Add settings for minimum key strength and allowed key type

This is an amalgamation of:

* Cory Hinshaw: Initial implementation !5552
* Rémy Coutable: Updates !9350
* Nick Thomas: Resolve conflicts and add ED25519 support !13712

app/controllers/admin/application_settings_controller.rb

@@ -66,6 +66,8 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
       end
     end
+    params[:application_setting][:allowed_key_types]&.delete('')
+
     enabled_oauth_sign_in_sources = params[:application_setting].delete(:enabled_oauth_sign_in_sources)
     params[:application_setting][:disabled_oauth_sign_in_sources] =
@@ -83,6 +85,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
   def visible_application_setting_attributes
     ApplicationSettingsHelper.visible_attributes + [
       :domain_blacklist_file,
+      allowed_key_types: [],
       disabled_oauth_sign_in_sources: [],
       import_sources: [],
       repository_storages: [],

app/helpers/application_settings_helper.rb

@@ -81,6 +81,20 @@ module ApplicationSettingsHelper
     end
   end
+  def allowed_key_types_checkboxes(help_block_id)
+    Gitlab::SSHPublicKey.technology_names.map do |type|
+      checked = current_application_settings.allowed_key_types.include?(type)
+      checkbox_id = "allowed_key_types-#{type}"
+
+      label_tag(checkbox_id, class: checked ? 'active' : nil) do
+        check_box_tag('application_setting[allowed_key_types][]', type, checked,
+                      autocomplete: 'off',
+                      'aria-describedby' => help_block_id,
+                      id: checkbox_id) + type.upcase
+      end
+    end
+  end
+
   def repository_storages_options_for_select
     options = Gitlab.config.repositories.storages.map do |name, storage|
       ["#{name} - #{storage['path']}", name]
@@ -141,6 +155,10 @@ module ApplicationSettingsHelper
       :metrics_port,
       :metrics_sample_interval,
       :metrics_timeout,
+      :minimum_dsa_bits,
+      :minimum_ecdsa_bits,
+      :minimum_ed25519_bits,
+      :minimum_rsa_bits,
       :password_authentication_enabled,
       :performance_bar_allowed_group_id,
       :performance_bar_enabled,

app/models/application_setting.rb

@@ -20,6 +20,7 @@ class ApplicationSetting < ActiveRecord::Base
   serialize :domain_blacklist, Array # rubocop:disable Cop/ActiveRecordSerialize
   serialize :repository_storages # rubocop:disable Cop/ActiveRecordSerialize
   serialize :sidekiq_throttling_queues, Array # rubocop:disable Cop/ActiveRecordSerialize
+  serialize :allowed_key_types, Array # rubocop:disable Cop/ActiveRecordSerialize
   cache_markdown_field :sign_in_text
   cache_markdown_field :help_page_text
@@ -146,6 +147,24 @@ class ApplicationSetting < ActiveRecord::Base
             presence: true,
             numericality: { greater_than_or_equal_to: 0 }
+  validates :allowed_key_types, presence: true
+
+  validates :minimum_rsa_bits,
+            presence: true,
+            inclusion: { in: Gitlab::SSHPublicKey.allowed_sizes('rsa') }
+
+  validates :minimum_dsa_bits,
+            presence: true,
+            inclusion: { in: Gitlab::SSHPublicKey.allowed_sizes('dsa') }
+
+  validates :minimum_ecdsa_bits,
+            presence: true,
+            inclusion: { in: Gitlab::SSHPublicKey.allowed_sizes('ecdsa') }
+
+  validates :minimum_ed25519_bits,
+            presence: true,
+            inclusion: { in: Gitlab::SSHPublicKey.allowed_sizes('ed25519') }
+
   validates_each :restricted_visibility_levels do |record, attr, value|
     value&.each do |level|
       unless Gitlab::VisibilityLevel.options.value?(level)
@@ -170,7 +189,16 @@ class ApplicationSetting < ActiveRecord::Base
     end
   end
+  validates_each :allowed_key_types do |record, attr, value|
+    value&.each do |type|
+      unless Gitlab::SSHPublicKey.allowed_type?(type)
+        record.errors.add(attr, "'#{type}' is not a valid SSH key type")
+      end
+    end
+  end
+
   before_validation :ensure_uuid!
+
   before_save :ensure_runners_registration_token
   before_save :ensure_health_check_access_token
@@ -212,6 +240,7 @@ class ApplicationSetting < ActiveRecord::Base
     {
       after_sign_up_text: nil,
       akismet_enabled: false,
+      allowed_key_types: Gitlab::SSHPublicKey.technology_names,
       container_registry_token_expire_delay: 5,
       default_artifacts_expire_in: '30 days',
       default_branch_protection: Settings.gitlab['default_branch_protection'],
@@ -239,6 +268,10 @@ class ApplicationSetting < ActiveRecord::Base
       max_attachment_size: Settings.gitlab['max_attachment_size'],
       password_authentication_enabled: Settings.gitlab['password_authentication_enabled'],
       performance_bar_allowed_group_id: nil,
+      minimum_rsa_bits: 1024,
+      minimum_dsa_bits: 1024,
+      minimum_ecdsa_bits: 256,
+      minimum_ed25519_bits: 256,
       plantuml_enabled: false,
       plantuml_url: nil,
       project_export_enabled: true,

