def PublicKeyExport(self, dest, mock=None):
"""Export the public keys corresponding to our key set to destination."""
kmd = self.metadata
pubkmd = None
if kmd.type == keyinfo.DSA_PRIV and kmd.purpose == keyinfo.SIGN_AND_VERIFY:
pubkmd = keydata.KeyMetadata(kmd.name, keyinfo.VERIFY,
keyinfo.DSA_PUB)
elif kmd.type == keyinfo.RSA_PRIV:
if kmd.purpose == keyinfo.DECRYPT_AND_ENCRYPT:
pubkmd = keydata.KeyMetadata(kmd.name, keyinfo.ENCRYPT,
keyinfo.RSA_PUB)
elif kmd.purpose == keyinfo.SIGN_AND_VERIFY:
pubkmd = keydata.KeyMetadata(kmd.name, keyinfo.VERIFY,
keyinfo.RSA_PUB)
if pubkmd is None:
raise errors.KeyczarError("Cannot export public key")
for v in self.versions:
pubkmd.AddVersion(v)
pubkey = self.GetKey(v).public_key
if mock: # only for testing
mock.SetPubKey(v.version_number, pubkey)
else:
util.WriteFile(str(pubkey),
os.path.join(dest, str(v.version_number)))
if mock: # only for testing
mock.pubkmd = pubkmd
else:
util.WriteFile(str(pubkmd), os.path.join(dest, "meta"))
def Create(loc, name, purpose, asymmetric=None):
if mock is None and loc is None: # not testing
raise errors.KeyczarError("Location missing")
kmd = None
if purpose == keyinfo.SIGN_AND_VERIFY:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.HMAC_SHA1)
elif asymmetric.lower() == "rsa":
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else: # default to DSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.DSA_PRIV)
elif purpose == keyinfo.DECRYPT_AND_ENCRYPT:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.AES)
else: # default to RSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else:
raise errors.KeyczarError("Missing or unsupported purpose")
if mock is not None: # just testing, update mock object
mock.kmd = kmd
else:
writer = writers.CreateWriter(loc)
try:
writer.WriteMetadata(kmd, overwrite=False)
finally:
writer.Close()
def Create(loc, name, purpose, asymmetric=None):
if mock is None and loc is None: # not testing
raise errors.KeyczarError("Location missing")
kmd = None
if purpose == keyinfo.SIGN_AND_VERIFY:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.HMAC_SHA1)
elif asymmetric.lower() == "rsa":
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else: # default to DSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.DSA_PRIV)
elif purpose == keyinfo.DECRYPT_AND_ENCRYPT:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.AES)
else: # default to RSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else:
raise errors.KeyczarError("Missing or unsupported purpose")
if mock is not None: # just testing, update mock object
mock.kmd = kmd
else:
fname = os.path.join(loc, "meta")
if os.path.exists(fname):
raise errors.KeyczarError("File already exists")
util.WriteFile(str(kmd), fname)
def __init__(self, name, purpose, type, encrypted=False):
self.kmd = keydata.KeyMetadata(name, purpose, type, encrypted)
self.pubkmd = None
self.keys = {}
self.pubkeys = {}
def __init__(self, key, purpose):
self._key = key
self._meta = keydata.KeyMetadata("Imported", purpose, key.type)
self._meta.AddVersion(keydata.KeyVersion(1, keyinfo.PRIMARY, False))