The cl-ssh-keys Reference Manual

Table of Contents

Next: , Previous: , Up: (dir)   [Contents][Index]

The cl-ssh-keys Reference Manual

This is the cl-ssh-keys Reference Manual, version 0.1.0, generated automatically by Declt version 3.0 "Montgomery Scott" on Wed Nov 04 12:47:29 2020 GMT+0.


Next: , Previous: , Up: Top   [Contents][Index]

1 Introduction

cl-ssh-keys

cl-ssh-keys is a Common Lisp system, which provides the following features.

Requirements

Installation

Clone the cl-ssh-keys repo in your Quicklisp local-projects directory.

git clone https://github.com/dnaeon/cl-ssh-keys.git

Load the system.

CL-USER> (ql:quickload :cl-ssh-keys)

Supported Key Types

The following public and private key pairs can be decoded, encoded and generated by cl-ssh-keys.

| Type | Status | |---------|-----------| | RSA | Supported | | DSA | Supported | | ED25519 | Supported | | ECDSA | Supported |

Usage

The following section provides various examples showing you how to decode, encode, and generate new OpenSSH private and public key pairs.

For additional examples, make sure to check the test suite.

Public keys

A public key can be parsed from a given string using the SSH-KEYS:PARSE-PUBLIC-KEY function, or from a file using the SSH-KEYS:PARSE-PUBLIC-KEY-FILE function.

CL-USER> (defparameter *public-key*
           (ssh-keys:parse-public-key-file #P"~/.ssh/id_rsa.pub"))
*PUBLIC-KEY*

You can retrieve the comment associated with a public key by using the SSH-KEYS:KEY-COMMENT accessor.

CL-USER> (ssh-keys:key-comment *public-key*)
"john.doe@localhost"

The key kind can be retrieved using SSH-KEYS:KEY-KIND.

CL-USER> (ssh-keys:key-kind *public-key*)
(:NAME "ssh-rsa" :PLAIN-NAME "ssh-rsa" :SHORT-NAME "RSA" :ID :SSH-RSA :IS-CERT NIL)

The number of bits for a key can be retrieved using the SSH-KEYS:KEY-BITS generic function, e.g.

CL-USER> (ssh-keys:key-bits *public-key*)
3072

SSH-KEYS:WITH-PUBLIC-KEY and SSH-KEYS:WITH-PUBLIC-KEY-FILE are convenient macros when working with public keys, e.g.

CL-USER> (ssh-keys:with-public-key-file (key #P"~/.ssh/id_rsa.pub")
           (format t "Comment: ~a~%" (ssh-keys:key-comment key))
           (format t "MD5 fingerprint: ~a~%" (ssh-keys:fingerprint :md5 key))
           (format t "Number of bits: ~a~%" (ssh-keys:key-bits key)))
Comment: john.doe@localhost
MD5 fingerprint: 04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e
Number of bits: 3072
NIL

Private keys

A private keys can be parsed using the SSH-KEYS:PARSE-PRIVATE-KEY function, which takes a string representing a private key in OpenSSH private key format, or you can use the SSH-KEYS:PARSE-PRIVATE-KEY-FILE function, e.g.

CL-USER> (defparameter *private-key*
           (ssh-keys:parse-private-key-file #P"~/.ssh/id_rsa"))
*PRIVATE-KEY*

Key kind, comment and number of bits can be retrieved using SSH-KEYS:KEY-KIND, SSH-KEYS:KEY-COMMENT and SSH-KEYS:KEY-BITS, similarly to the way you would for public keys, e.g.

CL-USER> (ssh-keys:key-kind *private-key*)
(:NAME "ssh-rsa" :PLAIN-NAME "ssh-rsa" :SHORT-NAME "RSA" :ID :SSH-RSA :IS-CERT NIL)
CL-USER> (ssh-keys:key-comment *private-key*)
"john.doe@localhost"
CL-USER> (ssh-keys:key-bits *private-key*)
3072

OpenSSH private keys embed the public key within the binary blob of the private key. From a private key you can get the embedded public key using SSH-KEYS:EMBEDDED-PUBLIC-KEY, e.g.

CL-USER> (ssh-keys:embedded-public-key *private-key*)
#<CL-SSH-KEYS:RSA-PUBLIC-KEY {100619EAB3}>

You can also use the SSH-KEYS:WITH-PRIVATE-KEY and SSH-KEYS:WITH-PRIVATE-KEY-FILE macros when working with private keys.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa")
           (format t "Comment: ~a~%" (ssh-keys:key-comment key))
           (format t "MD5 fingerprint: ~a~%" (ssh-keys:fingerprint :md5 key)))
Comment: john.doe@localhost
MD5 fingerprint: 04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e

Encrypted keys

In order to parse an encrypted private key you need to provide a passphrase, e.g.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "my-secret-password")
           (ssh-keys:key-cipher-name key))
"aes256-ctr"

Changing passphrase of an encrypted key

The passphrase for an encrypted private key can be changed by setting a new value for the passphrase using the SSH-KEYS:KEY-PASSPHRASE accessor.

This example changes the passphrase for a given key and saves it on the filesystem.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "OLD-PASSPHRASE")
           (setf (ssh-keys:key-passphrase key) "MY-NEW-PASSPHRASE")
           (ssh-keys:write-key-to-path key #P"~/.id_rsa-new-passphrase"))

Setting passphrase for an existing un-encrypted key

In order to set a passphrase for an existing un-encrypted private key, simply set a passphrase using the SSH-KEYS:KEY-PASSPHRASE accessor, e.g.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa")
           (setf (ssh-keys:key-passphrase key) "my-secret-password")
           (ssh-keys:write-key-to-path key #P"~/.id_rsa-encrypted"))

Removing passphrase of an encrypted key

You can remove the passphrase of a private key and make it un-encrypted by setting the passphrase to nil.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
           (setf (ssh-keys:key-passphrase key) nil)
           (ssh-keys:write-key-to-path key #P"~/.id_rsa-unencrypted"))

Changing the cipher of an encrypted key

The cipher to be used for encryption of a private key can be set by using the SSH-KEYS:KEY-CIPHER-NAME accessor. The value should be one of the known and supported ciphers as returned by SSH-KEYS:GET-ALL-CIPHER-NAMES.

First, list the known cipher names.

CL-USER> (ssh-keys:get-all-cipher-names)
("3des-cbc" "aes128-cbc" "aes192-cbc" "aes256-cbc" "aes128-ctr" "aes192-ctr" "aes256-ctr" "none")

Then set a new cipher.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
           (setf (ssh-keys:key-cipher-name key) "3des-cbc")
           (ssh-keys:write-key-to-path key #P"~/.id_rsa-3des-cbc"))

Changing the KDF number of iterations

By default ssh-keygen(1) and cl-ssh-keys will use 16 rounds of iterations in order to produce an encryption key. You can set this to a higher value, if needed, which would help against brute-force attacks.

CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
           (setf (ssh-keys:key-kdf-rounds key) 32)
           (ssh-keys:write-key-to-path key #P"~/.id_rsa-stronger"))

Fingerprints

Key fingerprints can be generated using the SSH-KEYS:FINGERPRINT generic function.

The following examples show how to generate the SHA-256, SHA-1 and MD5 fingerprints of a given public key.

CL-USER> (ssh-keys:fingerprint :sha256 *public-key*)
"VmYpd+5gvA5Cj57ZZcI8lnFMNNic6jpnnBd0WoNG1F8"
CL-USER> (ssh-keys:fingerprint :sha1 *public-key*)
"RnLPLG93GrABjOqc6xOvVFpQXsc"
CL-USER> (ssh-keys:fingerprint :md5 *public-key*)
"04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e"

Fingerprints of private keys are computed against the embedded public key.

Writing Keys

A public and private key can be written in its text representation using the SSH-KEYS:WRITE-KEY generic function.

CL-USER> (ssh-keys:write-key *public-key*)
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsngzCcay+lQ+34qUeUSH2m1ZYW9B0a2rxpMmvYFcOyL/hRPJwv8XO89T0+HQIZRC+xlM3BSqdFGs+B58MYXPvo3H+p00CJN8tUjvC3VD74kiXSNxIyhBpKCY1s58RxnWS/6bPQIYfnCVBiQZnkNe1T3isxND1Y71TnbSz5QN2xBkAtiGPH0dPM89yWbZpTjTCaIOfyZn2fBBsmp0zUgEJ7o9W9Lrxs1f0Pn+bZ4PqFSEUzlub7mAQ+RpwgGeLeWIFz+o6KQJPFiuRgzQU6ZsY+wjorVefzgeqpRiWGw/bEyUDck09B4B0IWoTtIiKRzd635nOo7Lz/1XgaMZ60WZD9T/labEWcKmtp4Y7NoCkep0DyYyoAgWrco4FD1r0g4WcVbsJQt8HzRy9UaHlh6YPY/xkk0bSiljpygEiT48FxniqE+6HY+7SbC1wz5QThY+UsIiDgFcg3BljskfT8Il3hateXI2wEXqww4+a+DxcHzypclYorbQKUzdzNLZRBNk= john.doe@localhost
NIL

Another example, this time using a private key.

