diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2013-01-08 16:13:07 +0100 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2013-02-01 09:16:09 -0500 |
| commit | 86dde3a38e801bb88a7d573a2a37ce7201e29e0f (patch) | |
| tree | 0dc55fbc3f2d8076836302833900b5d58573ada7 /ipapython | |
| parent | c1735e1c80c9ec515f4a30cd212b7e331d7e2a83 (diff) | |
| download | freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.gz freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.xz freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.zip | |
Add support for RFC 6594 SSHFP DNS records.
https://fedorahosted.org/freeipa/ticket/2642
Diffstat (limited to 'ipapython')
| -rw-r--r-- | ipapython/ssh.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/ipapython/ssh.py b/ipapython/ssh.py index 3294aa430..c95488928 100644 --- a/ipapython/ssh.py +++ b/ipapython/ssh.py @@ -26,6 +26,7 @@ import base64 import re import struct from hashlib import md5, sha1 +from hashlib import sha256 #pylint: disable=E0611 __all__ = ['SSHPublicKey'] @@ -187,12 +188,20 @@ class SSHPublicKey(object): fp = u':'.join([fp[j:j+2] for j in range(0, len(fp), 2)]) return fp - def fingerprint_dns_sha1(self): + def _fingerprint_dns(self, fpfunc, fptype): if self._keytype == 'ssh-rsa': keytype = 1 elif self._keytype == 'ssh-dss': keytype = 2 + elif self._keytype.startswith('ecdsa-sha2-') and '@' not in self._keytype: + keytype = 3 else: return - fp = sha1(self._key).hexdigest().upper() - return u'%d 1 %s' % (keytype, fp) + fp = fpfunc(self._key).hexdigest().upper() + return u'%d %d %s' % (keytype, fptype, fp) + + def fingerprint_dns_sha1(self): + return self._fingerprint_dns(sha1, 1) + + def fingerprint_dns_sha256(self): + return self._fingerprint_dns(sha256, 2) |