hSrSSKJr SSKrSSKrSSKrSSKrSSKJrJ r J r SSK J r J r SSKJr SSKrSSKJrJr SSKJr SS KJr SS KJr SS KJrJr SS KJrJrJ r J!r!J"r" SS K#J$r$J%r%J&r& SSK'J(r(J)r) SSK*J+r+ SSK,J-r-J.r. SSK/J0r0 SSK1J2r2 SSK3J4r4J5r5 SSK6J7r7 SSK8J9r9J:r: \R|"5\R~"5\R"5S.rASSSS.rB\ RrC\ RrD"SS\E5rF"SS\E5rG"S S!\E5rH"S"S#\E5rI"S$S%\5rJ"S&S'\E5rKS(rL"S)S*5rMS,S+jrNg!\;a SSK8J} for Unicode characters in memorized secrets: it applies the Normalization Process for Stabilized Strings using NFKC normalization. The passphrase is then encoded using UTF-8. @type passphrase: L{bytes} or L{unicode} or L{None} @param passphrase: The passphrase to normalize. @return: The normalized passphrase, if any. @rtype: L{bytes} or L{None} @raises PassphraseNormalizationError: if the passphrase is Unicode and cannot be normalized using the available Unicode character database. c3T# UHn[R"U5S:Hv M g7f)CnN) unicodedatacategory).0cs r4 '_normalizePassphrase..s C 1{##A&$. s&(NFKCzUTF-8) isinstancestranyrErJ normalizeencode passphrases r4_normalizePassphraserXxsS&*c"" C C C C/0 0$$VZ8??HHr3c6\rSrSrSr\S0Sj5r\S0Sj5r\S5r\S5r \S5r \S 5r \S 5r \S 5r \S 5r\S 5r\S5r\S5r\S1Sj5r\S2Sj5r\S2Sj5r\S2Sj5r\S2Sj5rSrS3SjrS4SjrSrSr\R:4SjrS5SjrSr Sr!Sr"Sr#S6S jr$S!r%S"r&\'"S#S$/S#S%//5S1S&j5r(S2S'jr)S0S(jr*S2S)jr+S7S*jr,S+r-S,r.S2S8S-jjr/S.r0S/r1g)9Keya] An object representing a key. A key can be either a public or private key. A public key can verify a signature; a private key can create or verify a signature. To generate a string that can be stored on disk, use the toString method. If you have a private key, but want the string representation of the public key, use Key.public().toString(). Nc[US5nURUR5X#5sSSS5 $!,(df  g=f)a Load a key from a file. @param filename: The path to load key data from. @type type: L{str} or L{None} @param type: A string describing the format the key data is in, or L{None} to attempt detection of the type. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase the key is encrypted with, or L{None} if there is no encryption. @rtype: L{Key} @return: The loaded key. rbN)open fromStringread)clsfilenametyperWfs r4fromFile Key.fromFiles0$(D !Q>>!&&(D=" ! !s 7 Ac[U[5(aURS5n[U5nUcUR U5nUc[ SU<35e[ USUR53S5nUc[ SU35eURRS:XaU(a [ S5eU"U5$U"X5$)a Return a Key object corresponding to the string data. type is optionally the type of string, matching a _fromString_* method. Otherwise, the _guessStringType() classmethod will be used to guess a type. If the key is encrypted, passphrase is used as the decryption key. @type data: L{bytes} @param data: The key data. @type type: L{str} or L{None} @param type: A string describing the format the key data is in, or L{None} to attempt detection of the type. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase the key is encrypted with, or L{None} if there is no encryption. @rtype: L{Key} @return: The loaded key. utf-8Nzcannot guess the type of _fromString_zno _fromString method for zkey not encrypted) rQrRrUrX_guessStringTyper)getattrupper__code__ co_argcount)radatarcrWmethods r4r_Key.fromStrings. dC ;;w'D)*5 <''-D < 9$BC C TZZ\N;TB > :4&AB B ?? & &! +!"566$< $+ +r3c h[R"U5up#US:XaM[R"US5upEnU"[R"XE5R [ 555$US:Xa`[R"US5upgpnU"[R"U [R"XgUS9S9R [ 555$U[;aEU"[RR[U[R"US5S55$US:Xa1UR[R"US5SS S 9n S U lU $US ;aH[R"U5upUR!U 5n UR#S 5(aS U lU $[%SU35e)a Return a public key object corresponding to this public key blob. The format of a RSA public key blob is:: string 'ssh-rsa' integer e integer n The format of a DSA public key blob is:: string 'ssh-dss' integer p integer q integer g integer y The format of ECDSA-SHA2-* public key blob is:: string 'ecdsa-sha2-[identifier]' integer x integer y identifier is the standard NIST curve name. The