CL-USER> (ssh-keys:write-key *private-key*)
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEArJ4MwnGsvpUPt+KlHlEh9ptWWFvQdGtq8aTJr2BXDsi/4UTycL/F
zvPU9Ph0CGUQvsZTNwUqnRRrPgefDGFz76Nx/qdNAiTfLVI7wt1Q++JIl0jcSMoQaSgmNb
OfEcZ1kv+mz0CGH5wlQYkGZ5DXtU94rMTQ9WO9U520s+UDdsQZALYhjx9HTzPPclm2aU40
wmiDn8mZ9nwQbJqdM1IBCe6PVvS68bNX9D5/m2eD6hUhFM5bm+5gEPkacIBni3liBc/qOi
kCTxYrkYM0FOmbGPsI6K1Xn84HqqUYlhsP2xMlA3JNPQeAdCFqE7SIikc3et+ZzqOy8/9V
4GjGetFmQ/U/5WmxFnCpraeGOzaApHqdA8mMqAIFq3KOBQ9a9IOFnFW7CULfB80cvVGh5Y
emD2P8ZJNG0opY6coBIk+PBcZ4qhPuh2Pu0mwtcM+UE4WPlLCIg4BXINwZY7JH0/CJd4Wr
XlyNsBF6sMOPmvg8XB88qXJWKK20ClM3czS2UQTZAAAFkJkcYpSZHGKUAAAAB3NzaC1yc2
EAAAGBAKyeDMJxrL6VD7fipR5RIfabVlhb0HRravGkya9gVw7Iv+FE8nC/xc7z1PT4dAhl
EL7GUzcFKp0Uaz4Hnwxhc++jcf6nTQIk3y1SO8LdUPviSJdI3EjKEGkoJjWznxHGdZL/ps
9Ahh+cJUGJBmeQ17VPeKzE0PVjvVOdtLPlA3bEGQC2IY8fR08zz3JZtmlONMJog5/JmfZ8
EGyanTNSAQnuj1b0uvGzV/Q+f5tng+oVIRTOW5vuYBD5GnCAZ4t5YgXP6jopAk8WK5GDNB
Tpmxj7COitV5/OB6qlGJYbD9sTJQNyTT0HgHQhahO0iIpHN3rfmc6jsvP/VeBoxnrRZkP1
P+VpsRZwqa2nhjs2gKR6nQPJjKgCBatyjgUPWvSDhZxVuwlC3wfNHL1RoeWHpg9j/GSTRt
KKWOnKASJPjwXGeKoT7odj7tJsLXDPlBOFj5SwiIOAVyDcGWOyR9PwiXeFq15cjbARerDD
j5r4PFwfPKlyViittApTN3M0tlEE2QAAAAMBAAEAAAGBAJT3DFHdYdNSti7d09sW7zVvlp
NIINvnO3Jv4HGNtXOXwSd5pbOxe9Z+TEBgDVqVRV8trfCkb8MBNQ9h6lr32uJqbdzyqh14
jnUBK3ueHN5SyIxuH1RdtM3bDSZ47YScfSivoVfn+hdbXDdzNei4cb8RZzXJ3/505ZU8Ww
6IS3X6Aw2/H7TwrExojNTFIQs9p4BCS5zgkRLKvC3NPG5mjWjxzBehuZcOS5AHQ35sVcX0
GAlpkFs/2v2qy6tc1H7j703RsrlJtXvLQ2fUGVXdZflMSlX1te+T+KM5T1unUS5fPFWfLj
U+bQK7KkY48ILVQkrFLGg+8Wj77MTS3AGmQ2MnHzaK0+Cd+HAqUfRIDZZgG/5/T8nIsra/
9AG2ZIvOTSZsLqht4TkfZnp6hJm+MKmpJ9F40NnzGtYNso6GD/aqkDxubKf4uoOEW9cbOO
s5i5bvvZSgxQ1sNees0/nBBYsRhLfYkC41EcCRlhQIcvHA1IFRj5Un0gowA8vtCGyRJQAA
AMEAuPkxyvsmPYIi0SbVNVMdEpaJ3UHTJOLL6b8QDPYsiuYG0DZfHgL1MSbgIrxUKI4Xi1
oEROgfGHnhnUd7mGbwUF/K0KnYJUMlV0W8Jfz94E7+cQiqgvvWD2JZcuvXP5Dg89whsFFy
pinpkrWe8gDmqo/LKzAEBIFAuNVarD7/cIKTpW+pdo7WfnYsXqTgyZ5NO8IwkTXho6NTRI
s/Z7o7UCXX2XnUcQxWOv+L5aw7w4dBdNZpN7XBQCOfOo32SDpQAAAAwQDYmJZrTrb5w5N+
o/j9nhcrY1ZbJNUbpx1lrV/r1GCGX0f3l2ztjjzyttP+WEggPypMB5BC+S6d67PEJeI988
OanzMx/r37tfFbMMtE5YNx1BwyL1Z1x/KYugReibWclHBAa+b+TCFSfJyf1I5NABsgjQ2h
4uVy1pRWcly4Cfu0NWRJo23waTzvODPWjUz1EFIcytpKvYxwbcvYOVEY5ie9+oXhVxNm6U
ZQTLMtPWNUZGHt3xOrGhrf4M7EJRLUBe8AAADBAMwFRHMyDsyjzlFZA1gL42xO4gCGwjJq
IZu+X6h1PV71IYyyY2XV9p6Ir9UZFeFs73wvO7I+OWW6POIKMKVOjjWTU5KD3+kSI2THWq
j/Cf8gr/aLqHOKa6X63meJCPSKC5CtHFchvAPvcUhfLLv7MfHJfwFU4vrBJh5w4h0TXKCU
8hIzudC5tinyYsDgv0i0keWxWAmKMxSxsfIQkqYtqMHc4E9EZ1baUsvAj8VolJcKn0Ocj9
tvLra3KkT8SoqptwAAABJqb2huLmRvZUBsb2NhbGhvc3QBAgMEBQYH
-----END OPENSSH PRIVATE KEY-----
NIL

The SSH-KEYS:WRITE-KEY generic function takes an optional stream parameter, so you can write your keys to a given stream, if needed.

CL-USER> (with-open-file (out #P"my-rsa-public-key" :direction :output)
           (ssh-keys:write-key *public-key* out))
NIL

SSH-KEYS:WRITE-KEY-TO-PATH is a convenience function you can use to write keys to a given path, e.g.

CL-USER> (ssh-keys:write-key-to-path (key #P"my-rsa-public-key")

Generating new private/public key pairs

The SSH-KEYS:GENERATE-KEY-PAIR generic function creates a new private/public key pair of a given kind.

The generated keys are identical with what ssh-keygen(1) would produce and you can use them to authenticate to remote systems.

The following example creates an RSA private/public key pair, and saves the keys on the file system.

CL-USER> (multiple-value-bind (priv-key pub-key) (ssh-keys:generate-key-pair :rsa)
           (ssh-keys:write-key-to-path priv-key #P"~/.ssh/my-priv-rsa-key")
           (ssh-keys:write-key-to-path pub-key #P"~/.ssh/my-pub-rsa-key.pub"))
NIL

The following example generates DSA private/public key pairs.

CL-USER> (ssh-keys:generate-key-pair :dsa)

This example shows how to generate Ed25519 private/public key pairs.

CL-USER> (ssh-keys:generate-key-pair :ed25519)

ECDSA keys can be generated using NIST P-256, NIST P-384 or NIST P-521 curves. The following examples show how to create 256, 384 and 521 bit ECDSA keys.

CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp256)
CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp384)
CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp521)

Tests

Tests are provided as part of the cl-ssh-keys.test system.

The following Common Lisp implementations have been tested and are known to work.

In order to run the tests you can evaluate the following expressions.

CL-USER> (ql:quickload :cl-ssh-keys.test)
CL-USER> (asdf:test-system :cl-ssh-keys.test)

Or you can run the tests in a Docker container instead.

First, build the Docker image.

docker build -t cl-ssh-keys .

Run the tests.

docker run --rm cl-ssh-keys

Contributing

cl-ssh-keys is hosted on Github. Please contribute by reporting issues, suggesting features or by sending patches using pull requests.

Authors

License

This project is Open Source and licensed under the BSD License.


Next: , Previous: , Up: Top   [Contents][Index]

2 Systems

The main system appears first, followed by any subsystem dependency.


Previous: , Up: Systems   [Contents][Index]

2.1 cl-ssh-keys

Long Name

cl-ssh-keys

Maintainer

Marin Atanasov Nikolov <dnaeon@gmail.com>

Author

Marin Atanasov Nikolov <dnaeon@gmail.com>

Home Page

https://github.com/dnaeon/cl-ssh-keys

Source Control

https://github.com/dnaeon/cl-ssh-keys

Bug Tracker

https://github.com/dnaeon/cl-ssh-keys

License

BSD 2-Clause

Description

Common Lisp system for generating and parsing of OpenSSH keys

Long Description

## cl-ssh-keys

‘cl-ssh-keys‘ is a Common Lisp system, which provides the following
features.

* Decode OpenSSH public keys as defined in [RFC 4253][RFC 4253],
section 6.6.
* Decode OpenSSH private private keys as defined in
[PROTOCOL.key][PROTOCOL.key]
* Generate new private/public key pairs in OpenSSH compatible
binary format.

## Requirements

* [Quicklisp][Quicklisp]

## Installation

Clone the [cl-ssh-keys][cl-ssh-keys] repo in
your [Quicklisp local-projects
directory][Quicklisp FAQ].

“‘ shell
git clone https://github.com/dnaeon/cl-ssh-keys.git
“‘

Load the system.

“‘ common-lisp
CL-USER> (ql:quickload :cl-ssh-keys)
“‘

## Supported Key Types

The following public and private key pairs can be decoded, encoded and
generated by ‘cl-ssh-keys‘.

| Type | Status |
|———|———–|
| RSA | Supported |
| DSA | Supported |
| ED25519 | Supported |
| ECDSA | Supported |

## Usage

The following section provides various examples showing you how to decode,
encode, and generate new OpenSSH private and public key pairs.

For additional examples, make sure to check the [test
suite](./t/test-suite.lisp).

### Public keys

A public key can be parsed from a given string using the
‘SSH-KEYS:PARSE-PUBLIC-KEY‘ function, or from a file using the
‘SSH-KEYS:PARSE-PUBLIC-KEY-FILE‘ function.

