SecureBlackbox 2020 Python Edition

Questions / Feedback?

SSHKeyManager Class

Properties   Methods   Events   Configuration Settings   Errors  

The SSHKeyManager class stores information about SSH keys.

Syntax

class secureblackbox.SSHKeyManager

Remarks

SSHKeyManager provides the capabilities of generating, storing, importing, and exporting SSH keys.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

cert_bytesReturns raw certificate data in DER format.
cert_caIndicates whether the certificate has a CA capability (a setting in BasicConstraints extension).
cert_ca_key_idA unique identifier (fingerprint) of the CA certificate's private key.
cert_crl_distribution_pointsLocations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.
cert_curveSpecifies the elliptic curve of the EC public key.
cert_fingerprintContains the fingerprint (a hash imprint) of this certificate.
cert_friendly_nameContains an associated alias (friendly name) of the certificate.
cert_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
cert_hash_algorithmSpecifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .
cert_issuerThe common name of the certificate issuer (CA), typically a company name.
cert_issuer_rdnA collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.
cert_key_algorithmSpecifies the public key algorithm of this certificate.
cert_key_bitsReturns the length of the public key.
cert_key_fingerprintReturns a fingerprint of the public key contained in the certificate.
cert_key_usageIndicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.
cert_key_validReturns True if the certificate's key is cryptographically valid, and False otherwise.
cert_ocsp_locationsLocations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.
cert_originReturns the origin of this certificate.
cert_policy_i_dsContains identifiers (OIDs) of the applicable certificate policies.
cert_private_key_bytesContains the certificate's private key.
cert_private_key_existsIndicates whether the certificate has an associated private key.
cert_private_key_extractableIndicates whether the private key is extractable.
cert_public_key_bytesContains the certificate's public key in DER format.
cert_self_signedIndicates whether the certificate is self-signed (root) or signed by an external CA.
cert_serial_numberReturns the certificate's serial number.
cert_sig_algorithmIndicates the algorithm that was used by the CA to sign this certificate.
cert_subjectThe common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.
cert_subject_key_idContains a unique identifier (fingerprint) of the certificate's private key.
cert_subject_rdnA collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).
cert_valid_fromThe time point at which the certificate becomes valid, in UTC.
cert_valid_toThe time point at which the certificate expires, in UTC.
crypto_key_algorithmThe algorithm of the cryptographic key.
crypto_key_bitsThe length of the key in bits.
crypto_key_exportableReturns True if the key is exportable (can be serialized into an array of bytes), and False otherwise.
crypto_key_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
crypto_key_idProvides access to a storage-specific key identifier.
crypto_key_ivThe initialization vector (IV) of a symmetric key.
crypto_key_keyThe byte array representation of the key.
crypto_key_nonceA nonce value associated with a key.
crypto_key_privateReturns True if the object hosts a private key, and False otherwise.
crypto_key_publicReturns True if the object hosts a public key, and False otherwise.
crypto_key_subjectReturns the key subject.
crypto_key_symmetricReturns True if the object contains a symmetric key, and False otherwise.
crypto_key_validReturns True if this key is valid.
key_algorithmSpecifies the key algorithm.
key_bitsThe number of bits in the key: the more the better, 2048 or 4096 are typical values.
key_commentThe comment for the public key.
key_curveSpecifies the elliptical curve when EC cryptography is used.
key_dssgThe G (Generator) parameter of the DSS signature key.
key_dsspThe P (Prime) parameter of the DSS signature key.
key_dssqThe Q (Prime Factor) parameter of the DSS signature key.
key_dssxThe X (Private key) parameter of the DSS signature key.
key_dssyThe Y (Public key) parameter of the DSS signature key.
key_eccdThe value of the secret key (the order of the public key, D) if elliptic curve (EC) cryptography is used.
key_eccqxThe value of the X coordinate of the public key if elliptic curve (EC) cryptography is used.
key_eccqyThe value of the Y coordinate of the public key if elliptic curve (EC) cryptography is used.
key_ed_privateThe value of the private key if EdDSA (Edwards-curve Digital Signature Algorithm) algorithm is used.
key_ed_publicThe value of the public key if EdDSA (Edwards-curve Digital Signature Algorithm) algorithm is used.
key_fingerprint_md5Contains the MD5 fingerprint (hash) of the key.
key_fingerprint_sha1Contains the SHA-1 fingerprint (hash) of the key.
key_fingerprint_sha256Contains the SHA-256 fingerprint (hash) of the key.
key_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
key_is_extractableWhether the key is extractable (e.
key_is_privateWhether this key is a private key or not.
key_is_publicWhether this key is a public key or not.
key_kdf_roundsReturns the number of iterations of the Key Derivation Function (KDF) used to generate this key.
key_kdf_saltThe salt value used by the Key Derivation Function (KDF) to generate this key.
key_key_formatSpecifies the format in which the key is stored.
key_key_protection_algorithmSpecifies the key protection algorithm.
key_rsa_exponentReturns the e parameter (public exponent) of the RSA key.
key_rsaiqmpReturns the iqmp parameter of the RSA key.
key_rsa_modulusReturns the m parameter (public modulus) of the RSA key.
key_rsapReturns the p parameter (first factor of the common modulus n) of the RSA key.
key_rsa_private_exponentReturns the d parameter (private exponent) of the RSA key.
key_rsaqReturns the q parameter (second factor of the common modulus n) of the RSA key.
key_subjectSpecifies the public key owner (subject).