format of an Ed25519 public key blob is:: string 'ssh-ed25519' string a @type blob: L{bytes} @param blob: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if the key type (the first string) is unknown. ssh-rsarjssh-dsspqgyparameter_numbers"sk-ecdsa-sha2-nistp256@openssh.comr') encodedPointcurveT) ssh-ed25519sk-ssh-ed25519@openssh.comssk-ssh-unknown blob type: )rgetNSgetMPrRSAPublicNumbers public_keyrrDSAPublicNumbersDSAParameterNumbers _curveTablerEllipticCurvePublicKeyfrom_encoded_point_fromECEncodedPoint_sk_fromEd25519Components startswithr)) rablobkeyTyperestenrxryrzr| keyObjectas r4_fromString_BLOBKey._fromString_BLOBsD T*  j dA.JA$s++A1<<_=NOP P j %||D!4 A!$$3+B+BQq+Q*_./  k !))<<(&,,tQ*?*B  ; ;//#\\$215,0I!IM  E Ell4(GA2215I!!*-- $  /y9::r3c[R"U5up#US:Xa-[R"US5upEpgpnURXEXhU S9$US:Xa,[R"US5upppUR XXU S9$U[ ;a[ Un [R"US5upnU[ U RRS5:wa[S U<S U<35e[R"U5upURXUS 9$US :Xa0[R"US5unnnUS SnURUUS9$[SU35e)a Return a private key object corresponding to this private key blob. The blob formats are as follows: RSA keys:: string 'ssh-rsa' integer n integer e integer d integer u integer p integer q DSA keys:: string 'ssh-dss' integer p integer q integer g integer y integer x EC keys:: string 'ecdsa-sha2-[identifier]' string identifier string q integer privateValue identifier is the standard NIST curve name. Ed25519 keys:: string 'ssh-ed25519' string a string k || a @type blob: L{bytes} @param blob: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if * the key type (the first string) is unknown * the curve name of an ECDSA key does not match the key type rtrrdrxryrur|rzrxryxrjasciizECDSA curve name z does not match key type )rr privateValuerN )kr) rrr_fromRSAComponents_fromDSAComponentsr _secToNistnamerUr)rr)rarrrrrrurxryrzr|rr curveNamerrcombinedrs r4_fromString_PRIVATE_BLOBKey._fromString_PRIVATE_BLOB$sf\ T*  j %+\\$%: "A!d))Aa)B B  ""(,,tQ"7 A!))Aa)B B  #(E!'dA!6 I$Juzz'8'8'ABB!!*G5"(d!3 L**L+  &!' T1 5 Ax" A--a1-5 5 3G9=> >r3cURS5(aU"[U[555$[UR 5S5nUR U5$)aL Return a public key object corresponding to this OpenSSH public key string. The format of an OpenSSH public key string is:: @type data: L{bytes} @param data: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if the blob type is unknown. s ecdsa-sha2r~)rrrrsplitr)rarprs r4_fromString_PUBLIC_OPENSSHKey._fromString_PUBLIC_OPENSSHosN ??= ) )*41BCD D4::<?+##D))r3c UR5R5n[SRUSS55nUR S5(d [ S5eU[ S5Sn[R"US5upVpx[R"SUSS 5S n U S:wa [ S 5e[R"US SS 5upn US :wGa6U(d [S5eUS;a&[Rn Sn [USS5S-nU nO[ SU<35eUS:XaQ[R"U5unn[R"SUSS 5S n[R "UUX-USS9nO[ SU<35e[ U 5U -S :wa [ S5e[#U "USU5[$R&"UXU-5[)5S9R+5nUR-U 5UR/5-nOUS :wa[ SU<S35eU n[R"SUSS 5S n[R"SUS S5S nUU:wa[ SUU4-5eUR1USS5$)a Return a private key object corresponding to this OpenSSH private key string, in the "openssh-key-v1" format introduced in OpenSSH 6.5. The format of an openssh-key-v1 private key string is:: -----BEGIN OPENSSH PRIVATE KEY----- -----END OPENSSH PRIVATE KEY----- The SSH protocol string is as described in U{PROTOCOL.key}. @type data: L{bytes} @param data: The key data. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase the key is encrypted with, or L{None} if it is not encrypted. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if * a passphrase is provided for an unencrypted key * the SSH protocol encoding is incorrect @raises EncryptedKeyError: if * a passphrase is not provided for an encrypted key r3r~openssh-key-v1z"unknown OpenSSH private key formatN!LrvrzDonly OpenSSH private key files containing a single key are supportedrjnone0Passphrase must be provided for an encrypted key)s aes128-ctrs aes192-ctr aes256-ctrrzunknown encryption type bcryptT)ignore_few_roundszunknown KDF type z bad paddingbackendzprivate key specifies KDF z but no cipherz#check values do not match: %d != %d)strip splitlinesrjoinrr)lenrrstructunpackr:rAESintbcryptkdfrrCTRr decryptorupdatefinalizer)rarprWlineskeyListcipherr kdfOptionsrr_encPrivKeyListalgorithmClass blockSizekeySizeivSizesaltroundsdecKeyr privKeyListcheck1check2s r4_fromPrivateOpenSSH_v1Key._fromPrivateOpenSSH_v1s: '')chhuQr{34!!"566BC C#1245(. Wa(@%Z MM$Ra )! , 6-  &||DHa81 W 'IFF!