“‘ common-lisp
CL-USER> (defparameter *public-key*
(ssh-keys:parse-public-key-file #P"~/.ssh/id_rsa.pub"))
*PUBLIC-KEY*
“‘

You can retrieve the comment associated with a public key by using the
‘SSH-KEYS:KEY-COMMENT‘ accessor.

“‘ common-lisp
CL-USER> (ssh-keys:key-comment *public-key*)
"john.doe@localhost"
“‘

The key kind can be retrieved using ‘SSH-KEYS:KEY-KIND‘.

“‘ common-lisp
CL-USER> (ssh-keys:key-kind *public-key*)
(:NAME "ssh-rsa" :PLAIN-NAME "ssh-rsa" :SHORT-NAME "RSA" :ID :SSH-RSA :IS-CERT NIL)
“‘

The number of bits for a key can be retrieved using the
‘SSH-KEYS:KEY-BITS‘ generic function, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:key-bits *public-key*)
3072
“‘

‘SSH-KEYS:WITH-PUBLIC-KEY‘ and ‘SSH-KEYS:WITH-PUBLIC-KEY-FILE‘
are convenient macros when working with public keys, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:with-public-key-file (key #P"~/.ssh/id_rsa.pub")
(format t "Comment: ~a~%" (ssh-keys:key-comment key))
(format t "MD5 fingerprint: ~a~%" (ssh-keys:fingerprint :md5 key))
(format t "Number of bits: ~a~%" (ssh-keys:key-bits key)))
Comment: john.doe@localhost
MD5 fingerprint: 04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e
Number of bits: 3072
NIL
“‘

### Private keys

A private keys can be parsed using the ‘SSH-KEYS:PARSE-PRIVATE-KEY‘
function, which takes a string representing a private key in [OpenSSH
private key format][PROTOCOL.key], or you can use the
‘SSH-KEYS:PARSE-PRIVATE-KEY-FILE‘ function, e.g.

“‘ common-lisp
CL-USER> (defparameter *private-key*
(ssh-keys:parse-private-key-file #P"~/.ssh/id_rsa"))
*PRIVATE-KEY*
“‘

Key kind, comment and number of bits can be retrieved using
‘SSH-KEYS:KEY-KIND‘, ‘SSH-KEYS:KEY-COMMENT‘ and ‘SSH-KEYS:KEY-BITS‘,
similarly to the way you would for public keys, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:key-kind *private-key*)
(:NAME "ssh-rsa" :PLAIN-NAME "ssh-rsa" :SHORT-NAME "RSA" :ID :SSH-RSA :IS-CERT NIL)
CL-USER> (ssh-keys:key-comment *private-key*)
"john.doe@localhost"
CL-USER> (ssh-keys:key-bits *private-key*)
3072
“‘

OpenSSH private keys embed the public key within the binary blob of
the private key. From a private key you can get the embedded public
key using ‘SSH-KEYS:EMBEDDED-PUBLIC-KEY‘, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:embedded-public-key *private-key*)
#<CL-SSH-KEYS:RSA-PUBLIC-KEY {100619EAB3}>
“‘

You can also use the ‘SSH-KEYS:WITH-PRIVATE-KEY‘ and
‘SSH-KEYS:WITH-PRIVATE-KEY-FILE‘ macros when working with private
keys.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa")
(format t "Comment: ~a~%" (ssh-keys:key-comment key))
(format t "MD5 fingerprint: ~a~%" (ssh-keys:fingerprint :md5 key)))
Comment: john.doe@localhost
MD5 fingerprint: 04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e
“‘

### Encrypted keys

In order to parse an encrypted private key you need to provide a
passphrase, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "my-secret-password")
(ssh-keys:key-cipher-name key))
"aes256-ctr"
“‘

### Changing passphrase of an encrypted key

The passphrase for an encrypted private key can be changed by setting
a new value for the passphrase using the ‘SSH-KEYS:KEY-PASSPHRASE‘
accessor.

This example changes the passphrase for a given key and saves it on
the filesystem.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "OLD-PASSPHRASE")
(setf (ssh-keys:key-passphrase key) "MY-NEW-PASSPHRASE")
(ssh-keys:write-key-to-path key #P"~/.id_rsa-new-passphrase"))
“‘

### Setting passphrase for an existing un-encrypted key

In order to set a passphrase for an existing un-encrypted private key,
simply set a passphrase using the ‘SSH-KEYS:KEY-PASSPHRASE‘ accessor,
e.g.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa")
(setf (ssh-keys:key-passphrase key) "my-secret-password")
(ssh-keys:write-key-to-path key #P"~/.id_rsa-encrypted"))
“‘

### Removing passphrase of an encrypted key

You can remove the passphrase of a private key and make it
un-encrypted by setting the passphrase to ‘nil‘.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
(setf (ssh-keys:key-passphrase key) nil)
(ssh-keys:write-key-to-path key #P"~/.id_rsa-unencrypted"))
“‘

### Changing the cipher of an encrypted key

The cipher to be used for encryption of a private key can be set by
using the ‘SSH-KEYS:KEY-CIPHER-NAME‘ accessor. The value should be one
of the known and supported ciphers as returned by
‘SSH-KEYS:GET-ALL-CIPHER-NAMES‘.

First, list the known cipher names.

“‘ common-lisp
CL-USER> (ssh-keys:get-all-cipher-names)
("3des-cbc" "aes128-cbc" "aes192-cbc" "aes256-cbc" "aes128-ctr" "aes192-ctr" "aes256-ctr" "none")
“‘

Then set a new cipher.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
(setf (ssh-keys:key-cipher-name key) "3des-cbc")
(ssh-keys:write-key-to-path key #P"~/.id_rsa-3des-cbc"))
“‘

### Changing the KDF number of iterations

By default ‘ssh-keygen(1)‘ and ‘cl-ssh-keys‘ will use ‘16‘ rounds of
iterations in order to produce an encryption key. You can set this to
a higher value, if needed, which would help against brute-force
attacks.

“‘ common-lisp
CL-USER> (ssh-keys:with-private-key-file (key #P"~/.ssh/id_rsa" :passphrase "PASSPHRASE")
(setf (ssh-keys:key-kdf-rounds key) 32)
(ssh-keys:write-key-to-path key #P"~/.id_rsa-stronger"))
“‘

### Fingerprints

Key fingerprints can be generated using the ‘SSH-KEYS:FINGERPRINT‘
generic function.

The following examples show how to generate the SHA-256, SHA-1 and MD5
fingerprints of a given public key.

“‘ common-lisp
CL-USER> (ssh-keys:fingerprint :sha256 *public-key*)
"VmYpd+5gvA5Cj57ZZcI8lnFMNNic6jpnnBd0WoNG1F8"
CL-USER> (ssh-keys:fingerprint :sha1 *public-key*)
"RnLPLG93GrABjOqc6xOvVFpQXsc"
CL-USER> (ssh-keys:fingerprint :md5 *public-key*)
"04:02:4b:b2:43:39:a4:8e:89:47:49:6f:30:78:94:1e"
“‘

Fingerprints of private keys are computed against the embedded public
key.

### Writing Keys

A public and private key can be written in its text representation
using the ‘SSH-KEYS:WRITE-KEY‘ generic function.

“‘ common-lisp
CL-USER> (ssh-keys:write-key *public-key*)
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsngzCcay+lQ+34qUeUSH2m1ZYW9B0a2rxpMmvYFcOyL/hRPJwv8XO89T0+HQIZRC+xlM3BSqdFGs+B58MYXPvo3H+p00CJN8tUjvC3VD74kiXSNxIyhBpKCY1s58RxnWS/6bPQIYfnCVBiQZnkNe1T3isxND1Y71TnbSz5QN2xBkAtiGPH0dPM89yWbZpTjTCaIOfyZn2fBBsmp0zUgEJ7o9W9Lrxs1f0Pn+bZ4PqFSEUzlub7mAQ+RpwgGeLeWIFz+o6KQJPFiuRgzQU6ZsY+wjorVefzgeqpRiWGw/bEyUDck09B4B0IWoTtIiKRzd635nOo7Lz/1XgaMZ60WZD9T/labEWcKmtp4Y7NoCkep0DyYyoAgWrco4FD1r0g4WcVbsJQt8HzRy9UaHlh6YPY/xkk0bSiljpygEiT48FxniqE+6HY+7SbC1wz5QThY+UsIiDgFcg3BljskfT8Il3hateXI2wEXqww4+a+DxcHzypclYorbQKUzdzNLZRBNk= john.doe@localhost NIL
“‘

Another example, this time using a private key.

