diff options
| author | Mike Crute <mcrute@gmail.com> | 2010-05-06 14:51:48 -0400 |
|---|---|---|
| committer | Mike Crute <mcrute@gmail.com> | 2010-05-06 14:51:48 -0400 |
| commit | e6c5078c32d92310214c323b3c0c2e06eda7ed64 (patch) | |
| tree | ac9ca42a73ae2ac95775b0750021d3afc680fe52 | |
| parent | ff7ae56725bcb8bc69ce3a7f2125c0abc57de587 (diff) | |
| download | hg_sshsign-e6c5078c32d92310214c323b3c0c2e06eda7ed64.tar.bz2 hg_sshsign-e6c5078c32d92310214c323b3c0c2e06eda7ed64.tar.xz hg_sshsign-e6c5078c32d92310214c323b3c0c2e06eda7ed64.zip | |
Unifying public and private key interfaces
| -rw-r--r-- | hgsshsign/__init__.py | 8 | ||||
| -rw-r--r-- | hgsshsign/keys.py | 45 |
2 files changed, 29 insertions, 24 deletions
diff --git a/hgsshsign/__init__.py b/hgsshsign/__init__.py index a6991db..b52dcc3 100644 --- a/hgsshsign/__init__.py +++ b/hgsshsign/__init__.py | |||
| @@ -40,7 +40,7 @@ class SSHAuthority(object): | |||
| 40 | private_key = ui.config("sshsign", "private_key", None) | 40 | private_key = ui.config("sshsign", "private_key", None) |
| 41 | agent_socket = os.environ.get(SSHAgent.AGENT_SOCK_NAME) | 41 | agent_socket = os.environ.get(SSHAgent.AGENT_SOCK_NAME) |
| 42 | if private_key: | 42 | if private_key: |
| 43 | private_key = keys.load_private_key(absolute_path(private_key)) | 43 | private_key = keys.PrivateKey.from_file(absolute_path(private_key)) |
| 44 | elif agent_socket: | 44 | elif agent_socket: |
| 45 | private_key = SSHAgent(agent_socket, key=public_key.blob) | 45 | private_key = SSHAgent(agent_socket, key=public_key.blob) |
| 46 | else: | 46 | else: |
| @@ -55,16 +55,14 @@ class SSHAuthority(object): | |||
| 55 | 55 | ||
| 56 | def verify(self, data, signature, whom): | 56 | def verify(self, data, signature, whom): |
| 57 | try: | 57 | try: |
| 58 | key = self.key_manifest[whom] # XXX: More elegant error handling. | 58 | key = self.key_manifest[whom] |
| 59 | except KeyError: | 59 | except KeyError: |
| 60 | raise util.Abort(_("No key found for %s" % whom)) | 60 | raise util.Abort(_("No key found for %s" % whom)) |
| 61 | 61 | ||
| 62 | return key.verify(data, signature) | 62 | return key.verify(data, signature) |
| 63 | 63 | ||
| 64 | def sign(self, data): | 64 | def sign(self, data): |
| 65 | import hgsshsign.keys as keys | 65 | return self.private_key.sign(data) |
| 66 | |||
| 67 | return keys.sign_like_agent(data, self.private_key) | ||
| 68 | 66 | ||
| 69 | 67 | ||
| 70 | def node2txt(repo, node, ver): | 68 | def node2txt(repo, node, ver): |
diff --git a/hgsshsign/keys.py b/hgsshsign/keys.py index aa291eb..c723872 100644 --- a/hgsshsign/keys.py +++ b/hgsshsign/keys.py | |||
| @@ -69,22 +69,29 @@ class PublicKey(object): | |||
| 69 | fp.close() | 69 | fp.close() |
| 70 | 70 | ||
| 71 | 71 | ||
| 72 | def load_private_key(filename): | 72 | class PrivateKey(object): |
| 73 | fp = open(filename) | 73 | |
| 74 | try: | 74 | def __init__(self, instance): |
| 75 | first_line = fp.readline() | 75 | self.instance = instance |
| 76 | finally: | 76 | |
| 77 | fp.close() | 77 | @classmethod |
| 78 | 78 | def from_file(cls, filename): | |
| 79 | type = DSA if 'DSA' in first_line else RSA | 79 | fp = open(filename) |
| 80 | return type.load_key(filename) | 80 | try: |
| 81 | 81 | first_line = fp.readline() | |
| 82 | 82 | finally: | |
| 83 | def sign_like_agent(data, key): | 83 | fp.close() |
| 84 | """ | 84 | |
| 85 | Emulates the signing behavior of an ssh key agent. | 85 | type_ = DSA if 'DSA' in first_line else RSA |
| 86 | """ | 86 | instance = type_.load_key(filename) |
| 87 | digest = MessageDigest('sha1') | 87 | |
| 88 | digest.update(data) | 88 | return cls(instance) |
| 89 | my_data = digest.final() | 89 | |
| 90 | return key.sign(data) | 90 | def sign(self, data): |
| 91 | """ | ||
| 92 | Emulates the signing behavior of an ssh key agent. | ||
| 93 | """ | ||
| 94 | digest = MessageDigest('sha1') | ||
| 95 | digest.update(data) | ||
| 96 | my_data = digest.final() | ||
| 97 | return self.instance.sign(data) | ||