Skip to content

Commit 12ebacb

Browse files
nookalanookala
authored
Add support for SHA256 fingerprint for diego-ssh (#4380)
* Add support for SHA256 fingerprint for diego-ssh Add a new property sha256_fingerprint that diego can use to avoid incompatibilities when updating from sha1 to sha256 * Add support for SHA256 fingerprint for diego-ssh Fix rubocop
1 parent badaab8 commit 12ebacb

File tree

4 files changed

+19
-4
lines changed

4 files changed

+19
-4
lines changed

lib/cloud_controller/diego/app_recipe_builder.rb

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,8 @@ def app_lrp_arguments
6161
routes[SSH_ROUTES_KEY] = Oj.dump({
6262
container_port: DEFAULT_SSH_PORT,
6363
private_key: ssh_key.private_key,
64-
host_fingerprint: ssh_key.fingerprint
64+
host_fingerprint: ssh_key.fingerprint,
65+
host_256_fingerprint: ssh_key.sha256_fingerprint
6566
})
6667
end
6768

lib/cloud_controller/diego/ssh_key.rb

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@ def fingerprint
2626
@fingerprint ||= ::SSHKey.new(key.to_der).sha1_fingerprint
2727
end
2828

29+
def sha256_fingerprint
30+
@sha256_fingerprint ||= ::SSHKey.new(key.to_der).sha256_fingerprint
31+
end
32+
2933
private
3034

3135
def key

spec/unit/lib/cloud_controller/diego/app_recipe_builder_spec.rb

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -934,7 +934,8 @@ module Diego
934934
expect(lrp.routes.routes['diego-ssh']).to eq(Oj.dump({
935935
container_port: 2222,
936936
private_key: ssh_key.private_key,
937-
host_fingerprint: ssh_key.fingerprint
937+
host_fingerprint: ssh_key.fingerprint,
938+
host_256_fingerprint: ssh_key.sha256_fingerprint
938939
}))
939940
end
940941
end
@@ -1037,7 +1038,8 @@ module Diego
10371038
expect(lrp.routes.routes['diego-ssh']).to eq(Oj.dump({
10381039
container_port: 2222,
10391040
private_key: ssh_key.private_key,
1040-
host_fingerprint: ssh_key.fingerprint
1041+
host_fingerprint: ssh_key.fingerprint,
1042+
host_256_fingerprint: ssh_key.sha256_fingerprint
10411043
}))
10421044
end
10431045
end
@@ -1383,7 +1385,8 @@ module Diego
13831385
expect(lrp.routes.routes['diego-ssh']).to eq(Oj.dump({
13841386
container_port: 2222,
13851387
private_key: ssh_key.private_key,
1386-
host_fingerprint: ssh_key.fingerprint
1388+
host_fingerprint: ssh_key.fingerprint,
1389+
host_256_fingerprint: ssh_key.sha256_fingerprint
13871390
}))
13881391
end
13891392
end

spec/unit/lib/cloud_controller/diego/ssh_key_spec.rb

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,13 @@ module Diego
3939
expect(ssh_key.fingerprint).to match(/([0-9a-f]{2}:){19}[0-9a-f]{2}/)
4040
end
4141
end
42+
43+
describe '#fingerprint 256' do
44+
it 'returns an sha256 fingerprint' do
45+
ssh_key = SSHKey.new(1024)
46+
expect(ssh_key.sha256_fingerprint).to match(%r{[a-zA-Z0-9+/=]{44}})
47+
end
48+
end
4249
end
4350
end
4451
end

0 commit comments

Comments
 (0)