From 822d2b4baeb047e801caa518c1fc6af91cdfb2b5 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: May 18 2017 09:07:41 +0000
Subject: Drop the other OpenSSL keys from the serialization since we only use RSA


---

diff --git a/pagure/hooks/mirror_hook.py b/pagure/hooks/mirror_hook.py
index 6cccf53..bb78a7c 100644
--- a/pagure/hooks/mirror_hook.py
+++ b/pagure/hooks/mirror_hook.py
@@ -54,7 +54,7 @@ def _ssh_write_mpint(value):
     return _ssh_write_string(data)
 
 
-# Code from:
+# Code from _openssh_public_key_bytes at:
 # https://github.com/pyca/cryptography/blob/master/src/cryptography/hazmat/backends/openssl/backend.py#L1660
 def serialize_public_ssh_key( key):
     if isinstance(key, rsa.RSAPublicKey):
@@ -64,35 +64,9 @@ def serialize_public_ssh_key( key):
             _ssh_write_mpint(public_numbers.e) +
             _ssh_write_mpint(public_numbers.n)
         )
-    elif isinstance(key, dsa.DSAPublicKey):
-        public_numbers = key.public_numbers()
-        parameter_numbers = public_numbers.parameter_numbers
-        return b"ssh-dss " + base64.b64encode(
-            _ssh_write_string(b"ssh-dss") +
-            _ssh_write_mpint(parameter_numbers.p) +
-            _ssh_write_mpint(parameter_numbers.q) +
-            _ssh_write_mpint(parameter_numbers.g) +
-            _ssh_write_mpint(public_numbers.y)
-        )
     else:
-        assert isinstance(key, ec.EllipticCurvePublicKey)
-        public_numbers = key.public_numbers()
-        try:
-            curve_name = {
-                ec.SECP256R1: b"nistp256",
-                ec.SECP384R1: b"nistp384",
-                ec.SECP521R1: b"nistp521",
-            }[type(public_numbers.curve)]
-        except KeyError:
-            raise ValueError(
-                "Only SECP256R1, SECP384R1, and SECP521R1 curves are "
-                "supported by the SSH public key format"
-            )
-        return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
-            _ssh_write_string(b"ecdsa-sha2-" + curve_name) +
-            _ssh_write_string(curve_name) +
-            _ssh_write_string(public_numbers.encode_point())
-        )
+        # Since we only write RSA keys, drop the other serializations
+        return
 
 
 def split_target(target):
@@ -141,8 +115,9 @@ def create_ssh_key(keyfile):
 
     public_key = private_key.public_key()
     public_pem = serialize_public_ssh_key(public_key)
-    with open(keyfile + '.pub', 'w') as stream:
-        stream.write(public_pem)
+    if public_pem:
+        with open(keyfile + '.pub', 'w') as stream:
+            stream.write(public_pem)
 
 
 def check_or_create_ssh_config(ssh_folder, key_name, target):