+ fQqk*a/"!$>N#i/A5!-00vhw/0 &V+;<=')ik  $**>:Y=O=O=QQKg~!GJL)Kt[!_5a8t[1%56q9 V CvvFVVW W++KO< PRIVATE KEY----- [Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,] ------END PRIVATE KEY------ The ASN.1 structure of a RSA key is:: (0, n, e, d, p, q) The ASN.1 structure of a DSA key is:: (0, p, q, g, y, x) The ASN.1 structure of a ECDSA key is:: (ECParameters, OID, NULL) @type data: L{bytes} @param data: The key data. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase the key is encrypted with, or L{None} if it is not encrypted. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if * a passphrase is provided for an unencrypted key * the ASN.1 encoding is incorrect @raises EncryptedKeyError: if * a passphrase is not provided for an encrypted key r N)sECsRSAsDSArz&Failed to decode key (Bad Passphrase?)unknown key type )rrrr TypeErrorr: ValueErrorr))rarprWrkindkeys r4_fromPrivateOpenSSH_PEMKey._fromPrivateOpenSSH_PEMsJ '')Qx3J * * L*4_=NOs8O 1$89 9 'F L!"JKK Ls A!!*B cUR5R5SSSS:XaURX5$URX5$)ax Return a private key object corresponding to this OpenSSH private key string. If the key is encrypted, passphrase MUST be provided. Providing a passphrase for an unencrypted key is an error. @type data: L{bytes} @param data: The key data. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase the key is encrypted with, or L{None} if it is not encrypted. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if * a passphrase is provided for an unencrypted key * the encoding is incorrect @raises EncryptedKeyError: if * a passphrase is not provided for an encrypted key rrrsOPENSSH)rrrr)rarprWs r4_fromString_PRIVATE_OPENSSHKey._fromString_PRIVATE_OPENSSHsK, ::< " " $Q '3 /: =--d? ?..t@ @r3c[R"[USS55nUSS:Xde0nUSSSH4upA[R"[R "U55SX4'M6 USSS:XaUR USUSUS US S 9$USSS :XaURUS USS9$[SUSS35e)a Return a public key corresponding to this LSH public key string. The LSH public key string format is:: , ()+))> The names for a RSA (key type 'rsa-pkcs1-sha1') key are: n, e. The names for a DSA (key type 'dsa') key are: y, g, p, q. @type data: L{bytes} @param data: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if the key type is unknown r~rr public-keyNdsaygpqr|rzrxryrsa-pkcs1-sha1nerrunknown lsh key type ) rparserrrNSrrr)rarpsexpkdrs r4_fromString_PUBLIC_LSHKey._fromString_PUBLIC_LSH3s"{{;tAbz23Aw-''' q'!"+JD||FIIdO4Q7BH& 71: ))T(bh"T(bh* !WQZ, ,))BtH4)A A 5d1gaj\BC Cr3c^[R"U5nUSS:Xde0nUSSSH4upA[R"[R"U55SX4'M6 USSS:XaA[ U5S:Xd[ U55eUR USUSUS US US S 9$USSS :Xa^[ U5S:Xd[ U55eUS US :aUS US sUS 'US 'URUSUSUSUS US S9$[SUSS35e)a Return a private key corresponding to this LSH private key string. The LSH private key string format is:: , (, )+))> The names for a RSA (key type 'rsa-pkcs1-sha1') key are: n, e, d, p, q. The names for a DSA (key type 'dsa') key are: y, g, p, q, x. @type data: L{bytes} @param data: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if the key type is unknown r private-keyr~Nrrrrrrxr rsa-pkcs1rrrdrr) rrrrrrrrr)rs r4_fromString_PRIVATE_LSHKey._fromString_PRIVATE_LSHSsg"{{4 Aw.((( q'!"