package knownhosts

Import Path
	golang.org/x/crypto/ssh/knownhosts (on go.dev)

Dependency Relation
	imports 13 packages, and imported by one package

Involved Source Files

	   d➜ knownhosts.go
		Package knownhosts implements a parser for the OpenSSH known_hosts
		host key database, and provides utility functions for writing
		OpenSSH compliant known_hosts files.
Package-Level Type Names (total 10, in which 3 are exported)

	/* sort exporteds by: alphabet | popularity */
	 type KeyError (struct)
		KeyError is returned if we did not find the key in the host key
		database, or there was a mismatch.  Typically, in batch
		applications, this should be interpreted as failure. Interactive
		applications can offer an interactive prompt to the user.

		Fields (only one, which is exported)
			Want []KnownKey
				Want holds the accepted host keys. For each key algorithm,
				there can be one hostkey.  If Want is empty, the host is
				unknown. If Want is non-empty, there was a mismatch, which
				can signify a MITM attack.

		Methods (only one, which is exported)
			(*T) Error() string
		Implements (at least one exported)
			*T : error

	 type KnownKey (struct)
		KnownKey represents a key declared in a known_hosts file.

		Fields (total 3, all are exported)
			Filename string
			Key ssh.PublicKey
			Line int
		Methods (only one, which is exported)
			(*T) String() string
		Implements (at least 4, in which 2 are exported)
			*T : expvar.Var
			*T : fmt.Stringer
			/* 2+ unexporteds ... *//* 2+ unexporteds: */
			*T : context.stringer
			*T : runtime.stringer

	 type RevokedError (struct)
		RevokedError is returned if we found a key that was revoked.

		Fields (only one, which is exported)
			Revoked KnownKey
		Methods (only one, which is exported)
			(*T) Error() string
		Implements (at least one exported)
			*T : error

	/* 7 unexporteds ... *//* 7 unexporteds: */
	 type addr (struct)

		Fields (total 2, neither is exported)
			/* 2 unexporteds ... *//* 2 unexporteds: */
			host string
			port string
		Methods (only one, which is exported)
			(*T) String() string
		Implements (at least 4, in which 2 are exported)
			*T : expvar.Var
			*T : fmt.Stringer
			/* 2+ unexporteds ... *//* 2+ unexporteds: */
			*T : context.stringer
			*T : runtime.stringer

	 type hashedHost (struct)

		Fields (total 2, neither is exported)
			/* 2 unexporteds ... *//* 2 unexporteds: */
			hash []byte
			salt []byte
		Methods (only one, which is unexported)
			/* one unexported ... *//* one unexported: */
			(*T) match(a addr) bool
		Implements (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			*T : matcher
		As Outputs Of (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			func newHashedHost(encoded string) (*hashedHost, error)

	 type hostKeyDB (struct)

		Fields (total 2, neither is exported)
			/* 2 unexporteds ... *//* 2 unexporteds: */
			lines []keyDBLine
			revoked map[string]*KnownKey
				Serialized version of revoked keys

		Methods (total 6, in which 3 are exported)
			(*T) IsHostAuthority(remote ssh.PublicKey, address string) bool
				IsAuthorityForHost can be used as a callback in ssh.CertChecker

			(*T) IsRevoked(key *ssh.Certificate) bool
				IsRevoked can be used as a callback in ssh.CertChecker

			(*T) Read(r io.Reader, filename string) error
				The Read function parses file contents.

			/* 3 unexporteds ... *//* 3 unexporteds: */
			(*T) check(address string, remote net.Addr, remoteKey ssh.PublicKey) error
				check checks a key against the host database. This should not be
				used for verifying certificates.

			(*T) checkAddr(a addr, remoteKey ssh.PublicKey) error
				checkAddr checks if we can find the given public key for the
				given address.  If we only find an entry for the IP address,
				or only the hostname, then this still succeeds.

