Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove broken support for PEM-encoded SSH public keys #7581

Closed
silverwind opened this issue Jul 23, 2019 · 3 comments · Fixed by #7600
Closed

Remove broken support for PEM-encoded SSH public keys #7581

silverwind opened this issue Jul 23, 2019 · 3 comments · Fixed by #7600

Comments

@silverwind
Copy link
Member

silverwind commented Jul 23, 2019
edited
Loading

Trying to add a PEM-encoded public SSH key like

-----BEGIN RSA PUBLIC KEY-----
MIIBigKCAYEA7lqx/TJQQBSbMRNrwp+uAnBo2wTB/8Awb63Z8GwvDAH12Jz9JWYy
SE5ZglIw/JZ9h1zAK3F/ka8w0brLrzlQWyumjN1Rso4esl4yEOKbOdEDrA/rGyxJ
7wlUO8krU4Wd+BDo5yp/n+ugM6kEbrYSDKgFk/1g13kBiW3aLj5rlMYUJiy6hZkn
tSSVJ8w6zY6yj23UAgc2JmeAzSzutAx5NHeDdTeYl98nhu44JGNKkxHBCrAUizp0
FcNhMoApzONhStKJ2EhbXic2aasMTb91EzRW/7flJBJVtQLxOoQUYmzKKQGJJCkw
KJQuOj9GqtDDvV2v3meBUoTJE86j4Uu3TBAAhnH9XUGvploI6WrLm3n+Jp9Y/XJI
S65fqu9xBCoEl64jLf4dFSuCMRK02MAQV2siIRyIui3M4O5K5UEOwaReuVOOWzMj
vRoGeXYhMfuBA432qQTAtC6gBIn9UcejPdk2f5KErOhJeYGue3pHOagx3l7NWfZt
fEFyGifkl9k/AgMBAAE=
-----END RSA PUBLIC KEY-----

on a user or repo results in this weird error coming from here:

extractTypeFromBase64Key: invalid key format: not enough length 813826442

This has probably been broken for years.
@silverwind silverwind mentioned this issue Jul 23, 2019
Merged
@zeripath
Copy link
Contributor

zeripath commented Jul 24, 2019
edited
Loading

OK so there appear to be two different type of keys here - neither of which appear to work.

There is the SSH2 key type which I think is what this code is supposed to work for - but doesn't because they start with ---- BEGIN not -----BEGIN.

And there is the PEM type which is what you've tried here.

@silverwind
Copy link
Member Author

Yeah, it looks like the code is meant for this format:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20160816"
AAAAB3NzaC1yc2EAAAABJQAAAQEApoYJFnGDNis/2oCT6/h9Lzz2y0BVHLv8joXM
s4SYcYUVwBxNzqJsDWbikBn/h32AC36qAW24Bft+suGMtJGS3oSX53qR7ozsXs/D
lCO5FzRxi4JodStiYaz/pPK24WFOb4sLXr758tz2u+ZP2lfDfzn9nLxregZvO9m+
zpToLCWlXrzjZxDesJOcfh/eszU9KUKXfXn6Jsey7ej8TYqB2DgYCfv8jGm+oLVe
UOLEl7fxzjgcDdiLaXbqq7dFoOsHUABBV6kaXyE9LmkbXZB9lQ==
---- END SSH2 PUBLIC KEY ----

The way the fences are written there will not match our check for -----BEGIN which I added assuming it was for above format. I guess since no one complained about these keys not being supported, I guess we may as well opt to drop support for them given that they can easily be converted to the OpenSSH format.

I also just tested on GitHub and they only support the OpenSSH format.

@silverwind silverwind changed the title Unable to add PEM-encoded SSH public keys Remove broken support for PEM-encoded SSH public keys Jul 24, 2019
@zeripath zeripath mentioned this issue Jul 24, 2019
Merged
@zeripath
Copy link
Contributor

So #7600 should fix this.

@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Make PKCS8, PEM and SSH2 keys work zeripath/gitea
2 participants
@silverwind @zeripath