+JD||FIIdO4Q7BH& 71: r7a< (R (<))T(bh"T(bh"T(* !WQZ< 'r7a< (R (<$x"T("%'Xr$x"4"T())T(bh"T(bh"T(*   5d1gaj\BC Cr3c [R"U5up!US:Xa[R"U5up1[R"U5upA[R"U5upQ[R"U5upa[R"U5upqURXeX4US9$US:Xa[R"U5up[R"U5up[R"U5up[R"U5up[R"U5up1[R"U5upAUR XXXKS9$[ SU35e)a' Return a private key object corresponsing to the Secure Shell Key Agent v3 format. The SSH Key Agent v3 format for a RSA key is:: string 'ssh-rsa' integer e integer d integer n integer u integer p integer q The SSH Key Agent v3 format for a DSA key is:: string 'ssh-dss' integer p integer q integer g integer y integer x @type data: L{bytes} @param data: The key data. @return: A new key. @rtype: L{twisted.conch.ssh.keys.Key} @raises BadKeyError: if the key type (the first string) is unknown rurrtrrrrxryrr)rrrrrr)) rarprrxryrzr|rrrrrs r4_fromString_AGENTV3Key._fromString_AGENTV3ys< T*  j ll4(GAll4(GAll4(GAll4(GAll4(GA))Aa)B B  "ll4(GAll4(GAll4(GAll4(GAll4(GAll4(GA))Aa)G G 1';< >$// &C C HI I ??4 5 5 : : $ ??= ) )$ ??4  ??4   OO3 4 4899=>>QRRLMM"LL.MGE  & T 2 $qy Nr3c R[R"X!S9nUcUR[55nOo[R"UUU[R "X45[R "X55[R"XE5US9n U R[55nU"U5$)aL Build a key from RSA numerical components. @type n: L{int} @param n: The 'n' RSA variable. @type e: L{int} @param e: The 'e' RSA variable. @type d: L{int} or L{None} @param d: The 'd' RSA variable (optional for a public key). @type p: L{int} or L{None} @param p: The 'p' RSA variable (optional for a public key). @type q: L{int} or L{None} @param q: The 'q' RSA variable (optional for a public key). @type u: L{int} or L{None} @param u: The 'u' RSA variable. Ignored, as its value is determined by p and q. @rtype: L{Key} @return: An RSA key constructed from the values as given. )rr)rxryrdmp1dmq1iqmppublic_numbers) rrrrRSAPrivateNumbers rsa_crt_dmp1 rsa_crt_dmq1 rsa_crt_iqmp private_key) rarrrrxryr publicNumbersrprivateNumberss r4rKey._fromRSAComponentss6,,q6 9%001BCI 22%%a+%%a+%%a+,N'22?3DEI9~r3c [R"U[R"X#US9S9nUcUR[ 55nO-[R "XVS9nUR [ 55nU"U5$)a Build a key from DSA numerical components. @type y: L{int} @param y: The 'y' DSA variable. @type p: L{int} @param p: The 'p' DSA variable. @type q: L{int} @param q: The 'q' DSA variable. @type g: L{int} @param g: The 'g' DSA variable. @type x: L{int} or L{None} @param x: The 'x' DSA variable (optional for a public key) @rtype: L{Key} @return: A DSA key constructed from the values as given. rwr{)rr)rrrrrDSAPrivateNumbersr") rar|rxryrzrr#rr$s r4rKey._fromDSAComponents sm.,,3#:#:Qq#I  9%001BCI 22QUN&22?3DEI9~r3c[R"X[US9nUcUR[ 55nO-[R "XES9nUR [ 55nU"U5$)a[ Build a key from EC components. @param x: The affine x component of the public point used for verifying. @type x: L{int} @param y: The affine y component of the public point used for verifying. @type y: L{int} @param curve: NIST name of elliptic curve. @type curve: L{bytes} @param privateValue: The private value. @type privateValue: L{int} rr|r) private_valuer)rEllipticCurvePublicNumbersrrrEllipticCurvePrivateNumbersr")rarr|rrr#rr$s r4_fromECComponentsKey._fromECComponents/sk$55K.   %001BCI;;*N'22?3DEI9~r3cUc([RR[UU5nO'[R"U[U[ 55nU"U5$)a Build a key from an EC encoded point. @param encodedPoint: The public point encoded as in SEC 1 v2.0 section 2.3.3. @type encodedPoint: L{bytes} @param curve: NIST name of elliptic curve. @type curve: L{bytes} @param privateValue: The private value. @type privateValue: L{int} )rrrrderive_private_keyr)rarrrrs r4rKey._fromECEncodedPointOsW  11DDE"LI--k%0/2CI9~r3c[b[c [S5eUc[RU5nO[R U5nU"U5$)zBuild a key from Ed25519 components. @param a: The Ed25519 public key, as defined in RFC 8032 section 5.1.5. @type a: L{bytes} @param k: The Ed25519 private key, as defined in RFC 8032 section 5.1.5. @type k: L{bytes} z)Ed25519 keys not supported on this system)Ed25519PublicKeyEd25519PrivateKeyr)from_public_bytesfrom_private_bytes)rarrrs r4rKey._fromEd25519ComponentsksK  #'8'@IJ J 9(::1=I)< Return True if other represents an object with the same key. )rQrZrcrpNotImplemented)r<others r4__eq__ Key.