From 78a7d1c4c63737c4eae0c22207a00141a44402d3 Mon Sep 17 00:00:00 2001
From: Mark Adams <mark@markadams.me>
Date: Fri, 12 Dec 2014 23:13:12 -0600
Subject: Added load_ssh_rsa_public_key to hazmat.primitives.serialization to
 allow for loading of OpenSSH RSA public keys Also added load_ssh_public_key
 as a generic method that can be later extended to support more public key
 algorithms.

---
 .../hazmat/primitives/asymmetric/serialization.rst | 55 ++++++++++++++++++++++
 1 file changed, 55 insertions(+)

(limited to 'docs/hazmat/primitives')

diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst
index b0b37b80..52960ec0 100644
--- a/docs/hazmat/primitives/asymmetric/serialization.rst
+++ b/docs/hazmat/primitives/asymmetric/serialization.rst
@@ -195,3 +195,58 @@ KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``.
     :raises UnsupportedAlgorithm: If the serialized key is of a type that
         is not supported by the backend or if the key is encrypted with a
         symmetric cipher that is not supported by the backend.
+
+OpenSSH Public Key
+~~~~~~~~~~~~~~~~~~
+
+The format used by OpenSSH to store public keys as specified in :rfc:`4253`
+
+Currently, only RSA public keys are supported. Any other type of key will
+result in an exception being thrown.
+
+Example RSA key in OpenSSH format (line breaks added for formatting purposes)::
+
+    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk
+    FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll
+    PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK
+    vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f
+    sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy
+    ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX
+    2MzHvnbv testkey@localhost
+
+.. function:: load_ssh_public_key(data, backend)
+
+    .. versionadded:: 0.7
+
+    Deserialize a public key from OpenSSH (:rfc:`4253`) encoded data to an
+    instance of the public key type for the specified backend.
+
+    :param bytes data: The OpenSSH encoded key data.
+
+    :param backend: A backend provider.
+
+    :returns: A new instance of a public key type.
+
+    :raises ValueError: If the OpenSSH data could not be properly decoded or
+        if the key is not in the proper format.
+
+    :raises UnsupportedAlgorithm: If the serialized key is of a type that is
+        not supported.
+
+.. function:: load_ssh_rsa_public_key(data, backend)
+
+    .. versionadded:: 0.7
+
+    Deserialize a RSA public key from OpenSSH (:rfc:`4253`) encoded data to an
+    instance of the RSA Public Key type for the specified backend.
+
+    :param bytes data: The OpenSSH encoded key data.
+
+    :param backend: A
+        :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+        provider.
+
+    :returns: A new instance of a public key type.
+
+    :raises ValueError: If the OpenSSH data could not be properly decoded or
+        if the key is not in the proper format.
-- 
cgit v1.2.3