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

configSets or retrieves a configuration setting.
export_bytesWrites the key to a memory buffer.
export_to_certExports the key to a certificate.
export_to_crypto_keyExports the key to a crypto key object.
export_to_fileWrites key to file.
generateGenerates a new SSH key.
get_key_paramReturns an algorithm-specific key parameter.
get_key_param_strReturns an algorithm-specific key parameter to a string.
import_bytesLoads key from buffer.
import_from_certLoads a key from a certificate.
import_from_crypto_keyImports a key from a crypto key.
import_from_fileLoads key from file.
set_key_paramSets an algorithm-specific key parameter.
set_key_param_strSets an algorithm-specific key parameter.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

on_errorInformation about errors during SSH key management.
on_notificationThis event notifies the application about an underlying control flow event.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

TempPathPath for storing temporary files.
CheckKeyIntegrityBeforeUseEnables or disable private key integrity check before use.
CookieCachingSpecifies whether a cookie cache should be used for HTTP(S) transports.
CookiesGets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only).
DefDeriveKeyIterationsSpecifies the default key derivation algorithm iteration count.
EnableClientSideSSLFFDHEEnables or disables finite field DHE key exchange support in TLS clients.
GlobalCookiesGets or sets global cookies for all the HTTP transports.
HttpUserAgentSpecifies the user agent name to be used by all HTTP clients.
LogDestinationSpecifies the debug log destination.
LogDetailsSpecifies the debug log details to dump.
LogFileSpecifies the debug log filename.
LogFiltersSpecifies the debug log filters.
LogFlushModeSpecifies the log flush mode.
LogLevelSpecifies the debug log level.
LogMaxEventCountSpecifies the maximum number of events to cache before further action is taken.
LogRotationModeSpecifies the log rotation mode.
MaxASN1BufferLengthSpecifies the maximal allowed length for ASN.1 primitive tag data.
MaxASN1TreeDepthSpecifies the maximal depth for processed ASN.1 trees.
OCSPHashAlgorithmSpecifies the hash algorithm to be used to identify certificates in OCSP requests.
UseOwnDNSResolverSpecifies whether the client classes should use own DNS resolver.
UseSharedSystemStoragesSpecifies whether the validation engine should use a global per-process copy of the system certificate stores.
UseSystemOAEPAndPSSEnforces or disables the use of system-driven RSA OAEP and PSS computations.
UseSystemRandomEnables or disables the use of the OS PRNG.

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox 2020 Python Edition - Version 20.0 [Build 8165]