“‘ common-lisp
CL-USER> (ssh-keys:write-key *private-key*)
—–BEGIN OPENSSH PRIVATE KEY—–
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEArJ4MwnGsvpUPt+KlHlEh9ptWWFvQdGtq8aTJr2BXDsi/4UTycL/F
zvPU9Ph0CGUQvsZTNwUqnRRrPgefDGFz76Nx/qdNAiTfLVI7wt1Q++JIl0jcSMoQaSgmNb
OfEcZ1kv+mz0CGH5wlQYkGZ5DXtU94rMTQ9WO9U520s+UDdsQZALYhjx9HTzPPclm2aU40
wmiDn8mZ9nwQbJqdM1IBCe6PVvS68bNX9D5/m2eD6hUhFM5bm+5gEPkacIBni3liBc/qOi
kCTxYrkYM0FOmbGPsI6K1Xn84HqqUYlhsP2xMlA3JNPQeAdCFqE7SIikc3et+ZzqOy8/9V
4GjGetFmQ/U/5WmxFnCpraeGOzaApHqdA8mMqAIFq3KOBQ9a9IOFnFW7CULfB80cvVGh5Y
emD2P8ZJNG0opY6coBIk+PBcZ4qhPuh2Pu0mwtcM+UE4WPlLCIg4BXINwZY7JH0/CJd4Wr
XlyNsBF6sMOPmvg8XB88qXJWKK20ClM3czS2UQTZAAAFkJkcYpSZHGKUAAAAB3NzaC1yc2
EAAAGBAKyeDMJxrL6VD7fipR5RIfabVlhb0HRravGkya9gVw7Iv+FE8nC/xc7z1PT4dAhl
EL7GUzcFKp0Uaz4Hnwxhc++jcf6nTQIk3y1SO8LdUPviSJdI3EjKEGkoJjWznxHGdZL/ps
9Ahh+cJUGJBmeQ17VPeKzE0PVjvVOdtLPlA3bEGQC2IY8fR08zz3JZtmlONMJog5/JmfZ8
EGyanTNSAQnuj1b0uvGzV/Q+f5tng+oVIRTOW5vuYBD5GnCAZ4t5YgXP6jopAk8WK5GDNB
Tpmxj7COitV5/OB6qlGJYbD9sTJQNyTT0HgHQhahO0iIpHN3rfmc6jsvP/VeBoxnrRZkP1
P+VpsRZwqa2nhjs2gKR6nQPJjKgCBatyjgUPWvSDhZxVuwlC3wfNHL1RoeWHpg9j/GSTRt
KKWOnKASJPjwXGeKoT7odj7tJsLXDPlBOFj5SwiIOAVyDcGWOyR9PwiXeFq15cjbARerDD
j5r4PFwfPKlyViittApTN3M0tlEE2QAAAAMBAAEAAAGBAJT3DFHdYdNSti7d09sW7zVvlp
NIINvnO3Jv4HGNtXOXwSd5pbOxe9Z+TEBgDVqVRV8trfCkb8MBNQ9h6lr32uJqbdzyqh14
jnUBK3ueHN5SyIxuH1RdtM3bDSZ47YScfSivoVfn+hdbXDdzNei4cb8RZzXJ3/505ZU8Ww
6IS3X6Aw2/H7TwrExojNTFIQs9p4BCS5zgkRLKvC3NPG5mjWjxzBehuZcOS5AHQ35sVcX0
GAlpkFs/2v2qy6tc1H7j703RsrlJtXvLQ2fUGVXdZflMSlX1te+T+KM5T1unUS5fPFWfLj
U+bQK7KkY48ILVQkrFLGg+8Wj77MTS3AGmQ2MnHzaK0+Cd+HAqUfRIDZZgG/5/T8nIsra/
9AG2ZIvOTSZsLqht4TkfZnp6hJm+MKmpJ9F40NnzGtYNso6GD/aqkDxubKf4uoOEW9cbOO
s5i5bvvZSgxQ1sNees0/nBBYsRhLfYkC41EcCRlhQIcvHA1IFRj5Un0gowA8vtCGyRJQAA
AMEAuPkxyvsmPYIi0SbVNVMdEpaJ3UHTJOLL6b8QDPYsiuYG0DZfHgL1MSbgIrxUKI4Xi1
oEROgfGHnhnUd7mGbwUF/K0KnYJUMlV0W8Jfz94E7+cQiqgvvWD2JZcuvXP5Dg89whsFFy
pinpkrWe8gDmqo/LKzAEBIFAuNVarD7/cIKTpW+pdo7WfnYsXqTgyZ5NO8IwkTXho6NTRI
s/Z7o7UCXX2XnUcQxWOv+L5aw7w4dBdNZpN7XBQCOfOo32SDpQAAAAwQDYmJZrTrb5w5N+
o/j9nhcrY1ZbJNUbpx1lrV/r1GCGX0f3l2ztjjzyttP+WEggPypMB5BC+S6d67PEJeI988
OanzMx/r37tfFbMMtE5YNx1BwyL1Z1x/KYugReibWclHBAa+b+TCFSfJyf1I5NABsgjQ2h
4uVy1pRWcly4Cfu0NWRJo23waTzvODPWjUz1EFIcytpKvYxwbcvYOVEY5ie9+oXhVxNm6U
ZQTLMtPWNUZGHt3xOrGhrf4M7EJRLUBe8AAADBAMwFRHMyDsyjzlFZA1gL42xO4gCGwjJq
IZu+X6h1PV71IYyyY2XV9p6Ir9UZFeFs73wvO7I+OWW6POIKMKVOjjWTU5KD3+kSI2THWq
j/Cf8gr/aLqHOKa6X63meJCPSKC5CtHFchvAPvcUhfLLv7MfHJfwFU4vrBJh5w4h0TXKCU
8hIzudC5tinyYsDgv0i0keWxWAmKMxSxsfIQkqYtqMHc4E9EZ1baUsvAj8VolJcKn0Ocj9
tvLra3KkT8SoqptwAAABJqb2huLmRvZUBsb2NhbGhvc3QBAgMEBQYH
—–END OPENSSH PRIVATE KEY—–
NIL
“‘

The ‘SSH-KEYS:WRITE-KEY‘ generic function takes an optional stream
parameter, so you can write your keys to a given stream, if needed.

“‘ common-lisp
CL-USER> (with-open-file (out #P"my-rsa-public-key" :direction :output)
(ssh-keys:write-key *public-key* out))
NIL
“‘

‘SSH-KEYS:WRITE-KEY-TO-PATH‘ is a convenience function you can use to
write keys to a given path, e.g.

“‘ common-lisp
CL-USER> (ssh-keys:write-key-to-path (key #P"my-rsa-public-key")
“‘

### Generating new private/public key pairs

The ‘SSH-KEYS:GENERATE-KEY-PAIR‘ generic function creates a new
private/public key pair of a given kind.

The generated keys are identical with what ‘ssh-keygen(1)‘ would
produce and you can use them to authenticate to remote systems.

The following example creates an RSA private/public key pair, and
saves the keys on the file system.

“‘ common-lisp
CL-USER> (multiple-value-bind (priv-key pub-key) (ssh-keys:generate-key-pair :rsa)
(ssh-keys:write-key-to-path priv-key #P"~/.ssh/my-priv-rsa-key")
(ssh-keys:write-key-to-path pub-key #P"~/.ssh/my-pub-rsa-key.pub"))
NIL
“‘

The following example generates DSA private/public key pairs.

“‘ common-lisp
CL-USER> (ssh-keys:generate-key-pair :dsa)
“‘

This example shows how to generate Ed25519 private/public key pairs.

“‘ common-lisp
CL-USER> (ssh-keys:generate-key-pair :ed25519)
“‘

ECDSA keys can be generated using NIST P-256, NIST P-384 or NIST P-521
curves. The following examples show how to create 256, 384 and 521 bit
ECDSA keys.

“‘ common-lisp
CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp256)
CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp384)
CL-USER> (ssh-keys:generate-key-pair :ecdsa-nistp521)
“‘

## Tests

Tests are provided as part of the ‘cl-ssh-keys.test‘ system.

The following Common Lisp implementations have been tested and are
known to work.

* [SBCL](http://www.sbcl.org)
* [CCL](https://ccl.clozure.com)

In order to run the tests you can evaluate the following expressions.

“‘ common-lisp
CL-USER> (ql:quickload :cl-ssh-keys.test)
CL-USER> (asdf:test-system :cl-ssh-keys.test)
“‘

Or you can run the tests in a Docker container instead.

First, build the Docker image.

“‘ shell
docker build -t cl-ssh-keys .
“‘

Run the tests.

“‘ shell
docker run –rm cl-ssh-keys
“‘

## Contributing

‘cl-ssh-keys‘ is hosted on [Github][cl-ssh-keys]. Please contribute by
reporting issues, suggesting features or by sending patches using pull
requests.

## Authors

* Marin Atanasov Nikolov (dnaeon@gmail.com)

## License

This project is Open Source and licensed under the [BSD
License][BSD License].

[RFC 4253]: https://tools.ietf.org/html/rfc4253
[PROTOCOL.key]: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD
[Quicklisp]: https://www.quicklisp.org/beta/
[Quicklisp FAQ]: https://www.quicklisp.org/beta/faq.html
[cl-ssh-keys]: https://github.com/dnaeon/cl-ssh-keys
[BSD License]: http://opensource.org/licenses/BSD-2-Clause

Version

0.1.0

Dependencies
Source

cl-ssh-keys.asd (file)

Components

Next: , Previous: , Up: Top   [Contents][Index]

3 Modules

Modules are listed depth-first from the system components tree.


Next: , Previous: , Up: Modules   [Contents][Index]

3.1 cl-ssh-keys/core

Parent

cl-ssh-keys (system)

Location

src/

Components

Previous: , Up: Modules   [Contents][Index]

3.2 cl-ssh-keys/keys

Dependency

core (module)

Parent

cl-ssh-keys (system)

Location

src/

Components

Next: , Previous: , Up: Top   [Contents][Index]

4 Files

Files are sorted by type and then listed depth-first from the systems components trees.


Previous: , Up: Files   [Contents][Index]

4.1 Lisp


Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.1 cl-ssh-keys.asd

Location

cl-ssh-keys.asd

Systems

cl-ssh-keys (system)

Packages

cl-ssh-keys-system


Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.2 cl-ssh-keys/core/package.lisp

Parent

core (module)

Location

src/package.lisp

Packages

cl-ssh-keys

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.3 cl-ssh-keys/core/generics.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/generics.lisp


Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.4 cl-ssh-keys/core/public-key.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/public-key.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.5 cl-ssh-keys/core/private-key.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/private-key.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.6 cl-ssh-keys/core/conditions.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/conditions.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.7 cl-ssh-keys/core/key-types.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/key-types.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.8 cl-ssh-keys/core/ciphers.lisp

Dependency

package.lisp (file)

Parent

core (module)

Location

src/ciphers.lisp

Exported Definitions
Internal Definitions

get-cipher-for-encryption/decryption (function)


Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.9 cl-ssh-keys/keys/rsa.lisp

Parent

keys (module)

Location

src/rsa.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.10 cl-ssh-keys/keys/dsa.lisp

Parent

keys (module)

Location

src/dsa.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.11 cl-ssh-keys/keys/ed25519.lisp

Parent

keys (module)

Location

src/ed25519.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.12 cl-ssh-keys/keys/ecdsa-nistp256.lisp

Parent

keys (module)

Location

src/ecdsa-nistp256.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

4.1.13 cl-ssh-keys/keys/ecdsa-nistp384.lisp

Parent

keys (module)

Location

src/ecdsa-nistp384.lisp

Exported Definitions

Previous: , Up: Lisp files   [Contents][Index]

4.1.14 cl-ssh-keys/keys/ecdsa-nistp521.lisp

Parent

keys (module)

Location

src/ecdsa-nistp521.lisp

Exported Definitions

Next: , Previous: , Up: Top   [Contents][Index]

5 Packages

Packages are listed by definition order.


