ipapython.ssh: Port to Python 3

Sort out the accepted types.
Handle Python 3's stricter separation between bytes and unicode.

Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>

ipapython/ssh.py

@@ -25,6 +25,7 @@ SSH utilities.
 import base64
 import re
 import struct
+import binascii
 from hashlib import md5, sha1
 from hashlib import sha256  #pylint: disable=E0611
 
@@ -53,15 +54,16 @@ class SSHPublicKey(object):
             self._options = key._options
             return
 
-        if not isinstance(key, (str, unicode)):
-            raise TypeError("argument must be str or unicode, got %s" % type(key).__name__)
+        if not isinstance(key, (bytes, unicode)):
+            raise TypeError("argument must be bytes or unicode, got %s" % type(key).__name__)
 
         # All valid public key blobs start with 3 null bytes (see RFC 4253
         # section 6.6, RFC 4251 section 5 and RFC 4250 section 4.6)
-        if isinstance(key, str) and key[:3] != '\0\0\0':
+        if isinstance(key, bytes) and key[:3] != b'\0\0\0':
             key = key.decode(encoding)
 
         valid = self._parse_raw(key) or self._parse_base64(key) or self._parse_openssh(key)
+
         if not valid:
             raise ValueError("not a valid SSH public key")
 
@@ -71,7 +73,7 @@ class SSHPublicKey(object):
             self._options = options
 
     def _parse_raw(self, key):
-        if not isinstance(key, str):
+        if not isinstance(key, bytes):
             return False
 
         try:
@@ -100,7 +102,7 @@ class SSHPublicKey(object):
 
         try:
             key = base64.b64decode(key)
-        except TypeError:
+        except (TypeError, binascii.Error):
             return False
 
         return self._parse_raw(key)
@@ -168,7 +170,8 @@ class SSHPublicKey(object):
         return bool(self._options)
 
     def openssh(self):
-        out = u'%s %s' % (self._keytype, base64.b64encode(self._key))
+        key = base64.b64encode(self._key).decode('ascii')
+        out = u'%s %s' % (self._keytype, key)
 
         if self._options:
             options = []

ipatests/test_ipapython/test_ssh.py

@@ -47,23 +47,32 @@ def test_public_key_parsing():
     openssh = 'ssh-rsa %s' % b64
 
     pks = [
-        ('\xff',                    UnicodeDecodeError),
+        (b'\xff',                   UnicodeDecodeError),
+        (u'\xff',                   ValueError),
 
         (raw,                       openssh),
-        ('\0\0\0\x04none',          u'none AAAABG5vbmU='),
-        ('\0\0\0',                  ValueError),
-        ('\0\0\0\0',                ValueError),
-        ('\0\0\0\x01',              ValueError),
-        ('\0\0\0\x01\xff',          ValueError),
+        (b'\0\0\0\x04none',         u'none AAAABG5vbmU='),
+        (b'\0\0\0',                 ValueError),
+        (b'\0\0\0\0',               ValueError),
+        (b'\0\0\0\x01',             ValueError),
+        (b'\0\0\0\x01\xff',         ValueError),
+
+        (u'\0\0\0\x04none',         ValueError),
+        (u'\0\0\0',                 ValueError),
+        (u'\0\0\0\0',               ValueError),
+        (u'\0\0\0\x01',             ValueError),
+        (u'\0\0\0\x01\xff',         ValueError),
 
         (b64,                       openssh),
         (unicode(b64),              openssh),
+        (b64.encode('ascii'),       openssh),
         (u'\n%s\n\n' % b64,         openssh),
         (u'AAAABG5vbmU=',           u'none AAAABG5vbmU='),
         (u'AAAAB',                  ValueError),
 
         (openssh,                   openssh),
         (unicode(openssh),          openssh),
+        (openssh.encode('ascii'),   openssh),
         (u'none AAAABG5vbmU=',      u'none AAAABG5vbmU='),
         (u'\t \t ssh-rsa \t \t%s\t \tthis is a comment\t \t ' % b64,
                                     u'%s this is a comment' % openssh),