Compare commits

..

1 Commits

Author SHA1 Message Date
Emmanuel Garette 5c8981d580 add OpenSSH plugin 2021-05-08 19:02:31 +02:00
1 changed files with 2 additions and 8 deletions

View File

@ -48,15 +48,10 @@ def split_cert(body):
def sign_certificate(common_name, public_key, authority_private_key, user, extensions, not_before, not_after): def sign_certificate(common_name, public_key, authority_private_key, user, extensions, not_before, not_after):
private_key = parse_private_key(authority_private_key).private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.OpenSSH,
encryption_algorithm=serialization.NoEncryption(),
).decode()
with mktempfile() as issuer_tmp: with mktempfile() as issuer_tmp:
cmd = ['ssh-keygen', '-s', issuer_tmp] cmd = ['ssh-keygen', '-s', issuer_tmp]
with open(issuer_tmp, 'w') as i: with open(issuer_tmp, 'w') as i:
i.writelines(private_key) i.writelines(authority_private_key)
if 'extendedKeyUsage' in extensions and extensions['extendedKeyUsage'].get('useClientAuthentication'): if 'extendedKeyUsage' in extensions and extensions['extendedKeyUsage'].get('useClientAuthentication'):
cmd.extend(['-I', user['username'] + ' user key', cmd.extend(['-I', user['username'] + ' user key',
'-n', user['username']]) '-n', user['username']])
@ -81,7 +76,7 @@ def sign_certificate(common_name, public_key, authority_private_key, user, exten
pub = cert_tmp + '-cert.pub' pub = cert_tmp + '-cert.pub'
with open(pub, 'r') as p: with open(pub, 'r') as p:
body = split_cert(p.read()) body = split_cert(p.read())
#unlink(pub) unlink(pub)
return body return body
@ -155,4 +150,3 @@ class OpenSSHIssuerPlugin(CryptographyIssuerPlugin):
format=serialization.PrivateFormat.OpenSSH, format=serialization.PrivateFormat.OpenSSH,
encryption_algorithm=serialization.NoEncryption(), encryption_algorithm=serialization.NoEncryption(),
) )
print(cert.private_key)