Skip to content

Commit

Permalink
(FACT-3110) support for ecdsa 384 and 521 bit keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@h0tw1r3
h0tw1r3 committed Dec 5, 2023
1 parent d81e711 commit b017cf4
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 0 deletions.
1 change: 1 addition & 0 deletions lib/facter/util/resolvers/ssh_helper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module Resolvers
class SshHelper
class << self
SSH_NAME = { 'ssh-dss' => 'dsa', 'ecdsa-sha2-nistp256' => 'ecdsa',
'ecdsa-sha2-nistp384' => 'ecdsa', 'ecdsa-sha2-nistp521' => 'ecdsa',
'ssh-ed25519' => 'ed25519', 'ssh-rsa' => 'rsa' }.freeze
SSH_FINGERPRINT = { 'rsa' => 1, 'dsa' => 2, 'ecdsa' => 3, 'ed25519' => 4 }.freeze

Expand Down
45 changes: 45 additions & 0 deletions spec/facter/resolvers/ssh_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,51 @@
end
end

context 'when ssh_host_ecdsa_key is 384 bit' do
let(:ecdsa_content) { load_fixture('ecdsa384').read.strip! }

let(:ecdsa_fingerprint) do
Facter::Util::Resolvers::FingerPrint.new(
'SSHFP 3 1 40e73aa13173931be732ecac43f3cac7b8bab56c',
'SSHFP 3 2 a2a1e30f31522bcb3fcda2e6898541ff44141b6c9f4c601c6b29fa476380823d'
)
end

let(:ecdsa_result) do
Facter::Util::Resolvers::Ssh.new(ecdsa_fingerprint, 'ecdsa-sha2-nistp384', ecdsa_content, 'ecdsa')
end

it 'returns resolved ssh' do
allow(Facter::Util::Resolvers::SshHelper).to receive(:create_ssh)
.with('ecdsa-sha2-nistp384', load_fixture('ecdsa384_key').read.strip!)
.and_return(ecdsa_result)

expect(Facter::Resolvers::Ssh.resolve(:ssh)).to eq([rsa_result, ecdsa_result, ed25519_result])
end
end

context 'when ssh_host_ecdsa_key is 521 bit' do
let(:ecdsa_content) { load_fixture('ecdsa521').read.strip! }

let(:ecdsa_fingerprint) do
Facter::Util::Resolvers::FingerPrint.new(
'SSHFP 3 1 70ef5390b9f2c3005c1029b7d7bf559b05c8b302',
'SSHFP 3 2 4cda4a78826bd671fc1028fb252a940446dba025e7a73b6bc900cf1058be90c6'
)
end
let(:ecdsa_result) do
Facter::Util::Resolvers::Ssh.new(ecdsa_fingerprint, 'ecdsa-sha2-nistp521', ecdsa_content, 'ecdsa')
end

it 'returns resolved ssh' do
allow(Facter::Util::Resolvers::SshHelper).to receive(:create_ssh)
.with('ecdsa-sha2-nistp521', load_fixture('ecdsa521_key').read.strip!)
.and_return(ecdsa_result)

expect(Facter::Resolvers::Ssh.resolve(:ssh)).to eq([rsa_result, ecdsa_result, ed25519_result])
end
end

context 'when ssh_host_ecdsa_key.pub file is also not readable' do
before do
allow(Facter::Util::FileHelper).to receive(:safe_read)
Expand Down
1 change: 1 addition & 0 deletions spec/fixtures/ecdsa384
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBI+YmNHUdvMtZSEdCDJLruZjtUGsi59cf/TNkmRKFcVGgaWO54NUXT/PlTwjm7g9uS1FKbZY4+MKP0Q4KsgfGJAwn9MLsdSeUGY2UIrhQ0UM6KUUZCDot0G7Xm2pAdy/Qw==
1 change: 1 addition & 0 deletions spec/fixtures/ecdsa384_key
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBI+YmNHUdvMtZSEdCDJLruZjtUGsi59cf/TNkmRKFcVGgaWO54NUXT/PlTwjm7g9uS1FKbZY4+MKP0Q4KsgfGJAwn9MLsdSeUGY2UIrhQ0UM6KUUZCDot0G7Xm2pAdy/Qw==
1 change: 1 addition & 0 deletions spec/fixtures/ecdsa521
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHKr7fO2HGs84ihV9+Z4Dkk4rX+FqhtKV4vGEIwnwR3r0GUIER1aIk+shXzOhCEPNqTiik5CRdE9sDhXkYDJa35+QFIBvo1i2qCNEQ1EowBbYZYBAhk3CPAhIUIYe+Achz+PCqBhqkPC+vHhqHpECAzOI0qjFuoT17rbEb4stl3n8yHfQ==
1 change: 1 addition & 0 deletions spec/fixtures/ecdsa521_key
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHKr7fO2HGs84ihV9+Z4Dkk4rX+FqhtKV4vGEIwnwR3r0GUIER1aIk+shXzOhCEPNqTiik5CRdE9sDhXkYDJa35+QFIBvo1i2qCNEQ1EowBbYZYBAhk3CPAhIUIYe+Achz+PCqBhqkPC+vHhqHpECAzOI0qjFuoT17rbEb4stl3n8yHfQ==

0 comments on commit b017cf4

Please sign in to comment.