def _cipher(self): ''' Obtain a usable cipher object based on the text representation of the key loaded from the file. Allows defering the possible passphrase prompting until the key (and resulting cipher) is actually used. Downside is that if there is a more fundamental format issue with the key data, we encounter it here. ''' if not PKCS1_OAEP: raise PKCSError('PKCS1_OAEP cipher unavailable in this version of PyCrypto') if self.cipher_object: return self.cipher_object if not self.keydata: raise PKCSError('No RSA Key available: %s' % self.keyfile) self.cipher_object = PKCS1_OAEP(self) return self.cipher_object
def __init__(self, keyfile='~/.ssh/id_rsa', default_passphrase=None): self.keyfile = os.path.expanduser(keyfile) self.default_passphrase = default_passphrase try: with open(self.keyfile, 'rb') as f: self.keydata = f.read() # Peek to see if it looks like a pubkey or private key if self.keydata.startswith(b'ssh-rsa '): self.cipher_object = PKCS1_OAEP(self) elif b'BEGIN RSA PRIVATE KEY' in self.keydata: # Defer loading the key, in case a passphrase is required # Handle that when/if the key is needed to instantiate the cipher self.cipher_object = None else: raise PKCSError('Key format not recognized', keyfile) except IOError: self.cipher_object = None self.keydata = None self.unsupported = not PKCS1_OAEP