PyPI - dissect.target - Versions diffs - 3.19.dev10__py3-none-any.whl → 3.19.dev12__py3-none-any.whl - Mend

dissect.target 3.19.dev10py3-none-any.whl → 3.19.dev12py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

dissect/target/plugins/apps/browser/chrome.py CHANGED Viewed

@@ -25,6 +25,7 @@ class ChromePlugin(ChromiumMixin, BrowserPlugin):
     DIRS = [
         # Windows
         "AppData/Local/Google/Chrome/User Data/Default",
+        "AppData/Local/Google/Chrome/User Data/Snapshots/*/Default",
         "AppData/Local/Google/Chrome/continuousUpdates/User Data/Default",
         "Local Settings/Application Data/Google/Chrome/User Data/Default",
         # Linux

dissect/target/plugins/apps/browser/chromium.py CHANGED Viewed

@@ -79,11 +79,12 @@ class ChromiumMixin:
         users_dirs: list[tuple] = []
         for user_details in self.target.user_details.all_with_home():
             for d in hist_paths:
-                cur_dir: TargetPath = user_details.home_path.joinpath(d)
-                cur_dir = cur_dir.resolve()
-                if not cur_dir.exists() or (user_details, cur_dir) in users_dirs:
-                    continue
-                users_dirs.append((user_details, cur_dir))
+                home_dir: TargetPath = user_details.home_path
+                for cur_dir in home_dir.glob(d):
+                    cur_dir = cur_dir.resolve()
+                    if not cur_dir.exists() or (user_details.user, cur_dir) in users_dirs:
+                        continue
+                    users_dirs.append((user_details, cur_dir))
         return users_dirs
     def _iter_db(

dissect/target/plugins/apps/browser/edge.py CHANGED Viewed

@@ -28,6 +28,7 @@ class EdgePlugin(ChromiumMixin, BrowserPlugin):
         ".var/app/com.microsoft.Edge/config/microsoft-edge/Default",
         # Windows
         "AppData/Local/Microsoft/Edge/User Data/Default",
+        "AppData/Local/Microsoft/Edge/User Data/Snapshots/*/Default",
         # Macos
         "Library/Application Support/Microsoft Edge/Default",
     ]

dissect/target/plugins/apps/ssh/openssh.py CHANGED Viewed

@@ -7,7 +7,6 @@ from typing import Iterator
 from dissect.target import Target
 from dissect.target.exceptions import UnsupportedPluginError
 from dissect.target.helpers.fsutil import TargetPath
-from dissect.target.helpers.ssh import SSHPrivateKey
 from dissect.target.plugin import export
 from dissect.target.plugins.apps.ssh.ssh import (
     AuthorizedKeysRecord,
@@ -15,6 +14,7 @@ from dissect.target.plugins.apps.ssh.ssh import (
     PrivateKeyRecord,
     PublicKeyRecord,
     SSHPlugin,
+    SSHPrivateKey,
     calculate_fingerprints,
 )

