geofront.keystore — Public key store

geofront.keystore.KEY_TYPES = {'ecdsa-sha2-nistp256': <class 'paramiko.ecdsakey.ECDSAKey'>, 'ecdsa-sha2-nistp384': <class 'paramiko.ecdsakey.ECDSAKey'>, 'ecdsa-sha2-nistp521': <class 'paramiko.ecdsakey.ECDSAKey'>, 'ssh-dss': <class 'paramiko.dsskey.DSSKey'>, 'ssh-rsa': <class 'paramiko.rsakey.RSAKey'>}

(Mapping[str, Type[Pkey]]) The mapping of supported key types.

New in version 0.4.0: Added ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, and ecdsa-sha2-nistp521 (ECDSAKey) support.

exception geofront.keystore.AuthorizationError

Authorization exception that rise when the given identity has no required permission to the key store.

exception geofront.keystore.DuplicatePublicKeyError

Exception that rise when the given public key is already registered.

class geofront.keystore.KeyStore

The key store backend interface. Every key store has to guarantee that public keys are unique for all identities i.e. the same public key can’t be registered across more than an identity.

deregister(identity: geofront.identity.Identity, public_key: paramiko.pkey.PKey) → None

Remove the given public_key of the identity. It silently does nothing if there isn’t the given public_key in the store.

Parameters:
  • ientity – the owner identity
  • public_key (paramiko.pkey.PKey) – the public key to remove
Raises:

geofront.keystore.AuthorizationError – when the given identity has no required permission to the key store

list_keys(identity: geofront.identity.Identity) → typing.AbstractSet[paramiko.pkey.PKey]

List registered public keys of the given identity.

Parameters:identity (Identity) – the owner of keys to list
Returns:the set of paramiko.pkey.PKey owned by the identity
Return type:AbstractSet
Raises:geofront.keystore.AuthorizationError – when the given identity has no required permission to the key store
register(identity: geofront.identity.Identity, public_key: paramiko.pkey.PKey) → None

Register the given public_key to the identity.

Parameters:
  • ientity – the owner identity
  • public_key (paramiko.pkey.PKey) – the public key to register
Raises:
exception geofront.keystore.KeyStoreError

Exceptions related to KeyStore are an instance of this.

exception geofront.keystore.KeyTypeError

Unsupported public key type raise this type of error.

geofront.keystore.format_openssh_pubkey(key: paramiko.pkey.PKey) → str

Format the given key to an OpenSSH public key line, used by authorized_keys, id_rsa.pub, etc.

Parameters:key (paramiko.pkey.PKey) – the key object to format
Returns:a formatted openssh public key line
Return type:str
geofront.keystore.get_key_fingerprint(key: paramiko.pkey.PKey, glue: str = ':') → str

Get the hexadecimal fingerprint string of the key.

Parameters:
  • key (paramiko.pkey.PKey) – the key to get fingerprint
  • glue (str) – glue character to be placed between bytes. ':' by default
Returns:

the fingerprint string

Return type:

str

geofront.keystore.parse_openssh_pubkey(line: str) → paramiko.pkey.PKey

Parse an OpenSSH public key line, used by authorized_keys, id_rsa.pub, etc.

Parameters:

line (str) – a line of public key

Returns:

the parsed public key

Return type:

paramiko.pkey.PKey

Raises:
  • ValueError – when the given line is an invalid format
  • KeyTypeError – when it’s an unsupported key type

Changed in version 0.4.0: Added ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, and ecdsa-sha2-nistp521 (ECDSAKey) support.