flake8
passed.
JSHint
passed.
Add wider support and validation for valid SHA1/256 fingerprints.
Review Request #14925 — Created March 17, 2026 and updated
CertificateFingerprints.from_string()now supports plain SHA1 and
SHA256 strings (without the semicolons used in fingerprints). These will
be converted into the correct format.The values are also now validated against regexes. This will first check
the line lengths and then follow up with a pattern match.
Unit tests pass.
| Summary | ID |
|---|---|
| 3591bcfc48229e9dc2e6d64c8267028e03d0b358 |
| Description | From | Last Updated |
|---|---|---|
|
A SHA1 hash is 20 bytes, but that corresponds to 40 hex characters. Your test didn't catch this because the … |
 david
|
|
|
Leftover debug code. |
 maubin
|
|
|
Might be nicer to do length == X and cls.SHA... here instead of nested if statements? Same with the elifs … |
maubin
|
|
|
It might be nice to switch to re.fullmatch() for these, to make it less fragile for future changes. I also … |
david
|
-
-
A SHA1 hash is 20 bytes, but that corresponds to 40 hex characters. Your test didn't catch this because the invalid character happened to be within the first half of the hash.
-
It might be nice to switch to
re.fullmatch()for these, to make it less fragile for future changes.I also agree with Michelle's comment about combining the conditionals--as long as length is listed first, it won't check the regex match.
It might also be nice to order these to keep sha1 and sha256 together, instead of going in reverse order by length.