def sign(self, data, fingerprint):
try:
pub_key = self.__find_key(fingerprint)
if not pub_key:
raise exceptions.SshAgentError(
"Your ssh-agent does not have the required key added. This "
"usually indicates that ssh-add has not been run.")
self.sock.send(
i2s(len(pub_key) + len(data) + 13) +
chr(SSH2_AGENTC_SIGN_REQUEST))
write_field(self.sock, pub_key)
write_field(self.sock, data)
self.sock.send("\0\0\0\0")
length, response_code, resp_len = struct.unpack(
"!IBI", self.sock.recv(9))
assert response_code == SSH2_AGENT_SIGN_RESPONSE
buf = self.sock.recv(length - 5)
fields = rsa.read_fields(buf)
response_type = fields.next()
assert response_type == "ssh-rsa"
return fields.next()
except socket.timeout as why:
raise exceptions.SshAgentError(why)
def sign_challenge(self, challenge):
try:
pub_key = self.__find_key(challenge.fingerprint)
if not pub_key:
raise exceptions.SshAgentError(
"Your ssh-agent does not have the required key added. This "
"usually indicates that ssh-add has not been run.")
challenge_bytes = challenge.serialize()
self.sock.send(i2s(len(pub_key) + len(challenge_bytes) + 13) +
chr(SSH2_AGENTC_SIGN_REQUEST))
write_field(self.sock, pub_key)
write_field(self.sock, challenge_bytes)
self.sock.send("\0\0\0\0")
length, response_code, resp_len = struct.unpack("!IBI",
self.sock.recv(9))
assert response_code == SSH2_AGENT_SIGN_RESPONSE
buf = self.sock.recv(length - 5)
fields = rsa.read_fields(buf)
response_type = fields.next()
assert response_type == "ssh-rsa"
return fields.next()
except socket.timeout as why:
raise exceptions.SshAgentError(why)
def __find_key(self, key_fingerprint):
write_field(self.sock, SSH2_AGENTC_REQUEST_IDENTITIES)
length, response_code, count = struct.unpack("!IBI", self.sock.recv(9))
assert response_code == SSH2_AGENT_IDENTITIES_ANSWER
resp = self.sock.recv(length - 5)
fields = rsa.read_fields(resp)
for i in xrange(count):
try:
key = rsa.RSAPublicKey(fields.next())
except exceptions.KeyError:
fields.next()
continue
fields.next() # ignore filename for key
if key.fingerprint() == key_fingerprint:
return key
def __find_key(self, key_fingerprint):
write_field(self.sock, SSH2_AGENTC_REQUEST_IDENTITIES)
length, response_code, count = struct.unpack("!IBI", self.sock.recv(9))
assert response_code == SSH2_AGENT_IDENTITIES_ANSWER
resp = self.sock.recv(length - 5)
fields = rsa.read_fields(resp)
for i in xrange(count):
try:
key = rsa.RSAPublicKey(fields.next())
except exceptions.KeyError:
fields.next()
continue
fields.next() # ignore filename for key
if key.fingerprint() == key_fingerprint:
return key