Next: , Previous: , Up: Packages   [Contents][Index]

5.1 cl-ssh-keys-system

Source

cl-ssh-keys.asd

Use List

Previous: , Up: Packages   [Contents][Index]

5.2 cl-ssh-keys

Source

package.lisp (file)

Nickname

ssh-keys

Use List

common-lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Top   [Contents][Index]

6 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.


Next: , Previous: , Up: Definitions   [Contents][Index]

6.1 Exported definitions


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.1 Constants

Constant: +kdf-salt-size+

Salt size in bytes

Package

cl-ssh-keys

Source

private-key.lisp (file)

Constant: +nistp256-identifier+

NIST name of the curve

Package

cl-ssh-keys

Source

ecdsa-nistp256.lisp (file)

Constant: +nistp384-identifier+

NIST name of the curve

Package

cl-ssh-keys

Source

ecdsa-nistp384.lisp (file)

Constant: +nistp521-identifier+

NIST name of the curve

Package

cl-ssh-keys

Source

ecdsa-nistp521.lisp (file)

Constant: +private-key-auth-magic+

OpenSSH private key AUTH_MAGIC header

Package

cl-ssh-keys

Source

private-key.lisp (file)

Constant: +private-key-mark-begin+

Beginning marker for OpenSSH private keys

Package

cl-ssh-keys

Source

private-key.lisp (file)

Constant: +private-key-mark-end+

Ending marker for OpenSSH private keys

Package

cl-ssh-keys

Source

private-key.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.2 Special variables

Special Variable: *ciphers*

Various ciphers used by OpenSSH that are supported

Package

cl-ssh-keys

Source

ciphers.lisp (file)

Special Variable: *default-cipher-name*

Default cipher to use when encrypting a private key

Package

cl-ssh-keys

Source

ciphers.lisp (file)

Special Variable: *default-kdf-rounds*

Default number of iterations to use when deriving a key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Special Variable: *key-types*

OpenSSH key types

Package

cl-ssh-keys

Source

key-types.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.3 Macros

Macro: with-private-key (VAR TEXT &key PASSPHRASE) &body BODY

Parses a private key from the given TEXT and evaluates the BODY with VAR bound to the decoded private key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Macro: with-private-key-file (VAR PATH &key PASSPHRASE) &body BODY

Parses a private key from the given PATH and evaluates the BODY with VAR bound to the decoded private key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Macro: with-public-key (VAR TEXT) &body BODY

Parses a public key from the given TEXT and evaluates the BODY with VAR bound to the decoded public key

Package

cl-ssh-keys

Source

public-key.lisp (file)

Macro: with-public-key-file (VAR PATH) &body BODY

Parses a public key from the given PATH and evaluates the BODY with VAR bound to the decoded public key

Package

cl-ssh-keys

Source

public-key.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.4 Functions

Function: extract-private-key STREAM

Extracts the private key contents from the given stream

Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: extract-private-key-from-file PATH

Extracts the private key contents from the given path

Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: get-all-cipher-names ()

Returns a list of all supported cipher names

Package

cl-ssh-keys

Source

ciphers.lisp (file)

Function: get-cipher-by-name NAME

Get a cipher by its name

Package

cl-ssh-keys

Source

ciphers.lisp (file)

Function: get-cipher-by-name-or-lose NAME
Package

cl-ssh-keys

Source

ciphers.lisp (file)

Function: get-key-type VALUE &key BY

Get the key type identified by the given value and property

Package

cl-ssh-keys

Source

key-types.lisp (file)

Function: get-key-type-or-lose VALUE &key BY
Package

cl-ssh-keys

Source

key-types.lisp (file)

Function: parse-private-key TEXT &key PASSPHRASE

Parses an OpenSSH private key from the given plain-text string

Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: parse-private-key-file PATH &key PASSPHRASE

Parses an OpenSSH private key from the given path

Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: parse-public-key TEXT

Parses an OpenSSH public key from the given plain-text string

Package

cl-ssh-keys

Source

public-key.lisp (file)

Function: parse-public-key-file PATH

Parses an OpenSSH public key from the given path

Package

cl-ssh-keys

Source

public-key.lisp (file)

Function: private-key-padding-is-correct-p STREAM

Predicate for deterministic check of padding after private key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: write-key-to-path KEY PATH

Writes the given KEY to the destination PATH

Package

cl-ssh-keys

Source

package.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.5 Generic functions

Generic Function: ecdsa-curve-identifier OBJECT
Package

cl-ssh-keys

Methods
Method: ecdsa-curve-identifier (BASE-ECDSA-NISTP-KEY base-ecdsa-nistp-key)

Identifier of the elliptic curve domain parameters

Source

package.lisp (file)

Generic Function: embedded-public-key OBJECT
Package

cl-ssh-keys

Methods
Method: embedded-public-key (BASE-PRIVATE-KEY base-private-key)

Public key embedded in the private key

Source

private-key.lisp (file)

Generic Function: fingerprint HASH-SPEC KEY &key
Package

cl-ssh-keys

Methods
Method: fingerprint (HASH-SPEC (eql sha256)) (KEY base-private-key) &key

Computes the SHA-256 fingerprint of the embedded public key

Source

private-key.lisp (file)

Method: fingerprint (HASH-SPEC (eql sha1)) (KEY base-private-key) &key

Computes the SHA-1 fingerprint of the embedded public key

Source

private-key.lisp (file)

Method: fingerprint (HASH-SPEC (eql md5)) (KEY base-private-key) &key

Computes the MD5 fingerprint of the embedded public key

Source

private-key.lisp (file)

Method: fingerprint (HASH-SPEC (eql sha256)) (KEY base-public-key) &key

Computes the SHA-256 fingerprint of the given public key

Source

public-key.lisp (file)

Method: fingerprint (HASH-SPEC (eql sha1)) (KEY base-public-key) &key

Computes the SHA-1 fingerprint of the given public key

Source

public-key.lisp (file)

Method: fingerprint (HASH-SPEC (eql md5)) (KEY base-public-key) &key

Computes the MD5 fingerprint of the given public key

Source

public-key.lisp (file)

Generic Function: generate-key-pair KIND &key COMMENT PASSPHRASE NUM-BITS
Package

cl-ssh-keys

Methods
Method: generate-key-pair (KIND (eql ecdsa-nistp521)) &key COMMENT PASSPHRASE

Generates a new pair of ECDSA NIST P-521 public and private keys

Source

ecdsa-nistp521.lisp (file)

Method: generate-key-pair (KIND (eql ecdsa-nistp384)) &key COMMENT PASSPHRASE

Generates a new pair of ECDSA NIST P-384 public and private keys

Source

ecdsa-nistp384.lisp (file)

Method: generate-key-pair (KIND (eql ecdsa-nistp256)) &key COMMENT PASSPHRASE

Generates a new pair of ECDSA NIST P-256 public and private keys

Source

ecdsa-nistp256.lisp (file)

Method: generate-key-pair (KIND (eql ed25519)) &key COMMENT PASSPHRASE

Generates a new pair of Ed25519 public and private keys

Source

ed25519.lisp (file)

Method: generate-key-pair (KIND (eql dsa)) &key COMMENT PASSPHRASE

Generates a new pair of DSA public and private keys

Source

dsa.lisp (file)

Method: generate-key-pair (KIND (eql rsa)) &key NUM-BITS COMMENT PASSPHRASE

Generates a new pair of RSA public and private keys

Source

rsa.lisp (file)

Generic Function: key-bits KEY
Package

cl-ssh-keys

Methods
Method: key-bits (KEY ecdsa-nistp521-private-key)

Returns the number of bits of the embedded public key

Source

ecdsa-nistp521.lisp (file)

Method: key-bits (KEY ecdsa-nistp521-public-key)

Returns the number of bits for the ECDSA NIST P-521 public key

Source

ecdsa-nistp521.lisp (file)

Method: key-bits (KEY ecdsa-nistp384-private-key)

Returns the number of bits of the embedded public key

Source

ecdsa-nistp384.lisp (file)

Method: key-bits (KEY ecdsa-nistp384-public-key)

Returns the number of bits for the ECDSA NIST P-384 public key

Source

ecdsa-nistp384.lisp (file)

Method: key-bits (KEY ecdsa-nistp256-private-key)

Returns the number of bits of the embedded public key

Source

ecdsa-nistp256.lisp (file)

Method: key-bits (KEY ecdsa-nistp256-public-key)

Returns the number of bits for the ECDSA NIST P-256 public key

Source

ecdsa-nistp256.lisp (file)

Method: key-bits (KEY ed25519-private-key)

Returns the number of bits of the embedded public key

Source

ed25519.lisp (file)

Method: key-bits (KEY ed25519-public-key)

Returns the number of bits for the Ed25519 public key

Source

ed25519.lisp (file)

Method: key-bits (KEY dsa-private-key)

Returns the number of bits of the embedded public key

Source

dsa.lisp (file)

Method: key-bits (KEY dsa-public-key)

