Mercurial > kallithea
changeset 8636:db26a69f6d59
ssh: drop simple key parser for fingerprint calculation in public_key setter - use ssh.parse_pub_key
Avoid having multiple slightly different parsers.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Mon, 28 Sep 2020 13:33:18 +0200 |
parents | c819a1e9103b |
children | 1f61f4772a76 |
files | kallithea/model/db.py |
diffstat | 1 files changed, 9 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/model/db.py Mon Aug 24 15:02:16 2020 +0200 +++ b/kallithea/model/db.py Mon Sep 28 13:33:18 2020 +0200 @@ -44,7 +44,7 @@ from webob.exc import HTTPNotFound import kallithea -from kallithea.lib import ext_json +from kallithea.lib import ext_json, ssh from kallithea.lib.exceptions import DefaultUserException from kallithea.lib.utils2 import (Optional, asbool, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str, urlreadable) @@ -2300,8 +2300,12 @@ @public_key.setter def public_key(self, full_key): - # the full public key is too long to be suitable as database key - instead, - # use fingerprints similar to 'ssh-keygen -E sha256 -lf ~/.ssh/id_rsa.pub' + """The full public key is too long to be suitable as database key. + Instead, as a side-effect of setting the public key string, compute the + fingerprints according to https://tools.ietf.org/html/rfc4716#section-4 + BUT using sha256 instead of md5, similar to 'ssh-keygen -E sha256 -lf + ~/.ssh/id_rsa.pub' . + """ + keytype, key_bytes, comment = ssh.parse_pub_key(full_key) self._public_key = full_key - enc_key = safe_bytes(full_key.split(" ")[1]) - self.fingerprint = base64.b64encode(hashlib.sha256(base64.b64decode(enc_key)).digest()).replace(b'\n', b'').rstrip(b'=').decode() + self.fingerprint = base64.b64encode(hashlib.sha256(key_bytes).digest()).replace(b'\n', b'').rstrip(b'=').decode()