Install

Works with Drupal: ^10.3 || ^11 || ^12

Using Composer to manage Drupal site dependencies

Alternative installation files

Download tar.gz 24.34 KB
MD5: 5179ee43458610b68fbdb050edfd3514
SHA-1: 642d5c10070a94789b61e34f525f12c40782b922
SHA-256: a59bf9a5f8b31c8d18b766af6c0b0c60bc06880e470e40c12d408af99909051f
Download zip 37.84 KB
MD5: b5b92b2036976aac3f04b2beb1d579aa
SHA-1: 37e384b9fde2c966934731c7b3f373bbac605126
SHA-256: fe895c7cc182b58d57fe4a4b3ef9538c2bf1e77060ad2db43e497d068aa1321f
Downloads are for manual installation, which is not recommended when using Drupal 8 or later.

Release notes

Highlights

  • OpenSSH-style SHA-256 fingerprints. Stored fingerprints move from md5-hex to SHA256:<base64> (matches ssh-keygen -lf). Run drush updatedb after upgrading — existing rows are migrated in batched chunks.
  • Minimum RSA modulus length as a per-field setting (default 2048 bits; 0 disables). Enforced via phpseclib.
  • Full structural validation. Every accepted algorithm is parsed by
    phpseclib3\Crypt\PublicKeyLoader, so curve-invalid ed25519, malformed RSA, and similar payloads are rejected — not just those failing the prefix check.
  • Length cap. The raw key value is capped at 16 KB (was previously bounded only by the underlying text/big column).

Security

  • XSS in NameFormatter::viewElements() — the admin-supplied name now renders as #plain_text instead of #markup.
  • MD5 fingerprint replaced with SHA-256 (MD5 collisions are practical).
  • sshkey.permissions.yml removed — it declared seven permissions that no code ever enforced; site builders granting them got no behavior change. Access has always flowed through the host entity's field-access logic.

Bug fixes

  • #3579902: Field-settings algorithm checkboxes now show saved selections when reopened; the validator honors the per-field allowlist (no more silent fallback to "accept anything the module recognises"); SshKeyConstraint constructor accepts Drupal's options-array calling convention.
  • #3579871: Declared a description on the sshkey_default field type — eliminates the "Undefined array key 'description'" warning on the Add Field form.
  • #3590025: Added per-field min_rsa_bits setting.
  • #3590156: Pre-stable audit — see Highlights, Security, and Cleanup.

Behaviour changes

  • Fingerprint column is now NOT NULL.
  • Utils::getFingerprintMd5() has been removed. getFingerprintSha256() now returns the OpenSSH SHA256:-prefixed format with base64 padding stripped.
  • The 7 permissions in sshkey.permissions.yml are gone (see Security).
  • The sshkey.module file is gone — the dead sshkey_theme() +
    theme_sshkey_fingerprint() functions had no callers.

Cleanup

  • generateSampleValue() now returns a wire-format key that passes the validator, so devel-generate fixtures actually exercise downstream paths.
  • sshkey.info.yml description rewritten for grammar.
  • field.storage_settings.sshkey_default schema no longer carries the foo placeholder.
  • Three lingering @todo/@DCG scaffold markers resolved.
  • README rewritten to describe the module as it actually is (field type, no permissions, no uniqueness constraint, SHA-256 fingerprints).

Upgrade

  1. Run drush updatedb (or visit update.php). This migrates existing
    fingerprints from MD5 to SHA-256 and tightens the column to NOT NULL.
  2. If you have downstream code calling Utils::getFingerprintMd5(), switch to
    getFingerprintSha256() (note the new SHA256: prefix in the return value).
  3. If you'd been granting the now-removed permissions to roles, those grants are silently dropped — they were never enforced, so no functional change.

Commits in this release

  1. ca591c8 Issue #3579902 by colan: Restore saved algorithm checkboxes in field settings form.
  2. 49552bd Issue #3579902 by colan: Honor field-settings algorithm allowlist during key validation.
  3. 2716141 Issue #3579902 by colan: Fix SshKeyConstraint to accept the factory's options-array call.
  4. fab0926 Issue #3579871 by colan: Declare a description on the sshkey_default field type.
  5. 5def9e8 Issue #3590025 by colan: Add minimum RSA key length enforcement to the SshKey field.
  6. 2ab473b Issue #3590156 by colan: Fix grammar in module description.
  7. bc4deef Issue #3590156 by colan: Fix misleading comment in SshKeyItem::setValue().
  8. c88e011 Issue #3590156 by colan: Remove the 'foo' placeholder from storage-settings schema.
  9. 0b0d910 Issue #3590156 by colan: Drop the dead sshkey.module file.
  10. 7264117 Issue #3590156 by colan: Escape admin-supplied name in NameFormatter (XSS).
  11. f678d31 Issue #3590156 by colan: Cap the SSH-key value at 16 KB.
  12. 279125a Issue #3590156 by colan: Make generateSampleValue() produce a parseable SSH key.
  13. a94bbd0 Issue #3590156 by colan: Fix CI failures from prior commits.
  14. b462023 Issue #3590156 by colan: Migrate fingerprints from MD5 to OpenSSH SHA-256.
  15. 44109ce Issue #3590156 by colan: Fix the SHA-256 migration commit's CI and counter.
  16. c85b466 Issue #3590156 by colan: Remove unenforced sshkey.permissions.yml.
  17. e3ff807 Issue #3590156 by colan: Validate full key structure via phpseclib.
  18. 075b718 Issue #3590156 by colan: Resolve trailing @todo and @DCG scaffold markers.
  19. 2fb54ca Issue #3590156 by colan: Fix CI failures from the structural-check commit.
  20. 621707b Issue #3590156 by colan: Rewrite README to match the module as it actually is.
  21. affcf7b Merge branch
    '3590156-pre-stable-audit' into '4.x'
Created by: colan
Created on: 15 May 2026 at 02:03 UTC
Last updated: 15 May 2026 at 02:03 UTC
Git tag 4.0.0-alpha6
Bug fixes

Other releases