From 78a7d1c4c63737c4eae0c22207a00141a44402d3 Mon Sep 17 00:00:00 2001 From: Mark Adams Date: Fri, 12 Dec 2014 23:13:12 -0600 Subject: Added load_ssh_rsa_public_key to hazmat.primitives.serialization to allow for loading of OpenSSH RSA public keys Also added load_ssh_public_key as a generic method that can be later extended to support more public key algorithms. --- .../hazmat/primitives/asymmetric/serialization.rst | 55 ++++++++++++++++++++++ 1 file changed, 55 insertions(+) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index b0b37b80..52960ec0 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -195,3 +195,58 @@ KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``. :raises UnsupportedAlgorithm: If the serialized key is of a type that is not supported by the backend or if the key is encrypted with a symmetric cipher that is not supported by the backend. + +OpenSSH Public Key +~~~~~~~~~~~~~~~~~~ + +The format used by OpenSSH to store public keys as specified in :rfc:`4253` + +Currently, only RSA public keys are supported. Any other type of key will +result in an exception being thrown. + +Example RSA key in OpenSSH format (line breaks added for formatting purposes):: + + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk + FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll + PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK + vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f + sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy + ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX + 2MzHvnbv testkey@localhost + +.. function:: load_ssh_public_key(data, backend) + + .. versionadded:: 0.7 + + Deserialize a public key from OpenSSH (:rfc:`4253`) encoded data to an + instance of the public key type for the specified backend. + + :param bytes data: The OpenSSH encoded key data. + + :param backend: A backend provider. + + :returns: A new instance of a public key type. + + :raises ValueError: If the OpenSSH data could not be properly decoded or + if the key is not in the proper format. + + :raises UnsupportedAlgorithm: If the serialized key is of a type that is + not supported. + +.. function:: load_ssh_rsa_public_key(data, backend) + + .. versionadded:: 0.7 + + Deserialize a RSA public key from OpenSSH (:rfc:`4253`) encoded data to an + instance of the RSA Public Key type for the specified backend. + + :param bytes data: The OpenSSH encoded key data. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: A new instance of a public key type. + + :raises ValueError: If the OpenSSH data could not be properly decoded or + if the key is not in the proper format. -- cgit v1.2.3 From b7b91179a5b1d4c28643f9e59bb46e52144a7de3 Mon Sep 17 00:00:00 2001 From: Mark Adams Date: Sat, 13 Dec 2014 10:43:01 -0600 Subject: Privatized the load_ssh_rsa_public_key function and fixed some coverage issues on test_serialization. --- docs/hazmat/primitives/asymmetric/serialization.rst | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 52960ec0..ec35c3cf 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -232,21 +232,3 @@ Example RSA key in OpenSSH format (line breaks added for formatting purposes):: :raises UnsupportedAlgorithm: If the serialized key is of a type that is not supported. - -.. function:: load_ssh_rsa_public_key(data, backend) - - .. versionadded:: 0.7 - - Deserialize a RSA public key from OpenSSH (:rfc:`4253`) encoded data to an - instance of the RSA Public Key type for the specified backend. - - :param bytes data: The OpenSSH encoded key data. - - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - - :returns: A new instance of a public key type. - - :raises ValueError: If the OpenSSH data could not be properly decoded or - if the key is not in the proper format. -- cgit v1.2.3 From 1832e24256c5984cfe534a24839657609522b7a4 Mon Sep 17 00:00:00 2001 From: Mark Adams Date: Sat, 13 Dec 2014 22:54:34 -0600 Subject: Minor documentation corrections for load_ssh_public_key --- docs/hazmat/primitives/asymmetric/serialization.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index ec35c3cf..45c7a5bc 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -199,12 +199,13 @@ KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``. OpenSSH Public Key ~~~~~~~~~~~~~~~~~~ -The format used by OpenSSH to store public keys as specified in :rfc:`4253` +The format used by OpenSSH to store public keys as specified in :rfc:`4253`. Currently, only RSA public keys are supported. Any other type of key will result in an exception being thrown. -Example RSA key in OpenSSH format (line breaks added for formatting purposes):: +An example RSA key in OpenSSH format (line breaks added for formatting +purposes):: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll -- cgit v1.2.3 From 993b85ad6f3ebe5db6a24c1649d28f8cf45095ea Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 15 Dec 2014 10:42:45 -0800 Subject: A handful of tiny fixes --- docs/hazmat/primitives/asymmetric/serialization.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 45c7a5bc..a9392c7b 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -199,7 +199,7 @@ KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``. OpenSSH Public Key ~~~~~~~~~~~~~~~~~~ -The format used by OpenSSH to store public keys as specified in :rfc:`4253`. +The format used by OpenSSH to store public keys, as specified in :rfc:`4253`. Currently, only RSA public keys are supported. Any other type of key will result in an exception being thrown. @@ -224,7 +224,8 @@ purposes):: :param bytes data: The OpenSSH encoded key data. - :param backend: A backend provider. + :param backend: An + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider. :returns: A new instance of a public key type. -- cgit v1.2.3