dissect/target/plugins/apps/ssh/ssh.py CHANGED Viewed

@@ -1,10 +1,55 @@
 import base64
+import binascii
 from hashlib import md5, sha1, sha256
+from dissect.cstruct import cstruct
 from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
 from dissect.target.helpers.record import create_extended_descriptor
 from dissect.target.plugin import NamespacePlugin
+rfc4716_def = """
+struct ssh_string {
+    uint32 length;
+    char value[length];
+}
+struct ssh_private_key {
+    char magic[15];
+    ssh_string cipher;
+    ssh_string kdf_name;
+    ssh_string kdf_options;
+    uint32 number_of_keys;
+    ssh_string public;
+    ssh_string private;
+}
+"""
+c_rfc4716 = cstruct(endian=">").load(rfc4716_def)
+RFC4716_MARKER_START = b"-----BEGIN OPENSSH PRIVATE KEY-----"
+RFC4716_MARKER_END = b"-----END OPENSSH PRIVATE KEY-----"
+RFC4716_MAGIC = b"openssh-key-v1\x00"
+RFC4716_PADDING = b"\x01\x02\x03\x04\x05\x06\x07"
+RFC4716_NONE = b"none"
+PKCS8_MARKER_START = b"-----BEGIN PRIVATE KEY-----"
+PKCS8_MARKER_END = b"-----END PRIVATE KEY-----"
+PKCS8_MARKER_START_ENCRYPTED = b"-----BEGIN ENCRYPTED PRIVATE KEY-----"
+PKCS8_MARKER_END_ENCRYPTED = b"-----END ENCRYPTED PRIVATE KEY-----"
+PEM_MARKER_START_RSA = b"-----BEGIN RSA PRIVATE KEY-----"
+PEM_MARKER_END_RSA = b"-----END RSA PRIVATE KEY-----"
+PEM_MARKER_START_DSA = b"-----BEGIN DSA PRIVATE KEY-----"
+PEM_MARKER_END_DSA = b"-----END DSA PRIVATE KEY-----"
+PEM_MARKER_START_EC = b"-----BEGIN EC PRIVATE KEY-----"
+PEM_MARKER_END_EC = b"-----END EC PRIVATE KEY-----"
+PEM_ENCRYPTED = b"ENCRYPTED"
 OpenSSHUserRecordDescriptor = create_extended_descriptor([UserRecordDescriptorExtension])
 COMMON_ELLEMENTS = [
@@ -96,3 +141,135 @@ def calculate_fingerprints(public_key_decoded: bytes, ssh_keygen_format: bool =
         fingerprint_sha256 = digest_sha256.hex()
     return digest_md5.hex(), fingerprint_sha1, fingerprint_sha256
+def is_rfc4716(data: bytes) -> bool:
+    """Validate data is a valid looking SSH private key in the OpenSSH format."""
+    return data.startswith(RFC4716_MARKER_START) and data.endswith(RFC4716_MARKER_END)
+def decode_rfc4716(data: bytes) -> bytes:
+    """Base64 decode the private key data."""
+    encoded_key_data = data.removeprefix(RFC4716_MARKER_START).removesuffix(RFC4716_MARKER_END)
+    try:
+        return base64.b64decode(encoded_key_data)
+    except binascii.Error:
+        raise ValueError("Error decoding RFC4716 key data")
+def is_pkcs8(data: bytes) -> bool:
+    """Validate data is a valid looking PKCS8 SSH private key."""
+    return (data.startswith(PKCS8_MARKER_START) and data.endswith(PKCS8_MARKER_END)) or (
+        data.startswith(PKCS8_MARKER_START_ENCRYPTED) and data.endswith(PKCS8_MARKER_END_ENCRYPTED)
+    )
+def is_pem(data: bytes) -> bool:
+    """Validate data is a valid looking PEM SSH private key."""
+    return (
+        (data.startswith(PEM_MARKER_START_RSA) and data.endswith(PEM_MARKER_END_RSA))
+        or (data.startswith(PEM_MARKER_START_DSA) and data.endswith(PEM_MARKER_END_DSA))
+        or (data.startswith(PEM_MARKER_START_EC) and data.endswith(PEM_MARKER_END_EC))
+    )
+class SSHPrivateKey:
+    """A class to parse (OpenSSH-supported) SSH private keys.
+    OpenSSH supports three types of keys:
+    * RFC4716 (default)
+    * PKCS8
+    * PEM
+    """
+    def __init__(self, data: bytes):
+        self.key_type = None
+        self.public_key = None
+        self.comment = ""
+        if is_rfc4716(data):
+            self.format = "RFC4716"
