# HG changeset patch # User Mads Kiilerich # Date 1601292798 -7200 # Node ID db26a69f6d5963ad369029891741f563fbbbb2fa # Parent c819a1e9103b31639941b8c3ba021c84bed06053 ssh: drop simple key parser for fingerprint calculation in public_key setter - use ssh.parse_pub_key Avoid having multiple slightly different parsers. diff -r c819a1e9103b -r db26a69f6d59 kallithea/model/db.py --- a/kallithea/model/db.py Mon Aug 24 15:02:16 2020 +0200 +++ b/kallithea/model/db.py Mon Sep 28 13:33:18 2020 +0200 @@ -44,7 +44,7 @@ from webob.exc import HTTPNotFound import kallithea -from kallithea.lib import ext_json +from kallithea.lib import ext_json, ssh from kallithea.lib.exceptions import DefaultUserException from kallithea.lib.utils2 import (Optional, asbool, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str, urlreadable) @@ -2300,8 +2300,12 @@ @public_key.setter def public_key(self, full_key): - # the full public key is too long to be suitable as database key - instead, - # use fingerprints similar to 'ssh-keygen -E sha256 -lf ~/.ssh/id_rsa.pub' + """The full public key is too long to be suitable as database key. + Instead, as a side-effect of setting the public key string, compute the + fingerprints according to https://tools.ietf.org/html/rfc4716#section-4 + BUT using sha256 instead of md5, similar to 'ssh-keygen -E sha256 -lf + ~/.ssh/id_rsa.pub' . + """ + keytype, key_bytes, comment = ssh.parse_pub_key(full_key) self._public_key = full_key - enc_key = safe_bytes(full_key.split(" ")[1]) - self.fingerprint = base64.b64encode(hashlib.sha256(base64.b64decode(enc_key)).digest()).replace(b'\n', b'').rstrip(b'=').decode() + self.fingerprint = base64.b64encode(hashlib.sha256(key_bytes).digest()).replace(b'\n', b'').rstrip(b'=').decode()