def sign_via_agent(data, fingerprint=None):
"""Attempt to sign 'data' via ssh-agent.
Args:
data (str):
The data to sign
Kwargs:
fingerprint (str, optional):
The fingerprint of an SSH public key associated with the private key
to be used for signing data.
Returns:
A dict containing the following keys:
key_fingerprint:
The SSH public key fingerprint associated with the private key
used for signing 'data'.
key_type: The SSH key type used for signing.
signature: The data signature returned from ssh-agent.
Raises:
AgentKeyError: An error occured while signing.
"""
agent = paramiko.Agent()
keys = agent.get_keys()
sign_key = None
key_fp = None
if not keys:
raise AgentKeyError(AgentKeyError.E_NO_KEYS)
if fingerprint is not None:
for key in keys:
key_fp = key.get_fingerprint()
if fingerprint == key_fp:
sign_key = key
break
if sign_key is None:
raise AgentKeyError(AgentKeyError.E_MISSING_KEY, fingerprint=to_hex(fingerprint))
else:
sign_key = keys[0]
key_fp = sign_key.get_fingerprint()
if PARAMIKO_VER >= (1, 14, 0):
sig = sign_key.sign_ssh_data(data)
else:
sig = sign_key.sign_ssh_data(None, data)
sig = paramiko.message.Message(sig)
return {
'key_fingerprint': key_fp,
'key_type': sig.get_string(),
'signature': sig.get_string()
}
评论列表
文章目录