+            self._parse_rfc4716(data)
+        elif is_pkcs8(data):
+            self.format = "PKCS8"
+            self.is_encrypted = data.startswith(PKCS8_MARKER_START_ENCRYPTED)
+        elif is_pem(data):
+            self.format = "PEM"
+            self._parse_pem(data)
+        else:
+            raise ValueError("Unsupported private key format")
+    def _parse_rfc4716(self, data: bytes) -> None:
+        """Parse OpenSSH format SSH private keys.
+        The format:
+        "openssh-key-v1"0x00    # NULL-terminated "Auth Magic" string
+        32-bit length, "none"   # ciphername length and string
+        32-bit length, "none"   # kdfname length and string
+        32-bit length, nil      # kdf (0 length, no kdf)
+        32-bit 0x01             # number of keys, hard-coded to 1 (no length)
+        32-bit length, sshpub   # public key in ssh format
+            32-bit length, keytype
+            32-bit length, pub0
+            32-bit length, pub1
+        32-bit length for rnd+prv+comment+pad
+            64-bit dummy checksum?  # a random 32-bit int, repeated
+            32-bit length, keytype  # the private key (including public)
+            32-bit length, pub0     # Public Key parts
+            32-bit length, pub1
+            32-bit length, prv0     # Private Key parts
+            ...                     # (number varies by type)
+            32-bit length, comment  # comment string
+            padding bytes 0x010203  # pad to blocksize (see notes below)
+        Source: https://coolaj86.com/articles/the-openssh-private-key-format/
+        """
+        key_data = decode_rfc4716(data)
+        private_key = c_rfc4716.ssh_private_key(key_data)
+        # RFC4716 only supports 1 key at the moment.
+        if private_key.magic != RFC4716_MAGIC or private_key.number_of_keys != 1:
+            raise ValueError("Unexpected number of keys for RFC4716 format private key")
+        self.is_encrypted = private_key.cipher.value != RFC4716_NONE
+        self.public_key = base64.b64encode(private_key.public.value)
+        public_key_type = c_rfc4716.ssh_string(private_key.public.value)
+        self.key_type = public_key_type.value
+        if not self.is_encrypted:
+            private_key_data = private_key.private.value.rstrip(RFC4716_PADDING)
+            # We skip the two dummy uint32s at the start.
+            private_key_index = 8
+            private_key_type = c_rfc4716.ssh_string(private_key_data[private_key_index:])
+            private_key_index += 4 + private_key_type.length
+            self.key_type = private_key_type.value
+            private_key_fields = []
+            while private_key_index < len(private_key_data):
+                field = c_rfc4716.ssh_string(private_key_data[private_key_index:])
+                private_key_index += 4 + field.length
+                private_key_fields.append(field)
+            # There is always a comment present (with a length field of 0 for empty comments).
+            self.comment = private_key_fields[-1].value
+    def _parse_pem(self, data: bytes) -> None:
+        """Detect key type and encryption of PEM keys."""
+        self.is_encrypted = PEM_ENCRYPTED in data
+        if data.startswith(PEM_MARKER_START_RSA):
+            self.key_type = "ssh-rsa"
+        elif data.startswith(PEM_MARKER_START_DSA):
+            self.key_type = "ssh-dss"
+        # This is not a valid SSH key type, but we currently do not detect the specific ecdsa variant.
+        else:
+            self.key_type = "ecdsa"