app/models/key.rb

 require 'digest/md5'
 class Key < ActiveRecord::Base
+  include AfterCommitQueue
+  include Gitlab::CurrentSettings
   include Sortable
   LAST_USED_AT_REFRESH_TIME = 1.day.to_i
@@ -12,14 +14,18 @@ class Key < ActiveRecord::Base
   validates :title,
     presence: true,
     length: { maximum: 255 }
+
   validates :key,
     presence: true,
     length: { maximum: 5000 },
     format: { with: /\A(ssh|ecdsa)-.*\Z/ }
+
   validates :fingerprint,
     uniqueness: true,
     presence: { message: 'cannot be generated' }
+  validate :key_meets_minimum_bit_length, :key_type_is_allowed
+
   delegate :name, :email, to: :user, prefix: true
   after_commit :add_to_shell, on: :create
@@ -80,6 +86,10 @@ class Key < ActiveRecord::Base
     SystemHooksService.new.execute_hooks_for(self, :destroy)
   end
+  def public_key
+    @public_key ||= Gitlab::SSHPublicKey.new(key)
+  end
+
   private
   def generate_fingerprint
@@ -87,7 +97,40 @@ class Key < ActiveRecord::Base
     return unless self.key.present?
-    self.fingerprint = Gitlab::KeyFingerprint.new(self.key).fingerprint
+    self.fingerprint = public_key.fingerprint
+  end
+
+  def key_meets_minimum_bit_length
+    case public_key.type
+    when :rsa
+      if public_key.bits < current_application_settings.minimum_rsa_bits
+        errors.add(:key, "length must be at least #{current_application_settings.minimum_rsa_bits} bits")
+      end
+    when :dsa
+      if public_key.bits < current_application_settings.minimum_dsa_bits
+        errors.add(:key, "length must be at least #{current_application_settings.minimum_dsa_bits} bits")
+      end
+    when :ecdsa
+      if public_key.bits < current_application_settings.minimum_ecdsa_bits
+        errors.add(:key, "elliptic curve size must be at least #{current_application_settings.minimum_ecdsa_bits} bits")
+      end
+    when :ed25519
+      if public_key.bits < current_application_settings.minimum_ed25519_bits
+        errors.add(:key, "length must be at least #{current_application_settings.minimum_ed25519_bits} bits")
+      end
+    end
+  end
+
+  def key_type_is_allowed
+    unless current_application_settings.allowed_key_types.include?(public_key.type.to_s)
+      allowed_types =
+        current_application_settings
+        .allowed_key_types
+        .map(&:upcase)
+        .to_sentence(last_word_connector: ', or ', two_words_connector: ' or ')
+
+      errors.add(:key, "type is not allowed. Must be #{allowed_types}")
+    end
   end
   def notify_user

