—

              
###########################################
package Net::SSH::AuthorizedKey;
###########################################
use strict;
use warnings;
use Log::Log4perl qw(:easy);
use Net::SSH::AuthorizedKey::SSH1;
use Net::SSH::AuthorizedKey::SSH2;
###########################################
sub parse {
###########################################
    my($class, $string) = @_;
    my @subclasses = qw(
        Net::SSH::AuthorizedKey::SSH1
        Net::SSH::AuthorizedKey::SSH2
    );
    for my $subclass ( @subclasses ) {
        DEBUG "Parsing with $subclass: $string";
        my $pk = $subclass->parse( $string );
        if($pk) {
            DEBUG "Successfully parsed $subclass key";
            return $pk;
        }
    }
    return undef;
}
1;
__END__
HideShow 162 lines of Pod
=head1 NAME
Net::SSH::AuthorizedKey - Virtual Base Class for SSH Public Keys
=head1 SYNOPSIS
    use Net::SSH::AuthorizedKey;
      # Either parse a string (without leading whitespace or comments):
    my $key = Net::SSH::AuthorizedKey->parse( $line );
    if(defined $key) {
          # ssh-1 or ssh-2
        print "Key parsed, type is ", $key->type(), "\n";
    } else {
        die "Cannot parse key '$line'";
    }
      # ... or create an object yourself:
    my $pubkey = Net::SSH::AuthorizedKey->new(
        options  => { from                  => 'foo@bar.com', 
                      "no-agent-forwarding" => 1 },
        key      => "123....890",
        keylen   => 1024,
        exponent => 35,
        type     => "ssh-1",
    );
=head1 DESCRIPTION
Net::SSH::AuthorizedKey is a virtual base class for ssh public keys. 
Real implementations of it are Net::SSH::AuthorizedKey::SSH1 and
Net::SSH::AuthorizedKey::SSH2.
The only way to using it directly is by calling its parse() method, and passing
it an authorized_keys string (aka a line from an authorized_keys file). If it
recognizes either a ssh-1 or a ssh-2 type key, it will return a
Net::SSH::AuthorizedKey::SSH1 or a Net::SSH::AuthorizedKey::SSH2 object, both
of which support the accessor methods defined in the FIELDS section below.
The as_string() method will cobble the (perhaps modified) fields together
and return them as a string suitable as a line for an authorized_keys file.
=head2 METHODS
=over 4
=item C<parse( $line )>
Reads in a single text line containing a ssh-1 or ssh-2 key.
Returns a Net::SSH::AuthorizedKey::SSH1 or a Net::SSH::AuthorizedKey::SSH2
object, or C<undef> in case of an error.
=item C<fingerprint()>
Returns a MD5 hex hash of the parsed key. The hash is unique for functionally 
identical keys. Fields not contributing to the key's functional uniqueness
are ignored.
=item C<error()>
Returns the last parsing error encountered as a text string.
=item C<as_string( )>
Return the object as a string suitable as a autorized_keys line.
=back
=head2 FIELDS
All of the following fields are available via accessors:
=over 4
=item C<type>
Type of ssh key, usually C<"ssh-1"> or C<"ssh-2">.
=item C<key>
Public key, either a long number (ssh-1) or a line of alphanumeric
characters (ssh-2).
=item C<keylen>
Length of the key in bit (e.g. 1024).
=item C<exponent>
Two-digit number in front of the key in ssh-1 authorized_keys lines.
=item C<options>
Returns a reference to a hash with options key/value pairs, listed in 
front of the key.
=back
=head2 IMPLEMENTATION REFERENCE
The key parsers implemented in this distribution are implemented similarily
as the authorized_keys file parser in the openssh source distribution.
Openssh contains the authorized_keys parser
in its auth2_pubkey.c file. The user_key_allowed2() function opens
the file and reads it line by line, ignoring leading whitespace, empty
and comment lines.
After that, if a line doesn't contain a plain key, the parser skips ahead until
the first whitespace (zooming through quoted areas "..." and interpreting '\"'
as an escaped quote), then skips this whitespace and tries to read a key one
more time. 
Regarding options, the Perl parser isn't as elaborate with semantic 
peculiarities as openssh's auth_parse_options(), but this might be
added in the future.
=head1 NOTES FOR SUBCLASS DEVELOPERS
If you're just using Net::SSH::AuthorizedKey to parse keys, the
following section doesn't concern you. It's only relevant if you add 
new subclasses to this package, on top of what's already provided.
Net::SSH::AuthorizedKey is a (semi-)virtual base class that implements 
options handling for its SSH1 and SSH2 subclasses.
SSH key lines can contain options that carry values (like command="ls") and
binary options that are either set or unset (like "no_agent_forwarding"). To
distinguish the two, and to provide a set of allowed option names, the subclass
has to implement the method option_type(), which takes an option name, and
returns
=over 4
=item *
undef if the option is not supported
=item *
"s" if the option is a "string" option that carries a value
=item *
1 if the option is a binary option
=back
The subclasses Net::SSH::AuthorizedKey::SSH1 and Net::SSH::AuthorizedKey::SSH2
are doing this already.
=head1 LEGALESE
Copyright 2005-2009 by Mike Schilli, all rights reserved.
This program is free software, you can redistribute it and/or
modify it under the same terms as Perl itself.
=head1 AUTHOR
2005, Mike Schilli <m@perlmeister.com>