diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-02-27 20:44:06 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-02-27 07:44:06 -0500 |
| commit | 1f4e64615836dc59968ca104b19461caee477f3f (patch) | |
| tree | e4ee8644954c3ced0e2b6fe621b3ea3f431f996c /src/cryptography/hazmat/primitives/serialization | |
| parent | 871e97a89f0276e57c01f7692111fca42e819b59 (diff) | |
| download | cryptography-1f4e64615836dc59968ca104b19461caee477f3f.tar.gz cryptography-1f4e64615836dc59968ca104b19461caee477f3f.tar.bz2 cryptography-1f4e64615836dc59968ca104b19461caee477f3f.zip | |
support ed25519 openssh public keys (#4785)
* support ed25519 openssh public keys
* don't need this check
Diffstat (limited to 'src/cryptography/hazmat/primitives/serialization')
| -rw-r--r-- | src/cryptography/hazmat/primitives/serialization/ssh.py | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/primitives/serialization/ssh.py b/src/cryptography/hazmat/primitives/serialization/ssh.py index cb838927..a1d6c8c9 100644 --- a/src/cryptography/hazmat/primitives/serialization/ssh.py +++ b/src/cryptography/hazmat/primitives/serialization/ssh.py @@ -11,7 +11,7 @@ import six from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm -from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa +from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa def load_ssh_public_key(data, backend): @@ -31,6 +31,8 @@ def load_ssh_public_key(data, backend): b'ecdsa-sha2-nistp256', b'ecdsa-sha2-nistp384', b'ecdsa-sha2-nistp521', ]: loader = _load_ssh_ecdsa_public_key + elif key_type == b'ssh-ed25519': + loader = _load_ssh_ed25519_public_key else: raise UnsupportedAlgorithm('Key type is not supported.') @@ -102,6 +104,15 @@ def _load_ssh_ecdsa_public_key(expected_key_type, decoded_data, backend): return ec.EllipticCurvePublicKey.from_encoded_point(curve, data) +def _load_ssh_ed25519_public_key(expected_key_type, decoded_data, backend): + data, rest = _ssh_read_next_string(decoded_data) + + if rest: + raise ValueError('Key body contains extra bytes.') + + return ed25519.Ed25519PublicKey.from_public_bytes(data) + + def _ssh_read_next_string(data): """ Retrieves the next RFC 4251 string value from the data. |