Returns the number of bits for the DSA public key

Source

dsa.lisp (file)

Method: key-bits (KEY rsa-private-key)

Returns the number of bits of the embedded public key

Source

rsa.lisp (file)

Method: key-bits (KEY rsa-public-key)

Returns the number of bits for the RSA public key

Source

rsa.lisp (file)

Generic Function: key-checksum-int OBJECT
Package

cl-ssh-keys

Methods
Method: key-checksum-int (BASE-PRIVATE-KEY base-private-key)

Checksum integer for private keys

Source

private-key.lisp (file)

Generic Function: key-cipher-name OBJECT
Generic Function: (setf key-cipher-name) NEW-VALUE OBJECT
Package

cl-ssh-keys

Methods
Method: key-cipher-name (BASE-PRIVATE-KEY base-private-key)
Method: (setf key-cipher-name) NEW-VALUE (BASE-PRIVATE-KEY base-private-key)

Private key cipher name

Source

private-key.lisp (file)

Method: (setf key-cipher-name) NEW-VALUE (KEY base-private-key) before

Set cipher name to use for encryption of the private key

Source

private-key.lisp (file)

Generic Function: key-comment OBJECT
Generic Function: (setf key-comment) NEW-VALUE OBJECT
Package

cl-ssh-keys

Methods
Method: key-comment (BASE-KEY base-key)
Method: (setf key-comment) NEW-VALUE (BASE-KEY base-key)

Comment associated with the key

Source

package.lisp (file)

Generic Function: key-kdf-name OBJECT
Generic Function: (setf key-kdf-name) NEW-VALUE OBJECT
Package

cl-ssh-keys

Methods
Method: key-kdf-name (BASE-PRIVATE-KEY base-private-key)
Method: (setf key-kdf-name) NEW-VALUE (BASE-PRIVATE-KEY base-private-key)

Private key KDF name

Source

private-key.lisp (file)

Method: (setf key-kdf-name) NEW-VALUE (KEY base-private-key) before

Set KDF name for the private key

Source

private-key.lisp (file)

Generic Function: key-kdf-rounds OBJECT
Generic Function: (setf key-kdf-rounds) NEW-VALUE OBJECT
Package

cl-ssh-keys

Methods
Method: key-kdf-rounds (BASE-PRIVATE-KEY base-private-key)
Method: (setf key-kdf-rounds) NEW-VALUE (BASE-PRIVATE-KEY base-private-key)

Number of iterations used to derive the key

Source

private-key.lisp (file)

Generic Function: key-kdf-salt OBJECT
Package

cl-ssh-keys

Methods
Method: key-kdf-salt (BASE-PRIVATE-KEY base-private-key)

Salt used by the KDF function

Source

private-key.lisp (file)

Generic Function: key-kind OBJECT
Package

cl-ssh-keys

Methods
Method: key-kind (BASE-KEY base-key)

SSH key kind

Source

package.lisp (file)

Generic Function: key-passphrase OBJECT
Generic Function: (setf key-passphrase) NEW-VALUE OBJECT
Package

cl-ssh-keys

Methods
Method: key-passphrase (BASE-PRIVATE-KEY base-private-key)
Method: (setf key-passphrase) NEW-VALUE (BASE-PRIVATE-KEY base-private-key)

Passphrase used to encrypt the private key

Source

private-key.lisp (file)

Method: (setf key-passphrase) NEW-VALUE (KEY base-private-key) before

Reset or remove passphrase for the private key.
If NIL is provided then encryption will be removed for the private key.

Source

private-key.lisp (file)

Generic Function: write-key KEY &optional STREAM
Package

cl-ssh-keys

Methods
Method: write-key (KEY base-private-key) &optional STREAM

Writes the private key in its text representation

Source

private-key.lisp (file)

Method: write-key (KEY base-public-key) &optional STREAM

Writes the public key in its text representation

Source

public-key.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

6.1.6 Conditions

Condition: key-type-mismatch-error ()

Signaled when there is a mismatch between the known key type and the encoded key type

Package

cl-ssh-keys

Source

conditions.lisp (file)

Direct superclasses

base-error (condition)

Direct methods
Direct slots
Slot: expected
Initargs

:expected

Readers

error-expected-key-type (generic function)

Slot: found
Initargs

:found

Readers

error-found-key-type (generic function)

Condition: unsupported-key-error ()

Signaled when attempting to perform an operation on keys that are not supported

Package

cl-ssh-keys

Source

conditions.lisp (file)

Direct superclasses

base-error (condition)


Previous: , Up: Exported definitions   [Contents][Index]

6.1.7 Classes

Class: base-ecdsa-nistp-key ()

Base class for representing an OpenSSH ECDSA key

Package

cl-ssh-keys

Source

package.lisp (file)

Direct superclasses

base-key (class)

Direct subclasses
Direct methods

ecdsa-curve-identifier (method)

Direct slots
Slot: identifier

Identifier of the elliptic curve domain parameters

Initargs

:identifier

Initform

(error "must specify curve identifier")

Readers

ecdsa-curve-identifier (generic function)

Class: base-ecdsa-nistp-private-key ()

Base class for representing an OpenSSH ECDSA private key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Direct superclasses
Direct subclasses
Class: base-ecdsa-nistp-public-key ()

Base class for representing an OpenSSH ECDSA public key

Package

cl-ssh-keys

Source

public-key.lisp (file)

Direct superclasses
Direct subclasses
Class: base-key ()

Base class for representing an OpenSSH key

Package

cl-ssh-keys

Source

package.lisp (file)

Direct superclasses

standard-object (class)

Direct subclasses
Direct methods
Direct slots
Slot: kind

SSH key kind

Initargs

:kind

Initform

(error "must specify key kind")

Readers

key-kind (generic function)

Slot: comment

Comment associated with the key

Initargs

:comment

Readers

key-comment (generic function)

Writers

(setf key-comment) (generic function)

Class: base-private-key ()

Base class for representing an OpenSSH private key

Package

cl-ssh-keys

Source

private-key.lisp (file)

Direct superclasses

base-key (class)

Direct subclasses
Direct methods
Direct slots
Slot: public-key

Public key embedded in the private key

Initargs

:public-key

Initform

(error "must specify public key")

Readers

embedded-public-key (generic function)

Slot: cipher-name

Private key cipher name

Initargs

:cipher-name

Initform

(error "must specify cipher name")

Readers

key-cipher-name (generic function)

Writers

(setf key-cipher-name) (generic function)

Slot: kdf-name

Private key KDF name

Initargs

:kdf-name

Initform

(error "must specify kdf name")

Readers

key-kdf-name (generic function)

Writers

(setf key-kdf-name) (generic function)

Slot: kdf-salt

Salt used by the KDF function

Initargs

:kdf-salt

Initform

(ironclad:random-data cl-ssh-keys:+kdf-salt-size+)

Readers

key-kdf-salt (generic function)

Slot: kdf-rounds

Number of iterations used to derive the key

Initargs

:kdf-rounds

Initform

cl-ssh-keys:*default-kdf-rounds*

Readers

key-kdf-rounds (generic function)

Writers

(setf key-kdf-rounds) (generic function)

Slot: checksum-int

Checksum integer for private keys

Initargs

:checksum-int

Initform

(error "must specify checksum integer")

Readers

key-checksum-int (generic function)

Slot: passphrase

Passphrase used to encrypt the private key

Initargs

:passphrase

Readers

key-passphrase (generic function)

Writers

(setf key-passphrase) (generic function)

Class: base-public-key ()

Base class for representing an OpenSSH public key

Package

cl-ssh-keys

Source

public-key.lisp (file)

Direct superclasses

base-key (class)

Direct subclasses
Direct methods
Class: dsa-private-key ()

Represents an OpenSSH DSA private key

Package

cl-ssh-keys

Source

dsa.lisp (file)

Direct superclasses
Direct methods
Class: dsa-public-key ()

Represents an OpenSSH DSA public key

Package

cl-ssh-keys

Source

dsa.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp256-private-key ()

Represents an OpenSSH ECDSA NIST P-256 private key

Package

cl-ssh-keys

Source

ecdsa-nistp256.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp256-public-key ()

Represents an OpenSSH ECDSA NIST P-256 public key

Package

cl-ssh-keys

Source

ecdsa-nistp256.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp384-private-key ()

Represents an OpenSSH ECDSA NIST P-384 private key

Package

cl-ssh-keys

Source

ecdsa-nistp384.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp384-public-key ()

Represents an OpenSSH ECDSA NIST P-384 public key

Package

cl-ssh-keys

Source

ecdsa-nistp384.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp521-private-key ()

Represents an OpenSSH ECDSA NIST P-521 private key

Package

cl-ssh-keys

Source

ecdsa-nistp521.lisp (file)

Direct superclasses
Direct methods
Class: ecdsa-nistp521-public-key ()

Represents an OpenSSH ECDSA NIST P-521 public key

Package

cl-ssh-keys

Source

ecdsa-nistp521.lisp (file)

Direct superclasses
Direct methods
Class: ed25519-private-key ()

Represents an OpenSSH Ed25519 private key

Package

cl-ssh-keys

Source

ed25519.lisp (file)

Direct superclasses
Direct methods
Class: ed25519-public-key ()

Represents an OpenSSH Ed25519 public key

Package

cl-ssh-keys

Source

ed25519.lisp (file)

Direct superclasses
Direct methods
Class: rsa-private-key ()

Represents an OpenSSH RSA private key

Package

cl-ssh-keys

Source

rsa.lisp (file)

Direct superclasses
Direct methods
Class: rsa-public-key ()

Represents an OpenSSH RSA public key

Package

cl-ssh-keys

Source

rsa.lisp (file)

Direct superclasses
Direct methods

Previous: , Up: Definitions   [Contents][Index]

6.2 Internal definitions


Next: , Previous: , Up: Internal definitions   [Contents][Index]