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.19.dev10
+Version: 3.19.dev12
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/RECORD RENAMED Viewed

@@ -65,7 +65,6 @@ dissect/target/helpers/record.py,sha256=lWl7k2Mp9Axllm0tXzPGJx2zj2zONsyY_p5g424T
 dissect/target/helpers/record_modifier.py,sha256=3I_rC5jqvl0TsW3V8OQ6Dltz_D8J4PU1uhhzbJGKm9c,3245
 dissect/target/helpers/regutil.py,sha256=kX-sSZbW8Qkg29Dn_9zYbaQrwLumrr4Y8zJ1EhHXIAM,27337
 dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
-dissect/target/helpers/ssh.py,sha256=obB7sqUH0IoUo78NAmHM8TX0pgA_4GHICZ3TA3TW_0E,6324
 dissect/target/helpers/targetd.py,sha256=ELhUulzQ4OgXgHsWhsLgM14vut8Wm6btr7qTynlwKaE,1812
 dissect/target/helpers/utils.py,sha256=r36Bn0UL0E6Z8ajmQrHzC6RyUxTRdwJ1PNsd904Lmzs,4027
 dissect/target/helpers/compat/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -121,9 +120,9 @@ dissect/target/plugins/apps/av/trendmicro.py,sha256=8F4IWYCXG7HEniGridQ4ax82Mrx_
 dissect/target/plugins/apps/browser/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/browser/brave.py,sha256=EW1ubL10swHeV9CscfpE-SrNZozul_Ewj48LNRaG5Kg,2865
 dissect/target/plugins/apps/browser/browser.py,sha256=rBIwcgdl73gm-8APwx2jEUAYXRniXkqcdMr2UYj_tS8,4118
-dissect/target/plugins/apps/browser/chrome.py,sha256=hxS8gqpBwoCrPaxNpllIa6K9DtsSGzn6XXcUaHyes6w,3048
-dissect/target/plugins/apps/browser/chromium.py,sha256=N9hS-a45iEv_GyKhLZQR_FSkEjWlMA0f22eURBuxF5Y,27999
-dissect/target/plugins/apps/browser/edge.py,sha256=woXzZtHPWmfcV8vbxGKHELKru5JRb32MAXs43_b4K4E,2883
+dissect/target/plugins/apps/browser/chrome.py,sha256=DMONTYE95sI_jcmyQOapHwWQWwrezfYMllVCCPwhEP0,3117
+dissect/target/plugins/apps/browser/chromium.py,sha256=QOeWSSXFM1IbUh3PMUB14oy6sqAS_v2B3xhthAMM_8k,28058
+dissect/target/plugins/apps/browser/edge.py,sha256=tuuIbm4s8nNstA6nIOEfU0LG0jt20a8gf3rve2SXtdM,2953
 dissect/target/plugins/apps/browser/firefox.py,sha256=3Ucp85DXTDyCofW1_aEzjba_Pr0QyC4F5gX8NqY-uOg,30981
 dissect/target/plugins/apps/browser/iexplore.py,sha256=g_xw0toaiyjevxO8g9XPCOqc-CXZp39FVquRhPFGdTE,8801
 dissect/target/plugins/apps/container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -135,10 +134,10 @@ dissect/target/plugins/apps/remoteaccess/teamviewer.py,sha256=SiEH36HM2NvdPuCjfL
 dissect/target/plugins/apps/shell/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/shell/powershell.py,sha256=biPSMRWxPI6kRqP0-75yMtrw0Ti2Bzfl_xI3xbmmF48,2641
 dissect/target/plugins/apps/ssh/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/apps/ssh/openssh.py,sha256=yt3bX93Q9wfF25_vG9APMwfZWUUqCPyLlVJdhu20syI,7250
+dissect/target/plugins/apps/ssh/openssh.py,sha256=oaJeKmTvVMo4aePo4Ep7t0ludJPNuuokGEW07w4gAvQ,7216
 dissect/target/plugins/apps/ssh/opensshd.py,sha256=DaXKdgGF3GYHHA4buEvphcm6FF4C8YFjgD96Dv6rRnM,5510
 dissect/target/plugins/apps/ssh/putty.py,sha256=EmsXr2NbOB13-EWS5AkpEPMUhOkVl6FAy8JGUiaDhxk,10133
-dissect/target/plugins/apps/ssh/ssh.py,sha256=tTA87u0B8yY1yVCPV0VJdRUct6ggkir_pIziP-eKnVo,3009
+dissect/target/plugins/apps/ssh/ssh.py,sha256=d3U8PJbtMvOV3K0wV_9KzGt2oRs-mfNQz1_Xd6SNx0Y,9320
 dissect/target/plugins/apps/vpn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/vpn/openvpn.py,sha256=d-DGINTIHP_bvv3T09ZwbezHXGctvCyAhJ482m2_-a0,7654
 dissect/target/plugins/apps/vpn/wireguard.py,sha256=SoAMED_bwWJQ3nci5qEY-qV4wJKSSDZQ8K7DoJRYq0k,6521
@@ -345,10 +344,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.19.dev10.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.19.dev10.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.19.dev10.dist-info/METADATA,sha256=_IaES22tqwU15qttr5A5X3d0VUa43dSOESK8X8Ao0K0,12719
-dissect.target-3.19.dev10.dist-info/WHEEL,sha256=FZ75kcLy9M91ncbIgG8dnpCncbiKXSRGJ_PFILs6SFg,91
-dissect.target-3.19.dev10.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.19.dev10.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.19.dev10.dist-info/RECORD,,
+dissect.target-3.19.dev12.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.19.dev12.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.19.dev12.dist-info/METADATA,sha256=UR_OR6Mke9csuzDPtguApwOU8mClzRRkkWmmiqNv364,12719
+dissect.target-3.19.dev12.dist-info/WHEEL,sha256=Wyh-_nZ0DJYolHNn1_hMa4lM7uDedD_RGVwbmTjyItk,91
+dissect.target-3.19.dev12.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.19.dev12.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.19.dev12.dist-info/RECORD,,

