAAgQDSVNIir8P+veJycSJ8Un 19 | YrUxLOV3w3K91eWrvGqJrioExSAM/0b8YwctOtdhMVcDubknfo5hZ1xjJpm5d5higuhbHu 20 | MJoAvUIrYaEKZsTNCOqyQJCxe2qcTUCxR57B8HtbB9R0Gf0eXvRphHVhAPN1BuYSJZhN/9 21 | mJPU1zuMW7AQAAAIEA0298K4I9uUvBoAfoPingZKnfUTnYr8sHhTB658glTzsRF2KeYESJ 22 | cJQoPte/nAHlLWyzGBbfZHeqVy+rYjfmwDApeGbJVNG+Hs2IVYdNKEK5S/mT5Tb6YW1Len 23 | TUrjTV3Slz8YGkM1BMajEXf9Vht8ge1u5HlOa5u8hJxeZArGkAAACBAMqz5DaxpIfECYPv 24 | AXUlzvfANllrnoe5dd4RI0dHO0QXKg7z2QYkeF0+C72dECV66YW0JS8KEqYiAKmOwvPinO 25 | OPyaaHjholwpYjkGBBmAWDJOoPtjpSHglpt4gmMytbyoxd7lTeNcau8SQNv8ve9ehCeVvR 26 | OY95HDaVBqYNwL1rAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ed25519_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgz7J4Tvkp0uFV0rIfOV2pwQr91qRpMQY9hu397raEa0QAAAADAQABAAABAQCnaotqngOu8h1rOgbbkp9zy2rJc8PmryWmqq5C77POReUgXiqZayaSIVF3Q6y4oASmZcs/qiAFjG4fFBFS1dq+jStNJd6WSzmQbAzfDsKau0lunsKtxbL+BhbjELXQi3Xv4+5e6od+dxCfTCSCN0RQosa5fAJWyT/kKOOV0vf1a07dx3eUXW2nnWcNd0Ys8wK0Db5pKuihIZgYxmKOS+7QpJSoMpuAkbas9tkcBu7gO6nUtHyirGpoER+gYAwarLDFJYsk3RfU82lg4Chu5XGyx4mc8k3nnuXr4qzQiA1l3Zs3Db81Nhgas3J1tJtbiRcX5DaE5/wvcg1jLA2gEZTjAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJtKNSHNYXYT3kRUideU/9tFjTAaImB/EIjwVe0r+Rf9AAAAUwAAAAtzc2gtZWQyNTUxOQAAAEAxEqTKJbnrz1TQVbUV+9KgPKBPOguhMEAjUwAXd/TSWKmZpB1nk/IAhpJPdKqlyoW3bpFv9n+8jgKc8FRkRm4F mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_ed25519_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnaotqngOu8h1rOgbbkp9zy2rJc8PmryWmqq5C77POReUgXiqZayaSIVF3Q6y4oASmZcs/qiAFjG4fFBFS1dq+jStNJd6WSzmQbAzfDsKau0lunsKtxbL+BhbjELXQi3Xv4+5e6od+dxCfTCSCN0RQosa5fAJWyT/kKOOV0vf1a07dx3eUXW2nnWcNd0Ys8wK0Db5pKuihIZgYxmKOS+7QpJSoMpuAkbas9tkcBu7gO6nUtHyirGpoER+gYAwarLDFJYsk3RfU82lg4Chu5XGyx4mc8k3nnuXr4qzQiA1l3Zs3Db81Nhgas3J1tJtbiRcX5DaE5/wvcg1jLA2gEZTj mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAvsY7kJGO4+M0pgy8mHWgKKRZt8XK6JK9MTdCeZOWyCy+2w0xIoC3 4 | yzC0fDoaGXxDJls9jPl0Wtz1rnos/p5IfMSx2S1b7N9YO1ViRvVtlhK0SkoFCjyIpca7kI 5 | xYXvK+ZY14aIwsAe43u3baXfxMnLmwFgcgc4x0c8r67tDX1d2Qa2bVjrJxUTdV+h232hOc 6 | izMm3B897q8kq3csUJ1S9WrSfxqhA5ocmQ0QlzB8DSF/nKOC6a1M07ajtVeIbwxDqVb+ca 7 | FPhpLQiDgQDsn2ji9RUW4mjGc8EyvGxtBAdeiYzBBtVm10gtOBilzaxfgO9eAopEgrKXRB 8 | Q72SRd30wQAAA+BmVANiZlQDYgAAAAdzc2gtcnNhAAABAQC+xjuQkY7j4zSmDLyYdaAopF 9 | m3xcrokr0xN0J5k5bILL7bDTEigLfLMLR8OhoZfEMmWz2M+XRa3PWueiz+nkh8xLHZLVvs 10 | 31g7VWJG9W2WErRKSgUKPIilxruQjFhe8r5ljXhojCwB7je7dtpd/EycubAWByBzjHRzyv 11 | ru0NfV3ZBrZtWOsnFRN1X6HbfaE5yLMybcHz3urySrdyxQnVL1atJ/GqEDmhyZDRCXMHwN 12 | IX+co4LprUzTtqO1V4hvDEOpVv5xoU+GktCIOBAOyfaOL1FRbiaMZzwTK8bG0EB16JjMEG 13 | 1WbXSC04GKXNrF+A714CikSCspdEFDvZJF3fTBAAAAAwEAAQAAAQEAgKGu9fp/Sz8ed7vs 14 | yiu9ksnGSLhP6WNPt8iXxNvz9gLdqVuKvsXlp1auy3htsrNrn4gzx0NH5iBIc52jiwb0v1 15 | Psyw/fhKbPmionOssvWdpAwDqKjW1lgcmvHHbU+yhXoqeyAWRKI/8YiwlHkcmVarN1fFTP 16 | 17ljp9O8QJyGe4dgWtW9Jlo1lGMQcWY2D9bqjKMfYjNrNuf3efl7siEOjOVDvhVnLcI3JH 17 | kUfWkb/fwbM9Rlv4uqpj8s9haXx1L7wCTvfs+JC5Qi31IWGN6+QJ3cx7cuolScMCDfWl67 18 | oggUOhqHYYoaWsayErpZcPfbWDweuvg4K8hY/ELdSnOoBQAAAIAyPfi7VvlbZqTgfYnJ/i 19 | eEhCvaY21l6mQDWUP0QUgy1Oq0n9XRo9uTpSYsOxMZhNC0EktJWWXiTh/U6X9+8K+igBCx 20 | FrqU0hJx0/EKT2HWVK8t8v8PZfh+ZFUwo2eFMFFa9HxH5ncqTD4b0Gd8fESgJX4us97APS 21 | 9a1IHtM6UO0QAAAIEA3tRQz6YLrOD0XHgZNFoAb1IupwH7PwPU5eK0ofPhccevmlPyzGhv 22 | GPWQBW6po2zKjK/7F6LQGwkBd2X0kpgZ/sDaWlbVe8M7PWWXA8Jd0kUMTURf2RNzOCFifM 23 | qFuIK+NpGyG++WweJVK0BZDQS8e6gzrThqltsrNbZCL0/C+mMAAACBANssWYtGl+zgyXGf 24 | mCupes+JPrvIKkdylSb07CZcT/s2yBIvik8pkh47TmnevWY7OQ3u4//wXiKA+jjhSZwPt1 25 | zMiTnlywvCqcjpa6eTlpUtdiczjXOunXXmb9Z0RRLhWlPZFUAG9+fSWa8KO+ewh2btHTtB 26 | GAthl2UgBjhAV0uLAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgjLIeW9dCI66ol3XC3wLGK7opSXbL72B1fmC/WOPWQboAAAADAQABAAABAQC+xjuQkY7j4zSmDLyYdaAopFm3xcrokr0xN0J5k5bILL7bDTEigLfLMLR8OhoZfEMmWz2M+XRa3PWueiz+nkh8xLHZLVvs31g7VWJG9W2WErRKSgUKPIilxruQjFhe8r5ljXhojCwB7je7dtpd/EycubAWByBzjHRzyvru0NfV3ZBrZtWOsnFRN1X6HbfaE5yLMybcHz3urySrdyxQnVL1atJ/GqEDmhyZDRCXMHwNIX+co4LprUzTtqO1V4hvDEOpVv5xoU+GktCIOBAOyfaOL1FRbiaMZzwTK8bG0EB16JjMEG1WbXSC04GKXNrF+A714CikSCspdEFDvZJF3fTBAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAJbzB6zuCo4qccRToXhxGGTgdeIa/oEX9MvuXTyw7z9LI06r3Iz69XGHaN37yI+2GpJt8stMqEs75zROCOxfREqsXPU7CJVPC6cZ2BMk5+1TYWYUokdZSXQCx3quWNKGdI+62rCBjwRYvlD3nabqEVbUezurNmQOjJsi1/0WTpy7MHG8QtkMFQdpWg2I6+GhI9euGZkqynsUvYmSl6HhAW+4IIE0hsw8azM7rgt2Y24q3hmJyRGnK2680H7XeeNbIzCYNPsP99MlTq74sN1iXsXWbFRZRlJvuU9BX8Jcts+N/X9ZT/Sv2YsbkLZvtJ557wK821cAk8w7jHPiNh5BOg0= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+xjuQkY7j4zSmDLyYdaAopFm3xcrokr0xN0J5k5bILL7bDTEigLfLMLR8OhoZfEMmWz2M+XRa3PWueiz+nkh8xLHZLVvs31g7VWJG9W2WErRKSgUKPIilxruQjFhe8r5ljXhojCwB7je7dtpd/EycubAWByBzjHRzyvru0NfV3ZBrZtWOsnFRN1X6HbfaE5yLMybcHz3urySrdyxQnVL1atJ/GqEDmhyZDRCXMHwNIX+co4LprUzTtqO1V4hvDEOpVv5xoU+GktCIOBAOyfaOL1FRbiaMZzwTK8bG0EB16JjMEG1WbXSC04GKXNrF+A714CikSCspdEFDvZJF3fTB mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_256: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAoOYrE6L+gal76n6oC5sydFkqX6aaB8Iv6gcqoZmrqM8j+Fzimxbc 4 | xi8vcAci/R/yxwFu43FO/trjF+inaUWk7uniB748pJFNd5ELBeJtU1CHMjO6i3jYQQ7NRB 5 | N19gTcFHO+n1BmvI66/BLbSOJ/h/DLObDjbLE6YaC83oD7lHYn/OTrl5XhSnYqsLZfdma1 6 | EgEbcs18ILBCjBHrtWyAquS8GjAXX1elobkipOV4d/+ba/xJ04LxBBz3rhX8raalNArQsm 7 | x0v53kjE+fv1RlQFnAnDykG480536ZYxwLJzxzYUO1TgQel6tyhC63tmm5egowRdtTER0+ 8 | tkwVLNTxkwAAA+AR0V0oEdFdKAAAAAdzc2gtcnNhAAABAQCg5isTov6BqXvqfqgLmzJ0WS 9 | pfppoHwi/qByqhmauozyP4XOKbFtzGLy9wByL9H/LHAW7jcU7+2uMX6KdpRaTu6eIHvjyk 10 | kU13kQsF4m1TUIcyM7qLeNhBDs1EE3X2BNwUc76fUGa8jrr8EttI4n+H8Ms5sONssTphoL 11 | zegPuUdif85OuXleFKdiqwtl92ZrUSARtyzXwgsEKMEeu1bICq5LwaMBdfV6WhuSKk5Xh3 12 | /5tr/EnTgvEEHPeuFfytpqU0CtCybHS/neSMT5+/VGVAWcCcPKQbjzTnfpljHAsnPHNhQ7 13 | VOBB6Xq3KELre2abl6CjBF21MRHT62TBUs1PGTAAAAAwEAAQAAAQBBa7TCJDjlUZs/ykXb 14 | ijvmkMao452nX+6JcmaEFG52kdqnRmUg+BfGQTNBkrVIRHA7ODr1IYIkH63Mb9158UZRmi 15 | k8Sr5vj2D3J7NarikTgh+mauADi5wqP7F4Z41D/c/aRQGR12gebM5cZfJhXS7LgD2xdFnU 16 | PO9m+KsysTEZuJgYX+pbPghTL48XdMPowJUsu5FmKmz25KVr88CJWNUzpYqXYvmgsSALf1 17 | fDRF0ggejPpnUHB/GL1+bz04FETocC2303yVNSgrIZID7KZoNW6PM+2BrtCt6bTMXYq+DF 18 | kvFu3WgFxFO09WzUmEJKXxtpQfEzTLqA8Mt+jMAl095hAAAAgBBrMWdYEoNpG+h1BjdvMm 19 | 8iHI2Q3dwYnINKuWJ8GDhNCOXZ5mq99160iEB7Jh2SP2IgFz3V7rFEDbohA8YPvSkBhWZT 20 | LRQD9fGtV0uhwPrAd64ddh6ibq6G6DooTGUFKuGLbh+EFVVoGFTOsZNTXYImYJPvAXw13u 21 | BViGaUauu6AAAAgQDL/CgLsy+/qwInCI/Y/MFjl0UavfDrasgzgbm9vNM6ElDT6DaNkxH4 22 | LuEvEI6+kLKP1AfOgFUkh/mV1N6NJ5y46nT1JPW8QyLBCYl/c17zF73tpKImvUscr/TAIo 23 | I4prMmx5bfH21JIWDQsUr2q2jSKsDz6JJazXOxjEEgn5WZowAAAIEAye1tbTOHXcyvOFeJ 24 | 75dHZm3wskRnGSNCEIOfZGdkyXf+NQYVivQ4hyiMWc/rsxCD105y2Mmdhgw9fJP5ULmfBZ 25 | unZkHNgBqVquow3wx9z7fMrLRDmIkgCuZfyZQ0UbSF432zayhLDuZslekq6jQKiqLiL5DA 26 | OXOZSsQvpcwCp1EAAAAmbWFzdGFoeWV0aUBCZW5qYW1pbnMtTWFjQm9vay1Qcm8ubG9jYW 27 | wBAgMEBQ== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_256-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgD6UPGJ65bMZSZcwYFa21ImYDt95dT4AEXhg/V543f/sAAAADAQABAAABAQCg5isTov6BqXvqfqgLmzJ0WSpfppoHwi/qByqhmauozyP4XOKbFtzGLy9wByL9H/LHAW7jcU7+2uMX6KdpRaTu6eIHvjykkU13kQsF4m1TUIcyM7qLeNhBDs1EE3X2BNwUc76fUGa8jrr8EttI4n+H8Ms5sONssTphoLzegPuUdif85OuXleFKdiqwtl92ZrUSARtyzXwgsEKMEeu1bICq5LwaMBdfV6WhuSKk5Xh3/5tr/EnTgvEEHPeuFfytpqU0CtCybHS/neSMT5+/VGVAWcCcPKQbjzTnfpljHAsnPHNhQ7VOBB6Xq3KELre2abl6CjBF21MRHT62TBUs1PGTAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABFAAAAAxyc2Etc2hhMi0yNTYAAAEAixSGL6nIAe7Qo/Kd1jAtVf7SkF0lotoy8xQjKE/1urWhMohFEQc7Yfdt4PYiKflnrSN//vqZyGN2t+5iwvPV4OQJXoHZFbNU/sJAgqHcYtrUIXGiU+7IZePDy/9V0Snl/wAupIMyxApX0YTAmWTdNrNdlPS/SGTZgE2yFgG00xHTqfPZtnOzSz/34URlqzqVk/T1mBYv7ibJDB5V+ODyR/f/iMP3gvHcwwRQ3xF9qBYYdlB8P0GlElgkH4A2JJ/xy1bOjvzkuaPOcMus6JxL/jrEnnbkEowrTa4xgRJCk5j3KxUiQuYaxbrtu4Haav4MQ6wC0RIs1So9nqoq+iuTEg== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_256.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCg5isTov6BqXvqfqgLmzJ0WSpfppoHwi/qByqhmauozyP4XOKbFtzGLy9wByL9H/LHAW7jcU7+2uMX6KdpRaTu6eIHvjykkU13kQsF4m1TUIcyM7qLeNhBDs1EE3X2BNwUc76fUGa8jrr8EttI4n+H8Ms5sONssTphoLzegPuUdif85OuXleFKdiqwtl92ZrUSARtyzXwgsEKMEeu1bICq5LwaMBdfV6WhuSKk5Xh3/5tr/EnTgvEEHPeuFfytpqU0CtCybHS/neSMT5+/VGVAWcCcPKQbjzTnfpljHAsnPHNhQ7VOBB6Xq3KELre2abl6CjBF21MRHT62TBUs1PGT mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_512: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA1n6Umdz5V50Dqo0lZkrj55wOD4ga/09Tv6AvnVcUwa1eI9ZUuqQg 4 | NOWEKP26NMgvk2zmf7ouQ5qlJe6PJXp3PkdXovMg7sh0rx173s9iOuV/IPfKOJDhycRdPX 5 | Klkm0SuU69da7D6kY978Z02bvsmNh8UKbsZIfjX0dSo1pFCZkcKh7ytlTIzgnIKt3oXArw 6 | HWJFCiQu/O1FS1hcvfOSPeFYsrJIbYxWVGTuE8gQWCgtNx9VRmPGZ6P0Jalto1RtAkb9xH 7 | PWZ9yJ80rcdrtXn3+gfckqfrrhPIBpc9lBZhuCFKPuZuVnSxXxe8sCDIe95bWgrKuVMCUl 8 | mAK27X0bqwAAA+C06Dl2tOg5dgAAAAdzc2gtcnNhAAABAQDWfpSZ3PlXnQOqjSVmSuPnnA 9 | 4PiBr/T1O/oC+dVxTBrV4j1lS6pCA05YQo/bo0yC+TbOZ/ui5DmqUl7o8lenc+R1ei8yDu 10 | yHSvHXvez2I65X8g98o4kOHJxF09cqWSbRK5Tr11rsPqRj3vxnTZu+yY2HxQpuxkh+NfR1 11 | KjWkUJmRwqHvK2VMjOCcgq3ehcCvAdYkUKJC787UVLWFy985I94ViyskhtjFZUZO4TyBBY 12 | KC03H1VGY8Zno/QlqW2jVG0CRv3Ec9Zn3InzStx2u1eff6B9ySp+uuE8gGlz2UFmG4IUo+ 13 | 5m5WdLFfF7ywIMh73ltaCsq5UwJSWYArbtfRurAAAAAwEAAQAAAQEAlP26FSKEZJJhYI/I 14 | ocR1iIVC0xEUx7F/mAUZ7e32Mg5N7RDNLBQjdvrSkXKlbFJ9kac8eQ6HYlhCTRXngv4NZE 15 | pEGqFNh+/f9V/CkmN1dTnC09CrPB2PaQqoRa2kSxDOx79lJSCvX8VI8ovk0PWThBwkRhWc 16 | 8LvfeWheg6+Jcv8MfTDeQMvEejJrifYeIgUnhsa8cUY1aVgQI/BLLwJatBILsmeYHPpJUc 17 | X28ctZ04IJPySGmS70xgOKqttcESjwaCWWq8Zbwv8jLYvBzRWjyyKVV5W4D7SE23yNfXE0 18 | KZFLcieB7PDefI/8f9o9UXj1Qgn9tUDfEVUH3X22Ob99KQAAAIBNg8crl4+1Tx/i29c23w 19 | JwOjtTWSEF4c4F3oPl93aCBydNrkLoVxtEELFoCntmzFDlz0b0qoYJjLELZVYOhFzY1yK4 20 | +zBzEDDIYtyXmg462c4rlBmMzsX5AT2bOAbqMkz2IzHBUO56Of4R/Cv3H/3wGSCTdKtLme 21 | rYKMGlZU7R7QAAAIEA+X98OD+rBGo2S6fOgr+JKCpJm57xAZ41hQcoqK/exlaY+i6C4fGx 22 | jxhItyKJyEFtZMffTIsoyqN/C/N0jXt2GPTt11h7cuXoML8hOO+xnugACnn42g8+0uBs01 23 | 25sZJEAELgvHAzbAUdHke+yjJVEPTjG6num1vJkZwXR0J5u68AAACBANwVkhpLxypZst8S 24 | zK3HAJsASDOvN+5N+r8/nKoIPEC3+p0r05wyUa43Iy2aX/xNHwYVlv9y1Hd76exwjIHsyD 25 | DgYHv0IIVUx/6jeaX/Qs6DzgUz0NsmE889uskEzfYDk9EL+j/EU5DP1IZXf/u0ZSAx6z9m 26 | uKe8b0az20O3sLLFAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_512-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgaEtgZ62R/ngTrlVxslotA3cnRoxl37uMWr+VNdlPEBIAAAADAQABAAABAQDWfpSZ3PlXnQOqjSVmSuPnnA4PiBr/T1O/oC+dVxTBrV4j1lS6pCA05YQo/bo0yC+TbOZ/ui5DmqUl7o8lenc+R1ei8yDuyHSvHXvez2I65X8g98o4kOHJxF09cqWSbRK5Tr11rsPqRj3vxnTZu+yY2HxQpuxkh+NfR1KjWkUJmRwqHvK2VMjOCcgq3ehcCvAdYkUKJC787UVLWFy985I94ViyskhtjFZUZO4TyBBYKC03H1VGY8Zno/QlqW2jVG0CRv3Ec9Zn3InzStx2u1eff6B9ySp+uuE8gGlz2UFmG4IUo+5m5WdLFfF7ywIMh73ltaCsq5UwJSWYArbtfRurAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAADAAAAAJwMQAAAAJwMgAAAAAAAAAA//////////8AAAASAAAAA2ZvbwAAAAcAAAADYmFyAAAAMAAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAA2JhegAAAAgAAAAEcXdlcgAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABFAAAAAxyc2Etc2hhMi01MTIAAAEAEBiCMP+uDhsrErHm//3GZC50M9dOP0rTC/BdSjndEYe58kROkSRqNA3FNYMe+710ch91lNBQ5IksX7zR1MkeCmzupcrdnP42wdv6ILG4/9kWZQcGIiGLeUVmeEl6QtjnW6r012igAkgDGP6Z+SDs74o7KV+GxiPxWgidn3ak09g2LkHmARD3yRS230+uft0vwOm6Z6sPA+bwGV4VDN6p///UOb+sg2CnNNbx3fFRaw6M6R1HIpbsNNmkyk5rVJAlKmKOJ3tBz3ZL2bN/ThWTlPeDz2IUlJdUCzwO+JkcFL9oVeHZvxgupdTrsZDkOkA5qC9DB3xwMKIlKaNff/nCJg== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_rsa_ca_sha2_512.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDWfpSZ3PlXnQOqjSVmSuPnnA4PiBr/T1O/oC+dVxTBrV4j1lS6pCA05YQo/bo0yC+TbOZ/ui5DmqUl7o8lenc+R1ei8yDuyHSvHXvez2I65X8g98o4kOHJxF09cqWSbRK5Tr11rsPqRj3vxnTZu+yY2HxQpuxkh+NfR1KjWkUJmRwqHvK2VMjOCcgq3ehcCvAdYkUKJC787UVLWFy985I94ViyskhtjFZUZO4TyBBYKC03H1VGY8Zno/QlqW2jVG0CRv3Ec9Zn3InzStx2u1eff6B9ySp+uuE8gGlz2UFmG4IUo+5m5WdLFfF7ywIMh73ltaCsq5UwJSWYArbtfRur mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_skecdsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAYEAxzIj0SZz5rXQdCys5Z4A8m7EQ3AIoXm0CGJ8yjgITB0M8HtvM4aV 4 | BeDe/u+nzU1D24CfLqRFvMUQRhWAERJcla+zwSMmBg1qz92SNa+QYOttiuBhWwgzramO1F 5 | 7TUoJu+1mIS/U7CE2WNJp+TaX5IHLtrPmgQ1yBkGSsW5chHqsYX0V7yp//whDGUCdFWTvB 6 | /q7VWms4dqrl2Q+IyJtYgpgBOg2DhELnO/1umLx/dLYyyLLfwkWKszBM12tktD0dKbnouZ 7 | 0prxgKt0XUtIOV9ROXXhAJe9T3XWquTjulT2E5FiHtJ3ZGWdnXWFPzmmNlzfkMHj+YqEEa 8 | oPiOEDgXnYeszaHH6adVuzqwqEt1Wm9Zz5sqpZVaN5pZOK4w6bAFg76lNQG6FM3wyiVgOp 9 | IddZRJu0ELNC+ZeQ4LRRc+5HOwbptqIMdsjJ4YY55FnmxT7/7dPMDf9Iz7aVm3f7K2wNR0 10 | nHE5rCGCRItwg/ODjTC+HH2jrV2Uw8xUDeWviuW/AAAFkHgl/vF4Jf7xAAAAB3NzaC1yc2 11 | EAAAGBAMcyI9Emc+a10HQsrOWeAPJuxENwCKF5tAhifMo4CEwdDPB7bzOGlQXg3v7vp81N 12 | Q9uAny6kRbzFEEYVgBESXJWvs8EjJgYNas/dkjWvkGDrbYrgYVsIM62pjtRe01KCbvtZiE 13 | v1OwhNljSafk2l+SBy7az5oENcgZBkrFuXIR6rGF9Fe8qf/8IQxlAnRVk7wf6u1VprOHaq 14 | 5dkPiMibWIKYAToNg4RC5zv9bpi8f3S2Msiy38JFirMwTNdrZLQ9HSm56LmdKa8YCrdF1L 15 | SDlfUTl14QCXvU911qrk47pU9hORYh7Sd2RlnZ11hT85pjZc35DB4/mKhBGqD4jhA4F52H 16 | rM2hx+mnVbs6sKhLdVpvWc+bKqWVWjeaWTiuMOmwBYO+pTUBuhTN8MolYDqSHXWUSbtBCz 17 | QvmXkOC0UXPuRzsG6baiDHbIyeGGOeRZ5sU+/+3TzA3/SM+2lZt3+ytsDUdJxxOawhgkSL 18 | cIPzg40wvhx9o61dlMPMVA3lr4rlvwAAAAMBAAEAAAGBAIa90OKKOz4lYEMlcTLFJWjYKm 19 | RfpUbtFy3QyQ7UxjAOOpF1PWxCLg3S5aTXIc/K4wrYv1SChDXDq1Vs97sUi5IpTtNnXjIb 20 | 41OGUn+EKYqV1fxp+RDlxGdFWbsoBZQ7bK0TDBItaOgd62vb0XHewl0DwOgP1yuZqH6uyr 21 | QNz7Z6D7tqOel/Pzbbt/nCBrPsqzYGt4U5H/GNenrQejsQcdes0K+fMoZF5zp6HNSuNR0S 22 | ndmKvbcg6Uh6dJAHMhCFgUHwuHib+VyZvMTFZd6VFGiP9g5z8tU3xpIUrkiBTkloy+2XLJ 23 | MkyWPW9KTgwxiHaY4+txbipdzLSoE7MhkGnP+0Gfev3s6v5wfJgpL/wMvSOyMbHKzZBVgX 24 | 7tx0obfoNFRDsZpS8LB+DOsTJphbFeJFBfTlKRWcdJ+SIy6teI2hrC2Dm6Rc3DM1kpePvv 25 | hihi1etMalZKsiZBsm8X9HL0Yw9yGn3ehm3C/VuE1uGcrytAvySGvF1YOtxFcjgge3mQAA 26 | AMEAuf3pctrqSazBFt2Adnq0aQHJhzbKQMfrYeJU1pEX5Jykfz867ZWQfTKmUqZHTc4yv/ 27 | dngezh9rgVeiE+kNgVkRoJujhXjt51tS2F2hX7vBiuj26jMjsub4g2zi9H29EOub2fLeAL 28 | 07AlE9qOuEAGCcx6k7Eh2tM1SC4JuKlTtZySykeHMarm/dg89q9f1XVQcBDXlOVYtQOcrf 29 | UFi9t31dWFmC0ZFn+b0OD8emXIXBUz2yawESSq5g7Eo09CbUHoAAAAwQDo64oZwoZizfBP 30 | UUIkKIs0eeJWBOjiI4tLaeMs59+XGdvZKw+pCRhzCy9ygE5SQmumFatqVWyxWX27EXBAh8 31 | ywaViFrKu6Oc88NGGUcP7qMEsDHbmdujbFByxj5GNjUp79kSArqtpDs01LBjI6m1lT3Vzi 32 | nLzFxlHIAK8AEOIgqZSs8QOF233R1rRarnHMtXL8zQYq6sGKqNftpNKbIsXzd06B7kwdvd 33 | TScNRWWJcUu8YL+1iTuM4B0RzlaU1GzIUAAADBANrvHx+coP8QNBbUsrHVBCAAtSZ57+sY 