			(*T) parseLine(line []byte, filename string, linenum int) error
		As Outputs Of (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			func newHostKeyDB() *hostKeyDB

	 type hostPattern (struct)

		Fields (total 2, neither is exported)
			/* 2 unexporteds ... *//* 2 unexporteds: */
			addr addr
			negate bool
		Methods (total 2, in which 1 are exported)
			(*T) String() string
			/* one unexported ... *//* one unexported: */
			(*T) match(a addr) bool
		Implements (at least 5, in which 2 are exported)
			*T : expvar.Var
			*T : fmt.Stringer
			/* 3+ unexporteds ... *//* 3+ unexporteds: */
			*T : matcher
			*T : context.stringer
			*T : runtime.stringer

	 type hostPatterns ([]T)

		Methods (only one, which is unexported)
			/* one unexported ... *//* one unexported: */
			( T) match(a addr) bool
		Implements (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			 T : matcher

	 type keyDBLine (struct)

		Fields (total 3, none are exported)
			/* 3 unexporteds ... *//* 3 unexporteds: */
			cert bool
			knownKey KnownKey
			matcher matcher
		Methods (only one, which is unexported)
			/* one unexported ... *//* one unexported: */
			(*T) match(a addr) bool
		Implements (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			*T : matcher

	 type matcher (interface)

		Methods (only one, which is unexported)
			/* one unexported ... *//* one unexported: */
			( T) match(addr) bool
		Implemented By (at least 4, none are exported)
			/* 4+ unexporteds ... *//* 4+ unexporteds: */
			*hashedHost
			*hostPattern
			 hostPatterns
			*keyDBLine
		As Outputs Of (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			func newHostnameMatcher(pattern string) (matcher, error)


Package-Level Functions (total 15, in which 4 are exported)

	 func HashHostname(hostname string) string
		HashHostname hashes the given hostname. The hostname is not
		normalized before hashing.

	 func Line(addresses []string, key ssh.PublicKey) string
		Line returns a line to add append to the known_hosts files.

	 func New(files ...string) (ssh.HostKeyCallback, error)
		New creates a host key callback from the given OpenSSH host key
		files. The returned callback is for use in
		ssh.ClientConfig.HostKeyCallback. By preference, the key check
		operates on the hostname if available, i.e. if a server changes its
		IP address, the host key check will still succeed, even though a
		record of the new IP address is not available.

	 func Normalize(address string) string
		Normalize normalizes an address into the form used in known_hosts

	/* 11 unexporteds ... *//* 11 unexporteds: */
	 func decodeHash(encoded string) (hashType string, salt, hash []byte, err error)
	 func encodeHash(typ string, salt []byte, hash []byte) string
	 func hashHost(hostname string, salt []byte) []byte
		See https://android.googlesource.com/platform/external/openssh/+/ab28f5495c85297e7a597c1ba62e996416da7c7e/hostfile.c#120

	 func keyEq(a, b ssh.PublicKey) bool
	 func newHashedHost(encoded string) (*hashedHost, error)
	 func newHostKeyDB() *hostKeyDB
	 func newHostnameMatcher(pattern string) (matcher, error)
	 func nextWord(line []byte) (string, []byte)
	 func parseLine(line []byte) (marker, host string, key ssh.PublicKey, err error)
	 func serialize(k ssh.PublicKey) string
	 func wildcardMatch(pat []byte, str []byte) bool
		See
		https://android.googlesource.com/platform/external/openssh/+/ab28f5495c85297e7a597c1ba62e996416da7c7e/addrmatch.c
		The matching of * has no regard for separators, unlike filesystem globs


Package-Level Constants (total 3, none are exported)

	/* 3 unexporteds ... *//* 3 unexporteds: */
	const markerCert = "@cert-authority"
	const markerRevoked = "@revoked"
	const sha1HashType = "1"

The pages are generated with Golds v0.3.2-preview. (GOOS=darwin GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds.