psk_auth module
Module for handling SSH-style public key verification and loading authorized keys.
This module provides functions to load authorized SSH public keys from a specified file and to verify signatures using RSA with PSS padding and SHA-256 hashing.
- Functions:
load_authorized_keys(): Loads authorized SSH public keys from a file.verify_signature(): Verifies the signature of the data using the provided public key.
- psk_auth.load_authorized_keys(file_path)[source]
Loads a list of authorized SSH public keys from a file and returns them in a dictionary.
The function reads the given file, processes each line, and extracts the public keys. The public keys are stored in a dictionary, where the keys are the comments associated with each key and the values are the actual RSA public key objects.
- Parameters:
file_path – The path to the file containing the SSH public keys.
- Returns:
A dictionary where the keys are the comments (client IDs) and the values are the RSA public keys corresponding to each client.
Example usage:
authorized_keys = load_authorized_keys("/path/to/authorized_keys.txt")
- psk_auth.verify_signature(public_key, data, signature)[source]
Verifies the signature of the given data using the provided public key.
This function checks whether the provided signature matches the data when signed by the corresponding private key. It uses RSA with PSS padding and SHA-256 hashing.
- Args:
public_key (RSAPublicKey): The public key to verify the signature with. data (dict): The original data that was signed. signature (str): The base64 encoded signature to verify.
- Returns:
bool: True if the signature is valid, raises an exception otherwise.
- Raises:
ValueError: If the signature is invalid.
Example:
try: verify_signature(public_key, data, signature) except ValueError: print("Invalid signature")