34 | ls9cdC3JJSejbFTBcqpEJwgkkFltzW6NDoT/oDc3bXtsLo6dEiIrwaiqBCzUI6YWv/8/53 35 | DtwdpunO+w/m/d2fsMOD7hBCsJq9F8bqjFYS+RmgltKecTnwJ2UmVBjXsxgxQxviKdfGjn 36 | w0fXy422PdTjRbj3XbyPAy7pdWws6sdU9s6EH2gwELGky088HWX8HxmirfI3JX7tcosANx 37 | idQYsG+n67hKLOcwAAABN2Y3Nqb25lc0BLZXZpbnMtTUJQAQIDBAUG 38 | -----END OPENSSH PRIVATE KEY----- 39 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_skecdsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgzkt8R6EX7iCu4+5Fr1Dt4UqYAREilnmKsBX90/2EEUUAAAADAQABAAABgQDHMiPRJnPmtdB0LKzlngDybsRDcAihebQIYnzKOAhMHQzwe28zhpUF4N7+76fNTUPbgJ8upEW8xRBGFYARElyVr7PBIyYGDWrP3ZI1r5Bg622K4GFbCDOtqY7UXtNSgm77WYhL9TsITZY0mn5Npfkgcu2s+aBDXIGQZKxblyEeqxhfRXvKn//CEMZQJ0VZO8H+rtVaazh2quXZD4jIm1iCmAE6DYOEQuc7/W6YvH90tjLIst/CRYqzMEzXa2S0PR0puei5nSmvGAq3RdS0g5X1E5deEAl71Pddaq5OO6VPYTkWIe0ndkZZ2ddYU/OaY2XN+QweP5ioQRqg+I4QOBedh6zNocfpp1W7OrCoS3Vab1nPmyqllVo3mlk4rjDpsAWDvqU1AboUzfDKJWA6kh11lEm7QQs0L5l5DgtFFz7kc7Bum2ogx2yMnhhjnkWebFPv/t08wN/0jPtpWbd/srbA1HSccTmsIYJEi3CD84ONML4cfaOtXZTDzFQN5a+K5b8AAAAAAAAAewAAAAEAAAAIbXktaWRlbnQAAAAMAAAAAnAxAAAAAnAyAAAAAAAAAAD//////////wAAABIAAAADZm9vAAAABwAAAANiYXIAAAAwAAAAA2JhegAAAAgAAAAEcXdlcgAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAAAAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEqtXuPt8YlfvCd9SNupUrv0RcqseUbzFkiNEttrSCZuD1KKDuDluU/g4t/42YJKPbsBc6/8w2U8urlsg0IZPRvAAAAARzc2g6AAAAdwAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASAAAACAoTZ3DnZY5pDal5IIk3wF0T62keDPE120XADZOD6bR9AAAACBdNq4i61BbTncPBPlRrW/MwxiCLYVCrClYwUEwoPTH2gEAAAAO vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_skecdsa_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDHMiPRJnPmtdB0LKzlngDybsRDcAihebQIYnzKOAhMHQzwe28zhpUF4N7+76fNTUPbgJ8upEW8xRBGFYARElyVr7PBIyYGDWrP3ZI1r5Bg622K4GFbCDOtqY7UXtNSgm77WYhL9TsITZY0mn5Npfkgcu2s+aBDXIGQZKxblyEeqxhfRXvKn//CEMZQJ0VZO8H+rtVaazh2quXZD4jIm1iCmAE6DYOEQuc7/W6YvH90tjLIst/CRYqzMEzXa2S0PR0puei5nSmvGAq3RdS0g5X1E5deEAl71Pddaq5OO6VPYTkWIe0ndkZZ2ddYU/OaY2XN+QweP5ioQRqg+I4QOBedh6zNocfpp1W7OrCoS3Vab1nPmyqllVo3mlk4rjDpsAWDvqU1AboUzfDKJWA6kh11lEm7QQs0L5l5DgtFFz7kc7Bum2ogx2yMnhhjnkWebFPv/t08wN/0jPtpWbd/srbA1HSccTmsIYJEi3CD84ONML4cfaOtXZTDzFQN5a+K5b8= vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_sked25519_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAYEAuDxsZAjV3QkUVhrYF78JRt7e/kDAQLlcmuLNN/GcvD3R1d0r0eV1 4 | RnDrWtt8kT3WcDxHxVeyyvAa3S1VAUhQOnXbAmc6klEvhf8kd9r/KJbsqKdcyEOhSTlT69 5 | gg+fopqRa9O+SY+P2mz0Zm6JdVrdmniFVyYq1GKHnlfqUGELhda4URLW53mVa2ahKjFg1o 6 | QZf+e0zoDVuO6gcZs1bSIYos5BkAER0FSJ+r1UZL+rSYy+mFBXaQ6mDIiWl0/3sqaVRrNl 7 | qKhCdiffDlp53GBU4u32b8h+BqbS619NC87XbXS9igwu6/+WqG2klrHvYXd2oPjqTnAl4D 8 | nrCfxyABBkUqh07trJZPqBldrYaogzwUL1LYCdYI5yQGqKivL4uINy9DyZetLFvkPN5mak 9 | xwADE5n9dSf37tMoQxM7krUoUxrPJ7Y8BCzQ2LRkP51MG9h4JTMQge1FZfBjhlbf5IagoX 10 | WOfKNwggBBODJvZReW4rpzTLK4ktBVeX6+sdeELXAAAFiO4sBWXuLAVlAAAAB3NzaC1yc2 11 | EAAAGBALg8bGQI1d0JFFYa2Be/CUbe3v5AwEC5XJrizTfxnLw90dXdK9HldUZw61rbfJE9 12 | 1nA8R8VXssrwGt0tVQFIUDp12wJnOpJRL4X/JHfa/yiW7KinXMhDoUk5U+vYIPn6KakWvT 13 | vkmPj9ps9GZuiXVa3Zp4hVcmKtRih55X6lBhC4XWuFES1ud5lWtmoSoxYNaEGX/ntM6A1b 14 | juoHGbNW0iGKLOQZABEdBUifq9VGS/q0mMvphQV2kOpgyIlpdP97KmlUazZaioQnYn3w5a 15 | edxgVOLt9m/Ifgam0utfTQvO1210vYoMLuv/lqhtpJax72F3dqD46k5wJeA56wn8cgAQZF 16 | KodO7ayWT6gZXa2GqIM8FC9S2AnWCOckBqiory+LiDcvQ8mXrSxb5DzeZmpMcAAxOZ/XUn 17 | 9+7TKEMTO5K1KFMazye2PAQs0Ni0ZD+dTBvYeCUzEIHtRWXwY4ZW3+SGoKF1jnyjcIIAQT 18 | gyb2UXluK6c0yyuJLQVXl+vrHXhC1wAAAAMBAAEAAAGAKts7Z4W6ogEzrtftvpBcyxSbEM 19 | /lKOk1hn4NuN7GU++ZeUNKpzfWMP2hcfAuqOaWlGMhWuGMoLJ7vUmHRZYZu4+g041JzbF+ 20 | +Y+hXxQdWMbK5GySI6+/u/XO9MTA3wV3XXMBsAX8I6d1fy/kTmSttJQ16Xve8N9Xu6CnZu 21 | 9iWs9YQ+OfXE8fGRdXtZMCRuX1g5SkyO/Z5wmOVBg0vUgL92taB/Fc155FlWA3K5R/piEO 22 | jhiTLfMnwK2k2Hokki2HCfD/t7qgQhm76Y412HIXVRZZMiiB5sFvGnT76rBZrcusTgebX0 23 | 2m4XIWAwXgInthen6xn3tV/EqShYo3YBJeTSJle0osZ8M41hJZkQB7IqAwhAdDXIhhbrXt 24 | BJXnun6Ho0OF+l0qrvgxUq8Adbc50X4Sw7zg4zjdALxPix03i58CMBY+WYGKoC72D2hy39 25 | k6g7JzA9ba3lPbGcUIN2QSwk0iBTFfTld+lvNhbkkJZOaiwU8tZn4J8Sv84vWFlwLRAAAA 26 | wDm1mGbDUmJJ9hfWMf1KxDAEqJKXV0W4sPBlF/2kcu86zQsZcE9LwBwcPWvsJXYmo+5Qiq 27 | vlgtOIVd1e+YfBbvZs+pOFvPDt6mOyTwD46sDOKpqbRk2SPg70aaGmf4+vPTGvonozbzMO 28 | uGgzrSfRK3BTMfvna3M8jZCWC9v3vo7Nh114fZfUYfg6uF1diy7IEdHmY95QcCLY3QzKPd 29 | 9ndpJ8xVuII3w9OXiPckSzhK/1t/S4jT03WC11SSdYMu8yaAAAAMEA5F9bnNpqzON4TrqD 30 | uVhEklhNBgGvexcdqof7BFygW3KvG3pMA91ed/z0U6HnGsWW1GVjDzZc9K0H/9RAm+lU+V 31 | K/Vj+qmJbI+Qp94CAB1C+n0AWASID31J2FYPh6UTeJhi9ULoXQmF7a4PBOyAf0Nd2aP5E+ 32 | Aj+7QhUKPnNO/laaFFWDE+opLQLVjnHlvd3Gxjl8fk/NYHbXKssPQwH5z5eaP3hxY6brpd 33 | ZSfhjkWMcx5SKlwt5HclFOyOnT0py5AAAAwQDOhityKrwbpnxkEqQ/6swBGL0MbsmlI1fP 34 | w8IMRilUhD9mqOY4aMg9YsRlxtj/JKGEtIFFbnsl6dQJ++AuDke1JQVIrO5PqvMXL0GLgc 35 | BxB13PQr2A9GBughOMylA7vWYEuVHkvE25EW80//T+8zMM6Ql07zPWxXJLXBaPxFRykSIU 36 | 1gXvSCspOc7zaIRKispKPm6lysLZPJZBJzY4wB7ff9VN55J2RO1lYFSEWbZPUVtj1UdReE 37 | tD95dj4kvntA8AAAATdmNzam9uZXNAS2V2aW5zLU1CUA== 38 | -----END OPENSSH PRIVATE KEY----- 39 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_sked25519_ca-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgL6EcAFjD1fjsU4Tzx4Gb0kMQGjrYQDe2FJrYP8kM8C8AAAADAQABAAABgQC4PGxkCNXdCRRWGtgXvwlG3t7+QMBAuVya4s038Zy8PdHV3SvR5XVGcOta23yRPdZwPEfFV7LK8BrdLVUBSFA6ddsCZzqSUS+F/yR32v8oluyop1zIQ6FJOVPr2CD5+impFr075Jj4/abPRmbol1Wt2aeIVXJirUYoeeV+pQYQuF1rhREtbneZVrZqEqMWDWhBl/57TOgNW47qBxmzVtIhiizkGQARHQVIn6vVRkv6tJjL6YUFdpDqYMiJaXT/eyppVGs2WoqEJ2J98OWnncYFTi7fZvyH4GptLrX00LztdtdL2KDC7r/5aobaSWse9hd3ag+OpOcCXgOesJ/HIAEGRSqHTu2slk+oGV2thqiDPBQvUtgJ1gjnJAaoqK8vi4g3L0PJl60sW+Q83mZqTHAAMTmf11J/fu0yhDEzuStShTGs8ntjwELNDYtGQ/nUwb2HglMxCB7UVl8GOGVt/khqChdY58o3CCAEE4Mm9lF5biunNMsriS0FV5fr6x14QtcAAAAAAAAAewAAAAEAAAAIbXktaWRlbnQAAAAMAAAAAnAxAAAAAnAyAAAAAAAAAAD//////////wAAABIAAAADZm9vAAAABwAAAANiYXIAAAAwAAAAA2JhegAAAAgAAAAEcXdlcgAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAAAAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgHRksgHwd+cfdg1asRsUSrNuyaT4qCWcbl+TtPWCRttwAAAAEc3NoOgAAAGcAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAABAL/DReFMJ7RkpYRhYCzYc56wDXRFeqkBdUvLu2DFUQbnu8Boa7QWAjxBq00uyFOTBGILJMGfcXRCX0QeVoICRBwEAAAAM vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/rsa_leaf_for_sked25519_ca.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4PGxkCNXdCRRWGtgXvwlG3t7+QMBAuVya4s038Zy8PdHV3SvR5XVGcOta23yRPdZwPEfFV7LK8BrdLVUBSFA6ddsCZzqSUS+F/yR32v8oluyop1zIQ6FJOVPr2CD5+impFr075Jj4/abPRmbol1Wt2aeIVXJirUYoeeV+pQYQuF1rhREtbneZVrZqEqMWDWhBl/57TOgNW47qBxmzVtIhiizkGQARHQVIn6vVRkv6tJjL6YUFdpDqYMiJaXT/eyppVGs2WoqEJ2J98OWnncYFTi7fZvyH4GptLrX00LztdtdL2KDC7r/5aobaSWse9hd3ag+OpOcCXgOesJ/HIAEGRSqHTu2slk+oGV2thqiDPBQvUtgJ1gjnJAaoqK8vi4g3L0PJl60sW+Q83mZqTHAAMTmf11J/fu0yhDEzuStShTGs8ntjwELNDYtGQ/nUwb2HglMxCB7UVl8GOGVt/khqChdY58o3CCAEE4Mm9lF5biunNMsriS0FV5fr6x14Qtc= vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/create-signatures.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | filedir=`dirname $0` 4 | pushd $filedir 5 | 6 | message=$filedir/message 7 | 8 | if [ ! -f "$message" ]; then 9 | dd if=/dev/urandom count=1 bs=64 | base64 > $message 10 | fi 11 | 12 | create_key_and_sign() { 13 | local alg=$1 14 | local keysize=$2 15 | local key=$filedir/$alg-$keysize-no-options-individual.key 16 | 17 | if [ ! -f "$key" ]; then 18 | ssh-keygen -q -N "" -t $alg -b $keysize -C "" -f $key 19 | fi 20 | 21 | cat $message | ssh-keygen -Y sign -n file -f $key > $message.$alg-$keysize-no-options-individual.sig 22 | } 23 | 24 | create_key_and_sign_ca() { 25 | local ca_alg=$1 26 | local ca_keysize=$2 27 | local ca_key=$filedir/$ca_alg-$ca_keysize-ca-no-options-certificate.key 28 | local leaf_alg=$3 29 | local leaf_keysize=$4 30 | local keypair=$ca_alg-$ca_keysize-$leaf_alg-$leaf_keysize 31 | local leaf_key=$filedir/$keypair-leaf-no-options-certificate.key 32 | 33 | if [ ! -f "$ca_key" ]; then 34 | # Create root 35 | ssh-keygen -q -N "" -t $ca_alg -b $ca_keysize -C "" -f $ca_key 36 | fi 37 | 38 | if [ ! -f "$leaf_key" ]; then 39 | # Create leaf 40 | ssh-keygen -q -N "" -t $leaf_alg -b $leaf_keysize -C "" -f $leaf_key 41 | # Sign the leaf with the root. 42 | ssh-keygen -s $ca_key -O clear -I octocat@example.com $leaf_key.pub 43 | fi 44 | 45 | cat $message | ssh-keygen -Y sign -n file -f $leaf_key-cert.pub > $message.$keypair-leaf-no-options-certificate.sig 46 | } 47 | 48 | create_key_and_sign_options() { 49 | local alg=$1 50 | local keysize=$2 51 | local options=$3 52 | local key=$filedir/$alg-$keysize-$options-individual.key 53 | 54 | if [ ! -f "$key" ]; then 55 | ssh-keygen -q -O $options -N "" -t $alg -b $keysize -C "" -f $key 56 | fi 57 | 58 | cat $message | ssh-keygen -Y sign -n file -f $key > $message.$alg-$keysize-$options-individual.sig 59 | } 60 | 61 | create_key_and_sign "rsa" 2048 62 | create_key_and_sign "ecdsa" 256 63 | create_key_and_sign "ecdsa" 384 64 | create_key_and_sign "ecdsa" 521 65 | create_key_and_sign "ed25519" 256 66 | create_key_and_sign_ca "rsa" 2048 "ecdsa" 256 67 | create_key_and_sign_ca "ecdsa" 256 "rsa" 2048 68 | 69 | generate_security_keys=0 70 | read -p "Generate security key-backed keys (Requires key and user interaction)? [yN] " -n 1 -r 71 | echo 72 | if [[ $REPLY =~ ^[Yy]$ ]] 73 | then 74 | create_key_and_sign "ed25519-sk" 256 75 | create_key_and_sign "ecdsa-sk" 256 76 | 77 | create_key_and_sign_ca "ecdsa-sk" 256 "rsa" 2048 78 | create_key_and_sign_ca "ed25519-sk" 256 "rsa" 2048 79 | create_key_and_sign_ca "rsa" 2048 "ecdsa-sk" 2048 80 | create_key_and_sign_ca "rsa" 2048 "ed25519-sk" 2048 81 | 82 | create_key_and_sign_ca "ecdsa-sk" 256 "ed25519-sk" 256 83 | create_key_and_sign_ca "ed25519-sk" 256 "ecdsa-sk" 256 84 | 85 | create_key_and_sign_options "ed25519-sk" 256 "no-touch-required" 86 | create_key_and_sign_options "ecdsa-sk" 256 "no-touch-required" 87 | 88 | create_key_and_sign_options "ed25519-sk" 256 "verify-required" 89 | create_key_and_sign_options "ecdsa-sk" 256 "verify-required" 90 | fi 91 | 92 | popd 93 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-ca-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJRUVivGDgs7AVFySk8BlI9iI1eN0W 4 | IRGci9SyV9U2LYz2U13qUqaISKqvxiJwz1ViFBZHPqpnKxnNxk5LUbleAAAAmIA49CqAOP 5 | QqAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElFRWK8YOCzsBUX 6 | JKTwGUj2IjV43RYhEZyL1LJX1TYtjPZTXepSpohIqq/GInDPVWIUFkc+qmcrGc3GTktRuV 7 | 4AAAAgHhv8B74T865nNLq45gYeLqOp1ZOlkulzkWd0YqqOPg0AAAAA 8 | -----END OPENSSH PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-ca-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElFRWK8YOCzsBUXJKTwGUj2IjV43RYhEZyL1LJX1TYtjPZTXepSpohIqq/GInDPVWIUFkc+qmcrGc3GTktRuV4= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQS8V7D4BgCh6VCjbCGzzQLRG4h3ewpf 4 | miWK38sCB/cIX75RVKiAO/kd2BrJ9NnSH1mxIQfYmuhx7UZsJQdSRnFiAAAAmKjXhN2o14 5 | TdAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLxXsPgGAKHpUKNs 6 | IbPNAtEbiHd7Cl+aJYrfywIH9whfvlFUqIA7+R3YGsn02dIfWbEhB9ia6HHtRmwlB1JGcW 7 | IAAAAgOlK7eQyls1ZSyxLhCLa3shPPnAy9ueBsq/TkFiPjW34AAAAA 8 | -----END OPENSSH PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLxXsPgGAKHpUKNsIbPNAtEbiHd7Cl+aJYrfywIH9whfvlFUqIA7+R3YGsn02dIfWbEhB9ia6HHtRmwlB1JGcWI= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-rsa-2048-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAu87EgoOapeUcsjCwdoJQ3Zi5q8ckFx0m5jz75itE3c6oHbICu0qo 4 | 6idOe/DtST1gaZkFT6XeNXBiLI2fRFBhd/TUrHVwOkdiFrwaBMv5Xfj6nR8wI1ZrR39ifB 5 | Z2SJ1qps1pUwkNGooXsZIINp224GYoKsn+6389J9I8QAKzjxWw3MMhyvqFX3p6DJ0ECusg 6 | BfN0CQSV43yf5uRQXMf0IQQxdA9fRSwA3DjyVtRVjt/HJ/Lb+xRDTcGqIeKZYYUGSjcnFN 7 | WBOs8SYfaqFH2bokxAecC9EWIx4sXszkgw0BFSiL8jyh2ecDTG54RoOPNDSrK7Kt/qDOTM 8 | HJm/qpyxcQAAA7je0rn/3tK5/wAAAAdzc2gtcnNhAAABAQC7zsSCg5ql5RyyMLB2glDdmL 9 | mrxyQXHSbmPPvmK0TdzqgdsgK7SqjqJ0578O1JPWBpmQVPpd41cGIsjZ9EUGF39NSsdXA6 10 | R2IWvBoEy/ld+PqdHzAjVmtHf2J8FnZInWqmzWlTCQ0aihexkgg2nbbgZigqyf7rfz0n0j 11 | xAArOPFbDcwyHK+oVfenoMnQQK6yAF83QJBJXjfJ/m5FBcx/QhBDF0D19FLADcOPJW1FWO 12 | 38cn8tv7FENNwaoh4plhhQZKNycU1YE6zxJh9qoUfZuiTEB5wL0RYjHixezOSDDQEVKIvy 13 | PKHZ5wNMbnhGg480NKsrsq3+oM5Mwcmb+qnLFxAAAAAwEAAQAAAQBh1wAs9h602j0u34qu 14 | 0okKSKxBv0cf+4HuZEreyB/iZezTO4+MvwJsqfmLPCKCC0WU/bD0o3a15Exg5Y7Zaf69HY 15 | FGLxA+bD2/llL/uLu6pyD4hezwG+9bmhNWjeUlQ0zyhQSfy5FWCCb7zRYWTeed09qNIBp7 16 | 2RelDTNyLXYZzdA88ZGLp0Aj+VRe7KijZdoOEp+BcKa3BNaGAoi1pTAF2J7stjEg/s6ULp 17 | 1uv1J3pQT7YvLOL/31TKRsleR2uH7bJQqVP/rj3c4sB43H8pp4dtSZP3wUVqPXHWCEffPJ 18 | ODJ/p0TGulK1olfsk96WyIWN/CGn4ADGz7OkzSELbHGZAAAAgAWFgeJnhLIzD4nF5BzP7B 19 | O0iV3CblO9n/DUWsessnn/h7/WQbDvkS08lxXr/SqE3LHmLSL7PIbW8YhXgbMOawdKETjc 20 | qhMiQ4n8vZPIKpLwj4eVJj6uELupqNNMJ7aOeTiTfS4Cg4ImwZhildBMELsyPzz8A4GJ3r 21 | GzHjyG5zi1AAAAgQDnqJO85jTJm0PLdDbybiz6mLv/GdBZbprlbbxKYPZKG6arVe70ySBf 22 | s3hcz+rloBZsBmpqfGy6yaHxRK3XAi0LzTkpkY4thq8wtsNR+4Ufi+pCFUeCTnM/tAS4vw 23 | 9ygn44AWvotBlrPtzFondw9gQEgB2YojB1T/0p674I4SbguwAAAIEAz4qjvvOc1yPsW7l1 24 | JKwJAuQWG8BmVlesKlp/BqCNjc4srO7OJeXnbpHSV6woIJDPK3hU2uEkuGtUqSdjzzg2Hs 25 | gftCoMC8SdeW5z+qj2ETOZwa/y4jmq94nB6TMPHKKiFkF9Vj5/dTinbZhmqhI39ZN9KJ9R 26 | Mzaj7B5JhGzz2cMAAAAAAQID 27 | -----END OPENSSH PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-rsa-2048-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgncVdgnSnZa/Vo1YzWpV3jYS+JUOp4oYf1bcMEe147kcAAAADAQABAAABAQC7zsSCg5ql5RyyMLB2glDdmLmrxyQXHSbmPPvmK0TdzqgdsgK7SqjqJ0578O1JPWBpmQVPpd41cGIsjZ9EUGF39NSsdXA6R2IWvBoEy/ld+PqdHzAjVmtHf2J8FnZInWqmzWlTCQ0aihexkgg2nbbgZigqyf7rfz0n0jxAArOPFbDcwyHK+oVfenoMnQQK6yAF83QJBJXjfJ/m5FBcx/QhBDF0D19FLADcOPJW1FWO38cn8tv7FENNwaoh4plhhQZKNycU1YE6zxJh9qoUfZuiTEB5wL0RYjHixezOSDDQEVKIvyPKHZ5wNMbnhGg480NKsrsq3+oM5Mwcmb+qnLFxAAAAAAAAAAAAAAABAAAAE29jdG9jYXRAZXhhbXBsZS5jb20AAAAAAAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAEEESUVFYrxg4LOwFRckpPAZSPYiNXjdFiERnIvUslfVNi2M9lNd6lKmiEiqr8YicM9VYhQWRz6qZysZzcZOS1G5XgAAAGQAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAEkAAAAhANeUqp8ktOYrH6EYwtpe8bIR6ijJLStz29qMKQE3JLwiAAAAIFADHpr7ntQ/LdFmGqtiA1zws+9NyvUf2HvPGcCTF4vF ./ecdsa-256-rsa-2048-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-256-rsa-2048-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7zsSCg5ql5RyyMLB2glDdmLmrxyQXHSbmPPvmK0TdzqgdsgK7SqjqJ0578O1JPWBpmQVPpd41cGIsjZ9EUGF39NSsdXA6R2IWvBoEy/ld+PqdHzAjVmtHf2J8FnZInWqmzWlTCQ0aihexkgg2nbbgZigqyf7rfz0n0jxAArOPFbDcwyHK+oVfenoMnQQK6yAF83QJBJXjfJ/m5FBcx/QhBDF0D19FLADcOPJW1FWO38cn8tv7FENNwaoh4plhhQZKNycU1YE6zxJh9qoUfZuiTEB5wL0RYjHixezOSDDQEVKIvyPKHZ5wNMbnhGg480NKsrsq3+oM5Mwcmb+qnLFx 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-384-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAiAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMzg0AAAACG5pc3RwMzg0AAAAYQQFYpSSxEuzADAx3YATueADSYU3ORA1 4 | WSxm/0DvBfT8iQnsHRuqy2HDdNPgZQ0RyYsiL9OCwONZjK3P/6mDIrMDZyYUYylMcUd/ts 5 | FdldsNhMDTybGVmnJFWQK1jnU7qdUAAADIy+Txa8vk8WsAAAATZWNkc2Etc2hhMi1uaXN0 6 | cDM4NAAAAAhuaXN0cDM4NAAAAGEEBWKUksRLswAwMd2AE7ngA0mFNzkQNVksZv9A7wX0/I 7 | kJ7B0bqsthw3TT4GUNEcmLIi/TgsDjWYytz/+pgyKzA2cmFGMpTHFHf7bBXZXbDYTA08mx 8 | lZpyRVkCtY51O6nVAAAAMDxh83VbLbmCQCM/5yvhKsNsWW2/UqKltd6uzedxuECd0ziSjl 9 | 8HU4gLVEElJLhBLgAAAAA= 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-384-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAVilJLES7MAMDHdgBO54ANJhTc5EDVZLGb/QO8F9PyJCewdG6rLYcN00+BlDRHJiyIv04LA41mMrc//qYMiswNnJhRjKUxxR3+2wV2V2w2EwNPJsZWackVZArWOdTup1Q== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-521-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAArAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwNTIxAAAACG5pc3RwNTIxAAAAhQQBb0lHP5PFC+uRxvSTi9ZL29nqGqG+ 4 | QzCzy8GvF6s7S5hFb9PEX2SvbAZbQ0zern3MbWF6KLJy2C0GT8by/B6dBWQAi7BPnq67X+ 5 | K2UgAZZStNQi7F19WBTC1RKzuiMXVXTwUJRr8ZkJajD36jrBD10JqIGP5E6bn8r9Wu55N8 6 | lKI+6woAAAEA4KdrteCna7UAAAATZWNkc2Etc2hhMi1uaXN0cDUyMQAAAAhuaXN0cDUyMQ 7 | AAAIUEAW9JRz+TxQvrkcb0k4vWS9vZ6hqhvkMws8vBrxerO0uYRW/TxF9kr2wGW0NM3q59 8 | zG1heiiyctgtBk/G8vwenQVkAIuwT56uu1/itlIAGWUrTUIuxdfVgUwtUSs7ojF1V08FCU 9 | a/GZCWow9+o6wQ9dCaiBj+ROm5/K/VrueTfJSiPusKAAAAQTGJ+nh7YuVjzrYKynPJIqvy 10 | A44GSgYTrty5u+yjHfS55OXVXO/WXo4XABbdJp1orzWit+6BCm6OAal9erpJY8EGAAAAAA 11 | ECAw== 12 | -----END OPENSSH PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-521-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFvSUc/k8UL65HG9JOL1kvb2eoaob5DMLPLwa8XqztLmEVv08RfZK9sBltDTN6ufcxtYXoosnLYLQZPxvL8Hp0FZACLsE+errtf4rZSABllK01CLsXX1YFMLVErO6IxdVdPBQlGvxmQlqMPfqOsEPXQmogY/kTpufyv1a7nk3yUoj7rCg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-ca-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQS/1sTWhBj/ 4 | VG1vEDgiRlVq1C59/F+Ddju9nI63kGZ9c6kf0ADHVCU+X2XMveorZ/eeBOmEKkpFzQV9nL 5 | 92ACHxAAAABHNzaDoAAADY0W64W9FuuFsAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEv9bE1oQY/1RtbxA4IkZVatQuffxfg3Y7vZ 7 | yOt5BmfXOpH9AAx1QlPl9lzL3qK2f3ngTphCpKRc0FfZy/dgAh8QAAAARzc2g6AQAAAEAz 8 | YNpvaYFUzakDYeE22Q57MrOUhuZZC6an2iQmyfKg3K7vIlECRdavEEJTJLOpjmKuZsFduZ 9 | t9a1HaWWisQ11ZAAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-ca-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBL/WxNaEGP9UbW8QOCJGVWrULn38X4N2O72cjreQZn1zqR/QAMdUJT5fZcy96itn954E6YQqSkXNBX2cv3YAIfEAAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACAZ+QatNkYWomlolmKdu+TGkqI326lmnaefsP6X 4 | waXBqgAAAARzc2g6AAAA4GV3KuZldyrmAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIBn5Bq02RhaiaWiWYp275MaSojfbqWadp5+w/pfBpcGqAAAABHNzaDoBAAAAgNlk 6 | mx4qqBsdmcI0tdcSpYdmZrbmKyRYt7CgfONESOzJQZImooefwBOERlfIXI+PT+BmrsnbFi 7 | jgs/tc3qxGXicMfZu6tv4v4kF+18Run53KUgF6frGvup6jiQhlWCrLMe3R+HykfrJWDrEg 8 | fDj7UNT5twkDZxAXMG3E7Do641NIAAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519-cert-v01@openssh.com AAAAI3NrLXNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIOUUeX8eLl0bqtOTw8lbpTLJIyMqEncpYNDPeOav/OIMAAAAIBn5Bq02RhaiaWiWYp275MaSojfbqWadp5+w/pfBpcGqAAAABHNzaDoAAAAAAAAAAAAAAAEAAAATb2N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAAfwAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQS/1sTWhBj/VG1vEDgiRlVq1C59/F+Ddju9nI63kGZ9c6kf0ADHVCU+X2XMveorZ/eeBOmEKkpFzQV9nL92ACHxAAAABHNzaDoAAAB4AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAABJAAAAIED9hCQsE3Za7BMdXOdMADHnmW4iAPntaLlEmEBtyiiUAAAAIQCHIjSE8XmleYbMnni8ObwdpGJPx2dQ+lCxjuJE9l1XlQEAAAAr ./ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIBn5Bq02RhaiaWiWYp275MaSojfbqWadp5+w/pfBpcGqAAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQSqZev++++C 4 | S0wwzElY2VuaWCEdQ+qQV3BNZuoflLKqUOGPZyKy/R3/kVZaaDmjs/pCoYrrtk/lNoq50r 5 | dzP0gyAAAABHNzaDoAAADYA4MZKQODGSkAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEqmXr/vvvgktMMMxJWNlbmlghHUPqkFdwTW 7 | bqH5SyqlDhj2cisv0d/5FWWmg5o7P6QqGK67ZP5TaKudK3cz9IMgAAAARzc2g6AQAAAECh 8 | DDO7nZPhLQpKK3q9xtbuqG8szehfnPiOBDrlb6XuJhTzza95T5yvzyM5A9RYvmVbBbbN6C 9 | Tk5CtrZTsLGaXaAAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBKpl6/7774JLTDDMSVjZW5pYIR1D6pBXcE1m6h+UsqpQ4Y9nIrL9Hf+RVlpoOaOz+kKhiuu2T+U2irnSt3M/SDIAAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-no-touch-required-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQTvMtb6QxAD 4 | EWGMnLPfOnK7HG8kL0be/oycV6vNyzPUe4Q/cvYiHdH8PTeLt4d8jzl9XYTFt2d/5AyUOg 5 | xKPAboAAAABHNzaDoAAADY3g7zt94O87cAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEE7zLW+kMQAxFhjJyz3zpyuxxvJC9G3v6MnF 7 | erzcsz1HuEP3L2Ih3R/D03i7eHfI85fV2Exbdnf+QMlDoMSjwG6AAAAARzc2g6AAAAAEBV 8 | JZda+EiECd+BmwMUEz94nb6KQmjJ3OfLk6Q1rGPpm6NNgkRoR1yYUGov5QEKBwh8Hd89NY 9 | SnPsipvkzZKAs9AAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-no-touch-required-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBO8y1vpDEAMRYYycs986crscbyQvRt7+jJxXq83LM9R7hD9y9iId0fw9N4u3h3yPOX1dhMW3Z3/kDJQ6DEo8BugAAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA6ac9Bmcp8QdW9H1kF1iJZ7De6Wdt2u5HSarevbryTa2H18i05aD8 4 | 2mD+YQTkyYv/RC8smyggIQWlRdObmMlw7PMvmAaF/iP5AfZ+qVi9Kqe/Whx8hotUAJ3IH8 5 | NST2eJA7abPmN197gz356sU/80wMRy1gQ4t+RXUj1/Ds8+ZdwV+uVcOXfCdBitYACrSvmq 6 | gTPQgWautvFUVFCFUp99Mu4j/1gKrPHLLndMVwO6DoE/klqV8UbQdPwlYp3ZyDAXX5j7iy 7 | LAKE8JdvtdqAbmrOLVxd9buaNeOrEG4LqBvclI48aOXkdAtllsHcwWKwwql6V9kJ48OMLR 8 | uEOn7uAjHQAAA7iOaaDOjmmgzgAAAAdzc2gtcnNhAAABAQDppz0GZynxB1b0fWQXWIlnsN 9 | 7pZ23a7kdJqt69uvJNrYfXyLTloPzaYP5hBOTJi/9ELyybKCAhBaVF05uYyXDs8y+YBoX+ 10 | I/kB9n6pWL0qp79aHHyGi1QAncgfw1JPZ4kDtps+Y3X3uDPfnqxT/zTAxHLWBDi35FdSPX 11 | 8Ozz5l3BX65Vw5d8J0GK1gAKtK+aqBM9CBZq628VRUUIVSn30y7iP/WAqs8csud0xXA7oO 12 | gT+SWpXxRtB0/CVindnIMBdfmPuLIsAoTwl2+12oBuas4tXF31u5o146sQbguoG9yUjjxo 13 | 5eR0C2WWwdzBYrDCqXpX2Qnjw4wtG4Q6fu4CMdAAAAAwEAAQAAAQEA4739zmrpx6R2zjIW 14 | SGck7yvH6srEmhuc4qIpH9fDa5FUEjDwmc4UB6t45woFEqphco1ktgsjXeyJzojWZdMbPe 15 | o/nrflDPT1NkOT6+6x24zMB8IyYlYV18/zC3qvlPP+6d6obOQ3TPB/p1ya7fiX67jPkell 16 | e2CW+HM2kDHSySYifmehlsNu0ivRpH/v2gg2oYhNlXHekW3qF6K83UxkrBNAmdss+YLQQZ 17 | 6NnfbccMR2/SSL0lO19wBoVTuwBFiopSsm5oLZ9qOzGgbkbyhQlsh11NjaBH4Cj2hHgvz+ 18 | J1s25Rf3LVG6FNd+4iiVIDs0MdhlNu3ua6U6qDgmHK8kQQAAAIEAiyYxqxSubJPewmX8yU 19 | Di4YViIrZ5StF3U5SjmtUwiaVizPNwSrMpKszfgUSm9Lc8hFH5FCT8wusvwxNA6fnndDpC 20 | PBcRUkSifBEwxg0fbzx972HPNrb9YJuhxoGjCfsD89F8qxnZrMdtdo4inNoEjZk6+yJdrN 21 | 536AwmMM3H0TkAAACBAPboQBwFv3XvTWM1ywjTV/cA3/X45PY+5x4TDfEt1PvRZfPe5DAF 22 | rHdrVU1L0CDlWo7WHw/Tpdc6sz38XfR4QkICiNV3DqDZiL30I3kRhKJuzZrTuyUZGTZkHr 23 | P2jXhtiNsnoO1p7+VUugXVC6ofLrs5I0M9NhyhzKQbeBbitK6NAAAAgQDyQgjb8FtBtDBr 24 | 8Ycs5rKGvd5ANugZHES5dvyADLFECwt2I4HZaIZoPDboJ4d5qaV9t2WxFujz1KOdM1hjmU 25 | 4YcWsau/0yciipd0DhrqbI3WdpQpxhkSFjq2wyNTUv7dkg2zr1wO6zlPIET/WcBpsQWGcd 26 | yFTKGQZiM73IgESq0QAAAAAB 27 | -----END OPENSSH PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg1nHZtEfk0PH7LXQil/l7gjrkeY63U/yzZH9Qo6cws5MAAAADAQABAAABAQDppz0GZynxB1b0fWQXWIlnsN7pZ23a7kdJqt69uvJNrYfXyLTloPzaYP5hBOTJi/9ELyybKCAhBaVF05uYyXDs8y+YBoX+I/kB9n6pWL0qp79aHHyGi1QAncgfw1JPZ4kDtps+Y3X3uDPfnqxT/zTAxHLWBDi35FdSPX8Ozz5l3BX65Vw5d8J0GK1gAKtK+aqBM9CBZq628VRUUIVSn30y7iP/WAqs8csud0xXA7oOgT+SWpXxRtB0/CVindnIMBdfmPuLIsAoTwl2+12oBuas4tXF31u5o146sQbguoG9yUjjxo5eR0C2WWwdzBYrDCqXpX2Qnjw4wtG4Q6fu4CMdAAAAAAAAAAAAAAABAAAAE29jdG9jYXRAZXhhbXBsZS5jb20AAAAAAAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEv9bE1oQY/1RtbxA4IkZVatQuffxfg3Y7vZyOt5BmfXOpH9AAx1QlPl9lzL3qK2f3ngTphCpKRc0FfZy/dgAh8QAAAARzc2g6AAAAeQAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASgAAACEAjfU8tkbnk/DeISOXmRughSdqLqKYC2kSJ01qcK/KQgcAAAAhAP6BfeX7LyTSRSjyTTcldHjBBapzFjb2D3FRx/3CWQ6bAQAAAAs= ./ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDppz0GZynxB1b0fWQXWIlnsN7pZ23a7kdJqt69uvJNrYfXyLTloPzaYP5hBOTJi/9ELyybKCAhBaVF05uYyXDs8y+YBoX+I/kB9n6pWL0qp79aHHyGi1QAncgfw1JPZ4kDtps+Y3X3uDPfnqxT/zTAxHLWBDi35FdSPX8Ozz5l3BX65Vw5d8J0GK1gAKtK+aqBM9CBZq628VRUUIVSn30y7iP/WAqs8csud0xXA7oOgT+SWpXxRtB0/CVindnIMBdfmPuLIsAoTwl2+12oBuas4tXF31u5o146sQbguoG9yUjjxo5eR0C2WWwdzBYrDCqXpX2Qnjw4wtG4Q6fu4CMd 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-verify-required-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQQJAU0yOCIV 4 | F96MrdZmzm4kLbjyLYJsGrgR7DtS9Rz3V1FJd/VbFPso0k31vzv99pKUfC++7lZ8EzePZE 5 | t50HnqAAAABHNzaDoAAADYoyG7SqMhu0oAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEECQFNMjgiFRfejK3WZs5uJC248i2CbBq4Ee 7 | w7UvUc91dRSXf1WxT7KNJN9b87/faSlHwvvu5WfBM3j2RLedB56gAAAARzc2g6BQAAAEDY 8 | qAcHBQh1WTyTItQa3Ltj0B96ERpc2t0Z3i7vuDn0gHKLYxo4fuCmHXkoJ/5FDS0g3bJC+W 9 | iaEBUjz66TR2k3AAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ecdsa-sk-256-verify-required-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBAkBTTI4IhUX3oyt1mbObiQtuPItgmwauBHsO1L1HPdXUUl39VsU+yjSTfW/O/32kpR8L77uVnwTN49kS3nQeeoAAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-256-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACDV7hH4CRT7JsJUjEY23FF24eyvgMEP4EcNrpdjfQVcsAAAAIjf/Jmu3/yZ 4 | rgAAAAtzc2gtZWQyNTUxOQAAACDV7hH4CRT7JsJUjEY23FF24eyvgMEP4EcNrpdjfQVcsA 5 | AAAEAfim6iqc8QW3FuW3to7V7rOWy1Q8z2IoyVvF9c5zhh0NXuEfgJFPsmwlSMRjbcUXbh 6 | 7K+AwQ/gRw2ul2N9BVywAAAAAAECAwQF 7 | -----END OPENSSH PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-256-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINXuEfgJFPsmwlSMRjbcUXbh7K+AwQ/gRw2ul2N9BVyw 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-ca-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACBfXxOjCEz0FXP7GPbP+iDESwJTDePAicT8y6th 4 | rX8d9gAAAARzc2g6AAAA4JTFg1qUxYNaAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIF9fE6MITPQVc/sY9s/6IMRLAlMN48CJxPzLq2Gtfx32AAAABHNzaDoBAAAAgGfK 6 | nWYYhGAV72VfQsRd0T4EOWdcCNFrAi/a1pT6Nk0+6QiuayvqUxbXqIYqj7M/Wz4AIJPkNS 7 | Qtjphxtny0aNg6IKJhJ06U9ENE6rnXisNtQKD+tLSE6FxgA3u6IV1hRJeznnELdpqjhHIT 8 | JluClGhdVilgVNnYvCKTvf8oEX2+AAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-ca-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIF9fE6MITPQVc/sY9s/6IMRLAlMN48CJxPzLq2Gtfx32AAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQSKvbfFxKJw 4 | Vq0pXzCdb5RMqclNGjJTEi060who0ceBq3kfFvXW1jXBSJkpvrX8tjcJAD9psxW28a3DrT 5 | RA1TgNAAAABHNzaDoAAADY0jvnm9I755sAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEir23xcSicFatKV8wnW+UTKnJTRoyUxItOt 7 | MIaNHHgat5Hxb11tY1wUiZKb61/LY3CQA/abMVtvGtw600QNU4DQAAAARzc2g6AQAAAEDO 8 | Hv3fWxW3kKWZuKAo/h+Jv73V3MQAHasMyakHorNnt+xQgw4BAXltleaMjwqRcKADnJFWFv 9 | NFYnCDuoFNmi3RAAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAK3NrLWVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgCIuE3pqGCgkjimtn7nDhJuDoUKwb6FWWDhStwOFAiG4AAAAIbmlzdHAyNTYAAABBBIq9t8XEonBWrSlfMJ1vlEypyU0aMlMSLTrTCGjRx4GreR8W9dbWNcFImSm+tfy2NwkAP2mzFbbxrcOtNEDVOA0AAAAEc3NoOgAAAAAAAAAAAAAAAQAAABNvY3RvY2F0QGV4YW1wbGUuY29tAAAAAAAAAAAAAAAA//////////8AAAAAAAAAAAAAAAAAAABKAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIF9fE6MITPQVc/sY9s/6IMRLAlMN48CJxPzLq2Gtfx32AAAABHNzaDoAAABnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQCp+LTvuu55CgU1GQzR7iVYK8NX7SBpJpwZIFpo5ubR+gXHiorMjldbMqMwuaCbhilz60wJVMTeo3BkVsxYSpgABAAAALg== ./ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBIq9t8XEonBWrSlfMJ1vlEypyU0aMlMSLTrTCGjRx4GreR8W9dbWNcFImSm+tfy2NwkAP2mzFbbxrcOtNEDVOA0AAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACAjkNI5Hlnr8a+JEHx0kQijhugXY5u3jS8cZ9ig 4 | RNx9rQAAAARzc2g6AAAA4AlHyKcJR8inAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAICOQ0jkeWevxr4kQfHSRCKOG6Bdjm7eNLxxn2KBE3H2tAAAABHNzaDoBAAAAgD9Y 6 | A64/inh4d4N/mz+UV6PcUnUIH6rCiaGwdTeKFQu5Rfz0QUeyBUM8vFa3i6ArIem01Un2y3 7 | r891Oe8YLpc11zv2RVPOQyysK2BqeDZL9/n4CZ1OIG7LRv6ss5f0Y34+pskwWVCsyqJyXP 8 | UGS95AtxE56SJHmVsnwQFRJ2VZtcAAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICOQ0jkeWevxr4kQfHSRCKOG6Bdjm7eNLxxn2KBE3H2tAAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-no-touch-required-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACBa6hNA0i4IH7hxPkdFa7uAjL3OcQg+eskZKdcW 4 | 8nA61wAAAARzc2g6AAAA4J+AUYCfgFGAAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIFrqE0DSLggfuHE+R0Vru4CMvc5xCD56yRkp1xbycDrXAAAABHNzaDoAAAAAgOsC 6 | 49O9hw2JVPeHAT160JVQ0aCbA7TQoHOFs+OtkUEop+1w0zLDBXaoIyhuqNLws3oOgRdYtj 7 | bg2LnMFLBHfdqApdHA16Du5OVXvVDMfBPqiMk/Nfx15O9LZC6OY/USNhjCn7sPBQCYMOis 8 | mpRvqfsRrccw9ycq//aKmGwVeLjrAAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-no-touch-required-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFrqE0DSLggfuHE+R0Vru4CMvc5xCD56yRkp1xbycDrXAAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAzJOqZNlLLQmKQPIs1GgQPoXfOeR9Xv1qiVZ0sJuEUZpHXI9z4yTp 4 | wteXzKq9+lNduunX3pwcPhVotGdho0LZlwh10a6cgFShX0kiAJgCMSuxXPN85nPaoZq6Bf 5 | yJz6gwv0BHYlOiC5ultQwFkIhxIgfhNtcBfbMmuNHXhTMLX9+NHd7MGin++AyVllVroDV+ 6 | Ah+ns8uP5pTW/yyrr6lXe2Gju6SpJurwLwVbSs9jwbfvZ7bzeaCwOCFH/eaSimB6cnPIdC 7 | 3ZFQj/2h4qu3MA5kR6xDoLA8TnNGYRSRY6ccpy4RsjgmYZgxxwblZEC6hy+RxaLcIlceri 8 | uVJmJIYf6wAAA7gZYV8GGWFfBgAAAAdzc2gtcnNhAAABAQDMk6pk2UstCYpA8izUaBA+hd 9 | 855H1e/WqJVnSwm4RRmkdcj3PjJOnC15fMqr36U1266dfenBw+FWi0Z2GjQtmXCHXRrpyA 10 | VKFfSSIAmAIxK7Fc83zmc9qhmroF/InPqDC/QEdiU6ILm6W1DAWQiHEiB+E21wF9sya40d 11 | eFMwtf340d3swaKf74DJWWVWugNX4CH6ezy4/mlNb/LKuvqVd7YaO7pKkm6vAvBVtKz2PB 12 | t+9ntvN5oLA4IUf95pKKYHpyc8h0LdkVCP/aHiq7cwDmRHrEOgsDxOc0ZhFJFjpxynLhGy 13 | OCZhmDHHBuVkQLqHL5HFotwiVx6uK5UmYkhh/rAAAAAwEAAQAAAQAgrSV2Xk7nrrJqlUQb 14 | 2VNe6TsyoBB2b7vom+qfmveToTTsz+0OxwKfoJgalNsrdM1v4ZIdeIn6UKkcx7aMwUzIFw 15 | 3apC1TQjFUavYHakBPYk8+LZYxqSeu0GwOMLxCcvb2VWoRhpJHkGDzfiwVXfXUHbYXcFhI 16 | n6j7tGjcWb7jXSRE++bOXXwfqrtyqlxsM6Kg07INwm2Sx8Rv3k+xFxPRQMQi3yG7o+KEZk 17 | ZGsKrQ4unX7OE6WZD4WuL516tHH3rcxQN5VDvlv/haSlSr0el40yntmMG0K2SnSajOq65B 18 | pb7c8V6DdmYryqzJ+IFzsAj92YzlgYkVz0S3Rxg9pieBAAAAgGoDyGFUPbmZJr1LZSmXy2 19 | WM+nqSDGG4L6tav1T6R6jqtrSSPYBw0Dl9+7F9lXR6uiIp/xtay2K4hSXrsGCT9+dzmauO 20 | pRsQshhuZjJjOG32Spdz61LL80IOL5kFGwGRqiH+oYC5F4GQohNNyXd4pLzapOKAqsO5/O 21 | tOyKelYSADAAAAgQD+Xp0ruw1rbmSpv7zlzA4YZmjFep5kvxYHf73Mqy+lb6Uqcxnjp8xD 22 | q/GzuTPUOhO7vmLRz5BlQUJTRVQjjS3PULfTmjR1qCPUCS34lhvh8mZrWM2f9T2pyWXVkJ 23 | gh3edTI64NSupFxoaHIxlv2Ovv2C9DAzUk8PG+SAxlh1P+2wAAAIEAzeNZNOhZQ0uqMVsA 24 | oKrGF7sO82eIQdHFQu/DZmrsz0lZirRcGHrGrd/j8yla9htodrKnJ3RjjlEQ9ZVjpbN4dv 25 | yQnYl5Tzm80S2CkBmi5rxjB95lfWy0N8bMlLsGJMXfyRoOzLtsVM7bi9uwXuerq5SvZUBO 26 | PBfnX/Qp8HSKiDEAAAAAAQID 27 | -----END OPENSSH PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgHNJX//1GGX40fDd5Oj0mySGmNa8C6OIZiDk406L7J+cAAAADAQABAAABAQDMk6pk2UstCYpA8izUaBA+hd855H1e/WqJVnSwm4RRmkdcj3PjJOnC15fMqr36U1266dfenBw+FWi0Z2GjQtmXCHXRrpyAVKFfSSIAmAIxK7Fc83zmc9qhmroF/InPqDC/QEdiU6ILm6W1DAWQiHEiB+E21wF9sya40deFMwtf340d3swaKf74DJWWVWugNX4CH6ezy4/mlNb/LKuvqVd7YaO7pKkm6vAvBVtKz2PBt+9ntvN5oLA4IUf95pKKYHpyc8h0LdkVCP/aHiq7cwDmRHrEOgsDxOc0ZhFJFjpxynLhGyOCZhmDHHBuVkQLqHL5HFotwiVx6uK5UmYkhh/rAAAAAAAAAAAAAAABAAAAE29jdG9jYXRAZXhhbXBsZS5jb20AAAAAAAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgX18TowhM9BVz+xj2z/ogxEsCUw3jwInE/MurYa1/HfYAAAAEc3NoOgAAAGcAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAABA7ClwqWR1IzAKBfxW+oXqXgEcQmz8HmBVOONm6FF/H3QpETpdD8vUFCaCWcK2GUzfeD/PBel+YbhtXJW1MRzACgEAAAAI ./ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-rsa-2048-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMk6pk2UstCYpA8izUaBA+hd855H1e/WqJVnSwm4RRmkdcj3PjJOnC15fMqr36U1266dfenBw+FWi0Z2GjQtmXCHXRrpyAVKFfSSIAmAIxK7Fc83zmc9qhmroF/InPqDC/QEdiU6ILm6W1DAWQiHEiB+E21wF9sya40deFMwtf340d3swaKf74DJWWVWugNX4CH6ezy4/mlNb/LKuvqVd7YaO7pKkm6vAvBVtKz2PBt+9ntvN5oLA4IUf95pKKYHpyc8h0LdkVCP/aHiq7cwDmRHrEOgsDxOc0ZhFJFjpxynLhGyOCZhmDHHBuVkQLqHL5HFotwiVx6uK5UmYkhh/r 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-verify-required-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACAq7i7WbnbFKtCXgcsqzURkZ4UVTKGvO3FUlpYn 4 | nNmEiwAAAARzc2g6AAAA4Elts4FJbbOBAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAICruLtZudsUq0JeByyrNRGRnhRVMoa87cVSWliec2YSLAAAABHNzaDoFAAAAgNqs 6 | 9NuBCG9+E39/cn4ycRLzaBv4SqH/z3Kik1TWsBOAFUtLStrXxWULqC+w6b6HLn/MgJPDKr 7 | 3k3OXkBLP/JVB6wLq2XWQ+Odaz2nY8F5JJZnQ9xqAWDtKZwr/j/4++Z8jK3rVPAYhNszaQ 8 | 1v7E5EFtvwnEWICWAbnsxprtI1vDAAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/ed25519-sk-256-verify-required-individual.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICruLtZudsUq0JeByyrNRGRnhRVMoa87cVSWliec2YSLAAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message: -------------------------------------------------------------------------------- 1 | Z0dzRu/AfSjNd7H1LlEk/vxw/tuGVeY3NSzb8wxSw6lAN9o+nefDntF9Ij3u9oj6Jhis6aQP6iCv3YHHcKfd9A== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-256-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAE 3 | EEvFew+AYAoelQo2whs80C0RuId3sKX5olit/LAgf3CF++UVSogDv5HdgayfTZ0h9ZsSEH 4 | 2Jroce1GbCUHUkZxYgAAAARmaWxlAAAAAAAAAAZzaGE1MTIAAABkAAAAE2VjZHNhLXNoYT 5 | ItbmlzdHAyNTYAAABJAAAAIQDvfhSYHqpZAFobLpVFyDOVL+IewoqrKgwrLSLmbKxGEQAA 6 | ACAN814EiAC5pXxgmt2Un7fFjUz5eauiSJqCdOwhfuGZ/A== 7 | -----END SSH SIGNATURE----- 8 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-256-rsa-2048-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAmcAAAAcc3NoLXJzYS1jZXJ0LXYwMUBvcGVuc3NoLmNvbQAAACCdxV 3 | 2CdKdlr9WjVjNalXeNhL4lQ6nihh/VtwwR7XjuRwAAAAMBAAEAAAEBALvOxIKDmqXlHLIw 4 | sHaCUN2YuavHJBcdJuY8++YrRN3OqB2yArtKqOonTnvw7Uk9YGmZBU+l3jVwYiyNn0RQYX 5 | f01Kx1cDpHYha8GgTL+V34+p0fMCNWa0d/YnwWdkidaqbNaVMJDRqKF7GSCDadtuBmKCrJ 6 | /ut/PSfSPEACs48VsNzDIcr6hV96egydBArrIAXzdAkEleN8n+bkUFzH9CEEMXQPX0UsAN 7 | w48lbUVY7fxyfy2/sUQ03BqiHimWGFBko3JxTVgTrPEmH2qhR9m6JMQHnAvRFiMeLF7M5I 8 | MNARUoi/I8odnnA0xueEaDjzQ0qyuyrf6gzkzByZv6qcsXEAAAAAAAAAAAAAAAEAAAATb2 9 | N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAA 10 | aAAAABNlY2RzYS1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJRUVivGDgs7AVFy 11 | Sk8BlI9iI1eN0WIRGci9SyV9U2LYz2U13qUqaISKqvxiJwz1ViFBZHPqpnKxnNxk5LUble 12 | AAAAZAAAABNlY2RzYS1zaGEyLW5pc3RwMjU2AAAASQAAACEA15SqnyS05isfoRjC2l7xsh 13 | HqKMktK3Pb2owpATckvCIAAAAgUAMemvue1D8t0WYaq2IDXPCz703K9R/Ye88ZwJMXi8UA 14 | AAAEZmlsZQAAAAAAAAAGc2hhNTEyAAABFAAAAAxyc2Etc2hhMi01MTIAAAEAmaf15JI9/i 15 | XCpaxfqdD6xlsieFrxzGqWctg4NL6IsEq6GaXoWRO/WSf8P2pYDViWTTB63jtS1IEkMADQ 16 | bWfNQ8UVmOKkNVJ6N3WVmcLzCKuKOmMD/RHn1+fIlziOuRRYvuSPnKsPzZeUmJYqKKFoKt 17 | Nqa0huG2QQOE/egQgM2Qsx5XFO2bY2LvWm27MYAPnXR8DW+t6TjGjH5VsjoYOLM35d7Uy4 18 | QLrOUrJ9yuwGyu+P1YBXfW7rkSSPompuhKoYeF1xIl+yZtlo/6WssnPea+ead/X+djGuOz 19 | pXlPnAmXWROsC2+CucEfeyRP+y5EubXquvJX1IZcyqsiZUrEnFXg== 20 | -----END SSH SIGNATURE----- 21 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-384-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAIgAAAATZWNkc2Etc2hhMi1uaXN0cDM4NAAAAAhuaXN0cDM4NAAAAG 3 | EEBWKUksRLswAwMd2AE7ngA0mFNzkQNVksZv9A7wX0/IkJ7B0bqsthw3TT4GUNEcmLIi/T 4 | gsDjWYytz/+pgyKzA2cmFGMpTHFHf7bBXZXbDYTA08mxlZpyRVkCtY51O6nVAAAABGZpbG 5 | UAAAAAAAAABnNoYTUxMgAAAIQAAAATZWNkc2Etc2hhMi1uaXN0cDM4NAAAAGkAAAAxAO1N 6 | k3gICmClPXQYFJFQ2MvU1jxYWeq2OiOX+cdtSF39yeUMN+Iac7xOMhufY89MwQAAADAnZ6 7 | VogqzdjnmvkgbVqr7PLLpghrzEjUOL1U3efkGVdpjmctLzz+NvHSJxVj1sS0c= 8 | -----END SSH SIGNATURE----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-521-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAKwAAAATZWNkc2Etc2hhMi1uaXN0cDUyMQAAAAhuaXN0cDUyMQAAAI 3 | UEAW9JRz+TxQvrkcb0k4vWS9vZ6hqhvkMws8vBrxerO0uYRW/TxF9kr2wGW0NM3q59zG1h 4 | eiiyctgtBk/G8vwenQVkAIuwT56uu1/itlIAGWUrTUIuxdfVgUwtUSs7ojF1V08FCUa/GZ 5 | CWow9+o6wQ9dCaiBj+ROm5/K/VrueTfJSiPusKAAAABGZpbGUAAAAAAAAABnNoYTUxMgAA 6 | AKcAAAATZWNkc2Etc2hhMi1uaXN0cDUyMQAAAIwAAABCARSgT1SsUfLupThfDo/JlV5SJf 7 | NLzVPD3fQ/ZCjeUwCDt1UvpI4eV/sGPdPKvVSizBH2A3q1KlhKPV/L4Tjd8Ur3AAAAQgEh 8 | ibx70bgUzXxhPIE8p6w49k+1HEqyTFOCMU2IQy+811OpAekSWdRwP/fEMzK3bhBliWEv3t 9 | lnBj5U7aHVIZUXYQ== 10 | -----END SSH SIGNATURE----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-sk-256-ed25519-sk-256-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAbkAAAAjc2stc3NoLWVkMjU1MTktY2VydC12MDFAb3BlbnNzaC5jb2 3 | 0AAAAg5RR5fx4uXRuq05PDyVulMskjIyoSdylg0M945q/84gwAAAAgGfkGrTZGFqJpaJZi 4 | nbvkxpKiN9upZp2nn7D+l8GlwaoAAAAEc3NoOgAAAAAAAAAAAAAAAQAAABNvY3RvY2F0QG 5 | V4YW1wbGUuY29tAAAAAAAAAAAAAAAA//////////8AAAAAAAAAAAAAAAAAAAB/AAAAInNr 6 | LWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBL/WxN 7 | aEGP9UbW8QOCJGVWrULn38X4N2O72cjreQZn1zqR/QAMdUJT5fZcy96itn954E6YQqSkXN 8 | BX2cv3YAIfEAAAAEc3NoOgAAAHgAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3 9 | NoLmNvbQAAAEkAAAAgQP2EJCwTdlrsEx1c50wAMeeZbiIA+e1ouUSYQG3KKJQAAAAhAIci 10 | NITxeaV5hsyeeLw5vB2kYk/HZ1D6ULGO4kT2XVeVAQAAACsAAAAEZmlsZQAAAAAAAAAGc2 11 | hhNTEyAAAAZwAAABpzay1zc2gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAAEC5nJCjxarZtXgH 12 | 3DhCG3cuYDZabnr4CwClso7W7Bj070je8+fdlYhDol5C+jfgmoekwsY85jf5Mf6z9HOQgS 13 | IKAQAAAAw= 14 | -----END SSH SIGNATURE----- 15 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-sk-256-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ 3 | AAAAhuaXN0cDI1NgAAAEEEqmXr/vvvgktMMMxJWNlbmlghHUPqkFdwTWbqH5SyqlDhj2ci 4 | sv0d/5FWWmg5o7P6QqGK67ZP5TaKudK3cz9IMgAAAARzc2g6AAAABGZpbGUAAAAAAAAABn 5 | NoYTUxMgAAAHgAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAEkA 6 | AAAgDcAtC0bAgIYqAppznP6nXvxG1r4BO6/DUTqVv69kd/8AAAAhAMCArBS+p0XDf6K3Jt 7 | iu6gVyQXcC9PFIaIYfODSRtRpMAQAAAAM= 8 | -----END SSH SIGNATURE----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-sk-256-no-touch-required-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ 3 | AAAAhuaXN0cDI1NgAAAEEE7zLW+kMQAxFhjJyz3zpyuxxvJC9G3v6MnFerzcsz1HuEP3L2 4 | Ih3R/D03i7eHfI85fV2Exbdnf+QMlDoMSjwG6AAAAARzc2g6AAAABGZpbGUAAAAAAAAABn 5 | NoYTUxMgAAAHgAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAEkA 6 | AAAgYZ7NpGEwp+StzjZivnhGR9UmiAb1RhIzhjNqynbt7F8AAAAhALXS+/eahRENNN4w5j 7 | UP4bM1Net1EBN4bF0VTJBydiPLAAAAAAY= 8 | -----END SSH SIGNATURE----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-sk-256-rsa-2048-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAApMAAAAcc3NoLXJzYS1jZXJ0LXYwMUBvcGVuc3NoLmNvbQAAACDWcd 3 | m0R+TQ8fstdCKX+XuCOuR5jrdT/LNkf1CjpzCzkwAAAAMBAAEAAAEBAOmnPQZnKfEHVvR9 4 | ZBdYiWew3ulnbdruR0mq3r268k2th9fItOWg/Npg/mEE5MmL/0QvLJsoICEFpUXTm5jJcO 5 | zzL5gGhf4j+QH2fqlYvSqnv1ocfIaLVACdyB/DUk9niQO2mz5jdfe4M9+erFP/NMDEctYE 6 | OLfkV1I9fw7PPmXcFfrlXDl3wnQYrWAAq0r5qoEz0IFmrrbxVFRQhVKffTLuI/9YCqzxyy 7 | 53TFcDug6BP5JalfFG0HT8JWKd2cgwF1+Y+4siwChPCXb7XagG5qzi1cXfW7mjXjqxBuC6 8 | gb3JSOPGjl5HQLZZbB3MFisMKpelfZCePDjC0bhDp+7gIx0AAAAAAAAAAAAAAAEAAAATb2 9 | N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAA 10 | fwAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AA 11 | AAQQS/1sTWhBj/VG1vEDgiRlVq1C59/F+Ddju9nI63kGZ9c6kf0ADHVCU+X2XMveorZ/ee 12 | BOmEKkpFzQV9nL92ACHxAAAABHNzaDoAAAB5AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNT 13 | ZAb3BlbnNzaC5jb20AAABKAAAAIQCN9Ty2RueT8N4hI5eZG6CFJ2ouopgLaRInTWpwr8pC 14 | BwAAACEA/oF95fsvJNJFKPJNNyV0eMEFqnMWNvYPcVHH/cJZDpsBAAAACwAAAARmaWxlAA 15 | AAAAAAAAZzaGE1MTIAAAEUAAAADHJzYS1zaGEyLTUxMgAAAQCRw4PJk5mH3E6pjNoxNnwO 16 | +emUE/M02TugCWhxScuWg7b91Vy8w9ZwJVg1iV/cjespTlO4Rb5DRaVM2z1MyMk9+lo1hs 17 | kPdkrJujCFbfGEbz+JiC0hcdDetHDeWhtqKWXVio6wwuHk3x0SIsgr6AqLfbGs2Xw6rCbY 18 | y69C9XF86y3mlYUOnyRJDBHJsPUmPr1cY5bLItNa1wxTiQc3eMjYMCRLHI9GnkxL6s8UB7 19 | ToRRrfi6P16plJOTgg5J/dP1jP2ljBDrMolvId6AD6XLhqckPx6/mfUX0XfkupO5R378cR 20 | TtRlfhDeL49ReV0F6aY+aJ27jX8tkODIxkwkGoBq 21 | -----END SSH SIGNATURE----- 22 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ecdsa-sk-256-verify-required-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ 3 | AAAAhuaXN0cDI1NgAAAEEECQFNMjgiFRfejK3WZs5uJC248i2CbBq4Eew7UvUc91dRSXf1 4 | WxT7KNJN9b87/faSlHwvvu5WfBM3j2RLedB56gAAAARzc2g6AAAABGZpbGUAAAAAAAAABn 5 | NoYTUxMgAAAHcAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAEgA 6 | AAAgJzZkJ3IhcBmiZOIdw2/aOYrNhullyhYPLyHilvkBrzQAAAAgHjEuZBWCpw0E5zjfGH 7 | r8sxFBt3zNP0AI4cFTXF6IyOoFAAAACA== 8 | -----END SSH SIGNATURE----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-256-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg1e4R+AkU+ybCVIxGNtxRduHsr4 3 | DBD+BHDa6XY30FXLAAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAAAUwAAAAtzc2gtZWQyNTUx 4 | OQAAAECNB7S7IXSAnSICBpoukqX+YS35dT6FcJ/d5sdYWbXnUqNs1FE9Qiplu7jrZtPYHz 5 | FFDA2+1k10/McMOEbbRgQL 6 | -----END SSH SIGNATURE----- 7 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-sk-256-ecdsa-sk-256-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAagAAAArc2stZWNkc2Etc2hhMi1uaXN0cDI1Ni1jZXJ0LXYwMUBvcG 3 | Vuc3NoLmNvbQAAACAIi4TemoYKCSOKa2fucOEm4OhQrBvoVZYOFK3A4UCIbgAAAAhuaXN0 4 | cDI1NgAAAEEEir23xcSicFatKV8wnW+UTKnJTRoyUxItOtMIaNHHgat5Hxb11tY1wUiZKb 5 | 61/LY3CQA/abMVtvGtw600QNU4DQAAAARzc2g6AAAAAAAAAAAAAAABAAAAE29jdG9jYXRA 6 | ZXhhbXBsZS5jb20AAAAAAAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAAEoAAAAac2 7 | stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgX18TowhM9BVz+xj2z/ogxEsCUw3jwInE 8 | /MurYa1/HfYAAAAEc3NoOgAAAGcAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAA 9 | BAKn4tO+67nkKBTUZDNHuJVgrw1ftIGkmnBkgWmjm5tH6BceKisyOV1syozC5oJuGKXPrT 10 | AlUxN6jcGRWzFhKmAAEAAAAuAAAABGZpbGUAAAAAAAAABnNoYTUxMgAAAHkAAAAic2stZW 11 | Nkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAEoAAAAhAPWSglmWmTRuJy3al+ZF 12 | DLxqPB8Ws8sPn3+xcVfriCB3AAAAIQDEUTS4VjN6ydzLcAGAmdzwuPEOFhBg7+S5uS40qX 13 | 33VwEAAAAM 14 | -----END SSH SIGNATURE----- 15 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-sk-256-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgI5DSOR 3 | 5Z6/GviRB8dJEIo4boF2Obt40vHGfYoETcfa0AAAAEc3NoOgAAAARmaWxlAAAAAAAAAAZz 4 | aGE1MTIAAABnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQI6rE/YbhO8wiS 5 | IrSyYzruE45lLkZwVykCV3gE1y3EiI/OF+E9TOPmn2GBrk2YBd/Tr+zrc+NQXOBhNq7r2p 6 | OgIBAAAABQ== 7 | -----END SSH SIGNATURE----- 8 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-sk-256-no-touch-required-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgWuoTQN 3 | IuCB+4cT5HRWu7gIy9znEIPnrJGSnXFvJwOtcAAAAEc3NoOgAAAARmaWxlAAAAAAAAAAZz 4 | aGE1MTIAAABnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQPUJkLKAU9rAKV 5 | vht7EOABhf3gfTqoTDP9rhGg+2csEzq1qOrI7yNK9uEQU3ab2gJUtjAjeWDENllPcegxr/ 6 | MwYAAAAAAw== 7 | -----END SSH SIGNATURE----- 8 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-sk-256-rsa-2048-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAkwAAAAcc3NoLXJzYS1jZXJ0LXYwMUBvcGVuc3NoLmNvbQAAACAc0l 3 | f//UYZfjR8N3k6PSbJIaY1rwLo4hmIOTjTovsn5wAAAAMBAAEAAAEBAMyTqmTZSy0JikDy 4 | LNRoED6F3znkfV79aolWdLCbhFGaR1yPc+Mk6cLXl8yqvfpTXbrp196cHD4VaLRnYaNC2Z 5 | cIddGunIBUoV9JIgCYAjErsVzzfOZz2qGaugX8ic+oML9AR2JTogubpbUMBZCIcSIH4TbX 6 | AX2zJrjR14UzC1/fjR3ezBop/vgMlZZVa6A1fgIfp7PLj+aU1v8sq6+pV3tho7ukqSbq8C 7 | 8FW0rPY8G372e283mgsDghR/3mkopgenJzyHQt2RUI/9oeKrtzAOZEesQ6CwPE5zRmEUkW 8 | OnHKcuEbI4JmGYMccG5WRAuocvkcWi3CJXHq4rlSZiSGH+sAAAAAAAAAAAAAAAEAAAATb2 9 | N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAA 10 | SgAAABpzay1zc2gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACBfXxOjCEz0FXP7GPbP+iDESw 11 | JTDePAicT8y6thrX8d9gAAAARzc2g6AAAAZwAAABpzay1zc2gtZWQyNTUxOUBvcGVuc3No 12 | LmNvbQAAAEDsKXCpZHUjMAoF/Fb6hepeARxCbPweYFU442boUX8fdCkROl0Py9QUJoJZwr 13 | YZTN94P88F6X5huG1clbUxHMAKAQAAAAgAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAABFAAA 14 | AAxyc2Etc2hhMi01MTIAAAEAgxqAU9JzwaFlwE1eZCeeTb3U4+wYw8BOu56aDoMYYWEEop 15 | A6HkIOc7Jib0p99ExvkbG3zjC6YeX3wzk6JD+8lp3DL+WHE+LNRWyDHvwWADgrKxoEtMMb 16 | /+gGz+fPZ/NccLHws6Hg9vRbv6rv1vnX4Z9L6JZqUL6S0w0xjUKE4Y8AhUbfPfedu7poQZ 17 | 167xROT+5Gb+OdpWlhRTqkm+j90cRAMS8Mf56py5ndimuBYzyrbB6iR0398UEvr7TuMtQh 18 | mRx0A4fdCKITu7A2xjQtBVmbi+BQARIm2c+vwrZpT/ORN9VlwA+F0qIFD3NEQd7f+rSGF+ 19 | E/KGql1eYLG/W6zg== 20 | -----END SSH SIGNATURE----- 21 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.ed25519-sk-256-verify-required-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgKu4u1m 3 | 52xSrQl4HLKs1EZGeFFUyhrztxVJaWJ5zZhIsAAAAEc3NoOgAAAARmaWxlAAAAAAAAAAZz 4 | aGE1MTIAAABnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQImvPYiSwTUeGo 