Support Hardware Security Keys by updating openssh-keys

pothos · pothos · commit f0d1b0c54182 · 2022-11-15T17:16:38.000+01:00
This pulls in a newer version of the openssh-keys crate that supports
hardware security keys. A test case is added, too.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -14,7 +14,7 @@ clap = "2.33"
 fs2 = "0.4"
 # Public dependencies, exposed through library API.
 error-chain = { version = "0.12", default-features = false }
-openssh-keys = "0.4"
+openssh-keys = { git = "https://github.com/pothos/openssh-keys", branch = "add-sk-keys" }
 users = "0.8"
 
 [[bin]]
diff --git a/src/lib.rs b/src/lib.rs
@@ -35,10 +35,10 @@ extern crate users;
 pub mod errors {
     error_chain! {
         links {
-            ParseError(::openssh_keys::errors::Error, ::openssh_keys::errors::ErrorKind);
         }
         foreign_links {
             Io(::std::io::Error);
+            ParseError(::openssh_keys::errors::OpenSSHKeyError);
         }
         errors {
             KeysDisabled(name: String) {
diff --git a/tests/test_update_ssh_keys.py b/tests/test_update_ssh_keys.py
@@ -42,12 +42,16 @@
               '888yVOgsJ7HGGDGRMo5ytr2SUJB7QWsLX6Un/Zbu32nXsAqtqagxd6F'
               'Ies98TSekMh/hAv9uK92mEsXSINXOeIMKRedqOyPgk5IEOsFpxAUO4T'
               'xpYToeuM8HRemecxw2eIFHnax+mQqCsi7FgQ== core@valid2',
+    'valid3': 'sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9w'
+              'ZW5zc2guY29tAAAAIEX/dQ0v4127bEo8eeG1EV0ApO2lWbSnN6RWusn'
+              '/NjqIAAAABHNzaDo= demos@siril',
     'bad':    'ssh-bad this-not-a-key core@bad',
 }
 
 fingerprints = {
     'valid1': 'SHA256:yZ+o48h6quk9c+JVgJ/Zq4S5u4LUk6TSpneHKkmM9KY',
     'valid2': 'SHA256:RP5k1AybZ1kollIAnpUavr1v1nfZ0yloKvI46AMDPkM ',
+    'valid3': 'SHA256:U8IKRkIHed6vFMTflwweA3HhIf2DWgZ8EFTm9fgwOUk',
 }
 
 class UpdateSshKeysTestCase(unittest.TestCase):
@@ -107,14 +111,15 @@ def test_first_run(self):
         with open('%s/authorized_keys' % self.ssh_dir, 'w') as fd:
             fd.write('%s\n' % test_keys['valid1'])
             fd.write('%s\n' % test_keys['valid2'])
+            fd.write('%s\n' % test_keys['valid3'])
         proc = self.run_script()
         out, err = proc.communicate()
         self.assertEquals(proc.returncode, 0)
         self.assertTrue(out.startswith('Updated '))
         self.assertEquals(err, '')
         self.assertTrue(os.path.exists(
                 '%s/authorized_keys.d/old_authorized_keys' % self.ssh_dir))
-        self.assertHasKeys('valid1', 'valid2')
+        self.assertHasKeys('valid1', 'valid2', 'valid3')
 
     def test_add_one_file(self):
         proc = self.run_script('-a', 'one', self.pub_files['valid1'])

Original file line number	Diff line number	Diff line change
`@@ -35,10 +35,10 @@ extern crate users;`
`35`	`35`	`pub mod errors {`
`36`	`36`	`error_chain! {`
`37`	`37`	`links {`
`38`		`- ParseError(::openssh_keys::errors::Error, ::openssh_keys::errors::ErrorKind);`
`39`	`38`	`}`
`40`	`39`	`foreign_links {`
`41`	`40`	`Io(::std::io::Error);`
	`41`	`+ ParseError(::openssh_keys::errors::OpenSSHKeyError);`
`42`	`42`	`}`
`43`	`43`	`errors {`
`44`	`44`	`KeysDisabled(name: String) {`