app/views/admin/application_settings/_form.html.haml

@@ -42,18 +42,57 @@
           = link_to "(?)", help_page_path("integration/bitbucket")
           and GitLab.com
           = link_to "(?)", help_page_path("integration/gitlab")
+
+    .form-group
+      .col-sm-offset-2.col-sm-10
+        .checkbox
+          = f.label :project_export_enabled do
+            = f.check_box :project_export_enabled
+            Project export enabled
+
     .form-group
       %label.control-label.col-sm-2 Enabled Git access protocols
       .col-sm-10
         = select(:application_setting, :enabled_git_access_protocol, [['Both SSH and HTTP(S)', nil], ['Only SSH', 'ssh'], ['Only HTTP(S)', 'http']], {}, class: 'form-control')
         %span.help-block#clone-protocol-help
           Allow only the selected protocols to be used for Git access.
+
     .form-group
-      .col-sm-offset-2.col-sm-10
-        .checkbox
-          = f.label :project_export_enabled do
-            = f.check_box :project_export_enabled
-            Project export enabled
+      = f.label :allowed_key_types, 'Allowed SSH keys', class: 'control-label col-sm-2'
+      .col-sm-10
+        = hidden_field_tag 'application_setting[allowed_key_types][]', nil, id: 'allowed_key_types-none'
+        - allowed_key_types_checkboxes('allowed-key-types-help').each do |key_type_checkbox|
+          .checkbox= key_type_checkbox
+        %span.help-block#allowed-key-types-help
+          Only SSH keys with allowed algorithms can be uploaded.
+
+    .form-group
+      = f.label :minimum_rsa_bits, 'Minimum RSA key length', class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.select :minimum_rsa_bits, Gitlab::SSHPublicKey.allowed_sizes('rsa'), {}, class: 'form-control'
+        .help-block
+          The minimum length for user RSA SSH keys (in bits)
+
+    .form-group
+      = f.label :minimum_dsa_bits, 'Minimum DSA key length', class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.select :minimum_dsa_bits, Gitlab::SSHPublicKey.allowed_sizes('dsa'), {}, class: 'form-control'
+        .help-block
+          The minimum length for user DSA SSH keys (in bits)
+
+    .form-group
+      = f.label :minimum_ecdsa_bits, 'Minimum ECDSA key length', class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.select :minimum_ecdsa_bits, Gitlab::SSHPublicKey.allowed_sizes('ecdsa'), {}, class: 'form-control'
+        .help-block
+          The minimum elliptic curve size for user ECDSA SSH keys (in bits)
+
+    .form-group
+      = f.label :minimum_ed25519_bits, 'Minimum ED25519 key length', class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.select :minimum_ed25519_bits, Gitlab::SSHPublicKey.allowed_sizes('ed25519'), {}, class: 'form-control'
+        .help-block
+          The minimum length for user ED25519 SSH keys (in bits)
   %fieldset
     %legend Account and Limit Settings

changelogs/unreleased/17849-allow-admin-to-restrict-min-key-length-and-techno.yml

+---
+title: Add settings for minimum key strength and allowed key type
+merge_request: 13712
+author: Cory Hinshaw
+type: added

db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb

+class AddMinimumKeyLengthToApplicationSettings < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default :application_settings, :minimum_rsa_bits, :integer, default: 1024
+    add_column_with_default :application_settings, :minimum_dsa_bits, :integer, default: 1024
+    add_column_with_default :application_settings, :minimum_ecdsa_bits, :integer, default: 256
+    add_column_with_default :application_settings, :minimum_ed25519_bits, :integer, default: 256
+    add_column_with_default :application_settings, :allowed_key_types, :string, default: %w[rsa dsa ecdsa ed25519].to_yaml
+  end
+
+  def down
+    remove_column :application_settings, :minimum_rsa_bits
+    remove_column :application_settings, :minimum_dsa_bits
+    remove_column :application_settings, :minimum_ecdsa_bits
+    remove_column :application_settings, :minimum_ed25519_bits
+    remove_column :application_settings, :allowed_key_types
+  end
+end

db/schema.rb

@@ -129,6 +129,11 @@ ActiveRecord::Schema.define(version: 20170824162758) do
     t.boolean "password_authentication_enabled"
     t.boolean "project_export_enabled", default: true, null: false
     t.boolean "hashed_storage_enabled", default: false, null: false
+    t.integer "minimum_rsa_bits", default: 1024, null: false
+    t.integer "minimum_dsa_bits", default: 1024, null: false
+    t.integer "minimum_ecdsa_bits", default: 256, null: false
+    t.integer "minimum_ed25519_bits", default: 256, null: false
+    t.string "allowed_key_types", default: "---\n- rsa\n- dsa\n- ecdsa\n- ed25519\n", null: false
   end
   create_table "audit_events", force: :cascade do |t|