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/WHEEL RENAMED Viewed

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (71.0.1)
+Generator: setuptools (71.1.0)
 Root-Is-Purelib: true
 Tag: py3-none-any

dissect/target/helpers/ssh.py DELETED Viewed

@@ -1,177 +0,0 @@
-import base64
-import binascii
-from dissect.cstruct import cstruct
-rfc4716_def = """
-struct ssh_string {
-    uint32 length;
-    char value[length];
-}
-struct ssh_private_key {
-    char magic[15];
-    ssh_string cipher;
-    ssh_string kdf_name;
-    ssh_string kdf_options;
-    uint32 number_of_keys;
-    ssh_string public;
-    ssh_string private;
-}
-"""
-c_rfc4716 = cstruct(endian=">").load(rfc4716_def)
-RFC4716_MARKER_START = b"-----BEGIN OPENSSH PRIVATE KEY-----"
-RFC4716_MARKER_END = b"-----END OPENSSH PRIVATE KEY-----"
-RFC4716_MAGIC = b"openssh-key-v1\x00"
-RFC4716_PADDING = b"\x01\x02\x03\x04\x05\x06\x07"
-RFC4716_NONE = b"none"
-PKCS8_MARKER_START = b"-----BEGIN PRIVATE KEY-----"
-PKCS8_MARKER_END = b"-----END PRIVATE KEY-----"
-PKCS8_MARKER_START_ENCRYPTED = b"-----BEGIN ENCRYPTED PRIVATE KEY-----"
-PKCS8_MARKER_END_ENCRYPTED = b"-----END ENCRYPTED PRIVATE KEY-----"
-PEM_MARKER_START_RSA = b"-----BEGIN RSA PRIVATE KEY-----"
-PEM_MARKER_END_RSA = b"-----END RSA PRIVATE KEY-----"
-PEM_MARKER_START_DSA = b"-----BEGIN DSA PRIVATE KEY-----"
-PEM_MARKER_END_DSA = b"-----END DSA PRIVATE KEY-----"
-PEM_MARKER_START_EC = b"-----BEGIN EC PRIVATE KEY-----"
-PEM_MARKER_END_EC = b"-----END EC PRIVATE KEY-----"
-PEM_ENCRYPTED = b"ENCRYPTED"
-class SSHPrivateKey:
-    """A class to parse (OpenSSH-supported) SSH private keys.
-    OpenSSH supports three types of keys:
-    * RFC4716 (default)
-    * PKCS8
-    * PEM
-    """
-    def __init__(self, data: bytes):
-        self.key_type = None
-        self.public_key = None
-        self.comment = ""
-        if is_rfc4716(data):
-            self.format = "RFC4716"
-            self._parse_rfc4716(data)
-        elif is_pkcs8(data):
-            self.format = "PKCS8"
-            self.is_encrypted = data.startswith(PKCS8_MARKER_START_ENCRYPTED)
-        elif is_pem(data):
-            self.format = "PEM"
-            self._parse_pem(data)
-        else:
-            raise ValueError("Unsupported private key format")
-    def _parse_rfc4716(self, data: bytes) -> None:
-        """Parse OpenSSH format SSH private keys.
-        The format:
-        "openssh-key-v1"0x00    # NULL-terminated "Auth Magic" string
-        32-bit length, "none"   # ciphername length and string
-        32-bit length, "none"   # kdfname length and string
-        32-bit length, nil      # kdf (0 length, no kdf)
-        32-bit 0x01             # number of keys, hard-coded to 1 (no length)
-        32-bit length, sshpub   # public key in ssh format
-            32-bit length, keytype
-            32-bit length, pub0
-            32-bit length, pub1
-        32-bit length for rnd+prv+comment+pad
-            64-bit dummy checksum?  # a random 32-bit int, repeated
-            32-bit length, keytype  # the private key (including public)
-            32-bit length, pub0     # Public Key parts
-            32-bit length, pub1
-            32-bit length, prv0     # Private Key parts
-            ...                     # (number varies by type)
-            32-bit length, comment  # comment string
-            padding bytes 0x010203  # pad to blocksize (see notes below)
-        Source: https://coolaj86.com/articles/the-openssh-private-key-format/
