def is_key_trusted(self, pkfp):
"""
Given public key fingerprint checks if it is registered as trusted key
:param pkfp: utf8 encoded public key fingerprint
:return:
"""
key_path = None
if pkfp in os.listdir(self.trusted_keys_path):
log.debug("pkfp found in trusted keys")
key_path = os.path.join(self.trusted_keys_path, pkfp)
elif pkfp in os.listdir(self.user_keys_path):
log.debug("pkfp found in user keys")
key_path = os.path.join(self.user_keys_path, pkfp)
else:
log.debug("pkfp not recognized as trusted")
return False
with open(os.path.join(key_path, "public.pem"), "rb") as fp:
log.debug("Checking public key")
ic = ICrypto()
ic.load_pem_public_key("pub", fp.read()) \
.get_public_key_fingerprint("pkfp", "pub")
return str(ic["pkfp"], "utf8") == pkfp
def import_public_key(self, key_data=None, filepath=None, alias=None):
"""
Adds given public key to the trusted keys storage and registers it as trusted
:param key_data: Must be not encoded
:param filepath:
:param alias:
:return:
"""
if not (key_data or filepath):
raise KeyImportError("Neither key_data nor filepath provided")
if filepath:
with open(filepath, "rb") as fp:
key_data = fp.read()
try:
ic = ICrypto()
ic.load_pem_public_key("pub", key_data) \
.get_public_key_fingerprint("pkfp", "pub")
self.save_trusted_public_key(pkfp=ic["pkfp"],
public=ic["pub"],
alias=alias)
except Exception as e:
logging.error(e)
raise KeyImportError(e)