5 | m00JQZwoy4AvGtq7KNDFTnT1PQVuxoKn6UrcWcyUKSFHUfodjN/Tmb87ViyHDhGjsjRIdH 6 | iA4FAAAABw== 7 | -----END SSH SIGNATURE----- 8 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.rsa-2048-ecdsa-256-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAxcAAAAoZWNkc2Etc2hhMi1uaXN0cDI1Ni1jZXJ0LXYwMUBvcGVuc3 3 | NoLmNvbQAAACAB+DkCXFG3I/70j/PZIr5v55+BeODCyyqvKypsGiYJLgAAAAhuaXN0cDI1 4 | NgAAAEEEjizw6toloNLWI5Cbvc31Auwtg8N69+VZyHJTiicTuhTsLgEtj+TWbPVqCeK751 5 | AUARcqpzmB3dYMQ+ti2qoiPQAAAAAAAAAAAAAAAQAAABNvY3RvY2F0QGV4YW1wbGUuY29t 6 | AAAAAAAAAAAAAAAA//////////8AAAAAAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQ 7 | ABAAABAQDBVcd8deev1PKbO0GCYgK2RByIn9eac4lWgexAfWT0WsJZ2p9ZRuPLT11KWCcG 8 | ZULSLPMgI1B4kHfr4NkMChayajeeURULtV3PWM8Vtd49Op11+SnUk6LuDes27lKjMIMLKt 9 | PRkUE0/f7o1gTIQ6rExrNC8m1qm0VRuWvn6OmSwujdSSyJlrq3TjKAxl/PMPnqw3duaoSz 10 | O0bKV+xhqmWvESbVsgb10i4L7vEE/4Dvc45FpyNQbd/VNB+3uTLaF11P3vxvo/Qau+YuW+ 11 | p4UIoLHPnaaynYw37UBfeFidrtW81gLX1gle3qQI4TF+JQERuqaUZxR7qvhKyHxQblDkWT 12 | AAABFAAAAAxyc2Etc2hhMi01MTIAAAEAwCLljUsnNb5PV0BKstOxoRWq2HYwpBUbbptc4A 13 | Gb1eHo200ErALyggdK9NyRxAhQwJMJOEvMei03KsJ9rWi4ghlQxo5XH5cUg3VL6a0dSW4r 14 | 79z0YkhjWyJoNcKrSWC214KCd5X5ybnbtt91fqtZFT/fpvqdnI1lppJgg5mQOpdolhjGO7 15 | FLSflpECMqnjQQeOVmJQVSzgRgm6MN52keXTBNtKUR5UiGYSjveSguyXkHp5/z8BBbTGUV 16 | lmEuQrb+Sg2BcnRE7hG1l98plYnGEzU0JNWEJAepWTH4N22q9jWFahZNgE8FzMhO9q2F/9 17 | Wf7Sd8QUiKnsmKaogH4MdMkgAAAARmaWxlAAAAAAAAAAZzaGE1MTIAAABkAAAAE2VjZHNh 18 | LXNoYTItbmlzdHAyNTYAAABJAAAAIQCAGJUieJd1JsDrgWqEW3LmE5+Cj24zKO09WUnEmx 19 | WrrQAAACB88Pg0UkZug3TVcKQgT1oClkJhqK83kZaHjP/bTKk7Gg== 20 | -----END SSH SIGNATURE----- 21 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAyIAAAArc2stZWNkc2Etc2hhMi1uaXN0cDI1Ni1jZXJ0LXYwMUBvcG 3 | Vuc3NoLmNvbQAAACAjR5U36ps13d0rwY955LBUXrm5/Mn4wMyQ3ymhrGJ40gAAAAhuaXN0 4 | cDI1NgAAAEEE/4o4GdGw6meqNQgXD98Hpqvu/w/zQoEP8lVfpLOsvYDMEJbLRMJedk57/s 5 | 10rRz1xmHUedDsoRCr9Ivu0FWKvAAAAARzc2g6AAAAAAAAAAAAAAABAAAAE29jdG9jYXRA 6 | ZXhhbXBsZS5jb20AAAAAAAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAARcAAAAHc3 7 | NoLXJzYQAAAAMBAAEAAAEBAMFVx3x156/U8ps7QYJiArZEHIif15pziVaB7EB9ZPRawlna 8 | n1lG48tPXUpYJwZlQtIs8yAjUHiQd+vg2QwKFrJqN55RFQu1Xc9YzxW13j06nXX5KdSTou 9 | 4N6zbuUqMwgwsq09GRQTT9/ujWBMhDqsTGs0LybWqbRVG5a+fo6ZLC6N1JLImWurdOMoDG 10 | X88w+erDd25qhLM7RspX7GGqZa8RJtWyBvXSLgvu8QT/gO9zjkWnI1Bt39U0H7e5MtoXXU 11 | /e/G+j9Bq75i5b6nhQigsc+dprKdjDftQF94WJ2u1bzWAtfWCV7epAjhMX4lARG6ppRnFH 12 | uq+ErIfFBuUORZMAAAEUAAAADHJzYS1zaGEyLTUxMgAAAQBoDXu6nTtkgGWVEVpF1CMwUE 13 | jS0dMKe3TwR/o2MB7KzU115hIGADFw4ccucbEBf7yDcDlPQLA8qz2qIqqI31C5O/eJaVt3 14 | R2ozDKpic8kR8eLtl15biHTLl+2gO26pw1Xj+Bgp8Y2u7VWHeyPXyJEHnkWN6Z7fgOnErh 15 | krl4AFdZpJqlO5kBYcfD5VEICLAlTKPcMvTJMsTNonajgAeNDKUnYTEYjRvcqiACucQ4L7 16 | Bwb2XorQi0bXIjQ/ROdeDt5Boj92QzvcVF4s/qc2TcVLwRF293GqZYyUNxPDgx/FlH3vVL 17 | c/mWsH9Y3Q97VD9dTJUeemJe9c7rw2LGzDmJ6IAAAABGZpbGUAAAAAAAAABnNoYTUxMgAA 18 | AHcAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAEgAAAAgcBNFLL 19 | XaXWFHJMrO+1g/uc3jEmriFo78/3fKifpyhUgAAAAgPzYCXVLASoF2t4syOA6QDu80/PCP 20 | aEsOHQOCfXw+Ps0BAAAACQ== 21 | -----END SSH SIGNATURE----- 22 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAAu0AAAAjc2stc3NoLWVkMjU1MTktY2VydC12MDFAb3BlbnNzaC5jb2 3 | 0AAAAg0Kdphy7ZVA59xWQvQ6nN3teTfe7Xk3i/icBw9ZFOinwAAAAgd5guDCNz+m3ln1ij 4 | 3QIggE8vhaPvhpp5lWNQdYf+34QAAAAEc3NoOgAAAAAAAAAAAAAAAQAAABNvY3RvY2F0QG 5 | V4YW1wbGUuY29tAAAAAAAAAAAAAAAA//////////8AAAAAAAAAAAAAAAAAAAEXAAAAB3Nz 6 | aC1yc2EAAAADAQABAAABAQDBVcd8deev1PKbO0GCYgK2RByIn9eac4lWgexAfWT0WsJZ2p 7 | 9ZRuPLT11KWCcGZULSLPMgI1B4kHfr4NkMChayajeeURULtV3PWM8Vtd49Op11+SnUk6Lu 8 | Des27lKjMIMLKtPRkUE0/f7o1gTIQ6rExrNC8m1qm0VRuWvn6OmSwujdSSyJlrq3TjKAxl 9 | /PMPnqw3duaoSzO0bKV+xhqmWvESbVsgb10i4L7vEE/4Dvc45FpyNQbd/VNB+3uTLaF11P 10 | 3vxvo/Qau+YuW+p4UIoLHPnaaynYw37UBfeFidrtW81gLX1gle3qQI4TF+JQERuqaUZxR7 11 | qvhKyHxQblDkWTAAABFAAAAAxyc2Etc2hhMi01MTIAAAEAgG2xKVu2dWWLDc9X8tuVYXax 12 | wQ2+AH7N2ql//yNCMvxA4P/5IdJXz0xE+5/DH6ZYjjzqKV07RdHg+CvawxqEe1c6TRDmZa 13 | m3p9Z5D3/3j8jdtsQotYpxhYQDbQJOs+41wmVz+PoVo8FsZEK95j5IcSo+WaoVS/mKMEx/ 14 | IKw8Cfk1b1RdeaWZd/E7/CmnATSjpZN3vfIkRpNi821Jl1e1CMedC7/Nu64G/zqo68jiuK 15 | jLc3LklA66+X3ZxtZjQo5qxahMPoTCpx3JlzyhdgFgsmAH+zsf1JHAb0tZohFHgKMU8/NL 16 | HtlqG8g5W1S11sOX/hVAQqS3txHv64Ox/uAr2gAAAARmaWxlAAAAAAAAAAZzaGE1MTIAAA 17 | BnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQHX5z7SbtWc9/yklinLY0Nog 18 | Zaqb53s2jbIKIraIaKtE4NtjHPtg0F/ukkGC6IxCb1SVi6QvHZlkWit2yPFfiQEBAAAACQ 19 | == 20 | -----END SSH SIGNATURE----- 21 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/message.rsa-2048-no-options-individual.sig: -------------------------------------------------------------------------------- 1 | -----BEGIN SSH SIGNATURE----- 2 | U1NIU0lHAAAAAQAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAJVqMcQZ1IJrn2DpuZzniW 3 | JNF5fOsd9lbXoQky2cYZwn5Jnp7seZkMXcFjl9pd1YodEict7eWKXm2JhWvwSvVS5MlWOm 4 | r3O1bsNgm7HpMdVILakWwtQkQHSXWTwT5AfQDfG0djrfXEeNM1SdyFwr3i7CzEzvIWgz1s 5 | 8Zw7EF1GoaCaf3yVqhlk0e4jOctCQa8zSSkr8eLjvg7VWohGldf3/RcHDKbV9GtXTnSoIZ 6 | PEebgFZDaDkvySZ+9Kwzz7yd1bWGEoV0xqj252Tr+GDknXQKhTdfzyqPzWK0Bjqpa15KfT 7 | SW5sxlACIm256vC6Y80uwcxuQ7RkqYNqPKvXBL4R0AAAAEZmlsZQAAAAAAAAAGc2hhNTEy 8 | AAABFAAAAAxyc2Etc2hhMi01MTIAAAEAdTvGjLZUEsbEohKD58Dt4qc7j+CapyYVBYajmp 9 | cnObDo4BCbcIxHektuNscsVrheB74JDuxWHW/WnSAMlhPi5P8TeB/RmR98RO/Vpyl/fEpk 10 | Sf7zHNKIzhQGRMXX36ysvkOxmQPOBggfqix1CwK2DElH3fSbLUznu8wiDho6P8mM82NzQT 11 | Y0Vc2Bixfj7vdIItVy1Z390dfiny3OOAWvo5BzI6iHWUKnvuZ7Rm+K4oApawS29zNy2pEa 12 | yksEze4TMTu7tW5kpC6UJ3M/VhNtRiBe0sbmy2UsqxbRW/6sYFyjyB9/3RjXwJWIVfMu0n 13 | B6PO/Fr2E+NC1CjwKClIAgmw== 14 | -----END SSH SIGNATURE----- 15 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ca-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAwVXHfHXnr9TymztBgmICtkQciJ/XmnOJVoHsQH1k9FrCWdqfWUbj 4 | y09dSlgnBmVC0izzICNQeJB36+DZDAoWsmo3nlEVC7Vdz1jPFbXePTqddfkp1JOi7g3rNu 5 | 5SozCDCyrT0ZFBNP3+6NYEyEOqxMazQvJtaptFUblr5+jpksLo3UksiZa6t04ygMZfzzD5 6 | 6sN3bmqEsztGylfsYaplrxEm1bIG9dIuC+7xBP+A73OORacjUG3f1TQft7ky2hddT978b6 7 | P0GrvmLlvqeFCKCxz52msp2MN+1AX3hYna7VvNYC19YJXt6kCOExfiUBEbqmlGcUe6r4Ss 8 | h8UG5Q5FkwAAA7h0YpBedGKQXgAAAAdzc2gtcnNhAAABAQDBVcd8deev1PKbO0GCYgK2RB 9 | yIn9eac4lWgexAfWT0WsJZ2p9ZRuPLT11KWCcGZULSLPMgI1B4kHfr4NkMChayajeeURUL 10 | tV3PWM8Vtd49Op11+SnUk6LuDes27lKjMIMLKtPRkUE0/f7o1gTIQ6rExrNC8m1qm0VRuW 11 | vn6OmSwujdSSyJlrq3TjKAxl/PMPnqw3duaoSzO0bKV+xhqmWvESbVsgb10i4L7vEE/4Dv 12 | c45FpyNQbd/VNB+3uTLaF11P3vxvo/Qau+YuW+p4UIoLHPnaaynYw37UBfeFidrtW81gLX 13 | 1gle3qQI4TF+JQERuqaUZxR7qvhKyHxQblDkWTAAAAAwEAAQAAAQBQn7b6/ihKOSGa/pEJ 14 | EFpVK/5CM3Yz4K6LNs8Q7bnl9NtLoVIGZvuj00ryL+TGVAATqc8RvehW/tgjs7aPwL1KVe 15 | Uvzlxab53ZVA233gn5urHjeq6pCZBOedt3ItevWhGr3IZMxKhOswVUj7ua0C0stjgXWQWs 16 | CWhU9mA7a/PL0WZzRhMgs9Im/H8Mmk5zpTrwLg7RWGu28Ei4ib4Xx8gngvaAd/skv6lcWk 17 | PlLfVTcVFYo/HqCe/DuCLnl/Ln3koc67UxNvy/8mp6KgEGONDHiHtXAVq0rmQ1O51PpQM2 18 | pQWGoXFPvyHcdV47Vjg05/HCORmYdlvpH4hW3QoS3SXhAAAAgQDK+6q5rIap3J/p+/3rOw 19 | TX+By6shYkbekpiImgM23StI3jw5TZ5AIsIInoU68tYxcpbSXZooUJANj+VlidGcY/E01D 20 | pa59hfPEmu/VJolEGZTEtXVN5P5Vf3QHBLSF6WZDd8umn2L3MHfUQN6QeRMoAf0VUhh3lm 21 | L98uKDjF27LwAAAIEA65trR2tnJb1CPc8P8kFxn2oYpkZ9BLwex5pLn1+DltJQhAn2GE5E 22 | Hkw2xGSxsXzfRaG2aqSADeCD2IafacD6t+vaO6MK7SJAEPcp9pGJwcfoyroUY9QzY71/4R 23 | wbJOWsuwlfsHVAyGot0CkLSVvZlhwK2PuzB3tvvMuHXT2anosAAACBANIRsl9GZhvMN5/b 24 | O7ESSx9T09XJ8kksomRQwNWaN3HHnC3wQsh8jYkzhIqGsinh1ZoPB8vkkDCCbk9TK3wHNb 25 | GOc+adT718t08v6/0naQcrAaZ8QpmGNel74FfDUKwkRQ3rzhT/HI4FZDpuuBe8Lp3oo9Hq 26 | Qa+q5eG39OQfsZ4ZAAAAAAEC 27 | -----END OPENSSH PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ca-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBVcd8deev1PKbO0GCYgK2RByIn9eac4lWgexAfWT0WsJZ2p9ZRuPLT11KWCcGZULSLPMgI1B4kHfr4NkMChayajeeURULtV3PWM8Vtd49Op11+SnUk6LuDes27lKjMIMLKtPRkUE0/f7o1gTIQ6rExrNC8m1qm0VRuWvn6OmSwujdSSyJlrq3TjKAxl/PMPnqw3duaoSzO0bKV+xhqmWvESbVsgb10i4L7vEE/4Dvc45FpyNQbd/VNB+3uTLaF11P3vxvo/Qau+YuW+p4UIoLHPnaaynYw37UBfeFidrtW81gLX1gle3qQI4TF+JQERuqaUZxR7qvhKyHxQblDkWT 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-256-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQSOLPDq2iWg0tYjkJu9zfUC7C2Dw3r3 4 | 5VnIclOKJxO6FOwuAS2P5NZs9WoJ4rvnUBQBFyqnOYHd1gxD62LaqiI9AAAAoER2NnJEdj 5 | ZyAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBI4s8OraJaDS1iOQ 6 | m73N9QLsLYPDevflWchyU4onE7oU7C4BLY/k1mz1agniu+dQFAEXKqc5gd3WDEPrYtqqIj 7 | 0AAAAhAIIbq5l02+wXVqlTaF1UlhPlw9QDCORIAUGRHJlNCDnOAAAAAAECAwQFBgc= 8 | -----END OPENSSH PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-256-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgAfg5AlxRtyP+9I/z2SK+b+efgXjgwssqrysqbBomCS4AAAAIbmlzdHAyNTYAAABBBI4s8OraJaDS1iOQm73N9QLsLYPDevflWchyU4onE7oU7C4BLY/k1mz1agniu+dQFAEXKqc5gd3WDEPrYtqqIj0AAAAAAAAAAAAAAAEAAAATb2N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAwVXHfHXnr9TymztBgmICtkQciJ/XmnOJVoHsQH1k9FrCWdqfWUbjy09dSlgnBmVC0izzICNQeJB36+DZDAoWsmo3nlEVC7Vdz1jPFbXePTqddfkp1JOi7g3rNu5SozCDCyrT0ZFBNP3+6NYEyEOqxMazQvJtaptFUblr5+jpksLo3UksiZa6t04ygMZfzzD56sN3bmqEsztGylfsYaplrxEm1bIG9dIuC+7xBP+A73OORacjUG3f1TQft7ky2hddT978b6P0GrvmLlvqeFCKCxz52msp2MN+1AX3hYna7VvNYC19YJXt6kCOExfiUBEbqmlGcUe6r4Ssh8UG5Q5FkwAAARQAAAAMcnNhLXNoYTItNTEyAAABAMAi5Y1LJzW+T1dASrLTsaEVqth2MKQVG26bXOABm9Xh6NtNBKwC8oIHSvTckcQIUMCTCThLzHotNyrCfa1ouIIZUMaOVx+XFIN1S+mtHUluK+/c9GJIY1siaDXCq0lgtteCgneV+cm527bfdX6rWRU/36b6nZyNZaaSYIOZkDqXaJYYxjuxS0n5aRAjKp40EHjlZiUFUs4EYJujDedpHl0wTbSlEeVIhmEo73koLsl5B6ef8/AQW0xlFZZhLkK2/koNgXJ0RO4RtZffKZWJxhM1NCTVhCQHqVkx+DdtqvY1hWoWTYBPBczITvathf/Vn+0nfEFIip7JimqIB+DHTJI= ./rsa-2048-ecdsa-256-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-256-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBI4s8OraJaDS1iOQm73N9QLsLYPDevflWchyU4onE7oU7C4BLY/k1mz1agniu+dQFAEXKqc5gd3WDEPrYtqqIj0= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQT/ijgZ0bDq 4 | Z6o1CBcP3wemq+7/D/NCgQ/yVV+ks6y9gMwQlstEwl52Tnv+zXStHPXGYdR50OyhEKv0i+ 5 | 7QVYq8AAAABHNzaDoAAADYAFRkpgBUZKYAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEE/4o4GdGw6meqNQgXD98Hpqvu/w/zQoEP8l 7 | VfpLOsvYDMEJbLRMJedk57/s10rRz1xmHUedDsoRCr9Ivu0FWKvAAAAARzc2g6AQAAAED4 8 | fJTun4mlO2YLMB3jfAZikovsoJ47cpvSnISnsttZYzDt9A9N1rysrK5YhC+pRp3fh7dejW 9 | KxhA5Lu4BKQXsWAAAAAAAAAAABAgME 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAK3NrLWVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgI0eVN+qbNd3dK8GPeeSwVF65ufzJ+MDMkN8poaxieNIAAAAIbmlzdHAyNTYAAABBBP+KOBnRsOpnqjUIFw/fB6ar7v8P80KBD/JVX6SzrL2AzBCWy0TCXnZOe/7NdK0c9cZh1HnQ7KEQq/SL7tBVirwAAAAEc3NoOgAAAAAAAAAAAAAAAQAAABNvY3RvY2F0QGV4YW1wbGUuY29tAAAAAAAAAAAAAAAA//////////8AAAAAAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDBVcd8deev1PKbO0GCYgK2RByIn9eac4lWgexAfWT0WsJZ2p9ZRuPLT11KWCcGZULSLPMgI1B4kHfr4NkMChayajeeURULtV3PWM8Vtd49Op11+SnUk6LuDes27lKjMIMLKtPRkUE0/f7o1gTIQ6rExrNC8m1qm0VRuWvn6OmSwujdSSyJlrq3TjKAxl/PMPnqw3duaoSzO0bKV+xhqmWvESbVsgb10i4L7vEE/4Dvc45FpyNQbd/VNB+3uTLaF11P3vxvo/Qau+YuW+p4UIoLHPnaaynYw37UBfeFidrtW81gLX1gle3qQI4TF+JQERuqaUZxR7qvhKyHxQblDkWTAAABFAAAAAxyc2Etc2hhMi01MTIAAAEAaA17up07ZIBllRFaRdQjMFBI0tHTCnt08Ef6NjAeys1NdeYSBgAxcOHHLnGxAX+8g3A5T0CwPKs9qiKqiN9QuTv3iWlbd0dqMwyqYnPJEfHi7ZdeW4h0y5ftoDtuqcNV4/gYKfGNru1Vh3sj18iRB55Fjeme34DpxK4ZK5eABXWaSapTuZAWHHw+VRCAiwJUyj3DL0yTLEzaJ2o4AHjQylJ2ExGI0b3KogArnEOC+wcG9l6K0ItG1yI0P0TnXg7eQaI/dkM73FReLP6nNk3FS8ERdvdxqmWMlDcTw4MfxZR971S3P5lrB/WN0Pe1Q/XUyVHnpiXvXO68Nixsw5ieiA== ./rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ecdsa-sk-2048-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBP+KOBnRsOpnqjUIFw/fB6ar7v8P80KBD/JVX6SzrL2AzBCWy0TCXnZOe/7NdK0c9cZh1HnQ7KEQq/SL7tBVirwAAAAEc3NoOg== 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACB3mC4MI3P6beWfWKPdAiCATy+Fo++GmnmVY1B1 4 | h/7fhAAAAARzc2g6AAAA4H+z659/s+ufAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIHeYLgwjc/pt5Z9Yo90CIIBPL4Wj74aaeZVjUHWH/t+EAAAABHNzaDoBAAAAgK24 6 | UJr/fAlqqalXl98+xWiq61NB66u+mTIr0Msy9NANoMWDJqChaq2e4mZJUHcH5jiH8jdAHu 7 | wTc2wA6GF7NVivcLlLWu9mCAUWYoLZWZVTg4yZfqlLYTZFDYKl5w4vxpBx7+ZYdmC1MhAO 8 | 6jLxV8J4Hg0wPEZXa9mJ9SGatA/NAAAAAAAAAAAB 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519-cert-v01@openssh.com AAAAI3NrLXNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAINCnaYcu2VQOfcVkL0Opzd7Xk33u15N4v4nAcPWRTop8AAAAIHeYLgwjc/pt5Z9Yo90CIIBPL4Wj74aaeZVjUHWH/t+EAAAABHNzaDoAAAAAAAAAAAAAAAEAAAATb2N0b2NhdEBleGFtcGxlLmNvbQAAAAAAAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAwVXHfHXnr9TymztBgmICtkQciJ/XmnOJVoHsQH1k9FrCWdqfWUbjy09dSlgnBmVC0izzICNQeJB36+DZDAoWsmo3nlEVC7Vdz1jPFbXePTqddfkp1JOi7g3rNu5SozCDCyrT0ZFBNP3+6NYEyEOqxMazQvJtaptFUblr5+jpksLo3UksiZa6t04ygMZfzzD56sN3bmqEsztGylfsYaplrxEm1bIG9dIuC+7xBP+A73OORacjUG3f1TQft7ky2hddT978b6P0GrvmLlvqeFCKCxz52msp2MN+1AX3hYna7VvNYC19YJXt6kCOExfiUBEbqmlGcUe6r4Ssh8UG5Q5FkwAAARQAAAAMcnNhLXNoYTItNTEyAAABAIBtsSlbtnVliw3PV/LblWF2scENvgB+zdqpf/8jQjL8QOD/+SHSV89MRPufwx+mWI486ildO0XR4Pgr2sMahHtXOk0Q5mWpt6fWeQ9/94/I3bbEKLWKcYWEA20CTrPuNcJlc/j6FaPBbGRCveY+SHEqPlmqFUv5ijBMfyCsPAn5NW9UXXmlmXfxO/wppwE0o6WTd73yJEaTYvNtSZdXtQjHnQu/zbuuBv86qOvI4rioy3Ny5JQOuvl92cbWY0KOasWoTD6EwqcdyZc8oXYBYLJgB/s7H9SRwG9LWaIRR4CjFPPzSx7ZahvIOVtUtdbDl/4VQEKkt7cR7+uDsf7gK9o= ./rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key.pub 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-ed25519-sk-2048-leaf-no-options-certificate.key.