__eq__sD eS ! !99;%**,.N499;%**,3N N! !r3cUR5S:XaUR5nUSRS5nUR5(a SUSSS3nO SUSSS3n[ UR 55H upEUS:Xa US U3- nMUS US U3- nM" US -$S [ UR55<SUR5=(a S=(d S<SUR5<S3/n[ UR5R 55HupEURSUS35 UR5S:XaUO[R"U5SSnU(dMRUSSnUSSnSn [U5Hn U [U 5SS3-n M [U5S:aU SSn URSU -5 U(aMaM USS-US'S RU5$)z0 Return a pretty representation of this object. ECrrhz < z Public Keyz Private Keyz (zattr :Ed25519rv02xr >)rcrpdecodeisPublicsorteditemsr!sizeappendrMPr ordrr) r<rproutrvrbymorMs r4__repr__ Key.__repr__s 99;$ 99;D=''0D}}4T"#YKvF5d23i[Gtzz|,<\$00CRs%s++C - ;  (!-MMO4 E EIIK Etyy{0023 uQCq\*))+2Q ! QR8Hb3BABCBA&q\3q6#,a 00*1v{crFLL*b4b CE"I99U# #r3c[UR[R[R [ R[R45$)zT Check if this instance is a public key. @return: C{True} if this is a public key. ) rQr;r RSAPublicKeyr DSAPublicKeyrrrr4r<s r4rR Key.isPublicsA  OO    ))((    r3cvUR5(aU$[URR55$)z Returns a version of this key containing only the public key data. If this is a public key, this may or may not be the same object as self. @rtype: L{Key} @return: A public key. )rRrZr;rrcs r4public Key.publics, ==??Kt1134 4r3c U[RLa9[[[ UR 55R 555$U[RLam[SR[[UR 55R 55Vs/sHn[R"U5PM sn55$[SU35es snf)a The fingerprint of a public key consists of the output of the message-digest algorithm in the specified format. Supported formats include L{FingerprintFormats.MD5_HEX} and L{FingerprintFormats.SHA256_BASE64} The input to the algorithm is the public key data as specified by [RFC4253]. The output of sha256[RFC4634] algorithm is presented to the user in the form of base64 encoded sha256 hashes. Example: C{US5jTUa0kgX5ZxdqaGF0yGRu8EgKXHNmoT8jHKo1StM=} The output of the MD5[RFC1321](default) algorithm is presented to the user as a sequence of 16 octets printed as hexadecimal with lowercase letters and separated by colons. Example: C{c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87} @param format: Format for fingerprint generation. Consists hash function and representation format. Default is L{FingerprintFormats.MD5_HEX} @since: 8.2 @return: the user presentation of this L{Key}'s fingerprint, as a string. @rtype: L{str} :z Unsupported fingerprint format: )r@rCr!rrrdigestrBrr rbinasciihexlifyr=)r<formatrs r4 fingerprintKey.fingerprints: '55 5 &*=*D*D*F GH H )11 1 2;C UR5S:XaoXR5:Xa[UR5nUS::a[R"5$US::a[R "5$[R "5$gUR5S:Xa[R "5$[R"5[R"5[R "5[R"5S.RUR5U45$)z Return a hash algorithm for this key type given an SSH signature algorithm name, or L{None} if no such hash algorithm is defined for this key type. rEiNrK))rqrt)rqr})rqr|)rrru) rcryrUrSHA256SHA384SHA512SHA1get)r< signatureTypers r4_getHashAlgorithmKey._getHashAlgorithmLs 99;$  .))+c>!==?*^!==?*!==?* 99;) #==? ""(&,mmo&,mmo!'  #tyy{M* +  ,r3cURcgUR5S:Xa URRR$UR5S:XagURR$)zV Return the size of the object we wrap. @return: The size of the key. @rtype: L{int} rrErKr)r;rcrkey_sizercs r4rUKey.sizeisV ?? " YY[D ??((11 1 YY[I %'''r3c  [UR[R5(a3URR 5nUR UR S.$[UR[R5(aURR5nURR URR URURUR[R"URUR5S.$[UR[R5(agURR 5nURUR R"UR RUR RS.$[UR[R$5(aURR5nUR&URRURR R"URR RURR RS.$[UR[(R*5(aBURR 5nUR&URUR-5S.$[UR[(R.5(aaURR5nURR&URRUR0UR-5S.$[UR[2R45(aNSURR7[8R:R<[8R>R<50$[UR[2R@5(aURRC5R7[8R:R<[8R>R<5URRE[8R:R<[8RFR<[8RH"55S.$[KS UR35e) zG Return the values of the public key as a dictionary. @rtype: L{dict} rr r)rr|rzrxryr*)rr|rrr)rrzUnexpected key type: )&rQr;rrarrrrsprivate_numbersrrxryr!rrbr|r}rzrtrrrryrur+rr4 public_bytesrEncodingRaw PublicFormatr5r private_bytes PrivateFormat NoEncryptionrv)r<rsa_pub_numbersrsa_priv_numbersdsa_pub_numbersdsa_priv_numbersec_pub_numbersec_priv_numberss r4rpKey.dataxs doos'7'7 8 8"oo<<>O$&&$&& ):): ; ;#>>@ %4466%4466%''%''%''%%&6&8&8:J:L:LM )9)9 : :"oo<<>O$&&$6688$6688$6688   ):): ; ;#>>@ %''%4466%44FFHH%44FFHH%44FFHH  )B)B C C!