6.2.1 Constants

Constant: +ed25519-public-key-bytes+

Number of bytes for an Ed25519 public key

Package

cl-ssh-keys

Source

ed25519.lisp (file)

Constant: +ed25519-secret-key-bytes+

Number of bytes for an Ed25519 secret key

Package

cl-ssh-keys

Source

ed25519.lisp (file)


Next: , Previous: , Up: Internal definitions   [Contents][Index]

6.2.2 Special variables

Special Variable: *supported-kdf-names*

Known and supported KDF names

Package

cl-ssh-keys

Source

private-key.lisp (file)


Next: , Previous: , Up: Internal definitions   [Contents][Index]

6.2.3 Functions

Function: decrypt-private-key ENCRYPTED CIPHER-NAME PASSPHRASE SALT ROUNDS
Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: encrypt-private-key TEXT CIPHER-NAME PASSPHRASE SALT ROUNDS
Package

cl-ssh-keys

Source

private-key.lisp (file)

Function: get-cipher-for-encryption/decryption CIPHER-NAME PASSPHRASE SALT ROUNDS

Returns a cipher that can be used for encryption/decryption of a private key

Package

cl-ssh-keys

Source

ciphers.lisp (file)


Next: , Previous: , Up: Internal definitions   [Contents][Index]

6.2.4 Generic functions

Generic Function: error-description CONDITION
Package

cl-ssh-keys

Methods
Method: error-description (CONDITION base-error)
Source

conditions.lisp (file)

Generic Function: error-expected-key-type CONDITION
Package

cl-ssh-keys

Methods
Method: error-expected-key-type (CONDITION key-type-mismatch-error)
Source

conditions.lisp (file)

Generic Function: error-found-key-type CONDITION
Package

cl-ssh-keys

Methods
Method: error-found-key-type (CONDITION key-type-mismatch-error)
Source

conditions.lisp (file)


Previous: , Up: Internal definitions   [Contents][Index]

6.2.5 Conditions

Condition: base-error ()

Base error condition

Package

cl-ssh-keys

Source

conditions.lisp (file)

Direct superclasses

simple-error (condition)

Direct subclasses
Direct methods

error-description (method)

Direct slots
Slot: description
Initargs

:description

Readers

error-description (generic function)

Condition: invalid-key-error ()

Signaled when a key is detected as invalid

Package

cl-ssh-keys

Source

conditions.lisp (file)

Direct superclasses

base-error (condition)


Previous: , Up: Top   [Contents][Index]

Appendix A Indexes


Next: , Previous: , Up: Indexes   [Contents][Index]

A.1 Concepts

Jump to:   C   F   L   M  
Index Entry  Section

C
cl-ssh-keys.asd: The cl-ssh-keys․asd file
cl-ssh-keys/core: The cl-ssh-keys/core module
cl-ssh-keys/core/ciphers.lisp: The cl-ssh-keys/core/ciphers․lisp file
cl-ssh-keys/core/conditions.lisp: The cl-ssh-keys/core/conditions․lisp file
cl-ssh-keys/core/generics.lisp: The cl-ssh-keys/core/generics․lisp file
cl-ssh-keys/core/key-types.lisp: The cl-ssh-keys/core/key-types․lisp file
cl-ssh-keys/core/package.lisp: The cl-ssh-keys/core/package․lisp file
cl-ssh-keys/core/private-key.lisp: The cl-ssh-keys/core/private-key․lisp file
cl-ssh-keys/core/public-key.lisp: The cl-ssh-keys/core/public-key․lisp file
cl-ssh-keys/keys: The cl-ssh-keys/keys module
cl-ssh-keys/keys/dsa.lisp: The cl-ssh-keys/keys/dsa․lisp file
cl-ssh-keys/keys/ecdsa-nistp256.lisp: The cl-ssh-keys/keys/ecdsa-nistp256․lisp file
cl-ssh-keys/keys/ecdsa-nistp384.lisp: The cl-ssh-keys/keys/ecdsa-nistp384․lisp file
cl-ssh-keys/keys/ecdsa-nistp521.lisp: The cl-ssh-keys/keys/ecdsa-nistp521․lisp file
cl-ssh-keys/keys/ed25519.lisp: The cl-ssh-keys/keys/ed25519․lisp file
cl-ssh-keys/keys/rsa.lisp: The cl-ssh-keys/keys/rsa․lisp file

F
File, Lisp, cl-ssh-keys.asd: The cl-ssh-keys․asd file
File, Lisp, cl-ssh-keys/core/ciphers.lisp: The cl-ssh-keys/core/ciphers․lisp file
File, Lisp, cl-ssh-keys/core/conditions.lisp: The cl-ssh-keys/core/conditions․lisp file
File, Lisp, cl-ssh-keys/core/generics.lisp: The cl-ssh-keys/core/generics․lisp file
File, Lisp, cl-ssh-keys/core/key-types.lisp: The cl-ssh-keys/core/key-types․lisp file
File, Lisp, cl-ssh-keys/core/package.lisp: The cl-ssh-keys/core/package․lisp file
File, Lisp, cl-ssh-keys/core/private-key.lisp: The cl-ssh-keys/core/private-key․lisp file
File, Lisp, cl-ssh-keys/core/public-key.lisp: The cl-ssh-keys/core/public-key․lisp file
File, Lisp, cl-ssh-keys/keys/dsa.lisp: The cl-ssh-keys/keys/dsa․lisp file
File, Lisp, cl-ssh-keys/keys/ecdsa-nistp256.lisp: The cl-ssh-keys/keys/ecdsa-nistp256․lisp file
File, Lisp, cl-ssh-keys/keys/ecdsa-nistp384.lisp: The cl-ssh-keys/keys/ecdsa-nistp384․lisp file
File, Lisp, cl-ssh-keys/keys/ecdsa-nistp521.lisp: The cl-ssh-keys/keys/ecdsa-nistp521․lisp file
File, Lisp, cl-ssh-keys/keys/ed25519.lisp: The cl-ssh-keys/keys/ed25519․lisp file
File, Lisp, cl-ssh-keys/keys/rsa.lisp: The cl-ssh-keys/keys/rsa․lisp file

L
Lisp File, cl-ssh-keys.asd: The cl-ssh-keys․asd file
Lisp File, cl-ssh-keys/core/ciphers.lisp: The cl-ssh-keys/core/ciphers․lisp file
Lisp File, cl-ssh-keys/core/conditions.lisp: The cl-ssh-keys/core/conditions․lisp file
Lisp File, cl-ssh-keys/core/generics.lisp: The cl-ssh-keys/core/generics․lisp file
Lisp File, cl-ssh-keys/core/key-types.lisp: The cl-ssh-keys/core/key-types․lisp file
Lisp File, cl-ssh-keys/core/package.lisp: The cl-ssh-keys/core/package․lisp file
Lisp File, cl-ssh-keys/core/private-key.lisp: The cl-ssh-keys/core/private-key․lisp file
Lisp File, cl-ssh-keys/core/public-key.lisp: The cl-ssh-keys/core/public-key․lisp file
Lisp File, cl-ssh-keys/keys/dsa.lisp: The cl-ssh-keys/keys/dsa․lisp file
Lisp File, cl-ssh-keys/keys/ecdsa-nistp256.lisp: The cl-ssh-keys/keys/ecdsa-nistp256․lisp file
Lisp File, cl-ssh-keys/keys/ecdsa-nistp384.lisp: The cl-ssh-keys/keys/ecdsa-nistp384․lisp file
Lisp File, cl-ssh-keys/keys/ecdsa-nistp521.lisp: The cl-ssh-keys/keys/ecdsa-nistp521․lisp file
Lisp File, cl-ssh-keys/keys/ed25519.lisp: The cl-ssh-keys/keys/ed25519․lisp file
Lisp File, cl-ssh-keys/keys/rsa.lisp: The cl-ssh-keys/keys/rsa․lisp file

M
Module, cl-ssh-keys/core: The cl-ssh-keys/core module
Module, cl-ssh-keys/keys: The cl-ssh-keys/keys module

Jump to:   C   F   L   M  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.2 Functions

Jump to:   (  
D   E   F   G   K   M   P   W  
Index Entry  Section

(
(setf key-cipher-name): Exported generic functions
(setf key-cipher-name): Exported generic functions
(setf key-cipher-name): Exported generic functions
(setf key-comment): Exported generic functions
(setf key-comment): Exported generic functions
(setf key-kdf-name): Exported generic functions
(setf key-kdf-name): Exported generic functions
(setf key-kdf-name): Exported generic functions
(setf key-kdf-rounds): Exported generic functions
(setf key-kdf-rounds): Exported generic functions
(setf key-passphrase): Exported generic functions
(setf key-passphrase): Exported generic functions
(setf key-passphrase): Exported generic functions

D
decrypt-private-key: Internal functions

E
ecdsa-curve-identifier: Exported generic functions
ecdsa-curve-identifier: Exported generic functions
embedded-public-key: Exported generic functions
embedded-public-key: Exported generic functions
encrypt-private-key: Internal functions
error-description: Internal generic functions
error-description: Internal generic functions
error-expected-key-type: Internal generic functions
error-expected-key-type: Internal generic functions
error-found-key-type: Internal generic functions
error-found-key-type: Internal generic functions
extract-private-key: Exported functions
extract-private-key-from-file: Exported functions

