def get_ssh_certificate_builder(ca, cert_type, public_key_to_sign):
"""
Returns the proper SSHCertificateBuilder instance for the type of public key to be signed.
:param ca: The SSHCertificateAuthority that will sign the certificate. The
SSHCertificateAuthority type does not need to be the same type as the SSHCertificateBuilder.
:param cert_type: The SSHCertificateType. Is this a User or Host certificate?
:param public_key_to_sign: The SSHPublicKey to issue a certificate for.
:return: An SSHCertificateBuilder instance.
"""
# Determine the type of public key we have, to decide the right cert type
ssh_public_key = get_ssh_public_key(public_key_to_sign)
if ssh_public_key.type is SSHPublicKeyType.RSA:
return RSACertificateBuilder(ca, cert_type, ssh_public_key)
else:
raise TypeError("Unsupported Public Key Type")
def test_valid_rsa():
pub_key = get_ssh_public_key(EXAMPLE_RSA_PUBLIC_KEY)
assert 'Test RSA User Key' == pub_key.key_comment
assert EXAMPLE_RSA_PUBLIC_KEY_N == pub_key.n
assert EXAMPLE_RSA_PUBLIC_KEY_E == pub_key.e
assert 'RSA 57:3d:48:4c:65:90:30:8e:39:ba:d8:fa:d0:20:2e:6c' == pub_key.fingerprint
def test_invalid_key():
with pytest.raises(TypeError):
get_ssh_public_key(EXAMPLE_ECDSA_PUBLIC_KEY)
def test_valid_ed25519():
pub_key = get_ssh_public_key(EXAMPLE_ED25519_PUBLIC_KEY)
assert 'Test ED25519 User Key' == pub_key.key_comment
assert EXAMPLE_ED25519_PUBLIC_KEY_A == pub_key.a
assert 'ED25519 fb:80:ca:21:7d:c8:9d:38:35:c0:f6:ba:fb:6d:82:e8' == pub_key.fingerprint
def test_unsupported_ed_25519():
with pytest.raises(TypeError):
get_ssh_public_key(EXAMPLE_ED25519_PUBLIC_KEY)
