Overhaul PublicBlob and use it better within RSAKey.

This allows server-side Paramiko code to correctly create
cert-bearing RSAKey objects and thus verify client signatures,
and now the test suite passes again, barring the stub tests.

Re #1042

1 files changed, 19 insertions, 1 deletions

diff --git a/paramiko/rsakey.py b/paramiko/rsakey.py
index 7abcfa28..3f28689a 100644
--- a/paramiko/rsakey.py
+++ b/paramiko/rsakey.py
@@ -54,8 +54,26 @@ class RSAKey(PKey):
         else:
             if msg is None:
                 raise SSHException('Key object may not be empty')
-            if msg.get_text() != 'ssh-rsa':
+            type_ = msg.get_text()
+            nonce = None
+            # Regular public key - nothing special to do besides the implicit
+            # type check.
+            if type_ == 'ssh-rsa':
+                pass
+            # OpenSSH-compatible certificate - store full copy as .public_blob
+            # (so signing works correctly) and then fast-forward past the
+            # nonce.
+            elif type_ == 'ssh-rsa-cert-v01@openssh.com':
+                # This seems the cleanest way to 'clone' an already-being-read
+                # message?
+                self.load_certificate(Message(msg.asbytes()))
+                # Read out nonce as it comes before the public numbers.
+                # TODO: usefully interpret it & other non-public-number fields
+                nonce = msg.get_string()
+            else:
                 raise SSHException('Invalid key')
+            # Now that we've read type and (possibly) nonce, public numbers are
+            # next in either case.
             self.key = rsa.RSAPublicNumbers(
                 e=msg.get_mpint(), n=msg.get_mpint()
             ).public_key(default_backend())