Merge pull request paramiko#9 from tehfink/master

support for openssl keys
nordaux · May 22, 2011 · 2260854 · 2260854
2 parents e891a5e + d3162ac
commit 2260854
Showing 1 changed file with 11 additions and 10 deletions.
diff --git a/paramiko/pkey.py b/paramiko/pkey.py
@@ -25,7 +25,7 @@
 import os
 
 from Crypto.Hash import MD5
-from Crypto.Cipher import DES3
+from Crypto.Cipher import DES3, AES
 
 from paramiko.common import *
 from paramiko import util
@@ -40,7 +40,8 @@ class PKey (object):
 
     # known encryption types for private key files:
     _CIPHER_TABLE = {
-        'DES-EDE3-CBC': { 'cipher': DES3, 'keysize': 24, 'blocksize': 8, 'mode': DES3.MODE_CBC }
+        'AES-128-CBC': { 'cipher': AES, 'keysize': 16, 'blocksize': 16, 'mode': AES.MODE_CBC },
+        'DES-EDE3-CBC': { 'cipher': DES3, 'keysize': 24, 'blocksize': 8, 'mode': DES3.MODE_CBC },
     }
 
 
@@ -171,7 +172,7 @@ def verify_ssh_sig(self, data, msg):
         @rtype: boolean
         """
         return False
-   
+
     def from_private_key_file(cls, filename, password=None):
         """
         Create a key object by reading a private key file.  If the private
@@ -204,15 +205,15 @@ def from_private_key(cls, file_obj, password=None):
         object.  If the private key is encrypted and C{password} is not C{None},
         the given password will be used to decrypt the key (otherwise
         L{PasswordRequiredException} is thrown).
-        
+
         @param file_obj: the file to read from
         @type file_obj: file
         @param password: an optional password to use to decrypt the key, if it's
             encrypted
         @type password: str
         @return: a new key object based on the given private key
         @rtype: L{PKey}
-        
+
         @raise IOError: if there was an error reading the key
         @raise PasswordRequiredException: if the private key file is encrypted,
             and C{password} is C{None}
@@ -236,17 +237,17 @@ def write_private_key_file(self, filename, password=None):
         @raise SSHException: if the key is invalid
         """
         raise Exception('Not implemented in PKey')
-    
+
     def write_private_key(self, file_obj, password=None):
         """
         Write private key contents into a file (or file-like) object.  If the
         password is not C{None}, the key is encrypted before writing.
-        
+
         @param file_obj: the file object to write into
         @type file_obj: file
         @param password: an optional password to use to encrypt the key
         @type password: str
-        
+
         @raise IOError: if there was an error writing to the file
         @raise SSHException: if the key is invalid
         """
@@ -279,7 +280,7 @@ def _read_private_key_file(self, tag, filename, password=None):
         data = self._read_private_key(tag, f, password)
         f.close()
         return data
-    
+
     def _read_private_key(self, tag, f, password=None):
         lines = f.readlines()
         start = 0
@@ -350,7 +351,7 @@ def _write_private_key_file(self, tag, filename, data, password=None):
         os.chmod(filename, 0600)
         self._write_private_key(tag, f, data, password)
         f.close()
-    
+
     def _write_private_key(self, tag, f, data, password=None):
         f.write('-----BEGIN %s PRIVATE KEY-----\n' % tag)
         if password is not None: