From b06fb7ad38dcab16706afb4ff7f9b6710349f3da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gon=C3=A9ri=20Le=20Bouder?= Date: Tue, 10 May 2022 15:46:14 -0400 Subject: [PATCH] setup_sshkey: drop a dep on Crypto (#799) setup_sshkey: drop a dep on Crypto Adjust ec2-fingerprint.py so it use cryptography instead of the deprecated Crypto library. Reviewed-by: Mark Chappell Reviewed-by: Jill R --- .../targets/ec2_key/tasks/main.yml | 2 +- .../setup_sshkey/files/ec2-fingerprint.py | 19 ++++++++++--------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/tests/integration/targets/ec2_key/tasks/main.yml b/tests/integration/targets/ec2_key/tasks/main.yml index 01107930f66..19d34fb1a1b 100644 --- a/tests/integration/targets/ec2_key/tasks/main.yml +++ b/tests/integration/targets/ec2_key/tasks/main.yml @@ -1,7 +1,7 @@ --- # TODO - name: test 'validate_certs' parameter # TODO - name: test creating key pair with another_key_material with force=yes -# ============================================================ +# ============================================================= - module_defaults: group/aws: diff --git a/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py b/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py index ea2f51b0f4c..827856386d6 100644 --- a/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py +++ b/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py @@ -8,24 +8,25 @@ (but without needing the OpenSSL CLI) """ -from __future__ import absolute_import, division, print_function -__metaclass__ = type import hashlib import sys -from Crypto.PublicKey import RSA +from cryptography.hazmat.primitives import serialization if len(sys.argv) == 0: ssh_public_key = "id_rsa.pub" else: ssh_public_key = sys.argv[1] -with open(ssh_public_key, 'r') as key_fh: - data = key_fh.read() - -# Convert from SSH format to DER format -public_key = RSA.importKey(data).exportKey('DER') -md5digest = hashlib.md5(public_key).hexdigest() +with open(ssh_public_key, "rb") as key_file: + public_key = serialization.load_ssh_public_key( + key_file.read(), + ) +pub_der = public_key.public_bytes( + encoding=serialization.Encoding.DER, + format=serialization.PublicFormat.SubjectPublicKeyInfo, +) +md5digest = hashlib.md5(pub_der).hexdigest() # Format the md5sum into the normal format pairs = zip(md5digest[::2], md5digest[1::2]) md5string = ":".join(["".join(pair) for pair in pairs])