__;;=N#%%#%%  )C)C D D"oo==?O$3355$3355 / = =   )A)A B BT__11!**.. 0J0J0N0N  )B)B C C__//1>>!**.. 0J0J0N0N__22!**..!//33!..0  !6t6GHI Ir3cUR5nUR5nUS:XaJ[R"S5[R"US5-[R"US5-$US:Xa~[R"S5[R"US5-[R"US5-[R"US 5-[R"US 5-$US :XaUR R RS -S -n[R"US5[R"USSS5-[R"S[R"USU5-[R"US U5-5-$US:Xa0[R"S5[R"US5-$[SU35e)a Return the public key blob for this key. The blob is the over-the-wire format for public keys. SECSH-TRANS RFC 4253 Section 6.6. RSA keys:: string 'ssh-rsa' integer e integer n DSA keys:: string 'ssh-dss' integer p integer q integer g integer y EC keys:: string 'ecdsa-sha2-[identifier]' integer x integer y identifier is the standard NIST curve name Ed25519 keys:: string 'ssh-ed25519' string a @rtype: L{bytes} rqrtrrrrrurxryrzr|rErrNrrKrrunknown key type: ) rcrprrrWr;rrr rr))r<rcrp byteLengths r4rKey.blobs@yy{yy{ 5=99Z(699T#Y+??&))DQTIBVV V U] *%))DI&'))DI&'))DI&'))DI& ' T\////881<BJ $w-())DM"#./0))((cJ?@((cJ?@ Y 99^,vyyc/CC C 24&9: :r3cxUR5nUR5nUS:Xa[R"USUS5n[R "S5[R "US5-[R "US5-[R "US5-[R "U5-[R "US5-[R "US5-$US:Xa[R "S 5[R "US5-[R "US5-[R "US 5-[R "US 5-[R "US 5-$US :XaURR5R[RR[RR5n[R "US5[R "USSS5-[R "U5-[R "US5-$US:XaP[R "S5[R "US5-[R "USUS-5-$[SU35e)aI Return the private key blob for this key. The blob is the over-the-wire format for private keys: Specification in OpenSSH PROTOCOL.agent RSA keys:: string 'ssh-rsa' integer n integer e integer d integer u integer p integer q DSA keys:: string 'ssh-dss' integer p integer q integer g integer y integer x EC keys:: string 'ecdsa-sha2-[identifier]' integer x integer y integer privateValue identifier is the NIST standard curve name. Ed25519 keys:: string 'ssh-ed25519' string a string k || a rqrxryrtrrrrrrurzr|rrErrNrrKrrrr)rcrprr!rrrWr;rrrrX962rUncompressedPointr))r<rcrprencPubs r4 privateBlobKey.privateBlobsZRyy{yy{ 5=##DItCy9D *%))DI&'))DI&'))DI&'))D/ " ))DI& ' ))DI& ' U] *%))DI&'))DI&'))DI&'))DI& ' ))DI& ' T\__//1>>&&++**<<F  $w-())DM"#./0))F#$))D012  Y  .)))DI&'))DIS 123   24&9: :r3extracommentrWc>Ub4[R"S[SS9 UR5(aUnOUn[ U[ 5(aUR S5n[U5n[USUR53S5nUc[SU35eU"X4US9$) aB Create a string representation of this key. If the key is a private key and you want the representation of its public key, use C{key.public().toString()}. type maps to a _toString_* method. @param type: The type of string to emit. Currently supported values are C{'OPENSSH'}, C{'LSH'}, and C{'AGENTV3'}. @type type: L{str} @param extra: Any extra data supported by the selected format which is not part of the key itself. For public OpenSSH keys, this is a comment. For private OpenSSH keys, this is a passphrase to encrypt with. (Deprecated since Twisted 20.3.0; use C{comment} or C{passphrase} as appropriate instead.) @type extra: L{bytes} or L{unicode} or L{None} @param subtype: A subtype of the requested C{type} to emit. Only supported for private OpenSSH keys, for which the currently supported subtypes are C{'PEM'} and C{'v1'}. If not given, an appropriate default is used. @type subtype: L{str} or L{None} @param comment: A comment to include with the key. Only supported for OpenSSH keys. Present since Twisted 20.3.0. @type comment: L{bytes} or L{unicode} or L{None} @param passphrase: A passphrase to encrypt the key with. Only supported for private OpenSSH keys. Present since Twisted 20.3.0. @type passphrase: L{bytes} or L{unicode} or L{None} @rtype: L{bytes} NzThe 'extra' argument to twisted.conch.ssh.keys.Key.toString was deprecated in Twisted 20.3.0; use 'comment' or 'passphrase' instead.r) stacklevelrh _toString_r)subtyperrW) warningswarnDeprecationWarningrRrQrRrUrXrlrmr))r<rcrrrrWrqs r4toString Key.toStringSsZ   MMI#  }}" gs # #nnW-G)*5 DJJL>:DA > 24&9: :g:NNr3cUR5S:XaiU(dSnURR[RR [R R 5S-U-R5$[UR55RSS5nU(dSnUR5S-U-S-U-R5$)z Return a public OpenSSH key string. See _fromString_PUBLIC_OPENSSH for the string format. @type comment: L{bytes} or L{None} @param comment: A comment to include with the key, or L{None} to omit the comment. rEr3  ) rcr;rrrOpenSSHrrrrreplacery)r<rb64Datas r4_toPublicOpenSSHKey._toPublicOpenSSHs 99;$ ,,!