Skip to content

Commit

Permalink
setup_sshkey: drop a dep on Crypto (ansible-collections#799)
Browse files Browse the repository at this point in the history
setup_sshkey: drop a dep on Crypto

Adjust ec2-fingerprint.py so it use cryptography instead of the
deprecated Crypto library.

Reviewed-by: Mark Chappell <None>
Reviewed-by: Jill R <None>
  • Loading branch information
goneri authored May 10, 2022
1 parent 93b8370 commit b06fb7a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 10 deletions.
2 changes: 1 addition & 1 deletion tests/integration/targets/ec2_key/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
# TODO - name: test 'validate_certs' parameter
# TODO - name: test creating key pair with another_key_material with force=yes
# ============================================================
# =============================================================

- module_defaults:
group/aws:
Expand Down
19 changes: 10 additions & 9 deletions tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,25 @@
(but without needing the OpenSSL CLI)
"""

from __future__ import absolute_import, division, print_function
__metaclass__ = type

import hashlib
import sys
from Crypto.PublicKey import RSA
from cryptography.hazmat.primitives import serialization

if len(sys.argv) == 0:
ssh_public_key = "id_rsa.pub"
else:
ssh_public_key = sys.argv[1]

with open(ssh_public_key, 'r') as key_fh:
data = key_fh.read()

# Convert from SSH format to DER format
public_key = RSA.importKey(data).exportKey('DER')
md5digest = hashlib.md5(public_key).hexdigest()
with open(ssh_public_key, "rb") as key_file:
public_key = serialization.load_ssh_public_key(
key_file.read(),
)
pub_der = public_key.public_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PublicFormat.SubjectPublicKeyInfo,
)
md5digest = hashlib.md5(pub_der).hexdigest()
# Format the md5sum into the normal format
pairs = zip(md5digest[::2], md5digest[1::2])
md5string = ":".join(["".join(pair) for pair in pairs])
Expand Down

0 comments on commit b06fb7a

Please sign in to comment.