F
fingerprint: Exported generic functions
fingerprint: Exported generic functions
fingerprint: Exported generic functions
fingerprint: Exported generic functions
fingerprint: Exported generic functions
fingerprint: Exported generic functions
fingerprint: Exported generic functions
Function, decrypt-private-key: Internal functions
Function, encrypt-private-key: Internal functions
Function, extract-private-key: Exported functions
Function, extract-private-key-from-file: Exported functions
Function, get-all-cipher-names: Exported functions
Function, get-cipher-by-name: Exported functions
Function, get-cipher-by-name-or-lose: Exported functions
Function, get-cipher-for-encryption/decryption: Internal functions
Function, get-key-type: Exported functions
Function, get-key-type-or-lose: Exported functions
Function, parse-private-key: Exported functions
Function, parse-private-key-file: Exported functions
Function, parse-public-key: Exported functions
Function, parse-public-key-file: Exported functions
Function, private-key-padding-is-correct-p: Exported functions
Function, write-key-to-path: Exported functions

G
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
generate-key-pair: Exported generic functions
Generic Function, (setf key-cipher-name): Exported generic functions
Generic Function, (setf key-comment): Exported generic functions
Generic Function, (setf key-kdf-name): Exported generic functions
Generic Function, (setf key-kdf-rounds): Exported generic functions
Generic Function, (setf key-passphrase): Exported generic functions
Generic Function, ecdsa-curve-identifier: Exported generic functions
Generic Function, embedded-public-key: Exported generic functions
Generic Function, error-description: Internal generic functions
Generic Function, error-expected-key-type: Internal generic functions
Generic Function, error-found-key-type: Internal generic functions
Generic Function, fingerprint: Exported generic functions
Generic Function, generate-key-pair: Exported generic functions
Generic Function, key-bits: Exported generic functions
Generic Function, key-checksum-int: Exported generic functions
Generic Function, key-cipher-name: Exported generic functions
Generic Function, key-comment: Exported generic functions
Generic Function, key-kdf-name: Exported generic functions
Generic Function, key-kdf-rounds: Exported generic functions
Generic Function, key-kdf-salt: Exported generic functions
Generic Function, key-kind: Exported generic functions
Generic Function, key-passphrase: Exported generic functions
Generic Function, write-key: Exported generic functions
get-all-cipher-names: Exported functions
get-cipher-by-name: Exported functions
get-cipher-by-name-or-lose: Exported functions
get-cipher-for-encryption/decryption: Internal functions
get-key-type: Exported functions
get-key-type-or-lose: Exported functions

K
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-bits: Exported generic functions
key-checksum-int: Exported generic functions
key-checksum-int: Exported generic functions
key-cipher-name: Exported generic functions
key-cipher-name: Exported generic functions
key-comment: Exported generic functions
key-comment: Exported generic functions
key-kdf-name: Exported generic functions
key-kdf-name: Exported generic functions
key-kdf-rounds: Exported generic functions
key-kdf-rounds: Exported generic functions
key-kdf-salt: Exported generic functions
key-kdf-salt: Exported generic functions
key-kind: Exported generic functions
key-kind: Exported generic functions
key-passphrase: Exported generic functions
key-passphrase: Exported generic functions

M
Macro, with-private-key: Exported macros
Macro, with-private-key-file: Exported macros
Macro, with-public-key: Exported macros
Macro, with-public-key-file: Exported macros
Method, (setf key-cipher-name): Exported generic functions
Method, (setf key-cipher-name): Exported generic functions
Method, (setf key-comment): Exported generic functions
Method, (setf key-kdf-name): Exported generic functions
Method, (setf key-kdf-name): Exported generic functions
Method, (setf key-kdf-rounds): Exported generic functions
Method, (setf key-passphrase): Exported generic functions
Method, (setf key-passphrase): Exported generic functions
Method, ecdsa-curve-identifier: Exported generic functions
Method, embedded-public-key: Exported generic functions
Method, error-description: Internal generic functions
Method, error-expected-key-type: Internal generic functions
Method, error-found-key-type: Internal generic functions
Method, fingerprint: Exported generic functions
Method, fingerprint: Exported generic functions
Method, fingerprint: Exported generic functions
Method, fingerprint: Exported generic functions
Method, fingerprint: Exported generic functions
Method, fingerprint: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, generate-key-pair: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-bits: Exported generic functions
Method, key-checksum-int: Exported generic functions
Method, key-cipher-name: Exported generic functions
Method, key-comment: Exported generic functions
Method, key-kdf-name: Exported generic functions
Method, key-kdf-rounds: Exported generic functions
Method, key-kdf-salt: Exported generic functions
Method, key-kind: Exported generic functions
Method, key-passphrase: Exported generic functions
Method, write-key: Exported generic functions
Method, write-key: Exported generic functions

P
parse-private-key: Exported functions
parse-private-key-file: Exported functions
parse-public-key: Exported functions
parse-public-key-file: Exported functions
private-key-padding-is-correct-p: Exported functions

W
with-private-key: Exported macros
with-private-key-file: Exported macros
with-public-key: Exported macros
with-public-key-file: Exported macros
write-key: Exported generic functions
write-key: Exported generic functions
write-key: Exported generic functions
write-key-to-path: Exported functions

Jump to:   (  
D   E   F   G   K   M   P   W  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.3 Variables

Jump to:   *   +  
C   D   E   F   I   K   P   S  
Index Entry  Section

*
*ciphers*: Exported special variables
*default-cipher-name*: Exported special variables
*default-kdf-rounds*: Exported special variables
*key-types*: Exported special variables
*supported-kdf-names*: Internal special variables

+
+ed25519-public-key-bytes+: Internal constants
+ed25519-secret-key-bytes+: Internal constants
+kdf-salt-size+: Exported constants
+nistp256-identifier+: Exported constants
+nistp384-identifier+: Exported constants
+nistp521-identifier+: Exported constants
+private-key-auth-magic+: Exported constants
+private-key-mark-begin+: Exported constants
+private-key-mark-end+: Exported constants

C
checksum-int: Exported classes
cipher-name: Exported classes
comment: Exported classes
Constant, +ed25519-public-key-bytes+: Internal constants
Constant, +ed25519-secret-key-bytes+: Internal constants
Constant, +kdf-salt-size+: Exported constants
Constant, +nistp256-identifier+: Exported constants
Constant, +nistp384-identifier+: Exported constants
Constant, +nistp521-identifier+: Exported constants
Constant, +private-key-auth-magic+: Exported constants
Constant, +private-key-mark-begin+: Exported constants
Constant, +private-key-mark-end+: Exported constants

D
description: Internal conditions

E
expected: Exported conditions

F
found: Exported conditions

I
identifier: Exported classes

K
kdf-name: Exported classes
kdf-rounds: Exported classes
kdf-salt: Exported classes
kind: Exported classes

P
passphrase: Exported classes
public-key: Exported classes

S
Slot, checksum-int: Exported classes
Slot, cipher-name: Exported classes
Slot, comment: Exported classes
Slot, description: Internal conditions
Slot, expected: Exported conditions
Slot, found: Exported conditions
Slot, identifier: Exported classes
Slot, kdf-name: Exported classes
Slot, kdf-rounds: Exported classes
Slot, kdf-salt: Exported classes
Slot, kind: Exported classes
Slot, passphrase: Exported classes
Slot, public-key: Exported classes
Special Variable, *ciphers*: Exported special variables
Special Variable, *default-cipher-name*: Exported special variables
Special Variable, *default-kdf-rounds*: Exported special variables
Special Variable, *key-types*: Exported special variables
Special Variable, *supported-kdf-names*: Internal special variables

Jump to:   *   +  
C   D   E   F   I   K   P   S  

Previous: , Up: Indexes   [Contents][Index]

A.4 Data types

Jump to:   B   C   D   E   I   K   P   R   S   U  
Index Entry  Section

B
base-ecdsa-nistp-key: Exported classes
base-ecdsa-nistp-private-key: Exported classes
base-ecdsa-nistp-public-key: Exported classes
base-error: Internal conditions
base-key: Exported classes
base-private-key: Exported classes
base-public-key: Exported classes

C
cl-ssh-keys: The cl-ssh-keys system
cl-ssh-keys: The cl-ssh-keys package
cl-ssh-keys-system: The cl-ssh-keys-system package
Class, base-ecdsa-nistp-key: Exported classes
Class, base-ecdsa-nistp-private-key: Exported classes
Class, base-ecdsa-nistp-public-key: Exported classes
Class, base-key: Exported classes
Class, base-private-key: Exported classes
Class, base-public-key: Exported classes
Class, dsa-private-key: Exported classes
Class, dsa-public-key: Exported classes
Class, ecdsa-nistp256-private-key: Exported classes
Class, ecdsa-nistp256-public-key: Exported classes
Class, ecdsa-nistp384-private-key: Exported classes
Class, ecdsa-nistp384-public-key: Exported classes
Class, ecdsa-nistp521-private-key: Exported classes
Class, ecdsa-nistp521-public-key: Exported classes
Class, ed25519-private-key: Exported classes
Class, ed25519-public-key: Exported classes
Class, rsa-private-key: Exported classes
Class, rsa-public-key: Exported classes
Condition, base-error: Internal conditions
Condition, invalid-key-error: Internal conditions
Condition, key-type-mismatch-error: Exported conditions
Condition, unsupported-key-error: Exported conditions

D
dsa-private-key: Exported classes
dsa-public-key: Exported classes

E
ecdsa-nistp256-private-key: Exported classes
ecdsa-nistp256-public-key: Exported classes
ecdsa-nistp384-private-key: Exported classes
ecdsa-nistp384-public-key: Exported classes
ecdsa-nistp521-private-key: Exported classes
ecdsa-nistp521-public-key: Exported classes
ed25519-private-key: Exported classes
ed25519-public-key: Exported classes

I
invalid-key-error: Internal conditions

K
key-type-mismatch-error: Exported conditions

P
Package, cl-ssh-keys: The cl-ssh-keys package
Package, cl-ssh-keys-system: The cl-ssh-keys-system package

R
rsa-private-key: Exported classes
rsa-public-key: Exported classes

S
System, cl-ssh-keys: The cl-ssh-keys system

U
unsupported-key-error: Exported conditions

Jump to:   B   C   D   E   I   K   P   R   S   U