Test implementation of a CA in Python.

This is mostly intended to be invoked from cryptsuite, so that I can make test certificates with various features to check the validation function. But it also has a command-line interface, which currently contains just enough features that I was able to generate a certificate and actually make sure OpenSSH accepted it (proving that I got the format right in this script). You _could_ expand this script into a full production CA, with a couple more command-line options, if you didn't mind the slightly awkward requirement that in command-line mode it insists on doing its signing via an SSH agent. But for the moment it's only intended for test purposes.
2025-07-04 13:02:47 -05:00 · 2022-04-25 11:03:24 +01:00
parent 21d4754b6a
commit 254635a2a1
2 changed files with 205 additions and 0 deletions
--- a/test/ssh.py
+++ b/test/ssh.py
@ -24,6 +24,9 @@ def ssh_byte(n):
 def ssh_uint32(n):
    return struct.pack(">L", n)

+def ssh_uint64(n):
+    return struct.pack(">Q", n)
+
 def ssh_string(s):
    return ssh_uint32(len(s)) + s

@ -53,6 +56,10 @@ def ssh_decode_byte(s):
 def ssh_decode_uint32(s):
    return struct.unpack_from(">L", s, 0)[0], 4

+@decoder
+def ssh_decode_uint64(s):
+    return struct.unpack_from(">Q", s, 0)[0], 8
+
@decoder
 def ssh_decode_string(s):
    length = ssh_decode_uint32(s)