fix ed25519 ssh key unpad() when padding not present (not needed)

fixes #1306
author: Pierce Lopez <pierce.lopez@gmail.com> 2019-03-02 17:57:21 -0500
committer: Jeff Forcier <jeff@bitprophet.org> 2019-06-21 16:22:09 -0400
commit: 3a28eedeaa5e13e6966e8be5fe716b9c4ae81e11 (patch)
tree: a278255a51c12cb96c7d32f494f365a0529e56e6
parent: c253bab909d43195f8d5e4cb5dd207f4bd53467b (diff)
download: paramiko-3a28eedeaa5e13e6966e8be5fe716b9c4ae81e11.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/paramiko/ed25519key.py b/paramiko/ed25519key.py
index 77d4d37d..32ab4643 100644
--- a/paramiko/ed25519key.py
+++ b/paramiko/ed25519key.py
@@ -37,10 +37,12 @@ def unpad(data):
     # really ought to be made constant time (possibly by upstreaming this logic
     # into pyca/cryptography).
     padding_length = six.indexbytes(data, -1)
-    if padding_length > 16:
+    if 0x20 <= padding_length < 0x7f:
+        return data  # no padding, last byte part comment (printable ascii)
+    if padding_length > 15:
         raise SSHException("Invalid key")
-    for i in range(1, padding_length + 1):
-        if six.indexbytes(data, -i) != (padding_length - i + 1):
+    for i in range(padding_length):
+        if six.indexbytes(data, i - padding_length) != i + 1:
             raise SSHException("Invalid key")
     return data[:-padding_length]
author	Pierce Lopez <pierce.lopez@gmail.com>	2019-03-02 17:57:21 -0500
committer	Jeff Forcier <jeff@bitprophet.org>	2019-06-21 16:22:09 -0400
commit	3a28eedeaa5e13e6966e8be5fe716b9c4ae81e11 (patch)
tree	a278255a51c12cb96c7d32f494f365a0529e56e6
parent	c253bab909d43195f8d5e4cb5dd207f4bd53467b (diff)
download	paramiko-3a28eedeaa5e13e6966e8be5fe716b9c4ae81e11.tar.gz