clean up pkey interface
change the pkey interface so that it's no longer possible to have a pkey
that doesn't represent a valid key. (ie: no more "blank" key objects.)
also add "get_bits" and "can_sign" methods to determine the key bit length
and whether it can sign things (contains the "private parts") respectively.
add dss key generation too, and fix some bugs
added the ability to generate dss keys and write private dss key files,
similar to rsa. in the process, fixed a couple of bugs with ber encoding
and writing password-encrypted key files. the key has to be padded to the
iblock size of the cipher -- it's very difficult to determine how the others
do this, so i just add random bytes to the end.
fixed the simple demo to use Transport's (host, port) constructor for
simplicity, and fixed a bug where the standard demo's DSS login wouldn't
work.
also, move the common logfile setup crap into util so all the demos can just
call that one.
can now generate rsa keys (not dss yet)
added functionality to ber to create ber streams. added some common methods
to PKey to allow dumping the key to base64 (the format used by openssh for
public key files and host key lists), and a factory for creating a key from
a private key file, and a common way to save private keys. RSAKey luckily
didn't have to change that much.
also added a factory method to RSAKey to generate a new key.
fix some arcana in unpacking private keys
"!= type([])" is a pretty obscure way to say it. let's try "is not list"
which is a lot more readable.
(mostly this is a test to make sure tla is working okay on my laptop.)
fix MANIFEST.in, change version numbers to 0.9-doduo, fix LPGL notices
fixed MANIFEST.in to include the demo scripts, LICENSE, and ChangeLog.
upped everything to version 0.9-doduo.
fixed the copyright notice, and added the LGPL banner to the top of every
python file.
more docs, and password-protected key files can now be read
lots more documentation, some of it moved out of the README file, which is
now much smaller and less rambling.
repr(Transport) now reports the number of bits used in the cipher.
cleaned up BER to use util functions, and throw a proper exception (the new
BERException) on error. it doesn't ever have to be a full BER decoder, but
it can at least comb its hair and tuck in its shirt.
lots of stuff added to PKey.read_private_key_file so it can try to decode
password-protected key files. right now it only understands "DES-EDE3-CBC"
format, but this is the only format i've seen openssh make so far. if the
key is password-protected, but no password was given, a new exception
(PasswordRequiredException) is raised so an outer layer can ask for a password
and try again.
added public-key support to server mode, more docs
added public-key support to server mode (it can now verify a client signature)
and added a demo of that to the demo_server.py script (user_rsa_key). in the
process, cleaned up the API of PKey so that now it only has to know about
signing and verifying ssh2 blobs, and can be hashed and compared with other
keys (comparing & hashing only the public parts of the key). keys can also
be created from strings now too.
some more documentation and hiding private methods.
lots more documentation, and added Transport.connect()
renamed demo_host_key to demo_rsa_key. moved changelog to a separate file,
and indicated that future changelog entries should be fetched from tla.
tried to clean up "__all__" in a way that makes epydoc still work.
added lots more documentation, and renamed many methods and vars to hide
them as private non-exported API.
Transport's ModulusPack is now a static member, so it only has to be loaded
once, and can then be used by any future Transport object.
added Transport.connect(), which tries to wrap all the SSH2 negotiation and
authentication into one method. you should be able to create a Transport,
call connect(), and then create channels.
Gary van der Merwe
Robey Pointer
Robey Pointer
Robey Pointer