cryptography icon indicating copy to clipboard operation
cryptography copied to clipboard
verified publisher icon pyca

Suggestion: Promote SSH Keys handling to first class

Open ccrvlh opened this issue 3 years ago • 0 comments

Currently SSH Key handling methods are mostly considered hazard materials in the hazmat module. This leads to a lot of boilerplate code to get a key pair.

It would be great to have SSH Keys as first class citizens, promoted to the Recipes layer, like Fernet is. The basic parameters I found so far are:

  • Public Exponent
  • Key Size (this could be restricted to 2048 minimum)
  • Encoding
  • Format

With sane defaults (public exponent = 65537, key_size = 2048, encoding = "OpenSSH", format = "OpenSSH") it would be possible to make a recipe with the most basic functionality like: generate_key_pair, infer_public_key_from_private_key, validate_key and others.

I would be happy to contribute to this, I have written a couple of recipes for personal use, but would need help to ensure reduced risk of safety issues.

ccrvlh avatar Aug 12 '22 17:08 ccrvlh