-        """
-        key_data = decode_rfc4716(data)
-        private_key = c_rfc4716.ssh_private_key(key_data)
-        # RFC4716 only supports 1 key at the moment.
-        if private_key.magic != RFC4716_MAGIC or private_key.number_of_keys != 1:
-            raise ValueError("Unexpected number of keys for RFC4716 format private key")
-        self.is_encrypted = private_key.cipher.value != RFC4716_NONE
-        self.public_key = base64.b64encode(private_key.public.value)
-        public_key_type = c_rfc4716.ssh_string(private_key.public.value)
-        self.key_type = public_key_type.value
-        if not self.is_encrypted:
-            private_key_data = private_key.private.value.rstrip(RFC4716_PADDING)
-            # We skip the two dummy uint32s at the start.
-            private_key_index = 8
-            private_key_type = c_rfc4716.ssh_string(private_key_data[private_key_index:])
-            private_key_index += 4 + private_key_type.length
-            self.key_type = private_key_type.value
-            private_key_fields = []
-            while private_key_index < len(private_key_data):
-                field = c_rfc4716.ssh_string(private_key_data[private_key_index:])
-                private_key_index += 4 + field.length
-                private_key_fields.append(field)
-            # There is always a comment present (with a length field of 0 for empty comments).
-            self.comment = private_key_fields[-1].value
-    def _parse_pem(self, data: bytes) -> None:
-        """Detect key type and encryption of PEM keys."""
-        self.is_encrypted = PEM_ENCRYPTED in data
-        if data.startswith(PEM_MARKER_START_RSA):
-            self.key_type = "ssh-rsa"
-        elif data.startswith(PEM_MARKER_START_DSA):
-            self.key_type = "ssh-dss"
-        # This is not a valid SSH key type, but we currently do not detect the specific ecdsa variant.
-        else:
-            self.key_type = "ecdsa"
-def is_rfc4716(data: bytes) -> bool:
-    """Validate data is a valid looking SSH private key in the OpenSSH format."""
-    return data.startswith(RFC4716_MARKER_START) and data.endswith(RFC4716_MARKER_END)
-def decode_rfc4716(data: bytes) -> bytes:
-    """Base64 decode the private key data."""
-    encoded_key_data = data.removeprefix(RFC4716_MARKER_START).removesuffix(RFC4716_MARKER_END)
-    try:
-        return base64.b64decode(encoded_key_data)
-    except binascii.Error:
-        raise ValueError("Error decoding RFC4716 key data")
-def is_pkcs8(data: bytes) -> bool:
-    """Validate data is a valid looking PKCS8 SSH private key."""
-    return (data.startswith(PKCS8_MARKER_START) and data.endswith(PKCS8_MARKER_END)) or (
-        data.startswith(PKCS8_MARKER_START_ENCRYPTED) and data.endswith(PKCS8_MARKER_END_ENCRYPTED)
-    )
-def is_pem(data: bytes) -> bool:
-    """Validate data is a valid looking PEM SSH private key."""
-    return (
-        (data.startswith(PEM_MARKER_START_RSA) and data.endswith(PEM_MARKER_END_RSA))
-        or (data.startswith(PEM_MARKER_START_DSA) and data.endswith(PEM_MARKER_END_DSA))
-        or (data.startswith(PEM_MARKER_START_EC) and data.endswith(PEM_MARKER_END_EC))
-    )

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.19.dev10.dist-info → dissect.target-3.19.dev12.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.19.dev10__py3-none-any.whl → 3.19.dev12__py3-none-any.whl

dissect.target 3.19.dev10py3-none-any.whl → 3.19.dev12py3-none-any.whl