The public SSH keys of a user are now stored in an authorized_keys
file in the All-Users repository in the refs/users/CD/ABCD branch of
the user.
Storing SSH keys in an authorized_keys file is the standard way for
SSH to store public keys. Each key is stored on a separate line.
The order of the keys in the file determines the sequence numbers of
the keys.
Invalid keys are marked with the prefix '# INVALID'.
To keep the sequence numbers intact when a key is deleted, a
'# DELETED' line is inserted at the position where the key was
deleted.
Other comment lines are ignored on read, and are not written back when
the file is modified.
Supporting a 2-step live migration for a multi-master Gerrit
installation is not needed since the googlesource.com instances do not
use SSH and there are no other multi-master installations.
On creation of an SSH key, RFC 4716 style keys need to be converted to
OpenSSH style keys. Also before adding a key it should be checked that
the key is parseable. Both of this requires classes from SSH libs that
are only available in the SSH layer. This is why the SSH key creation
must be done there. So far this was done in SshKeyCacheImpl, but since
SshKeyCacheImpl needs VersionedAuthorizedKeys to load keys and to mark
keys as invalid, VersionedAuthorizedKeys cannot not depend on
SshKeyCacheImpl as this would be a cyclic dependency. Instead split
out the SSH key creation from SshKeyCacheImpl into SshKeyCreatorImpl.
This way SshKeyCacheImpl depends on VersionedAuthorizedKeys and
VersionedAuthorizedKeys depends on SshKeyCreatorImpl, and there is no
dependency circle.
Change-Id: I8fcc3c0f27e034fc2c8e8ae3612068099075467d
Signed-off-by: Edwin Kempin <ekempin@google.com>