**22M4N4N4V4V  eg  diik*225#>G %/$6@GGIIr3c 0U(an[RnSnSnURS-nSnUn[R"U5n Sn [ R "U 5[R"SU 5-n OSnSnSnSn [R"S 5n X-UR5-[ R "U=(d S5-n S n[U 5U-(a,US - nU [US -45- n [U 5U-(aM,U(a[R"UW WW-S5n[W"US U5[R "XXx-5[#5S9R%5nUR'U 5UR)5-nOU nS[ R "U5-[ R "U5-[ R "U 5-[R"SS 5-[ R "UR+55-[ R "U5-n[-U5R/SS5nS/[1S [U5S5Vs/sH nUUUS-PM sn-S/-nSR3U5S-$s snf)a Return a private OpenSSH key string, in the "openssh-key-v1" format introduced in OpenSSH 6.5. See _fromPrivateOpenSSH_v1 for the string format. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase to encrypt the key with, or L{None} if it is not encrypted. rrrrdrrr3rvrr~Nrrrs#-----BEGIN OPENSSH PRIVATE KEY-----@s!-----END OPENSSH PRIVATE KEY-----)rr block_sizer secureRandomrrrpackrrbytesrrrrrr encryptorrrrrrranger)r<rrWr cipherNamekdfNamerrrrrrcheckrpadByteencKeyrrrrirs r4_toPrivateOpenSSH_v1Key._toPrivateOpenSSH_v1st  ^^F&JG))Q.IGF))&1DF46;;tV+DDJ JGIJ&&q)md&6&6&88699W^PS;TT +* qLG 5'D.!23 3K+** ZZ D'F2BCHFvhw'( &7+;<=')ik  '--k:Y=O=O=QQN(N ii # $ii  !ii # $kk$"  # ii $  % ii'  ( d#++E37 3 4,1!S\2,FG,Fqwq1r6",FG H34 5  zz% 5((Hs$JclU(d[R"5nO[R"U5nUR5S:waMURR [R R[RRU5$UR5S:Xde[S5e)z Return a private OpenSSH key string, in the old PEM-based format. See _fromPrivateOpenSSH_PEM for the string format. @type passphrase: L{bytes} or L{None} @param passphrase: The passphrase to encrypt the key with, or L{None} if it is not encrypted. rKzBcannot serialize Ed25519 key to OpenSSH PEM format; use v1 instead) rrBestAvailableEncryptionrcr;rrPEMrTraditionalOpenSSLr)r<rWrs r4_toPrivateOpenSSH_PEMKey._toPrivateOpenSSH_PEMs%224I%==jII 99;) #??00&&**++>> 99;)+ ++W r3cUR5(aURUS9$US:XdUc#UR5S:XaURX#S9$UbUS:XaUR US9$[ SU35e)a  Return a public or private OpenSSH string. See L{_fromString_PUBLIC_OPENSSH} and L{_fromPrivateOpenSSH_PEM} for the string formats. @param subtype: A subtype to emit. Only supported for private keys, for which the currently supported subtypes are C{'PEM'} and C{'v1'}. If not given, an appropriate default is used. @type subtype: L{str} or L{None} @param comment: Comment for a public key. @type comment: L{bytes} @param passphrase: Passphrase for a private key. @type passphrase: L{bytes} @rtype: L{bytes} )rv1rK)rrWrrVzunknown subtype )rRrrcrrr)r<rrrWs r4_toString_OPENSSHKey._toString_OPENSSH s& ==??(((9 9 _TYY[I5M,,W,T T _5 0---D D/y9: :r3c UR5nUR5nUR5(GaUS:XaU[R"SSS[ R "US5SS/S[ R "US 5SS////5nOUS :Xa[R"SS S [ R "US 5SS/S[ R "US5SS/S[ R "US5SS/S[ R "US5SS////5nO[SU35eS[U5RSS5-S-$US:XGa$US USpe[R"XV5n[R"SSS[ R "US5SS/S[ R "US 5SS/S[ R "US5SS/S [ R "U5SS/S[ R "U5SS/S[ R "USUS- -5SS/S[ R "USUS- -5SS/S [ R "U5SS// //5$US :Xa[R"SS S [ R "US 5SS/S[ R "US5SS/S[ R "US5SS/S[ R "US5SS/S![ R "US"5SS////5$[SUS#35e)$z Return a public or private LSH key. See _fromString_PUBLIC_LSH and _fromString_PRIVATE_LSH for the key formats. @rtype: L{bytes} rqrrrrrvNrrrrrrrxrryrrzrr|rrrr3}rrrrar~bcrr') rprcrRrrrrWr)rrrr!)r<kwargsrprckeyDatarxryrs r4 _toString_LSHKey._toString_LSH&scyy{yy{ ==??u}*** 1!%vyyc';AB'? @!%vyyc';AB'? @  *** &!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @    "$5dV"<==+g.66ucBBTI Iu}Cy$s)1''-zz+ ,!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @!%vyy|AB'7 8!%vyy|AB'7 8!%vyyca!e1D'Eab'I J!%vyyca!e1D'Eab'I J!%vyyqr': ;  $zz+ &!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @!