path: root/frozen_deps/ecdsa/ssh.py

import binascii
from . import der
from ._compat import compat26_str, int_to_bytes

_SSH_ED25519 = b"ssh-ed25519"
_SK_MAGIC = b"openssh-key-v1\0"
_NONE = b"none"


def _get_key_type(name):
    if name == "Ed25519":
        return _SSH_ED25519
    else:
        raise ValueError("Unsupported key type")


class _Serializer:
    def __init__(self):
        self.bytes = b""

    def put_raw(self, val):
        self.bytes += val

    def put_u32(self, val):
        self.bytes += int_to_bytes(val, length=4, byteorder="big")

    def put_str(self, val):
        self.put_u32(len(val))
        self.bytes += val

    def put_pad(self, blklen=8):
        padlen = blklen - (len(self.bytes) % blklen)
        self.put_raw(bytearray(range(1, 1 + padlen)))

    def encode(self):
        return binascii.b2a_base64(compat26_str(self.bytes))

    def tobytes(self):
        return self.bytes

    def topem(self):
        return der.topem(self.bytes, "OPENSSH PRIVATE KEY")


def serialize_public(name, pub):
    serial = _Serializer()
    ktype = _get_key_type(name)
    serial.put_str(ktype)
    serial.put_str(pub)
    return b" ".join([ktype, serial.encode()])


def serialize_private(name, pub, priv):
    # encode public part
    spub = _Serializer()
    ktype = _get_key_type(name)
    spub.put_str(ktype)
    spub.put_str(pub)

    # encode private part
    spriv = _Serializer()
    checksum = 0
    spriv.put_u32(checksum)
    spriv.put_u32(checksum)
    spriv.put_raw(spub.tobytes())
    spriv.put_str(priv + pub)
    comment = b""
    spriv.put_str(comment)
    spriv.put_pad()

    # top-level structure
    main = _Serializer()
    main.put_raw(_SK_MAGIC)
    ciphername = kdfname = _NONE
    main.put_str(ciphername)
    main.put_str(kdfname)
    nokdf = 0
    main.put_u32(nokdf)
    nkeys = 1
    main.put_u32(nkeys)
    main.put_str(spub.tobytes())
    main.put_str(spriv.tobytes())
    return main.topem()