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHeYLgwjc/pt5Z9Yo90CIIBPL4Wj74aaeZVjUHWH/t+EAAAABHNzaDo= 2 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-no-options-individual.key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAlWoxxBnUgmufYOm5nOeJYk0Xl86x32VtehCTLZxhnCfkmenux5mQ 4 | xdwWOX2l3Vih0SJy3t5YpebYmFa/BK9VLkyVY6avc7Vuw2Cbsekx1UgtqRbC1CRAdJdZPB 5 | PkB9AN8bR2Ot9cR40zVJ3IXCveLsLMTO8haDPWzxnDsQXUahoJp/fJWqGWTR7iM5y0JBrz 6 | NJKSvx4uO+DtVaiEaV1/f9FwcMptX0a1dOdKghk8R5uAVkNoOS/JJn70rDPPvJ3VtYYShX 7 | TGqPbnZOv4YOSddAqFN1/PKo/NYrQGOqlrXkp9NJbmzGUAIibbnq8LpjzS7BzG5DtGSpg2 8 | o8q9cEvhHQAAA7j2wpnT9sKZ0wAAAAdzc2gtcnNhAAABAQCVajHEGdSCa59g6bmc54liTR 9 | eXzrHfZW16EJMtnGGcJ+SZ6e7HmZDF3BY5faXdWKHRInLe3lil5tiYVr8Er1UuTJVjpq9z 10 | tW7DYJux6THVSC2pFsLUJEB0l1k8E+QH0A3xtHY631xHjTNUnchcK94uwsxM7yFoM9bPGc 11 | OxBdRqGgmn98laoZZNHuIznLQkGvM0kpK/Hi474O1VqIRpXX9/0XBwym1fRrV050qCGTxH 12 | m4BWQ2g5L8kmfvSsM8+8ndW1hhKFdMao9udk6/hg5J10CoU3X88qj81itAY6qWteSn00lu 13 | bMZQAiJtuerwumPNLsHMbkO0ZKmDajyr1wS+EdAAAAAwEAAQAAAQAN92U7fWad4k19k5tk 14 | DUiMRcSEzi9WQHbhSBdZ1hpRrHDz6igFxFcCB7aUHSiZ7iUCFYRDTOlgaJmqc8FbQMBnmY 15 | UFUZlo6Xa3EJq9IJ0l4J9UBOqlRdY4j8UplnpkOJB1HXdHvYU0swAvUqhd5UPZfx/1uQyY 16 | XvAfX7spGvBmEnBwb50IyaM1IeCNCiG8lfjEmQPkwPSlHeYyuEi0RxKoXKQ6ROpYI0EXTu 17 | lv6eNwZ5KNcFf4HR1pvls3BcK0/1NQWgGeDXAJBfmg503XzPgOot1+rUmYIADrdlespdZn 18 | V2njIfXVz/BQjbegLha82viORKaRMpYF31jwzefYIbHBAAAAgC7MgbfUruWjgNhbR+rjGl 19 | Duy/fBvsHHccBizQM/N50iC+nUHS1wCLM9DLA6LjUxng+Zh5HFZn9UpdCLN1O+BmGR//lu 20 | tyTPyaPXJxJ48lTEwmQRwZwf/JZyU4WGFyU8QP3yDRH29QmS0pRpSKZC6i1F4nf62ByW7d 21 | cAw/yiwMveAAAAgQDD/HAWCBjjTQdTvhFQsBH7mMYLAlFqPSRm4Jaj5chwixEs+oCwdhhq 22 | opLoKDn6EclHD/dvbDFDHgJI4mMfkumae/htIbV73QKXnQrm8uepRmnKQVwJXR5+6K5+Th 23 | WIql/uWjpa+z75AH//wZTGM2ujeyLwsOKXlrYJXdc/cs6LFQAAAIEAwyr8ED6dQnjRMma4 24 | /V/SQCFzFL5aNH0AFcSdujYyuzv9KtodwAr2k+3TpIKvus0jlsGe5/uAgebl8IP8k/cjSz 25 | OlzSufRy7+ex8DIwS6rqhdnI7DUpKe0CD1RO/GJ9s0o/m1rwNODnc8CdYCqfQf8MoaextP 26 | sEWAxjcJ8pSI3+kAAAAAAQID 27 | -----END OPENSSH PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /spec/fixtures/signatures/rsa-2048-no-options-individual.key.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCVajHEGdSCa59g6bmc54liTReXzrHfZW16EJMtnGGcJ+SZ6e7HmZDF3BY5faXdWKHRInLe3lil5tiYVr8Er1UuTJVjpq9ztW7DYJux6THVSC2pFsLUJEB0l1k8E+QH0A3xtHY631xHjTNUnchcK94uwsxM7yFoM9bPGcOxBdRqGgmn98laoZZNHuIznLQkGvM0kpK/Hi474O1VqIRpXX9/0XBwym1fRrV050qCGTxHm4BWQ2g5L8kmfvSsM8+8ndW1hhKFdMao9udk6/hg5J10CoU3X88qj81itAY6qWteSn00lubMZQAiJtuerwumPNLsHMbkO0ZKmDajyr1wS+Ed 2 | -------------------------------------------------------------------------------- /spec/fixtures/single_cidr_source_address: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA1+fHcU7Korly6jVBWyJBWglf9QqYvofsFFaQVzNQaVnDna1xP8fe 4 | euIzksNfD7CGtwW8QO4CeTs+7kMkVougaVv5uIbUyvVZv8PXQbB2rfEeN45Skx7vedBgjj 5 | 87TREw7IClcJJf2e9yPoN/yy6JwDp9eIiHA1YW3hYdxd0eIn97+fIWP155+n+QK12wJDQj 6 | sgGacUmrvhCrMLUvHmc70f2FHPKJMLeaPmmMglEb9g8TfUnbFsAS4eL5T7fqLYtEl/kpqs 7 | h+CvbErcV3HAg2l9nyWXWEW45DtnsVFtnSryxL2VcS2JvOl7TFpEqiJBFaNRvbXIZGR9RI 8 | 16qB03d4EQAAA+CTZxa3k2cWtwAAAAdzc2gtcnNhAAABAQDX58dxTsqiuXLqNUFbIkFaCV 9 | /1Cpi+h+wUVpBXM1BpWcOdrXE/x9564jOSw18PsIa3BbxA7gJ5Oz7uQyRWi6BpW/m4htTK 10 | 9Vm/w9dBsHat8R43jlKTHu950GCOPztNETDsgKVwkl/Z73I+g3/LLonAOn14iIcDVhbeFh 11 | 3F3R4if3v58hY/Xnn6f5ArXbAkNCOyAZpxSau+EKswtS8eZzvR/YUc8okwt5o+aYyCURv2 12 | DxN9SdsWwBLh4vlPt+oti0SX+SmqyH4K9sStxXccCDaX2fJZdYRbjkO2exUW2dKvLEvZVx 13 | LYm86XtMWkSqIkEVo1G9tchkZH1EjXqoHTd3gRAAAAAwEAAQAAAQEA1taHKiOqFWQNiio1 14 | /3ZFq08a0d2agjUEYHSGqo6gHES7FyJoR3wd0Q9XHFoWNKmGU4Z8feuYQIQIqdPby9aiZ1 15 | SjV8+q3M5pYR2CC5aJcao1VDjlyAmHaCJGgiU/X/+UPDIC7dJpWJYgiz4UotyLK+HHynGo 16 | T1SR6qn9NE9D1jRJi0g9s8C/0VTloqDmbQCAXyKwuvvNA3F7DUYsmOWVCmSts1sbYU+wso 17 | xvmJgnZqKxCC4se5UVuXErsj3yWA7o8jhLCkQWZiEj7JmolKsoer06TC8Q+yN1rD+e7UD0 18 | mSnf0p4I0dALtLB0nahz6osqXniMdiX7gLsjSItqXVtk5QAAAIA19bBM/KCg4Net89p025 19 | JBsKkAN5JZ+gvJwZ++eU+fx03sT03V8yB/EMboF/OhqRG1KIzMzlJV6um6RpqOHNe0aw0A 20 | Knkj48preUXMk27B+4HnvMx6XaDypzO05mUmK5+Q6yOBxQ/n9UwekAIOQ/a8lDpSCqEs5S 21 | j1qAdQ5U8tzQAAAIEA/qyVcv7m3eukpkcF9rgqBuRb/gQg7ZOrXEEfhO3/vThkU4TpS5ii 22 | wxMLvjiFKtfyqItw9BPi/D3L+ZGjJi5m3VLQOaumrtWHfFMZySOrlfidLUJ2954YVb3WCp 23 | 4J2k+sMy+up6oh19m9ozU8Uahi9Bt1QbzZg1MLw/5Y41zTwcMAAACBANkHhr1jc0wL0l8l 24 | wrpgV2z6KriB6maCjgvXLKPOR4JOTHexcn6owc9mUw+WJ4ivjtak3I/3R+gb2jXoAgXDHW 25 | lxxfzj1z9324zna68LY+WlbeACjGOJRKL3TQ1HetgdrpRTMXepYCmrfKiZOHIRDsnNz/7r 26 | yVlf2vkeVgAVCM2bAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/single_cidr_source_address-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAggj/v1V05HsiUddCVrgP0LtjmW0NHDNzC1hRi4GSEueAAAAADAQABAAABAQDX58dxTsqiuXLqNUFbIkFaCV/1Cpi+h+wUVpBXM1BpWcOdrXE/x9564jOSw18PsIa3BbxA7gJ5Oz7uQyRWi6BpW/m4htTK9Vm/w9dBsHat8R43jlKTHu950GCOPztNETDsgKVwkl/Z73I+g3/LLonAOn14iIcDVhbeFh3F3R4if3v58hY/Xnn6f5ArXbAkNCOyAZpxSau+EKswtS8eZzvR/YUc8okwt5o+aYyCURv2DxN9SdsWwBLh4vlPt+oti0SX+SmqyH4K9sStxXccCDaX2fJZdYRbjkO2exUW2dKvLEvZVxLYm86XtMWkSqIkEVo1G9tchkZH1EjXqoHTd3gRAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAkAAAADnNvdXJjZS1hZGRyZXNzAAAADgAAAAoxLjEuMS4wLzI0AAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAIncstZ4ZiSlg7E/jdoJCVAlNWdR1GTfUZBVJ13neJYC0EATo2DYE95TqMY7kzHPUnLuQv0qoTAqBDliQCh2IdMapKAE2c/Y2ESf3Nnyk16bqhy1sr0OI2WPxclSkT5Vs5SidDBYgQdkAgUqXXhiTRl+tNzNPgAGB8V1L1eCSsgvKizN8LBpENK1ogBvkcG4BNCpncJXbEbS2x4fwwuOo/+kknj1+pjxnyue4kEsdiNyG7Ct/X+daWtTANkzLjV0Dw0JDq6XkTN5FT4WjYUKGj5B/wtIesf2wFHuP5pn3RVYzMeX6VQffrxkkDE2WwwN8cda9cLFnwjgProo3IjVMMg= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/single_cidr_source_address.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDX58dxTsqiuXLqNUFbIkFaCV/1Cpi+h+wUVpBXM1BpWcOdrXE/x9564jOSw18PsIa3BbxA7gJ5Oz7uQyRWi6BpW/m4htTK9Vm/w9dBsHat8R43jlKTHu950GCOPztNETDsgKVwkl/Z73I+g3/LLonAOn14iIcDVhbeFh3F3R4if3v58hY/Xnn6f5ArXbAkNCOyAZpxSau+EKswtS8eZzvR/YUc8okwt5o+aYyCURv2DxN9SdsWwBLh4vlPt+oti0SX+SmqyH4K9sStxXccCDaX2fJZdYRbjkO2exUW2dKvLEvZVxLYm86XtMWkSqIkEVo1G9tchkZH1EjXqoHTd3gR mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/single_source_address: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEA9xQ7zmJS5yRkNU3pSSYjbHiqLI4NLFJnqTsAm1X+dqqX4yo3uypV 4 | bb8Hq/I0ZHmfk5TTV2bMbrBxHCc+BnwFQL19Zt084cPdd8FXx0cKUqeus3Lybg71mC1xev 5 | 9+z2A4J7+QqcyVvTYv047SAKHAdqXgI/u6SxBJUXAXpW7m3Uzhkwv15qUlkjfnG3s2rOLq 6 | xH/eAuArcqU0FrhFTzeMokyaKYi5bAX7noDjHTY8YAAiovTKxXF2vOdQg7t3Tgrj7yw2H1 7 | 2TOf+yn+Bd20LH0a4K8ql2gEfSAFvdcwlS41ax8J8Vngh709pUPWn3DqsxZkIoix2AsYv/ 8 | 0MtRean6FQAAA+C61/5Xutf+VwAAAAdzc2gtcnNhAAABAQD3FDvOYlLnJGQ1TelJJiNseK 9 | osjg0sUmepOwCbVf52qpfjKje7KlVtvwer8jRkeZ+TlNNXZsxusHEcJz4GfAVAvX1m3Tzh 10 | w913wVfHRwpSp66zcvJuDvWYLXF6/37PYDgnv5CpzJW9Ni/TjtIAocB2peAj+7pLEElRcB 11 | elbubdTOGTC/XmpSWSN+cbezas4urEf94C4CtypTQWuEVPN4yiTJopiLlsBfuegOMdNjxg 12 | ACKi9MrFcXa851CDu3dOCuPvLDYfXZM5/7Kf4F3bQsfRrgryqXaAR9IAW91zCVLjVrHwnx 13 | WeCHvT2lQ9afcOqzFmQiiLHYCxi//Qy1F5qfoVAAAAAwEAAQAAAQBlzpSGCcWXMEuKGzxQ 14 | w8I848ta6H1NEfdcp88sMlbTlp9XHwIvwNXKjrgehYJJFERIjz41+UmrIlC5BQJtsZSIhI 15 | uzYt2/OPF8ctI0bnU2cZlun6J87vULa04jHDuoP0FkP27gSEg62qUCSwsE76FaQicFLKgq 16 | Xd+YCtPzeqrt6/yTjtmdSpPeCkmsGsOFM6JilXwAeHgcIIHzwlES3obIXtSyIEtm78wzt3 17 | R6zznAwylkNelD6jgrqRUdJORwikErrdRVykUG0nxwigcYI8BDo30FGp9d2ZQe4sNLtArg 18 | 0xyLRSl+YpfkMClcavrg87SgWwMR4Wh0LtFpBiDfGFSBAAAAgQD0UWpQVQ86x+BzVwCay6 19 | cA+RTPkBO1M88r1S5H3V4jHg1rmxSCQq/z6qEL84BWCOX/hlOtde2livzVZgpw08yMtHQX 20 | GT/af86IQYaSPX9W8E5lFDatl/1IVv5TV7/daoHzx3IyhX0KDzmGvQLN8NY5CEKcnxGIDg 21 | vEX7vcz+SQswAAAIEA/HlUot/9elChW7t9BeyO5iTLMZqUTk+zP4I0HjDcWiR/mZdxDMDT 22 | mFT57L/MfDZp7o1dvFxYZRxygP40HN5WFz/h3ZO4lSvr4RHJCZiiM3w2uDG87EiCDrDLh0 23 | r1xMYeokN4jOnj+2dyM4DpdeIF9KJ5mblHLlMAXBPLmt88m80AAACBAPqHnVZ5tA7UPk59 24 | faTmyZMu5OIyonfiNZXj/qCkVR1EOPOEWx7HOj7ZtBXuWOifn70sFVrXL3qcPDnnpcAWTX 25 | NTfqz/Y/hk/tFWNgxODV50cwgyWNX6aJL1P4utOIp3L11QiG/ew6Gw7aFur68ia58XcGYM 26 | AJ5ia5TzazzA8V9pAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/single_source_address-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgDYz1Qf4wm96pdOQZiz9SCM5Ojnwb6eGXXQVzFvBwrREAAAADAQABAAABAQD3FDvOYlLnJGQ1TelJJiNseKosjg0sUmepOwCbVf52qpfjKje7KlVtvwer8jRkeZ+TlNNXZsxusHEcJz4GfAVAvX1m3Tzhw913wVfHRwpSp66zcvJuDvWYLXF6/37PYDgnv5CpzJW9Ni/TjtIAocB2peAj+7pLEElRcBelbubdTOGTC/XmpSWSN+cbezas4urEf94C4CtypTQWuEVPN4yiTJopiLlsBfuegOMdNjxgACKi9MrFcXa851CDu3dOCuPvLDYfXZM5/7Kf4F3bQsfRrgryqXaAR9IAW91zCVLjVrHwnxWeCHvT2lQ9afcOqzFmQiiLHYCxi//Qy1F5qfoVAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAhAAAADnNvdXJjZS1hZGRyZXNzAAAACwAAAAcxLjEuMS4xAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAIkUpelO9T0NZZvCXZSxSHVTwRl7u162lGkempI3dpdVVzaN1Ypr9jVebMFBiAGusryhUjAf9Emrvnl6x8cwksHdZFB0odiLtg8JDPInDYBf+R81DWze4jyCrCLZWjh1379iHKkFMFDM/5AjFt6GDWxKrr/xH1AXzPWq3AuoeUW2Adt2w31LNR97u3G/J5mkBv/TdAKrbxy7r3jcPSVpVutMzpzZhWGeyTPhEF76s8tDWh1IXuLCfrSIDsqiaZ/vkPpoP8S6aNxU7hUvyHcqsDC9cvxrwY6Ohzhn0ryuLFv4nECd+G4TQf3Jv5JfShEJ7my/kkXBjyFXmVIjvePtRn8= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/single_source_address.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3FDvOYlLnJGQ1TelJJiNseKosjg0sUmepOwCbVf52qpfjKje7KlVtvwer8jRkeZ+TlNNXZsxusHEcJz4GfAVAvX1m3Tzhw913wVfHRwpSp66zcvJuDvWYLXF6/37PYDgnv5CpzJW9Ni/TjtIAocB2peAj+7pLEElRcBelbubdTOGTC/XmpSWSN+cbezas4urEf94C4CtypTQWuEVPN4yiTJopiLlsBfuegOMdNjxgACKi9MrFcXa851CDu3dOCuPvLDYfXZM5/7Kf4F3bQsfRrgryqXaAR9IAW91zCVLjVrHwnxWeCHvT2lQ9afcOqzFmQiiLHYCxi//Qy1F5qfoV mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/skecdsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQSq1e4+3xiV 4 | +8J31I26lSu/RFyqx5RvMWSI0S22tIJm4PUooO4OW5T+Di3/jZgko9uwFzr/zDZTy6uWyD 5 | Qhk9G8AAAABHNzaDoAAADoeklfLnpJXy4AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEqtXuPt8YlfvCd9SNupUrv0RcqseUbzFkiN 7 | EttrSCZuD1KKDuDluU/g4t/42YJKPbsBc6/8w2U8urlsg0IZPRvAAAAARzc2g6AQAAAECE 8 | 3HUalOjXfOTrfIRFnJIzVmj1Oq1o5vaGZdevL12Ue8oy01QAMvDLhu7tenBtwzXb65N6aH 9 | n21rJShWK/Nc6EAAAAAAAAABN2Y3Nqb25lc0BLZXZpbnMtTUJQAQ== 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/skecdsa_ca.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBKrV7j7fGJX7wnfUjbqVK79EXKrHlG8xZIjRLba0gmbg9Sig7g5blP4OLf+NmCSj27AXOv/MNlPLq5bINCGT0bwAAAAEc3NoOg== vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/skecdsa_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQSqeZ1z1lJp 4 | zAnH15AFievReD+0b8sNYzAILAPYAmiXcZp9J390Lt76EEgkTT9oTsscV73g+4nMAIT6Dk 5 | g4dMAHAAAABHNzaDoAAAD4p3ZrwKd2a8AAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEqnmdc9ZSacwJx9eQBYnr0Xg/tG/LDWMwCC 7 | wD2AJol3GafSd/dC7e+hBIJE0/aE7LHFe94PuJzACE+g5IOHTABwAAAARzc2g6AQAAAEAk 8 | NPI6juY+SUhu48d8HVCtsGi27CPrZgW48J1ECJ4F7kzuKMtltkWG5P9Xyt4f2/OWTaIosx 9 | Nqx+fKOOdMSsJ7AAAAAAAAACF2Y3Nqb25lc0BLZXZpbnMtTWFjQm9vay1Qcm8ubG9jYWwB 10 | AgM= 11 | -----END OPENSSH PRIVATE KEY----- 12 | -------------------------------------------------------------------------------- /spec/fixtures/skecdsa_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAK3NrLWVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgy+rVqT5sFrUgijvmuGitZs9CDcGHoO3MrxXdAUCrXFIAAAAIbmlzdHAyNTYAAABBBKp5nXPWUmnMCcfXkAWJ69F4P7Rvyw1jMAgsA9gCaJdxmn0nf3Qu3voQSCRNP2hOyxxXveD7icwAhPoOSDh0wAcAAAAEc3NoOgAAAAAAAAB7AAAAAQAAAAhteS1pZGVudAAAAAwAAAACcDEAAAACcDIAAAAAAAAAAP//////////AAAAEgAAAANmb28AAAAHAAAAA2JhcgAAADAAAAADYmF6AAAACAAAAARxd2VyAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAzwdtEkuEctGoVSRiH+WmEVPNT8LVIgy49goVJzH2LQmHprnCEY5H01Krh83j23nFGlsfzR19Bh0b+3ODTvk2Mf1DwwuntmZkYQ0cv6XOarckbu36gUrK4QQLwHb9dxeS8zJUb/qGVyBAXjTPGXdzSIGqc7THcZARfi7DZLG4rIPYsUyXDm94kmVc0D+L5kB9cL4jtP1hWI/q0t066E+oD8VLmn804XFxbcS1gFwDPn/Wyz/XCR1twABn6IcpUSk3FbMUu8e2JY6ytBMHwIeCr40wJ5OYKW3Sx2j8HkazetnmHyEWcQrm3XnQ1bmdz1ZVJkFgIZ7R1JCJwfppZD/x7wAAARQAAAAMcnNhLXNoYTItNTEyAAABAACAK/gx7srkr1AiUtS206W/UzvBHL+SkoG80mgEu9IAOyNv+h5fmIsxGCCYce9z7+36ujLnU/+FoROkS3F0zkyxBzCk4U1zgeHMNLAJdPGrLuapsEyeUJkLtLpiFnvaOiXYwXgmUONEtOUBsaJqXOLChUBjuMxg6Me4joab8Ir3HU065J45lmHBbPdiG4GU7AP/dVadTe4gWv5RkZU30NGI8NxapEFN4im4rSw7EisXyNVvK/lIAX0xC8n8FmCxtE5h/87MvVziJRgI+AeenhRqcLInl2fg6OQk1ziWg8FOBVRVt2/FA+SGqzWq7uHInfwTx1ZGE8GtqKTsfK30qis= vcsjones@Kevins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/skecdsa_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBKp5nXPWUmnMCcfXkAWJ69F4P7Rvyw1jMAgsA9gCaJdxmn0nf3Qu3voQSCRNP2hOyxxXveD7icwAhPoOSDh0wAcAAAAEc3NoOg== vcsjones@Kevins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/sked25519_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACAdGSyAfB35x92DVqxGxRKs27JpPioJZxuX5O09 4 | YJG23AAAAARzc2g6AAAA+DJHBAkyRwQJAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIB0ZLIB8HfnH3YNWrEbFEqzbsmk+KglnG5fk7T1gkbbcAAAABHNzaDoBAAAAgDKR 6 | R3sjWdfZ4HVt6ZDoCzSuoF24bmrztloIUdysTpc/LQWjeH/fS5ob6glvnSNVF+ilFd2nct 7 | hvUvDSemVXYBVc54je/gsTzTCRpnQ/557G3ABOXCYvH/C3w0D8Ogkh2e7JTrpYIJjkurlG 8 | Ctg2SteEN1Mms/5fQXmK0nwW3rB1AAAAAAAAABN2Y3Nqb25lc0BLZXZpbnMtTUJQAQIDBA 9 | UG 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/sked25519_ca.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0ZLIB8HfnH3YNWrEbFEqzbsmk+KglnG5fk7T1gkbbcAAAABHNzaDo= vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/sked25519_leaf_for_rsa_ca: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACA3xPtT9yVKAyJr3fhB105GFoG3NInJdsfe91aN 4 | GHBqhgAAAARzc2g6AAAA+NhG/FXYRvxVAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 5 | 9tAAAAIDfE+1P3JUoDImvd+EHXTkYWgbc0icl2x973Vo0YcGqGAAAABHNzaDoBAAAAgPM8 6 | JGbyftt6rqAO8cPWw0rXW394+heb5h07rtW/bkxM7SpTYbuKS/Z2ETwv9iX6u3NIqxQDlj 7 | 71iWawf/VFsBYGT4GBf2dVsmH5Bd2yAl7kuljFzqkWPbWlENwScPjlfK2ZfgtcWMJz2wU1 8 | CLUNNhqorCTvRUZbsb7Dw0aOh9gjAAAAAAAAABN2Y3Nqb25lc0BLZXZpbnMtTUJQAQIDBA 9 | UG 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /spec/fixtures/sked25519_leaf_for_rsa_ca-cert.