%vyyc';AB'? @    "$5dV1"=>>r3c UR5nUR5(dUR5S:XaUSUSUSUSUSUS4nO*UR5S:XaUSUSUS US US 4n[R"UR 55S R [[RW55-$g )zl Return a private Secure Shell Agent v3 key. See _fromString_AGENTV3 for the key format. @rtype: L{bytes} rqrrrrrxryrrrzr|rr3N) rprRrcrrryrmaprW)r<rrpvaluess r4_toString_AGENTV3Key._toString_AGENTV3xsyy{}}yy{e#IIIIII %s)T#YS 49d3iP99T\\^,sxxFIIv8N/OO Or3c UR5nUcUR5nURU5nUc[SU<SUS35eUS:XaHURR U[ R"5U5n[R"U5nGOTUS:XaVURR X5n[U5upx[R"[US5[US5-5nOUS:XaURR U[R"U55n [U 5upx[U5n [U5n U Sn U S -(aS U -n U Sn U S -(aS U -n [R"[R"U 5[R"U 5-5nO5US :Xa/[R"URR U55n[R"U5W-$) a Sign some data with this key. SECSH-TRANS RFC 4253 Section 6.6. @param data: The data to sign. @param signatureType: The SSH public key algorithm name to sign this data with, or L{None} to use a reasonable default for the key. @return: A signature for the given data. zpublic key signature algorithm z is not defined for z keysrqrrrErrK)rcryrr6r;signrPKCS1v15rrr#rrECDSA)r<rprr hashAlgorithmsigretrs signaturer]sbrcompscomps r4rKey.signs))+  !LLNM..}=  ,1-1BC&iu.  e //&&tW-=-=-?OC))C.C  //&&t;C)#.FQ ))LB/,q"2EEFC _,,T288M3JKI))4FQaBaBqEEt|r\qEEt|r\))FIIbMFIIbM9:C  !))DOO0067Cyy'#--r3c[U5S:XaS[R"U5pO[R"U5up1UR U5nUcgUR 5nUS:XacUR nUR5(dUR5n[R"U5SU[R"5U4nGOUS:Xa[R"U5Sn[RUSSS 5n [RUSSS 5n [X5nUR nUR5(dUR5nXU4nGO US :Xa[R"U5Sn[R"US 5upn [RU S 5n [RU S 5n [X5nUR nUR5(dUR5nX[R"U54nORUS :XaLUR nUR5(dUR5n[R"U5SU4nWR "W6 g !["a gf=f)z Verify a signature using this key. @type signature: L{bytes} @param signature: The signature to verify. @type data: L{bytes} @param data: The signed data. @rtype: L{bool} @return: C{True} if the signature is valid. (ruNFrqrrrrbigrErjrKT)rrrrrrcr;rRrrrr from_bytesr$rrverifyr )r<rrprrrrargsconcatenatedSignaturerrrstrsstrrs r4r Key.verifys y>R '1699Y3G9'-||I'> $M..}=  ))+ e A==??LLN Y'*  " D  $*LL$;A$> !4Sb95AA4RS95AA,Q2IA==??LLN]3D _$*LL$;A$> !%||,A1E DtU+AtU+A,Q2IA==??LLNRXXm%<=D  !A==??LLNLL+A.5D  HHdO   s.I>> J  J r:)NN)NNNN)N)rAobjectreturnbool)rrR)rz&Literal['RSA', 'DSA', 'EC', 'Ed25519'])rzdict[str, Any])NNN)rprrz bytes | Nonerr)2r-r.r/r0r1 classmethodrer_rrrrrrrrr rkrrr.rrr=rBr^rRrfr@rBrnrcryr~rrUrprrr"rrrrrrrrrr2r+r3r4rZrZs->>(%,%,ND;D;LH?H?T**(V=V=p6:6:pAA8DD>#D#DJ.=.=`22h**X  D>6, "*$X 5"4!;!;&TPO.B $,: (JJX:;xQ;f! i l #  :O  :OxJ4<)|8;:P?dP,?.BDr3rZc2UR5RSS9 UR5(d[R"SU[ 5S9nUR [RR[RR[R"5S9nURU5 URS5n[R"UR!5S[ 5S9n[#U5sSSS5 $!,(df  g=f) a This function returns a persistent L{Key}. The key is loaded from a PEM file in C{location}. If it does not exist, a key with the key size of C{keySize} is generated and saved. @param location: Where the key is stored. @type location: L{twisted.python.filepath.FilePath} @param keySize: The size of the key, if it needs to be generated. @type keySize: L{int} @returns: A persistent key. @rtype: L{Key} T)ignoreExistingDirectoryi)public_exponentrr)encodingrmencryption_algorithmr]N)passwordr)parentmakedirsexistsrgenerate_private_keyrrrrrrrr setContentr^rr`rZ)locationr privateKeypemkeyFiles r4_getPersistentRSAKeyrs  OOt< ??  --!G_=N &&"++// ..AA!.!;!;!='  C t "77 LLNT?3D :   s 7D D)i)Or1 __future__rrkrrJrbase64rrrhashlibrrtypingr r constantlyr r cryptographyr cryptography.exceptionsr cryptography.hazmat.backendsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricrrrrr&cryptography.hazmat.primitives.ciphersrrr,cryptography.hazmat.primitives.serializationrrtyping_extensionsrtwisted.conch.sshrrtwisted.conch.ssh.commonrtwisted.pythonrtwisted.python.compatr r!twisted.python.deprecater"/cryptography.hazmat.primitives.asymmetric.utilsr#r$ ImportErrorr%r& SECP256R1 SECP384R1 SECP521R1rrr4r5 Exceptionr)r6r:r=r@rErXrZrr+r3r4r/s3 # 66 +48@TTLL&+1$9@ LLNLLNLLN  ++--) 9 $$"9>||~3(W7s EEE