read_key: Parsing keys and certificates

Description

The read_key function (private keys) and read_pubkey (public keys) support both SSH pubkey format and OpenSSL PEM format (base64 data with a --BEGIN and ---END header), and automatically convert where necessary. The functions assume a single key per file except for read_cert_bundle which supports PEM files with multiple certificates.

Usage

read_key(file, password = askpass, der = is.raw(file))
read_pubkey(file, der = is.raw(file))
read_cert(file, der = is.raw(file))
read_cert_bundle(file)
read_pem(file)

Arguments

file

Either a path to a file, a connection, or literal data (a string for pem/ssh format, or a raw vector in der format)

password

A string or callback function to read protected keys

der

set to TRUE if file is in binary DER format

Value

An object of class cert, key or pubkey which holds the data in binary DER format and can be decomposed using as.list.

Details

Most versions of OpenSSL support at least RSA, DSA and ECDSA keys. Certificates must conform to the X509 standard.

The password argument is needed when reading keys that are protected with a passphrase. It can either be a string containing the passphrase, or a custom callback function that will be called by OpenSSL to read the passphrase. The function should take one argument (a string with a message) and return a string. The default is to use readline which will prompt the user in an interactive R session.

Examples

Run this code

# NOT RUN {
# Read private key
key <- read_key("~/.ssh/id_rsa")
str(key)

# Read public key
pubkey <- read_pubkey("~/.ssh/id_rsa.pub")
str(pubkey)

# Read certificates
txt <- readLines("https://curl.haxx.se/ca/cacert.pem")
bundle <- read_cert_bundle(txt)
print(bundle)
# }