o ¯b1-ã @svdZddlZddlZddlZddlZddlmZddlmZddl m Z ddlmZm Z mZmZejejkrWzddlZejejfWneefyVdejd<eeƒYnweƒZdd „ZGd d„dejƒZdd „Zdd„Zdd„Zedƒdd„ƒZedƒdd„ƒZ edƒdd„ƒZ!edƒdd„ƒZ"dd„Z#d d!„Z$d"d#„Z%d$d%„Z&d&e'd'e'fd(d)„Z(d*d+„Z)e*d,kr¹eƒdSdS)-z2 Implementation module for the `ckeygen` command. éN)Úwraps)Úreload)Úkeys)ÚfailureÚfilepathÚlogÚusageÚtermioscs‡fdd„}|S)Ncs tˆƒ‡fdd„ƒ}|tˆ<|S)Ncsˆ|i|¤ŽS)N©)ÚargsÚkwargs©Úkeygeneratorr ú?/usr/lib/python3/dist-packages/twisted/conch/scripts/ckeygen.pyÚwrapper"sz:_keyGenerator..assignkeygenerator..wrapper)rÚsupportedKeyTypes)rr©ÚkeyTyper rÚassignkeygenerator!sz)_keyGenerator..assignkeygeneratorr )rrr rrÚ _keyGenerator src @s”eZdZdZdZgd¢gd¢gd¢gd¢gd¢gd¢gd ¢gd ¢gZgd¢gd¢gd ¢gd¢gd¢gZeje e e ¡ƒ¡e ddg¡dœdZ dS)ÚGeneralOptionszUsage: ckeygen [options] z8ckeygen manipulates public/private keys in various ways.)ÚbitsÚbNz$Number of bits in the key to create.)ÚfilenameÚfNzFilename of the key file.)ÚtypeÚtNzSpecify type of key to create.)ÚcommentÚCNzProvide new comment.)ÚnewpassÚNNzProvide new passphrase.)ÚpassÚPNzProvide old passphrase.)ÚformatÚoú sha256-base64zFingerprint format of key file.)úprivate-key-subtypeNNz5OpenSSH private key subtype to write ("PEM" or "v1").)ÚfingerprintÚlzShow fingerprint of key file.)Ú changepassÚpz&Change passphrase of private key file.)ÚquietÚqzQuiet.)ú no-passphraseNz"Create the key with no passphrase.)ÚshowpubÚyz+Read private key file and print public key.ÚPEMÚv1)rr&)Ú optActionsN)Ú__name__Ú __module__Ú__qualname__ÚsynopsisÚlongdescÚ optParametersÚoptFlagsrÚCompletionsÚCompleteListÚlistrrÚcompDatar r r rr,s.øûþ ÿrc Cs(tƒ}z| tjdd…¡Wn"tjy1}ztd|ƒ| ¡t d¡WYd}~nd}~wwt ¡tt _|drk|d ¡tvrYtd|dƒt|d ¡|ƒdSt d|dd t ¡¡f¡dS|drut|ƒdS|drt|ƒdS|d r‰t|ƒdS| ¡t d¡dS) Néz ERROR: %srz&Generating public/private %s key pair.z"Key type was %s, must be one of %sz, r'r)r.)rÚparseOptionsÚsysÚargvrÚ UsageErrorÚprintÚopt_helpÚexitrÚdiscardLogsÚhandleErrorÚdeferrÚlowerrÚjoinrÚprintFingerprintÚchangePassPhraseÚdisplayPublicKey)ÚoptionsÚur r rÚrunRs8€ýÿÿrPcCsL|ddkrtjj|d<|S|ddkrtjj|d<|St d |d¡¡‚)Nr#zmd5-hexr%z"Unsupported fingerprint format: {})rÚFingerprintFormatsÚMD5_HEXÚ SHA256_BASE64ÚBadFingerPrintFormatr#)rNr r rÚenumrepresentationpsÿrUcCsdat t ¡¡‚)Né)Ú exitStatusrÚerrrÚFailurer r r rrG}srGÚrsacCsZddlm}ddlm}|dsd|d<|jt|dƒd|ƒd}t |¡}t||ƒdS)Nr©Údefault_backend)rZréi)Úkey_sizeÚpublic_exponentÚbackend) Úcryptography.hazmat.backendsr\Ú)cryptography.hazmat.primitives.asymmetricrZÚgenerate_private_keyÚintrÚKeyÚ_saveKey)rNr\rZÚkeyPrimitiveÚkeyr r rÚgenerateRSAkey„s ý riÚdsacCsXddlm}ddlm}|dsd|d<|jt|dƒ|ƒd}t |¡}t||ƒdS)Nrr[)rjrr])r^r`) rar\rbrjrcrdrrerf)rNr\rjrgrhr r rÚgenerateDSAkey”s þ rkÚecdsacCslddlm}ddlm}|dsd|d<dt|dƒ d¡}|jtj||ƒd}t |¡}t ||ƒdS) Nrr[)Úecrésecdsa-sha2-nistpÚascii)Úcurver`)rar\rbrmÚstrÚencodercrÚ_curveTablererf)rNr\rmrprgrhr r rÚgenerateECDSAkey£sÿ rtÚed25519cCs.ddlm}|j ¡}t |¡}t||ƒdS)Nr)ru)rbruÚEd25519PrivateKeyÚgeneraterrerf)rNrurgrhr r rÚgenerateEd25519key´s rxcCs|dkrdSdS)a Return a reasonable default private key subtype for a given key type. @type keyType: L{str} @param keyType: A key type, as returned by L{twisted.conch.ssh.keys.Key.type}. @rtype: L{str} @return: A private OpenSSH key subtype (C{'PEM'} or C{'v1'}). ÚEd25519r1r0r rr r rÚ_defaultPrivateKeySubtype½srzcCs´|dstj d¡}td|ƒ|d<tj |dd¡r$|dd7<t|ƒ}z!tj |d¡}t d| ¡| |d¡tj |d¡fƒWdStj yYt d¡YdSw)Nrú ~/.ssh/id_rsaú%Enter file in which the key is (%s): ú.pubz%s %s %sr#zbad key)ÚosÚpathÚ expanduserÚinputÚexistsrUrreÚfromFilerCÚsizer'ÚbasenameÚBadKeyErrorr@rE)rNrrhr r rrKÏs&ýÿ ÿÿrKc CsT|dstj d¡}td|ƒ|d<z tj |d¡}Wnhtjyj| d¡s0t d¡|d<ztjj|d|dd}Wn)tj yMt d¡Yntjyg}zt d|›¡WYd}~nd}~wwYntj y„}zt d|›¡WYd}~nd}~ww| d ¡s£ t d¡}t d¡}||kršnt d ƒq‹||d <| d¡dur²t| ¡ƒ|d<z|jd|d|d d}WntyÚ}zt d|›¡WYd}~nd}~wwztjj||d dWntjtj fy}zt d|›¡WYd}~nd}~wwt|ddƒ }| |¡Wdƒn 1swYt dƒdS)Nrr{r|r!zEnter old passphrase: ©Ú passphrasez1Could not change passphrase: old passphrase errorzCould not change passphrase: rr>z0Enter new passphrase (empty for no passphrase): úEnter same passphrase again: ú%Passphrases do not match. Try again.r&Úopenssh©ÚsubtyperˆÚwbz;Your identification has been saved with the new passphrase.)r~rr€rrrerƒÚEncryptedKeyErrorÚgetÚgetpassr†r@rErCrzrÚtoStringÚ ExceptionÚ fromStringÚopenÚwrite)rNrrhÚeÚp1Úp2Ú newkeydataÚfdr r rrLäsh €ÿ€€ÿ û ý€ÿ€ÿÿrLcCsž|dstj d¡}td|ƒ|d<z tj |d¡}Wn"tjy>| d¡s0t d¡|d<tjj|d|dd}Ynw| ¡ d¡ d¡}t |ƒdS) Nrr{r|r!zEnter passphrase: r‡r‹ro)r~rr€rrrerƒrrr‘Úpublicr’ÚdecoderC)rNrrhÚ displayKeyr r rrMs ýrMÚpromptÚreturncCst|ƒS)zv Ask the user where to save the key. This needs to be a separate function so the unit test can patch it. )r)rŸr r rÚ_inputSaveFile%sr¡c CsÊdddddœ}|| ¡}|ds*tj d|›¡}td|›d ƒ}| ¡p'||d<tj |d¡rKtd |d¡ƒt dƒ}|d ¡d krKt ¡| d¡rUd|d<n|dsr t d¡}t d¡}||krintdƒqZ||d<| d¡durt| ¡ƒ|d<t ¡›dt ¡›} t |d¡ |jd|d|dd¡t |dd¡t |dd¡ | ¡jd| d¡t|ƒ}td |d¡ƒtd |d¡ƒtd |d ¡ƒt| |d ¡ƒdS)!zÈ Persist a SSH key on local filesystem. @param key: Key which is persisted on local filesystem. @type key: C{keys.Key} implementation. @param options: @type options: L{dict} rlrurZrj)ÚECryÚRSAÚDSArz ~/.ssh/id_z%Enter file in which to save the key (z): z{} already exists.zOverwrite (y/n)? rr/r-ór!r>z,Enter passphrase (empty for no passphrase): r‰rŠr&Nú@r‹rŒi€r})rz(Your identification has been saved in {}z(Your public key has been saved in {}.pubzThe key fingerprint in {} is:r#)rr~rr€r¡Ústripr‚rCr#rrIr@rErr‘rzÚgetuserÚsocketÚgethostnamerÚFilePathÚ setContentr’ÚchmodrœrUr') rhrNÚKeyTypeMappingÚkeyTypeNameÚdefaultPathÚnewPathÚynr˜r™rr r rrf.sV ÿ ûýÿÿrfÚ__main__)+Ú__doc__r‘r~r©r@Ú functoolsrÚimprÚtwisted.conch.sshrÚtwisted.pythonrrrrÚunix_getpassr Ú tcgetattrÚ tcsetattrÚImportErrorÚAttributeErrorÚmodulesÚdictrrÚOptionsrrPrUrGrirkrtrxrzrKrLrMrqr¡rfr3r r r rÚsP þ& 3 > ÿ