Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_valid_key_not_encrypted():
ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY_NOT_ENCRYPTED)
assert SSHPublicKeyType.RSA == ca.public_key_type
assert 65537 == ca.e
def __init__(self, ssh_public_key):
"""
Extracts the useful ED25519 Public Key information from an SSH Public Key file.
:param ssh_public_key: SSH Public Key file contents. (i.e. 'ssh-ed25519 AAAAB3NzaC1yc2E..').
"""
super(ED25519PublicKey, self).__init__()
self.type = SSHPublicKeyType.ED25519
split_ssh_public_key = ssh_public_key.split(' ')
split_key_len = len(split_ssh_public_key)
# is there a key comment at the end?
if split_key_len > 2:
self.key_comment = ' '.join(split_ssh_public_key[2:])
else:
self.key_comment = ''
# hazmat does not support ed25519 so we have out own loader based on serialization.load_ssh_public_key
if split_key_len < 2:
raise ValueError(
'Key is not in the proper format or contains extra data.')
# is there a key comment at the end?
if split_key_len > 2:
self.key_comment = ' '.join(split_ssh_public_key[2:])
else:
self.key_comment = ''
# hazmat does not support ed25519 so we have out own loader based on serialization.load_ssh_public_key
if split_key_len < 2:
raise ValueError(
'Key is not in the proper format or contains extra data.')
key_type = split_ssh_public_key[0]
key_body = split_ssh_public_key[1]
if key_type != SSHPublicKeyType.ED25519:
raise TypeError("Public Key is not the correct type or format")
try:
decoded_data = base64.b64decode(key_body)
except TypeError:
raise ValueError('Key is not in the proper format.')
inner_key_type, rest = ssh._ssh_read_next_string(decoded_data)
if inner_key_type != key_type.encode("utf-8"):
raise ValueError(
'Key header and key body contain different key type values.'
)
# ed25519 public key is a single string https://tools.ietf.org/html/rfc8032#section-5.1.5
self.a, rest = ssh._ssh_read_next_string(rest)
def get_ssh_certificate_builder(ca, cert_type, public_key_to_sign):
"""
Returns the proper SSHCertificateBuilder instance for the type of public key to be signed.
:param ca: The SSHCertificateAuthority that will sign the certificate. The
SSHCertificateAuthority type does not need to be the same type as the SSHCertificateBuilder.
:param cert_type: The SSHCertificateType. Is this a User or Host certificate?
:param public_key_to_sign: The SSHPublicKey to issue a certificate for.
:return: An SSHCertificateBuilder instance.
"""
# Determine the type of public key we have, to decide the right cert type
ssh_public_key = get_ssh_public_key(public_key_to_sign)
if ssh_public_key.type is SSHPublicKeyType.RSA:
return RSACertificateBuilder(ca, cert_type, ssh_public_key)
elif ssh_public_key.type is SSHPublicKeyType.ED25519:
return ED25519CertificateBuilder(ca, cert_type, ssh_public_key)
else:
raise TypeError("Unsupported Public Key Type")
def get_ssh_public_key(ssh_public_key):
"""
Returns the proper SSHPublicKey instance based off of the SSH Public Key file.
:param ssh_public_key: SSH Public Key file contents. (i.e. 'ssh-XXX AAAA....').
:return: An SSHPublicKey instance.
"""
if ssh_public_key.startswith(SSHPublicKeyType.RSA):
rsa_public_key = RSAPublicKey(ssh_public_key)
rsa_public_key.validate_for_signing()
return rsa_public_key
elif ssh_public_key.startswith(SSHPublicKeyType.ED25519):
ed25519_public_key = ED25519PublicKey(ssh_public_key)
return ed25519_public_key
else:
raise TypeError("Unsupported Public Key Type")