diff options
Diffstat (limited to 'vendor/golang.org/x/crypto')
-rw-r--r-- | vendor/golang.org/x/crypto/ssh/keys.go | 25 | ||||
-rw-r--r-- | vendor/golang.org/x/crypto/ssh/server.go | 2 |
2 files changed, 26 insertions, 1 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go index f2fc9b6..21f7d0d 100644 --- a/vendor/golang.org/x/crypto/ssh/keys.go +++ b/vendor/golang.org/x/crypto/ssh/keys.go @@ -10,10 +10,13 @@ import ( "crypto/dsa" "crypto/ecdsa" "crypto/elliptic" + "crypto/md5" "crypto/rsa" + "crypto/sha256" "crypto/x509" "encoding/asn1" "encoding/base64" + "encoding/hex" "encoding/pem" "errors" "fmt" @@ -878,3 +881,25 @@ func parseOpenSSHPrivateKey(key []byte) (*ed25519.PrivateKey, error) { copy(pk, pk1.Priv) return &pk, nil } + +// FingerprintLegacyMD5 returns the user presentation of the key's +// fingerprint as described by RFC 4716 section 4. +func FingerprintLegacyMD5(pubKey PublicKey) string { + md5sum := md5.Sum(pubKey.Marshal()) + hexarray := make([]string, len(md5sum)) + for i, c := range md5sum { + hexarray[i] = hex.EncodeToString([]byte{c}) + } + return strings.Join(hexarray, ":") +} + +// FingerprintSHA256 returns the user presentation of the key's +// fingerprint as unpadded base64 encoded sha256 hash. +// This format was introduced from OpenSSH 6.8. +// https://www.openssh.com/txt/release-6.8 +// https://tools.ietf.org/html/rfc4648#section-3.2 (unpadded base64 encoding) +func FingerprintSHA256(pubKey PublicKey) string { + sha256sum := sha256.Sum256(pubKey.Marshal()) + hash := base64.RawStdEncoding.EncodeToString(sha256sum[:]) + return "SHA256:" + hash +} diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go index 37df1b3..9037470 100644 --- a/vendor/golang.org/x/crypto/ssh/server.go +++ b/vendor/golang.org/x/crypto/ssh/server.go @@ -242,7 +242,7 @@ func checkSourceAddress(addr net.Addr, sourceAddr string) error { } if allowedIP := net.ParseIP(sourceAddr); allowedIP != nil { - if bytes.Equal(allowedIP, tcpAddr.IP) { + if allowedIP.Equal(tcpAddr.IP) { return nil } } else { |