internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-04-16 05:41:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix OpenSSH public key typing.

Browse Source
This commit is contained in:
Felix Fontein
2026-04-01 08:23:29 +02:00
parent 13ea1de2f3
commit 4c5962788d
2 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugins/module_utils/_openssh/certificate.py
View File

@@ -32,14 +32,12 @@ from ansible_collections.community.crypto.plugins.module_utils._time import (
if t.TYPE_CHECKING:
from ansible_collections.community.crypto.plugins.module_utils._openssh.cryptography import ( # pragma: no cover
KeyType,
PubKeyType,
)
DateFormat = t.Literal["human_readable", "openssh", "timestamp"] # pragma: no cover
DateFormatStr = t.Literal["human_readable", "openssh"] # pragma: no cover
DateFormatInt = t.Literal["timestamp"] # pragma: no cover
else:
KeyType = None # pylint: disable=invalid-name
# Protocol References
@@ -60,7 +58,7 @@ else:
_USER_TYPE = 1
_HOST_TYPE = 2
_SSH_TYPE_STRINGS: dict[KeyType | str, bytes] = {
_SSH_TYPE_STRINGS: dict[PubKeyType, bytes] = {
"rsa": b"ssh-rsa",
"dsa": b"ssh-dss",
"ecdsa-nistp256": b"ecdsa-sha2-nistp256",
@@ -76,7 +74,7 @@ _ECDSA_CURVE_IDENTIFIERS = {
"ecdsa-nistp384": b"nistp384",
"ecdsa-nistp521": b"nistp521",
}
_ECDSA_CURVE_IDENTIFIERS_LOOKUP = {
_ECDSA_CURVE_IDENTIFIERS_LOOKUP: dict[bytes, PubKeyType] = {
b"nistp256": "ecdsa-nistp256",
b"nistp384": "ecdsa-nistp384",
b"nistp521": "ecdsa-nistp521",
@@ -591,7 +589,7 @@ class OpensshCertificate:
for key_type, string in _SSH_TYPE_STRINGS.items():
if format_identifier == string + _CERT_SUFFIX_V01:
pub_key_type = t.cast(KeyType, key_type)
pub_key_type = key_type
break
else:
raise ValueError(
@@ -707,7 +705,7 @@ class OpensshCertificate:
@staticmethod
def _parse_cert_info(
pub_key_type: KeyType, parser: OpensshParser
pub_key_type: PubKeyType, parser: OpensshParser
) -> OpensshCertificateInfo:
cert_info = get_cert_info_object(pub_key_type)
cert_info.nonce = parser.string()
@@ -792,7 +790,7 @@ def fingerprint(public_key: bytes) -> bytes:
return b"SHA256:" + b64encode(h.digest()).rstrip(b"=")
def get_cert_info_object(key_type: KeyType) -> OpensshCertificateInfo:
def get_cert_info_object(key_type: PubKeyType) -> OpensshCertificateInfo:
if key_type == "rsa":
return OpensshRSACertificateInfo()
if key_type == "dsa":

3
plugins/module_utils/_openssh/cryptography.py
View File

@@ -76,6 +76,9 @@ if t.TYPE_CHECKING:
KeyFormat = t.Literal["SSH", "PKCS8", "PKCS1"] # pragma: no cover
KeySerializationFormat = t.Literal["PEM", "DER", "SSH"] # pragma: no cover
KeyType = t.Literal["rsa", "dsa", "ed25519", "ecdsa"] # pragma: no cover
PubKeyType = t.Literal[
"rsa", "dsa", "ed25519", "ecdsa-nistp256", "ecdsa-nistp384", "ecdsa-nistp521"
] # pragma: no cover
PrivateKeyTypes = t.Union[ # noqa: UP007
rsa.RSAPrivateKey,