derivepassphrase.git

@@ -167,6 +167,45 @@ class SSHAgentClient:

             raise ValueError('malformed SSH byte string')

         return bytestring[4:]

+    @classmethod

+    def unstring_prefix(

+        cls, bytestring: bytes | bytearray, /

+    ) -> tuple[bytes | bytearray, bytes | bytearray]:

+        r"""Unpack an SSH string at the beginning of the byte string.

+

+        Args:

+            bytestring:

+                A (general) byte string, beginning with a framed/SSH

+                byte string.

+

+        Returns:

+            A 2-tuple `(a, b)`, where `a` is the unframed byte

+            string/payload at the beginning of input byte string, and

+            `b` is the remainder of the input byte string.

+

+        Raises:

+            ValueError:

+                The byte string does not begin with an SSH string.

+

+        Examples:

+            >>> a, b = SSHAgentClient.unstring_prefix(

+            ...     b'\x00\x00\x00\x07ssh-rsa____trailing data')

+            >>> (bytes(a), bytes(b))

+            (b'ssh-rsa', b'____trailing data')

+            >>> a, b = SSHAgentClient.unstring_prefix(

+            ...     SSHAgentClient.string(b'ssh-ed25519'))

+            >>> (bytes(a), bytes(b))

+            (b'ssh-ed25519', b'')

+

+        """

+        n = len(bytestring)

+        if n < 4:

+            raise ValueError('malformed SSH byte string')

+        m = int.from_bytes(bytestring[:4], 'big', signed=False)

+        if m + 4 > n:

+            raise ValueError('malformed SSH byte string')

+        return (bytestring[4:m + 4], bytestring[m + 4:])

+

     def request(

         self, code: int, payload: bytes | bytearray, /

     ) -> tuple[int, bytes | bytearray]:

@@ -331,20 +331,35 @@ def test_client_string(input, expected):

 ])

 def test_client_unstring(input, expected):

     unstring = ssh_agent_client.SSHAgentClient.unstring

+    unstring_prefix = ssh_agent_client.SSHAgentClient.unstring_prefix

     assert bytes(unstring(input)) == expected

+    assert tuple(bytes(x) for x in unstring_prefix(input)) == (expected, b'')

-@pytest.mark.parametrize(['input', 'exc_type', 'exc_pattern'], [

-    (b'ssh', ValueError, 'malformed SSH byte string'),

-    (b'\x00\x00\x00\x08ssh-rsa', ValueError, 'malformed SSH byte string'),

+@pytest.mark.parametrize(

+    ['input', 'exc_type', 'exc_pattern', 'has_trailer', 'parts'], [

+        (b'ssh', ValueError, 'malformed SSH byte string', False, None),

+        (

+            b'\x00\x00\x00\x08ssh-rsa',

+            ValueError, 'malformed SSH byte string',

+            False, None,

+        ),

         (

             b'\x00\x00\x00\x04XXX trailing text',

             ValueError, 'malformed SSH byte string',

+            True, (b'XXX ', b'trailing text'),

         ),

 ])

-def test_client_unstring_exceptions(input, exc_type, exc_pattern):

+def test_client_unstring_exceptions(input, exc_type, exc_pattern,

+                                    has_trailer, parts):

     unstring = ssh_agent_client.SSHAgentClient.unstring

+    unstring_prefix = ssh_agent_client.SSHAgentClient.unstring_prefix

     with pytest.raises(exc_type, match=exc_pattern):

         unstring(input)

+    if has_trailer:

+        assert tuple(bytes(x) for x in unstring_prefix(input)) == parts

+    else:

+        with pytest.raises(exc_type, match=exc_pattern):

+            unstring_prefix(input)

 def test_key_decoding():

     public_key = SUPPORTED['ed25519']['public_key']