diff options
-rw-r--r-- | hgsshsign/__init__.py | 8 | ||||
-rw-r--r-- | hgsshsign/keys.py | 45 |
2 files changed, 29 insertions, 24 deletions
diff --git a/hgsshsign/__init__.py b/hgsshsign/__init__.py index eff63bc..bd612df 100644 --- a/hgsshsign/__init__.py +++ b/hgsshsign/__init__.py | |||
@@ -46,7 +46,7 @@ class SSHAuthority(object): | |||
46 | private_key = ui.config("sshsign", "private_key", None) | 46 | private_key = ui.config("sshsign", "private_key", None) |
47 | agent_socket = os.environ.get(SSHAgent.AGENT_SOCK_NAME) | 47 | agent_socket = os.environ.get(SSHAgent.AGENT_SOCK_NAME) |
48 | if private_key: | 48 | if private_key: |
49 | private_key = keys.load_private_key(absolute_path(private_key)) | 49 | private_key = keys.PrivateKey.from_file(absolute_path(private_key)) |
50 | elif agent_socket: | 50 | elif agent_socket: |
51 | private_key = SSHAgent(agent_socket, key=public_key.blob) | 51 | private_key = SSHAgent(agent_socket, key=public_key.blob) |
52 | else: | 52 | else: |
@@ -61,16 +61,14 @@ class SSHAuthority(object): | |||
61 | 61 | ||
62 | def verify(self, data, signature, whom): | 62 | def verify(self, data, signature, whom): |
63 | try: | 63 | try: |
64 | key = self.key_manifest[whom] # XXX: More elegant error handling. | 64 | key = self.key_manifest[whom] |
65 | except KeyError: | 65 | except KeyError: |
66 | raise util.Abort(_("No key found for %s" % whom)) | 66 | raise util.Abort(_("No key found for %s" % whom)) |
67 | 67 | ||
68 | return key.verify(data, signature) | 68 | return key.verify(data, signature) |
69 | 69 | ||
70 | def sign(self, data): | 70 | def sign(self, data): |
71 | import hgsshsign.keys as keys | 71 | return self.private_key.sign(data) |
72 | |||
73 | return keys.sign_like_agent(data, self.private_key) | ||
74 | 72 | ||
75 | 73 | ||
76 | def node2txt(repo, node, ver): | 74 | def node2txt(repo, node, ver): |
diff --git a/hgsshsign/keys.py b/hgsshsign/keys.py index aa291eb..c723872 100644 --- a/hgsshsign/keys.py +++ b/hgsshsign/keys.py | |||
@@ -69,22 +69,29 @@ class PublicKey(object): | |||
69 | fp.close() | 69 | fp.close() |
70 | 70 | ||
71 | 71 | ||
72 | def load_private_key(filename): | 72 | class PrivateKey(object): |
73 | fp = open(filename) | 73 | |
74 | try: | 74 | def __init__(self, instance): |
75 | first_line = fp.readline() | 75 | self.instance = instance |
76 | finally: | 76 | |
77 | fp.close() | 77 | @classmethod |
78 | 78 | def from_file(cls, filename): | |
79 | type = DSA if 'DSA' in first_line else RSA | 79 | fp = open(filename) |
80 | return type.load_key(filename) | 80 | try: |
81 | 81 | first_line = fp.readline() | |
82 | 82 | finally: | |
83 | def sign_like_agent(data, key): | 83 | fp.close() |
84 | """ | 84 | |
85 | Emulates the signing behavior of an ssh key agent. | 85 | type_ = DSA if 'DSA' in first_line else RSA |
86 | """ | 86 | instance = type_.load_key(filename) |
87 | digest = MessageDigest('sha1') | 87 | |
88 | digest.update(data) | 88 | return cls(instance) |
89 | my_data = digest.final() | 89 | |
90 | return key.sign(data) | 90 | def sign(self, data): |
91 | """ | ||
92 | Emulates the signing behavior of an ssh key agent. | ||
93 | """ | ||
94 | digest = MessageDigest('sha1') | ||
95 | digest.update(data) | ||
96 | my_data = digest.final() | ||
97 | return self.instance.sign(data) | ||