doc/api/settings.md

@@ -48,7 +48,12 @@ Example response:
    "plantuml_enabled": false,
    "plantuml_url": null,
    "terminal_max_session_time": 0,
-   "polling_interval_multiplier": 1.0
+   "polling_interval_multiplier": 1.0,
+   "minimum_rsa_bits": 1024,
+   "minimum_dsa_bits": 1024,
+   "minimum_ecdsa_bits": 256,
+   "minimum_ed25519_bits": 256,
+   "allowed_key_types": ["rsa", "dsa", "ecdsa", "ed25519"]
 }
 ```
@@ -88,6 +93,11 @@ PUT /application/settings
 | `plantuml_url` | string | yes (if `plantuml_enabled` is `true`) |  The PlantUML instance URL for integration. |
 | `terminal_max_session_time` | integer | no | Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time. |
 | `polling_interval_multiplier` | decimal | no | Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling. |
+| `minimum_rsa_bits` | integer | no | The minimum allowed bit length of an uploaded RSA key. Default is `1024`.
+| `minimum_dsa_bits` | integer | no | The minimum allowed bit length of an uploaded DSA key. Default is `1024`.
+| `minimum_ecdsa_bits` | integer | no | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `256`.
+| `minimum_ed25519_bits` | integer | no | The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is `256`.
+| `allowed_key_types` | array of strings | no | Array of SSH key types accepted by the application. Allowed values are: `rsa`, `dsa`, `ecdsa`, and `ed25519`. Default is `["rsa", "dsa", "ecdsa", "ed25519"]`.
 ```bash
 curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/application/settings?signup_enabled=false&default_project_visibility=internal
@@ -125,6 +135,11 @@ Example response:
   "plantuml_enabled": false,
   "plantuml_url": null,
   "terminal_max_session_time": 0,
-  "polling_interval_multiplier": 1.0
+  "polling_interval_multiplier": 1.0,
+  "minimum_rsa_bits": 1024,
+  "minimum_dsa_bits": 1024,
+  "minimum_ecdsa_bits": 256,
+  "minimum_ed25519_bits": 256,
+  "allowed_key_types": ["rsa", "dsa", "ecdsa", "ed25519"]
 }
 ```

doc/security/README.md

 # Security
 - [Password length limits](password_length_limits.md)
+- [Restrict allowed SSH key technologies and minimum length](ssh_keys_restrictions.md)
 - [Rack attack](rack_attack.md)
 - [Webhooks and insecure internal web services](webhooks.md)
 - [Information exclusivity](information_exclusivity.md)

doc/security/ssh_keys_restrictions.md

+# Restrict allowed SSH key technologies and minimum length
+
+`ssh-keygen` allows users to create RSA keys with as few as 768 bits, which
+falls well below recommendations from certain standards groups (such as the US
+NIST). Some organizations deploying Gitlab will need to enforce minimum key
+strength, either to satisfy internal security policy or for regulatory
+compliance.
+
+Similarly, certain standards groups recommend using RSA or ECDSA over the older
+DSA and administrators may need to limit the allowed SSH key algorithms.
+
+GitLab allows you to restrict the allowed SSH key technology as well as specify
+the minimum key length for each technology.
+
+In the Admin area under **Settings** (`/admin/application_settings`), look for
+the "Visibility and Access Controls" area:
+
+![SSH keys restriction admin settings](img/ssh_keys_restrictions_settings.png)

lib/api/entities.rb

@@ -744,6 +744,7 @@ module API
       expose(:default_snippet_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_snippet_visibility) }
       expose(:default_group_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_group_visibility) }
       expose :password_authentication_enabled, as: :signin_enabled
+      expose :allowed_key_types
     end
     class Release < Grape::Entity

lib/api/settings.rb

@@ -122,6 +122,12 @@ module API
       optional :terminal_max_session_time, type: Integer, desc: 'Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.'
       optional :polling_interval_multiplier, type: BigDecimal, desc: 'Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.'
+      optional :minimum_rsa_bits, type: Integer, values: Gitlab::SSHPublicKey.allowed_sizes('rsa'), desc: 'The minimum allowed bit length of an uploaded RSA key.'
+      optional :minimum_dsa_bits, type: Integer, values: Gitlab::SSHPublicKey.allowed_sizes('dsa'), desc: 'The minimum allowed bit length of an uploaded DSA key.'
+      optional :minimum_ecdsa_bits, type: Integer, values: Gitlab::SSHPublicKey.allowed_sizes('ecdsa'), desc: 'The minimum allowed curve size (in bits) of an uploaded ECDSA key.'
