|  | @@ -101,17 +101,15 @@ func (key *PublicKey) GetAuthorizedString() string {
 | 
											
												
													
														|  |  	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, setting.CustomConf, key.Content)
 |  |  	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, setting.CustomConf, key.Content)
 | 
											
												
													
														|  |  }
 |  |  }
 | 
											
												
													
														|  |  
 |  |  
 | 
											
												
													
														|  | -var (
 |  | 
 | 
											
												
													
														|  | -	MinimumKeySize = map[string]int{
 |  | 
 | 
											
												
													
														|  | -		"(ED25519)": 256,
 |  | 
 | 
											
												
													
														|  | -		"(ECDSA)":   256,
 |  | 
 | 
											
												
													
														|  | -		"(NTRU)":    1087,
 |  | 
 | 
											
												
													
														|  | -		"(MCE)":     1702,
 |  | 
 | 
											
												
													
														|  | -		"(McE)":     1702,
 |  | 
 | 
											
												
													
														|  | -		"(RSA)":     2048,
 |  | 
 | 
											
												
													
														|  | -		"(DSA)":     1024,
 |  | 
 | 
											
												
													
														|  | -	}
 |  | 
 | 
											
												
													
														|  | -)
 |  | 
 | 
											
												
													
														|  | 
 |  | +var minimumKeySizes = map[string]int{
 | 
											
												
													
														|  | 
 |  | +	"(ED25519)": 256,
 | 
											
												
													
														|  | 
 |  | +	"(ECDSA)":   256,
 | 
											
												
													
														|  | 
 |  | +	"(NTRU)":    1087,
 | 
											
												
													
														|  | 
 |  | +	"(MCE)":     1702,
 | 
											
												
													
														|  | 
 |  | +	"(McE)":     1702,
 | 
											
												
													
														|  | 
 |  | +	"(RSA)":     2048,
 | 
											
												
													
														|  | 
 |  | +	"(DSA)":     1024,
 | 
											
												
													
														|  | 
 |  | +}
 | 
											
												
													
														|  |  
 |  |  
 | 
											
												
													
														|  |  func extractTypeFromBase64Key(key string) (string, error) {
 |  |  func extractTypeFromBase64Key(key string) (string, error) {
 | 
											
												
													
														|  |  	b, err := base64.StdEncoding.DecodeString(key)
 |  |  	b, err := base64.StdEncoding.DecodeString(key)
 | 
											
										
											
												
													
														|  | @@ -228,15 +226,17 @@ func CheckPublicKeyString(content string) (bool, error) {
 | 
											
												
													
														|  |  	}
 |  |  	}
 | 
											
												
													
														|  |  
 |  |  
 | 
											
												
													
														|  |  	// Check if key type and key size match.
 |  |  	// Check if key type and key size match.
 | 
											
												
													
														|  | -	keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
 |  | 
 | 
											
												
													
														|  | -	if keySize == 0 {
 |  | 
 | 
											
												
													
														|  | -		return false, errors.New("cannot get key size of the given key")
 |  | 
 | 
											
												
													
														|  | -	}
 |  | 
 | 
											
												
													
														|  | -	keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
 |  | 
 | 
											
												
													
														|  | -	if minimumKeySize := MinimumKeySize[keyType]; minimumKeySize == 0 {
 |  | 
 | 
											
												
													
														|  | -		return false, errors.New("sorry, unrecognized public key type")
 |  | 
 | 
											
												
													
														|  | -	} else if keySize < minimumKeySize {
 |  | 
 | 
											
												
													
														|  | -		return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
 |  | 
 | 
											
												
													
														|  | 
 |  | +	if !setting.Service.DisableMinimumKeySizeCheck {
 | 
											
												
													
														|  | 
 |  | +		keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
 | 
											
												
													
														|  | 
 |  | +		if keySize == 0 {
 | 
											
												
													
														|  | 
 |  | +			return false, errors.New("cannot get key size of the given key")
 | 
											
												
													
														|  | 
 |  | +		}
 | 
											
												
													
														|  | 
 |  | +		keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
 | 
											
												
													
														|  | 
 |  | +		if minimumKeySize := minimumKeySizes[keyType]; minimumKeySize == 0 {
 | 
											
												
													
														|  | 
 |  | +			return false, errors.New("sorry, unrecognized public key type")
 | 
											
												
													
														|  | 
 |  | +		} else if keySize < minimumKeySize {
 | 
											
												
													
														|  | 
 |  | +			return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
 | 
											
												
													
														|  | 
 |  | +		}
 | 
											
												
													
														|  |  	}
 |  |  	}
 | 
											
												
													
														|  |  
 |  |  
 | 
											
												
													
														|  |  	return true, nil
 |  |  	return true, nil
 |