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519-cert-v01@openssh.com AAAAI3NrLXNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIA9W0s0HknrDboFqbQQ8bqPF78qPEyB5fAGrTRufG/dsAAAAIDfE+1P3JUoDImvd+EHXTkYWgbc0icl2x973Vo0YcGqGAAAABHNzaDoAAAAAAAAAewAAAAEAAAAIbXktaWRlbnQAAAAMAAAAAnAxAAAAAnAyAAAAAAAAAAD//////////wAAABIAAAADZm9vAAAABwAAAANiYXIAAAAwAAAAA2JhegAAAAgAAAAEcXdlcgAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEUAAAADHJzYS1zaGEyLTUxMgAAAQCoT7uBIJWX3Hs/ofiCB/p/XaVGbLq3unStZ7h+Goy6VhT0GcRl/CkJER0P5wbrCvf2KQQL9u6TgcXjs+JQzMk/yEdXUfNsIisMFh/KgF7XB08Rs/Gkralggz2aCUOCnCS4h323fwNpsbSf5SMfqWnwx8qGe7wgOkhxvgYZGQ8P10+46JpZMjRkVAevJU/toWL5VdvtO99OUtDZ/RJ+bx4j4/zh4xcuCCiq2e/iE7HFZjuiVOSYTQbNIb/KQT1M+8aJQyMQz/lble2ZOXG0Q3VrlWsZzgNQUZtqjFxIf2p8ghjUir4nCbCZdihJIl5/Uc0kVGdulGrFJt1OHKWPJijs vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/sked25519_leaf_for_rsa_ca.pub: -------------------------------------------------------------------------------- 1 | sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDfE+1P3JUoDImvd+EHXTkYWgbc0icl2x973Vo0YcGqGAAAABHNzaDo= vcsjones@Kevins-MBP 2 | -------------------------------------------------------------------------------- /spec/fixtures/spaces_source_address: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAzxX4dV+rMlNooymG+9CahikwJ8MfGw2Sb5VXNp1vLi8tz0wR25ZO 4 | vOrIprQL7C3aJY4KHSwQ4EJ98iWJMuoQN/vxddIzEh2H/VkmGyMj5uKYXJ8magIffoHEAm 5 | 8rJSC5RWGW/hNphyk553mYZALHS1RuNpkzzRbZFPdwccltu+yg569FsOi04PdrMa7TjYX3 6 | bw7sYMY9XpWMay4WzZS5pb2T8z0ptMJUlK8W7Pm80VXh4x7oD/phesU4Xwq3queRmrueca 7 | PFSb8dyjMrlNkfzHe90uZzz6geX3Z6ERwESH0TGG4HPo5fJhTp7QLEBKTW/9KTWJ0OvdEC 8 | H4xbN7EPOwAAA+AgDrFjIA6xYwAAAAdzc2gtcnNhAAABAQDPFfh1X6syU2ijKYb70JqGKT 9 | Anwx8bDZJvlVc2nW8uLy3PTBHblk686simtAvsLdoljgodLBDgQn3yJYky6hA3+/F10jMS 10 | HYf9WSYbIyPm4phcnyZqAh9+gcQCbyslILlFYZb+E2mHKTnneZhkAsdLVG42mTPNFtkU93 11 | BxyW277KDnr0Ww6LTg92sxrtONhfdvDuxgxj1elYxrLhbNlLmlvZPzPSm0wlSUrxbs+bzR 12 | VeHjHugP+mF6xThfCreq55Gau55xo8VJvx3KMyuU2R/Md73S5nPPqB5fdnoRHARIfRMYbg 13 | c+jl8mFOntAsQEpNb/0pNYnQ690QIfjFs3sQ87AAAAAwEAAQAAAQEAibL4RUPaGFqyB1yD 14 | r0nkljUpGid6tYhuyNeq6FwDI9inQ2I3taXasXAFACRUkTVkCvjJ7N/yUMyl5q/i7QIKys 15 | 8ynb+pye/tDx+KYR0asFoYKe6BopfKzVoINf4p2ERMLcBYoJXT49Yb9Lk8BbR7RLHdn1x7 16 | v3Hj4zctg9wGpZ/dgFfGQ8iwKMo41jD8KrREM3+JQ6TYHuZpGJUQtrGQLegElrDrfJlsTc 17 | Mu3T4saPzO0vBVNEslITrjw/WMlp8PdnV688vqNGm7H9j1di1LJYeSzlIpxKGgxalMQzU+ 18 | U8mPV1HcTMAHoYz/01XxYT8DdhgdlT+Q6Kxi/qp2qSDzAQAAAIEAssNgrqRBh6aCmY0JEK 19 | mJlkkmlmfDMr1hYAOcK8KhxslpxpvI8ZB2Dg6xcoy0x49m21jPC+Lihfo1Guk0Bj2j4DX4 20 | PXVeeVwPR/Ug2p+O+c3c9ozuj2CFeORSFy30XUl4zFFSpuqMMJ9yYdm6DX+APZpJFhjwtd 21 | ja3+MkP2oBr6cAAACBAProReWu2YdzQdhbm7xB7kB+vkWSEx7HQQj19mWRdhjl6ye1WVv4 22 | VpNYZzsseYG4O1xz5Ky0GXYCdUjdMvtrOOxVI5e0/VgswJUHME0PoQo4QdBc6sYDvfY2yc 23 | JtpgBkvduu2dvtCmVct2eUT2Tsxam3bwmPBjmkpnRwKlXv9O7BAAAAgQDTSf+zVbr77tE7 24 | p+bgke5/31DSxvTYVVUl4fQ7we2MCfIPYoa6BiEMkDsMWvKiJGMkqLhzd/ryhGbjKmwNVv 25 | WJ8kab3y/s4dmWEGzZhTby2AuhCLASwF5w0bUzWl+BukYBs81dpdMjeYPZl8te3O+uHccK 26 | 9dFOdu2B4gNBu0D4+wAAACZtYXN0YWh5ZXRpQEJlbmphbWlucy1NYWNCb29rLVByby5sb2 27 | NhbAECAw== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/spaces_source_address-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgP4Vn84MvgzT9cb64rNJT5F0pDLA0gyLfWQG72+14sCgAAAADAQABAAABAQDPFfh1X6syU2ijKYb70JqGKTAnwx8bDZJvlVc2nW8uLy3PTBHblk686simtAvsLdoljgodLBDgQn3yJYky6hA3+/F10jMSHYf9WSYbIyPm4phcnyZqAh9+gcQCbyslILlFYZb+E2mHKTnneZhkAsdLVG42mTPNFtkU93BxyW277KDnr0Ww6LTg92sxrtONhfdvDuxgxj1elYxrLhbNlLmlvZPzPSm0wlSUrxbs+bzRVeHjHugP+mF6xThfCreq55Gau55xo8VJvx3KMyuU2R/Md73S5nPPqB5fdnoRHARIfRMYbgc+jl8mFOntAsQEpNb/0pNYnQ690QIfjFs3sQ87AAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAqAAAADnNvdXJjZS1hZGRyZXNzAAAAFAAAABAxLjEuMS4xLCAyLjIuMi4yAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDPB20SS4Ry0ahVJGIf5aYRU81PwtUiDLj2ChUnMfYtCYemucIRjkfTUquHzePbecUaWx/NHX0GHRv7c4NO+TYx/UPDC6e2ZmRhDRy/pc5qtyRu7fqBSsrhBAvAdv13F5LzMlRv+oZXIEBeNM8Zd3NIgapztMdxkBF+LsNksbisg9ixTJcOb3iSZVzQP4vmQH1wviO0/WFYj+rS3TroT6gPxUuafzThcXFtxLWAXAM+f9bLP9cJHW3AAGfohylRKTcVsxS7x7YljrK0EwfAh4KvjTAnk5gpbdLHaPweRrN62eYfIRZxCubdedDVuZ3PVlUmQWAhntHUkInB+mlkP/HvAAABDwAAAAdzc2gtcnNhAAABAKeLI1vHKW8PQ7KAq+FQgmWDs9VD71q5AKRdK2NUwQADklbMHwuOntwk2eoeixp9SihmnSoDkAVQKeMHXPqswRSUhSHDOjQEfTYT5qPN6gmWafOa5fOGuHjL66fWMVVqJ0CtN8LL+kIZplsACEs7El7zbbmdTRsMU6j0N+gwWXDboC27E5LdgjEt7A1ejdaItV+OXzGiZ4r0IVLjejmvHzYn3AyUrXfx7YbVqYxbaQ+iiUPKV/leh5pEHN2QUydEzfKE8bpdzpmRIMKAOk+CaK0+JB4txH8kwf+MJm8F/2WJ4XIZRGXu4WoWmgkgaJP2yTYF+PeIqApyTiinNu0eb1M= mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/spaces_source_address.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPFfh1X6syU2ijKYb70JqGKTAnwx8bDZJvlVc2nW8uLy3PTBHblk686simtAvsLdoljgodLBDgQn3yJYky6hA3+/F10jMSHYf9WSYbIyPm4phcnyZqAh9+gcQCbyslILlFYZb+E2mHKTnneZhkAsdLVG42mTPNFtkU93BxyW277KDnr0Ww6LTg92sxrtONhfdvDuxgxj1elYxrLhbNlLmlvZPzPSm0wlSUrxbs+bzRVeHjHugP+mF6xThfCreq55Gau55xo8VJvx3KMyuU2R/Md73S5nPPqB5fdnoRHARIfRMYbgc+jl8mFOntAsQEpNb/0pNYnQ690QIfjFs3sQ87 mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/valid_force_command: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn 3 | NhAAAAAwEAAQAAAQEAyU/JUf7bhjofjHoK8uQqLR7JznfN3g5UI5WYGiImZhMsBCDQutk4 4 | 2eYT+dvHGenBZFEVyX1rFEmzpU9LV3TWO6IszoHsfTf2TCRi0wbLV1GZVtRk50bkqZh2xf 5 | Wcq1+v+usdxzSho/eDnObYeRHWEfx+yShhP5Bhi73Krsm0Qi2QldbFDC0+f/MemD0rmpRf 6 | eEsBfsJdMhZn1eSNX7/yI3QNO776NDm7rjomNCw4Ln7pKrR0p32yzArbwJnBb4acitnaw7 7 | UveCU73ajca1L8OjCjkWSFEqdYT8r2vrqTurUQ+Ex0O5ur5oPPBHODfiBEPaqLB3e4keBz 8 | FNSV9z92QwAAA+D7eizd+3os3QAAAAdzc2gtcnNhAAABAQDJT8lR/tuGOh+Megry5CotHs 9 | nOd83eDlQjlZgaIiZmEywEINC62TjZ5hP528cZ6cFkURXJfWsUSbOlT0tXdNY7oizOgex9 10 | N/ZMJGLTBstXUZlW1GTnRuSpmHbF9ZyrX6/66x3HNKGj94Oc5th5EdYR/H7JKGE/kGGLvc 11 | quybRCLZCV1sUMLT5/8x6YPSualF94SwF+wl0yFmfV5I1fv/IjdA07vvo0ObuuOiY0LDgu 12 | fukqtHSnfbLMCtvAmcFvhpyK2drDtS94JTvdqNxrUvw6MKORZIUSp1hPyva+upO6tRD4TH 13 | Q7m6vmg88Ec4N+IEQ9qosHd7iR4HMU1JX3P3ZDAAAAAwEAAQAAAQAQN/1gPcgx6DzidHKt 14 | XvSG7hQULlLHsR/WPhcjA91UG/dP3dTzOMz7wS2a07oWvF54VpAKy6/00ntGtjy7rw4Tf9 15 | 1cRdtnuzp8p/HOTp3TSx+vfy0h9PQ3NbFcAY29wNfMv2SGyBa9vxM7cN2/40/74vvT+Qzc 16 | siUpvQC3VEjRi/VuQO1/Mdz9pV3UQVCasgPPhoZONXEcQNvWZlIu/uoopFNjQMnploLUn4 17 | Xx1L+EYhocxldyzq0hI0dH2CWPsstIPm7LJBlO5Dp1sCbH+UoCZpZAiI5Vs9m+/Ob+6trt 18 | oua4ReorABx4LztO3cQh7I4V8mGioVwe+XNQcxFnSAEBAAAAgQDwlUFGSJmU+kR/6wyb/O 19 | iOTK3X3lv88OJJJegRHZrsF2oyC5jcraH9DQQTKheW3TE4HIDiklWAU7szCAWkmzRRcakR 20 | QnL7tkaz4i7d3zEdruCPMVka3eurrvXrS9QIaDPASmG0UyBC5NY3GsmrRdYUi25Oq8ec90 21 | LcPnbhdMfURwAAAIEA/Rx3MPuYL6etVXfHzDHiW49/iQXKadW52E7EzxQX5cBc8I9ocl9r 22 | LBkKToC/uOV4GrIfXNn6SBqxwhNpXpBE1wGfW482lB4rxa3bEnFXgYUmZRsOe3/BJ5lsAU 23 | U1+0SZr9AwglGixWQvH+UCRQFICQIhWF5C9+a70a6tzCXrwe0AAACBAMub+WJpDLWoD7O2 24 | /zjQhRgBHjGmKy8DDdEdhCz4mN15qSWdZWhMQMVYkEzGTKAzOhRX+oMwg2t6P94t/hZ3rR 25 | HNBi4P5MqHFnywEKzhJ5nyS8OMHXZDqnvSwGoKfrAZHwwOrB4Wd8Myot3Cr+9gG7jIs383 26 | zNyUYEC5n7d5NdLvAAAAJm1hc3RhaHlldGlAQmVuamFtaW5zLU1hY0Jvb2stUHJvLmxvY2 27 | FsAQIDBA== 28 | -----END OPENSSH PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /spec/fixtures/valid_force_command-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg8Y3vPNIsZGEXMsgqaLnRy0/pKRnT6mVwsgBnTpzpFWEAAAADAQABAAABAQDJT8lR/tuGOh+Megry5CotHsnOd83eDlQjlZgaIiZmEywEINC62TjZ5hP528cZ6cFkURXJfWsUSbOlT0tXdNY7oizOgex9N/ZMJGLTBstXUZlW1GTnRuSpmHbF9ZyrX6/66x3HNKGj94Oc5th5EdYR/H7JKGE/kGGLvcquybRCLZCV1sUMLT5/8x6YPSualF94SwF+wl0yFmfV5I1fv/IjdA07vvo0ObuuOiY0LDgufukqtHSnfbLMCtvAmcFvhpyK2drDtS94JTvdqNxrUvw6MKORZIUSp1hPyva+upO6tRD4THQ7m6vmg88Ec4N+IEQ9qosHd7iR4HMU1JX3P3ZDAAAAAAAAAHsAAAABAAAACG15LWlkZW50AAAAAAAAAAAAAAAA//////////8AAAAdAAAADWZvcmNlLWNvbW1hbmQAAAAIAAAABGFzZGYAAAAAAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAM8HbRJLhHLRqFUkYh/lphFTzU/C1SIMuPYKFScx9i0Jh6a5whGOR9NSq4fN49t5xRpbH80dfQYdG/tzg075NjH9Q8MLp7ZmZGENHL+lzmq3JG7t+oFKyuEEC8B2/XcXkvMyVG/6hlcgQF40zxl3c0iBqnO0x3GQEX4uw2SxuKyD2LFMlw5veJJlXNA/i+ZAfXC+I7T9YViP6tLdOuhPqA/FS5p/NOFxcW3EtYBcAz5/1ss/1wkdbcAAZ+iHKVEpNxWzFLvHtiWOsrQTB8CHgq+NMCeTmClt0sdo/B5Gs3rZ5h8hFnEK5t150NW5nc9WVSZBYCGe0dSQicH6aWQ/8e8AAAEPAAAAB3NzaC1yc2EAAAEASN5QNtSscYk18JwBuFumlbRo9e3Ld+15hW3D2sOhWTAvGewmPHWhUUX7xG66aC7yaE8MWyvqM766n3h0YkFeNqLo1fa/nELDKpP8Y/3h+mqQje5EN8c5qaoFHgfNWj64b6hpDidGiwZn9WFSwsb0b6UuJl8sB/owypQcUkv7ERIu2I/PY/K+NdCSA8606+RuXtMAcewUbJ4fgHzO7NlCN27DgVO+KdodjasbGnR813fr0qLQfRb6IK2i/AEzRsn8aOatGdHFRp6SdVCKIWRjxFZ/scYlNZUQ9yp0lMm3bD5i59EUZkbeLEY2ei0NMpLLOWOf+DXH3DLMcwbMB3IxOg== mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/fixtures/valid_force_command.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJT8lR/tuGOh+Megry5CotHsnOd83eDlQjlZgaIiZmEywEINC62TjZ5hP528cZ6cFkURXJfWsUSbOlT0tXdNY7oizOgex9N/ZMJGLTBstXUZlW1GTnRuSpmHbF9ZyrX6/66x3HNKGj94Oc5th5EdYR/H7JKGE/kGGLvcquybRCLZCV1sUMLT5/8x6YPSualF94SwF+wl0yFmfV5I1fv/IjdA07vvo0ObuuOiY0LDgufukqtHSnfbLMCtvAmcFvhpyK2drDtS94JTvdqNxrUvw6MKORZIUSp1hPyva+upO6tRD4THQ7m6vmg88Ec4N+IEQ9qosHd7iR4HMU1JX3P3ZD mastahyeti@Benjamins-MacBook-Pro.local 2 | -------------------------------------------------------------------------------- /spec/private_key/dsa_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PrivateKey::DSA do 4 | let(:private_key) { SSHData::PrivateKey::DSA.generate.openssl } 5 | let(:public_key) { private_key.public_key } 6 | let(:params) { private_key.params } 7 | let(:message) { "hello, world!" } 8 | let(:cert_key) { SSHData::PrivateKey::DSA.generate.public_key } 9 | 10 | let(:openssh_key) { SSHData::PrivateKey.parse(fixture("dsa_leaf_for_rsa_ca")) } 11 | 12 | subject { described_class.from_openssl(private_key) } 13 | 14 | it "can be generated" do 15 | expect { 16 | described_class.generate 17 | }.not_to raise_error 18 | end 19 | 20 | it "generates default parameters" do 21 | key = described_class.generate 22 | expect(key.q.num_bits).to eq(160) 23 | expect(key.p.num_bits).to eq(1024) 24 | end 25 | 26 | it "can sign messages" do 27 | expect(subject.public_key.verify(message, subject.sign(message))).to eq(true) 28 | end 29 | 30 | it "can sign messages" do 31 | expect(subject.public_key.verify(message, subject.sign(message))).to eq(true) 32 | end 33 | 34 | it "can sign messages with ALGO_DSA" do 35 | sig = subject.sign(message, algo: SSHData::PublicKey::ALGO_DSA) 36 | expect(subject.public_key.verify(message, sig)).to eq(true) 37 | end 38 | 39 | it "raises when trying to sign with bad algo" do 40 | expect { 41 | subject.sign(message, algo: SSHData::PublicKey::ALGO_RSA) 42 | }.to raise_error(SSHData::AlgorithmError) 43 | end 44 | 45 | it "raises when trying to sign with bad algo" do 46 | expect { 47 | subject.issue_certificate( 48 | public_key: cert_key, 49 | key_id: "some ident", 50 | signature_algo: SSHData::PublicKey::ALGO_RSA 51 | ) 52 | }.to raise_error(SSHData::AlgorithmError) 53 | end 54 | 55 | it "has an algo" do 56 | expect(subject.algo).to eq(SSHData::PublicKey::ALGO_DSA) 57 | end 58 | 59 | it "has params" do 60 | expect(subject.p).to eq(params["p"]) 61 | expect(subject.q).to eq(params["q"]) 62 | expect(subject.g).to eq(params["g"]) 63 | expect(subject.y).to eq(params["pub_key"]) 64 | expect(subject.x).to eq(params["priv_key"]) 65 | end 66 | 67 | it "has a comment" do 68 | expect(subject.comment).to eq("") 69 | end 70 | 71 | it "has an openssl representation" do 72 | expect(subject.openssl).to be_a(OpenSSL::PKey::DSA) 73 | expect(subject.openssl.to_der).to eq(private_key.to_der) 74 | end 75 | 76 | it "has a public key" do 77 | expect(subject.public_key).to be_a(SSHData::PublicKey::DSA) 78 | expect(subject.public_key.openssl.to_der).to eq(public_key.to_der) 79 | end 80 | 81 | it "can parse openssh-generate keys" do 82 | keys = openssh_key 83 | expect(keys).to be_an(Array) 84 | expect(keys.size).to eq(1) 85 | expect(keys.first).to be_an(SSHData::PrivateKey::DSA) 86 | end 87 | end 88 | -------------------------------------------------------------------------------- /spec/private_key/ecdsa_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PrivateKey::ECDSA do 4 | let(:openssh_key) { SSHData::PrivateKey.parse(fixture("ecdsa_leaf_for_rsa_ca")) } 5 | let(:cert_key) { SSHData::PrivateKey::DSA.generate.public_key } 6 | 7 | it "can raises AlgorithmError for unknown curves" do 8 | expect { 9 | described_class.generate("foo") 10 | }.to raise_error(SSHData::AlgorithmError) 11 | end 12 | 13 | it "can parse openssh-generate keys" do 14 | keys = openssh_key 15 | expect(keys).to be_an(Array) 16 | expect(keys.size).to eq(1) 17 | expect(keys.first).to be_an(SSHData::PrivateKey::ECDSA) 18 | end 19 | 20 | SSHData::PublicKey::ECDSA::OPENSSL_CURVE_NAME_FOR_CURVE.each do |ssh_curve, openssl_curve| 21 | describe openssl_curve do 22 | let(:algo) { "ecdsa-sha2-#{ssh_curve}" } 23 | 24 | let(:private_key) { OpenSSL::PKey::EC.generate(openssl_curve) } 25 | let(:public_key) { ec_private_to_public(private_key) } 26 | let(:comment) { "asdf" } 27 | let(:message) { "hello, world!" } 28 | 29 | subject { described_class.from_openssl(private_key) } 30 | 31 | it "can be generated" do 32 | expect { 33 | described_class.generate(ssh_curve) 34 | }.not_to raise_error 35 | end 36 | 37 | it "can sign messages" do 38 | expect(subject.public_key.verify(message, subject.sign(message))).to eq(true) 39 | end 40 | 41 | it "can sign messages with ALGO_ECDSA" do 42 | sig = subject.sign(message, algo: algo) 43 | expect(subject.public_key.verify(message, sig)).to eq(true) 44 | end 45 | 46 | it "raises when trying to sign with bad algo" do 47 | expect { 48 | subject.sign(message, algo: SSHData::PublicKey::ALGO_RSA) 49 | }.to raise_error(SSHData::AlgorithmError) 50 | end 51 | 52 | it "raises when trying to sign with bad algo" do 53 | expect { 54 | subject.issue_certificate( 55 | public_key: cert_key, 56 | key_id: "some ident", 57 | signature_algo: SSHData::PublicKey::ALGO_RSA 58 | ) 59 | }.to raise_error(SSHData::AlgorithmError) 60 | end 61 | 62 | it "has an algo" do 63 | expect(subject.algo).to eq(algo) 64 | end 65 | 66 | it "has params" do 67 | expect(subject.curve).to eq(ssh_curve) 68 | expect(subject.public_key_bytes).to eq(public_key.public_key.to_bn.to_s(2)) 69 | expect(subject.private_key_bytes).to eq(private_key.private_key) 70 | end 71 | 72 | it "has a comment" do 73 | expect(subject.comment).to eq("") 74 | end 75 | 76 | it "has an openssl representation" do 77 | expect(subject.openssl).to be_a(OpenSSL::PKey::EC) 78 | expect(subject.openssl.to_der).to eq(private_key.to_der) 79 | end 80 | 81 | it "has a public key" do 82 | expect(subject.public_key).to be_a(SSHData::PublicKey::ECDSA) 83 | expect(subject.public_key.openssl.to_der).to eq(public_key.to_der) 84 | end 85 | end 86 | end 87 | end 88 | -------------------------------------------------------------------------------- /spec/public_key/dsa_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PublicKey::DSA do 4 | let(:private_key) { SSHData::PrivateKey::DSA.generate.openssl } 5 | let(:public_key) { private_key.public_key } 6 | let(:params) { public_key.params } 7 | 8 | let(:msg) { "hello, world!" } 9 | let(:digest) { OpenSSL::Digest::SHA1.new } 10 | let(:openssl_sig) { private_key.sign(digest, msg) } 11 | let(:ssh_sig) { described_class.ssh_signature(openssl_sig) } 12 | let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_DSA, ssh_sig) } 13 | 14 | let(:openssh_key) { SSHData::PublicKey.parse_openssh(fixture("dsa_leaf_for_rsa_ca.pub")) } 15 | 16 | subject do 17 | described_class.new( 18 | algo: SSHData::PublicKey::ALGO_DSA, 19 | p: params["p"], 20 | q: params["q"], 21 | g: params["g"], 22 | y: params["pub_key"] 23 | ) 24 | end 25 | 26 | it "is equal to keys with the same params" do 27 | expect(subject).to eq(described_class.new( 28 | algo: SSHData::PublicKey::ALGO_DSA, 29 | p: params["p"], 30 | q: params["q"], 31 | g: params["g"], 32 | y: params["pub_key"] 33 | )) 34 | end 35 | 36 | it "isnt equal to keys with different params" do 37 | expect(subject).not_to eq(described_class.new( 38 | algo: SSHData::PublicKey::ALGO_DSA, 39 | p: params["p"] + 1, 40 | q: params["q"], 41 | g: params["g"], 42 | y: params["pub_key"] 43 | )) 44 | end 45 | 46 | it "has an algo" do 47 | expect(subject.algo).to eq(SSHData::PublicKey::ALGO_DSA) 48 | end 49 | 50 | it "has parameters" do 51 | expect(subject.p).to eq(params["p"]) 52 | expect(subject.q).to eq(params["q"]) 53 | expect(subject.g).to eq(params["g"]) 54 | expect(subject.y).to eq(params["pub_key"]) 55 | end 56 | 57 | it "has an openssl representation" do 58 | expect(subject.openssl).to be_a(OpenSSL::PKey::DSA) 59 | expect(subject.openssl.to_der).to eq(public_key.to_der) 60 | end 61 | 62 | it "can encode/decode signatures" do 63 | round_tripped = described_class.openssl_signature( 64 | described_class.ssh_signature(openssl_sig) 65 | ) 66 | 67 | expect(round_tripped).to eq(openssl_sig) 68 | end 69 | 70 | it "can encode/decode left padded signatures" do 71 | sig = "\x00" + "A" * 39 72 | 73 | round_tripped = described_class.ssh_signature( 74 | described_class.openssl_signature(sig) 75 | ) 76 | 77 | expect(round_tripped).to eq(sig) 78 | end 79 | 80 | it "can verify signatures" do 81 | expect(subject.verify(msg, sig)).to be(true) 82 | expect(subject.verify("wrong", sig)).to be(false) 83 | end 84 | 85 | it "can parse openssh-generate keys" do 86 | expect { openssh_key }.not_to raise_error 87 | end 88 | 89 | it "can be rencoded" do 90 | expect(openssh_key.rfc4253).to eq(fixture("dsa_leaf_for_rsa_ca.pub", binary: true)) 91 | end 92 | 93 | it "can verify certificate signatures" do 94 | expect { 95 | SSHData::Certificate.parse_openssh(fixture("rsa_leaf_for_dsa_ca-cert.pub"), 96 | unsafe_no_verify: false 97 | ) 98 | }.not_to raise_error 99 | end 100 | end 101 | -------------------------------------------------------------------------------- /spec/public_key/ed25519_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PublicKey::ED25519 do 4 | let(:signing_key) { Ed25519::SigningKey.generate } 5 | let(:verify_key) { signing_key.verify_key } 6 | 7 | let(:msg) { "hello, world!" } 8 | let(:raw_sig) { signing_key.sign(msg) } 9 | let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_ED25519, raw_sig) } 10 | 11 | let(:openssh_key) { SSHData::PublicKey.parse_openssh(fixture("ed25519_leaf_for_rsa_ca.pub")) } 12 | 13 | subject do 14 | described_class.new( 15 | algo: SSHData::PublicKey::ALGO_ED25519, 16 | pk: verify_key.to_bytes 17 | ) 18 | end 19 | 20 | it "is equal to keys with the same params" do 21 | expect(subject).to eq(described_class.new( 22 | algo: SSHData::PublicKey::ALGO_ED25519, 23 | pk: verify_key.to_bytes 24 | )) 25 | end 26 | 27 | it "isnt equal to keys with different params" do 28 | expect(subject).not_to eq(described_class.new( 29 | algo: SSHData::PublicKey::ALGO_ED25519, 30 | pk: verify_key.to_bytes.reverse 31 | )) 32 | end 33 | 34 | it "has an algo" do 35 | expect(subject.algo).to eq(SSHData::PublicKey::ALGO_ED25519) 36 | end 37 | 38 | it "has parameters" do 39 | expect(subject.pk).to eq(verify_key.to_bytes) 40 | end 41 | 42 | it "has an Ed25519 representation" do 43 | expect(subject.ed25519_key).to be_a(Ed25519::VerifyKey) 44 | expect(subject.ed25519_key.to_bytes).to eq(verify_key.to_bytes) 45 | end 46 | 47 | it "can verify signatures" do 48 | expect(subject.verify(msg, sig)).to be(true) 49 | expect(subject.verify("wrong", sig)).to be(false) 50 | end 51 | 52 | it "can parse openssh-generate keys" do 53 | expect { openssh_key.ed25519_key }.not_to raise_error 54 | end 55 | 56 | it "can be rencoded" do 57 | expect(openssh_key.rfc4253).to eq(fixture("ed25519_leaf_for_rsa_ca.pub", binary: true)) 58 | end 59 | 60 | it "can verify certificate signatures" do 61 | expect { 62 | SSHData::Certificate.parse_openssh(fixture("rsa_leaf_for_ed25519_ca-cert.pub"), 63 | unsafe_no_verify: false 64 | ) 65 | }.not_to raise_error 66 | end 67 | 68 | it "fails cleanly if the ed25519 gem hasn't been loaded" do 69 | expect(described_class.enabled?).to be(true) 70 | backup = Object.send(:remove_const, :Ed25519) 71 | expect(described_class.enabled?).to be(false) 72 | 73 | begin 74 | expect { 75 | SSHData::Certificate.parse_openssh(fixture("rsa_leaf_for_ed25519_ca-cert.pub"), 76 | unsafe_no_verify: false 77 | ) 78 | }.to raise_error(SSHData::AlgorithmError) 79 | ensure 80 | Object.const_set(:Ed25519, backup) 81 | end 82 | end 83 | end 84 | -------------------------------------------------------------------------------- /spec/public_key/rsa_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PublicKey::RSA do 4 | let(:private_key) { OpenSSL::PKey::RSA.generate(2048) } 5 | let(:public_key) { private_key.public_key } 6 | let(:params) { public_key.params } 7 | 8 | let(:msg) { "hello, world!" } 9 | let(:digest) { OpenSSL::Digest::SHA1.new } 10 | let(:raw_sig) { private_key.sign(digest, msg) } 11 | let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_RSA, raw_sig) } 12 | 13 | let(:openssh_key) { SSHData::PublicKey.parse_openssh(fixture("rsa_leaf_for_rsa_ca.pub")) } 14 | 15 | subject do 16 | described_class.new( 17 | algo: SSHData::PublicKey::ALGO_RSA, 18 | e: params["e"], 19 | n: params["n"] 20 | ) 21 | end 22 | 23 | it "is equal to keys with the same params" do 24 | expect(subject).to eq(described_class.new( 25 | algo: SSHData::PublicKey::ALGO_RSA, 26 | e: params["e"], 27 | n: params["n"] 28 | )) 29 | end 30 | 31 | it "isnt equal to keys with different params" do 32 | expect(subject).not_to eq(described_class.new( 33 | algo: SSHData::PublicKey::ALGO_RSA, 34 | e: params["e"] + 1, 35 | n: params["n"] 36 | )) 37 | end 38 | 39 | it "has an algo" do 40 | expect(subject.algo).to eq(SSHData::PublicKey::ALGO_RSA) 41 | end 42 | 43 | it "has parameters" do 44 | expect(subject.e).to eq(params["e"]) 45 | expect(subject.n).to eq(params["n"]) 46 | end 47 | 48 | it "has an openssl representation" do 49 | expect(subject.openssl).to be_a(OpenSSL::PKey::RSA) 50 | expect(subject.openssl.to_der).to eq(public_key.to_der) 51 | end 52 | 53 | it "can verify signatures" do 54 | expect(subject.verify(msg, sig)).to be(true) 55 | expect(subject.verify("wrong", sig)).to be(false) 56 | end 57 | 58 | it "can verify a diminished signature" do 59 | diminished_signature_hex = 60 | "0000000c7273612d736861322d323536000000ff897e8dc2fe891236d4378c10" + 61 | "9f438b8a431afd9573a1fc62c07748494c38200cc30f2f6438480ca317aa6e1a" + 62 | "c91b8352e24f325785e06e1713ee44a3b039de7af6249bac279ff887258e7dde" + 63 | "fa16f4f9bdbf817499c0c6ae0ef9e10fe7125215ee04091c1f03004546b45bb9" + 64 | "8e2240a481af97eba10175ca7a81a13300e5bd535db06eedbcb2491f76327695" + 65 | "75db2b36b6a1d5975e276ce308c54134a9ce0cfc255f88b010d9e07ce5624ce9" + 66 | "84093b2b8265bd1552709a224a64e70ef7166512d05a2719b53a9f3210f8103a" + 67 | "1a57fb5a2c8624775e3641b2c204f6b49b8d98fe46080dbcd6cef2fead6f22a9" + 68 | "5edd139db34728bce4b00ca8da03c01c653cff" 69 | diminished_signature = [diminished_signature_hex].pack("H*") 70 | content = "52b85cf8b49ec9d722f3b233215497acc2812f943c2055d92ae858da22cdebcf" 71 | 72 | expect(openssh_key.verify(content, diminished_signature)).to be(true) 73 | end 74 | 75 | it "can parse openssh-generate keys" do 76 | expect { openssh_key }.not_to raise_error 77 | end 78 | 79 | it "can be rencoded" do 80 | expect(openssh_key.rfc4253).to eq(fixture("rsa_leaf_for_rsa_ca.pub", binary: true)) 81 | end 82 | 83 | it "can verify certificate signatures" do 84 | expect { 85 | SSHData::Certificate.parse_openssh(fixture("rsa_leaf_for_rsa_ca-cert.pub"), 86 | unsafe_no_verify: false 87 | ) 88 | }.not_to raise_error 89 | end 90 | end 91 | -------------------------------------------------------------------------------- /spec/public_key/sked25519_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "../spec_helper" 2 | 3 | describe SSHData::PublicKey::SKED25519 do 4 | let(:signing_key) { Ed25519::SigningKey.generate } 5 | let(:verify_key) { signing_key.verify_key } 6 | 7 | let(:msg) { "hello, world!" } 8 | let(:raw_sig) { signing_key.sign(msg) } 9 | let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_SKED25519, raw_sig) } 10 | let(:application) { "ssh:" } 11 | 12 | let(:openssh_key) { SSHData::PublicKey.parse_openssh(fixture("sked25519_leaf_for_rsa_ca.pub")) } 13 | 14 | subject do 15 | described_class.new( 16 | algo: SSHData::PublicKey::ALGO_SKED25519, 17 | pk: verify_key.to_bytes, 18 | application: application 19 | ) 20 | end 21 | 22 | it "is equal to keys with the same params" do 23 | expect(subject).to eq(described_class.new( 24 | algo: SSHData::PublicKey::ALGO_SKED25519, 25 | pk: verify_key.to_bytes, 26 | application: application 27 | )) 28 | end 29 | 30 | it "isnt equal to keys with different params" do 31 | expect(subject).not_to eq(described_class.new( 32 | algo: SSHData::PublicKey::ALGO_SKED25519, 33 | pk: verify_key.to_bytes.reverse, 34 | application: application 35 | )) 36 | expect(subject).not_to eq(described_class.new( 37 | algo: SSHData::PublicKey::ALGO_SKED25519, 38 | pk: verify_key.to_bytes, 39 | application: "something else" 40 | )) 41 | end 42 | 43 | it "has an algo" do 44 | expect(subject.algo).to eq(SSHData::PublicKey::ALGO_SKED25519) 45 | end 46 | 47 | it "has parameters" do 48 | expect(subject.pk).to eq(verify_key.to_bytes) 49 | end 50 | 51 | it "has application" do 52 | expect(subject.application).to eq(application) 53 | end 54 | 55 | it "has an Ed25519 representation" do 56 | expect(subject.ed25519_key).to be_a(Ed25519::VerifyKey) 57 | expect(subject.ed25519_key.to_bytes).to eq(verify_key.to_bytes) 58 | end 59 | 60 | it "can be rencoded" do 61 | expect(openssh_key.rfc4253).to eq(fixture("sked25519_leaf_for_rsa_ca.pub", binary: true)) 62 | end 63 | end 64 | -------------------------------------------------------------------------------- /spec/public_key_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative "./spec_helper" 2 | 3 | describe SSHData::PublicKey do 4 | it "supports the deprecated PublicKey.parse method" do 5 | expect { 6 | described_class.parse(fixture("rsa_leaf_for_rsa_ca.pub")) 7 | }.not_to raise_error 8 | end 9 | 10 | Dir["spec/fixtures/*ca.pub"].each do |path| 11 | name = File.basename(path) 12 | 13 | describe name do 14 | let(:openssh) { fixture(name).strip } 15 | let(:comment) { SSHData.key_parts(openssh).last } 16 | let(:sha256_fpr) { ssh_keygen_fingerprint(name, :sha256) } 17 | let(:md5_fpr) { ssh_keygen_fingerprint(name, :md5) } 18 | 19 | subject { described_class.parse_openssh(openssh) } 20 | 21 | it "generates a MD5 fingerprint matching ssh-keygen" do 22 | skip "Fingerprint not available" if md5_fpr.nil? 23 | expect(subject.fingerprint(md5: true)).to eq(md5_fpr) 24 | end 25 | 26 | it "generates a SHA256 fingerprint matching ssh-keygen" do 27 | skip "Fingerprint not available" if sha256_fpr.nil? 28 | expect(subject.fingerprint).to eq(sha256_fpr) 29 | end 30 | 31 | it "can re-encode back into authorized_keys format" do 32 | expect(subject.openssh(comment: comment)).to eq(openssh) 33 | end 34 | end 35 | end 36 | end 37 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require "ssh_data" 2 | require "ed25519" 3 | require "rspec-parameterized" 4 | require "open3" 5 | 6 | RSpec.configure do |config| 7 | config.color_mode = :off 8 | end 9 | 10 | REPO_PATH = File.expand_path(File.join(__FILE__, "..", "..")) 11 | FIXTURE_PATH = File.expand_path(File.join(REPO_PATH, "spec", "fixtures")) 12 | 13 | def fixture(name, binary: false, pem: false) 14 | data = File.read(File.join(FIXTURE_PATH, name)) 15 | return data unless binary 16 | 17 | if pem 18 | SSHData::Encoding.decode_pem(data, "OPENSSH PRIVATE KEY") 19 | else 20 | SSHData.key_parts(data)[1] 21 | end 22 | end 23 | 24 | def ssh_keygen_fingerprint(name, algo, priv: false) 25 | out, * = Open3.capture3("ssh-keygen #{'-e' if priv} -E #{algo} -l -f #{File.join(FIXTURE_PATH, name)}") 26 | 27 | return nil if out.strip.empty? 28 | out.split(":", 2).last.split(" ").first 29 | end 30 | 31 | def ec_private_to_public(private_key) 32 | algorithm_identifier = OpenSSL::ASN1::Sequence.new([ 33 | OpenSSL::ASN1::ObjectId.new("id-ecPublicKey"), 34 | OpenSSL::ASN1::ObjectId.new(private_key.group.curve_name) 35 | ]) 36 | 37 | subject_public_key = OpenSSL::ASN1::BitString.new(private_key.public_key.to_bn.to_s(2)) 38 | spki = OpenSSL::ASN1::Sequence.new([algorithm_identifier, subject_public_key]) 39 | OpenSSL::PKey::EC.new(spki.to_der) 40 | end 41 | -------------------------------------------------------------------------------- /ssh_data.gemspec: -------------------------------------------------------------------------------- 1 | $:.unshift File.expand_path('../lib', __FILE__) 2 | require "ssh_data/version" 3 | 4 | Gem::Specification.new do |s| 5 | s.name = "ssh_data" 6 | s.summary = "Library for parsing SSH certificates" 7 | s.version = SSHData::VERSION 8 | s.license = "MIT" 9 | s.homepage = "https://github.com/github/ssh_data" 10 | s.authors = ["mastahyeti"] 11 | s.email = "opensource+ssh_data@github.com" 12 | s.required_ruby_version = ">= 3.1" 13 | s.files = Dir["./lib/**/*.rb"] + ["./LICENSE.md"] 14 | 15 | s.add_dependency "base64", "~> 0.1" 16 | 17 | s.add_development_dependency "ed25519", "~> 1.2" 18 | s.add_development_dependency "pry", "~> 0.14" 19 | s.add_development_dependency "rspec", "~> 3.10" 20 | s.add_development_dependency "rspec-parameterized", "~> 1.0" 21 | s.add_development_dependency "rspec-mocks", "~> 3.10" 22 | end 23 | --------------------------------------------------------------------------------