Mercurial > kallithea

changeset 7989:e7be0cbb7850 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ssh: fix parsing of ed25519 keys When attempting to use ed25519 SSH keys, parse_pub_key() failed with: SshKeyParseError: Incorrect SSH key - base64 part is not 'ssh-ed25519' as claimed but 'ssh-ed25519' The problem was the hardcoding of the string length of the key type -- 7 or '\x07' -- which fits ssh-rsa and ssh-dss but not ssh-ed25519. (Fix was simplified by Mads Kiilerich.)
author Adi Kriegisch <adi@cg.tuwien.ac.at>
date Fri, 06 Dec 2019 21:21:24 +0100
parents 690e7a035521
children 01dbd21d206c 353c8f419553
files kallithea/lib/ssh.py
diffstat 1 files changed, 2 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/lib/ssh.py	Fri Dec 06 21:13:41 2019 +0100
+++ b/kallithea/lib/ssh.py	Fri Dec 06 21:21:24 2019 +0100
@@ -66,11 +66,8 @@
     >>> parse_pub_key(''' ssh-rsa  AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ== and a comment
     ... ''')
     ('ssh-rsa', '\x00\x00\x00\x07ssh-rsa\x00\x00\x00\x0bThis is fake!', 'and a comment\n')
-    >>> # FIXME below test shows incorrect behavior -- to be fixed in a subsequent commit
     >>> parse_pub_key('''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP1NA2kBQIKe74afUXmIWD9ByDYQJqUwW44Y4gJOBRuo''')
-    Traceback (most recent call last):
-    ...
-    SshKeyParseError: Incorrect SSH key - base64 part is not 'ssh-ed25519' as claimed but 'ssh-ed25519'
+    ('ssh-ed25519', '\x00\x00\x00\x0bssh-ed25519\x00\x00\x00 \xfdM\x03i\x01@\x82\x9e\xef\x86\x9fQy\x88X?A\xc86\x10&\xa50[\x8e\x18\xe2\x02N\x05\x1b\xa8', '')
     """
     if not ssh_key:
         raise SshKeyParseError(_("SSH key is missing"))
@@ -91,7 +88,7 @@
     except binascii.Error:
         raise SshKeyParseError(_("Incorrect SSH key - failed to decode base64 part %r") % keyvalue)
 
-    if not decoded.startswith('\x00\x00\x00\x07' + str(keytype) + '\x00'):
+    if not decoded.startswith('\x00\x00\x00' + chr(len(keytype)) + str(keytype) + '\x00'):
         raise SshKeyParseError(_("Incorrect SSH key - base64 part is not %r as claimed but %r") % (str(keytype), str(decoded[4:].split('\0', 1)[0])))
 
     return keytype, decoded, comment