+      optional :minimum_ed25519_bits, type: Integer, values: Gitlab::SSHPublicKey.allowed_sizes('ed25519'), desc: 'The minimum allowed curve size (in bits) of an uploaded ED25519 key.'
+      optional :allowed_key_types, type: Array[String], values: Gitlab::SSHPublicKey.technology_names, desc: 'The SSH key types accepted by the application (`rsa`, `dsa`, `ecdsa` or `ed25519`).'
+
       optional(*::ApplicationSettingsHelper.visible_attributes)
       at_least_one_of(*::ApplicationSettingsHelper.visible_attributes)
     end

lib/gitlab/git_access.rb

@@ -34,6 +34,7 @@ module Gitlab
     end
     def check(cmd, changes)
+      check_valid_actor!
       check_protocol!
       check_active_user!
       check_project_accessibility!
@@ -70,6 +71,14 @@ module Gitlab
     private
+    def check_valid_actor!
+      return unless actor.is_a?(Key)
+
+      unless actor.valid?
+        raise UnauthorizedError, "Your SSH key #{actor.errors[:key].first}."
+      end
+    end
+
     def check_protocol!
       unless protocol_allowed?
         raise UnauthorizedError, "Git access over #{protocol.upcase} is not allowed"

lib/gitlab/key_fingerprint.rb

-module Gitlab
-  class KeyFingerprint
-    attr_reader :key, :ssh_key
-
-    # Unqualified MD5 fingerprint for compatibility
-    delegate :fingerprint, to: :ssh_key, allow_nil: true
-
-    def initialize(key)
-      @key = key
-
-      @ssh_key =
-        begin
-          Net::SSH::KeyFactory.load_data_public_key(key)
-        rescue Net::SSH::Exception, NotImplementedError
-        end
-    end
-
-    def valid?
-      ssh_key.present?
-    end
-
-    def type
-      return unless valid?
-
-      parts = ssh_key.ssh_type.split('-')
-      parts.shift if parts[0] == 'ssh'
-
-      parts[0].upcase
-    end
-
-    def bits
-      return unless valid?
-
-      case type
-      when 'RSA'
-        ssh_key.n.num_bits
-      when 'DSS', 'DSA'
-        ssh_key.p.num_bits
-      when 'ECDSA'
-        ssh_key.group.order.num_bits
-      when 'ED25519'
-        256
-      else
-        raise "Unsupported key type: #{type}"
-      end
-    end
-  end
-end

lib/gitlab/ssh_public_key.rb

+module Gitlab
+  class SSHPublicKey
+    TYPES = %w[rsa dsa ecdsa ed25519].freeze
+
+    Technology = Struct.new(:name, :allowed_sizes)
+
+    Technologies = [
+      Technology.new('rsa',     [1024, 2048, 3072, 4096]),
+      Technology.new('dsa',     [1024, 2048, 3072]),
+      Technology.new('ecdsa',   [256, 384, 521]),
+      Technology.new('ed25519', [256])
+    ].freeze
+
+    def self.technology_names
+      Technologies.map(&:name)
+    end
+
+    def self.technology(name)
+      Technologies.find { |ssh_key_technology| ssh_key_technology.name == name }
+    end
+    private_class_method :technology
+
+    def self.allowed_sizes(name)
+      technology(name).allowed_sizes
+    end
+
+    def self.allowed_type?(type)
+      technology_names.include?(type.to_s)
+    end
+
+    attr_reader :key_text, :key
+
+    # Unqualified MD5 fingerprint for compatibility
+    delegate :fingerprint, to: :key, allow_nil: true
+
+    def initialize(key_text)
+      @key_text = key_text
+
+      @key =
+        begin
+          Net::SSH::KeyFactory.load_data_public_key(key_text)
+        rescue StandardError, NotImplementedError
+        end
+    end
+
+    def valid?
+      key.present?
+    end
+
+    def type
+      return unless valid?
+
+      case key
+      when OpenSSL::PKey::EC
+        :ecdsa
+      when OpenSSL::PKey::RSA
+        :rsa
+      when OpenSSL::PKey::DSA
+        :dsa
+      when Net::SSH::Authentication::ED25519::PubKey
+        :ed25519
+      else
+        raise "Unsupported key type: #{key.class}"
+      end
+    end
+
+    def bits
+      return unless valid?
+
+      case type
+      when :rsa
+        key.n.num_bits
+      when :dsa
+        key.p.num_bits
+      when :ecdsa
+        key.group.order.num_bits
+      when :ed25519
+        256
+      else
+        raise "Unsupported key type: #{type}"
+      end
+    end
+  end
+end

spec/factories/keys.rb

@@ -18,5 +18,54 @@ FactoryGirl.define do
     factory :write_access_key, class: 'DeployKey' do
       can_push true
     end
+
+    factory :rsa_key_2048 do
+      key do
+        'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFf6RYK3qu/RKF/3ndJmL5xgMLp3O9' \
+        '6x8lTay+QGZ0+9FnnAXMdUqBq/ZU6d/gyMB4IaW3nHzM1w049++yAB6UPCzMB8Uo27K5' \
+        '/jyZCtj7Vm9PFNjF/8am1kp46c/SeYicQgQaSBdzIW3UDEa1Ef68qroOlvpi9PYZ/tA7' \
+        'M0YP0K5PXX+E36zaIRnJVMPT3f2k+GnrxtjafZrwFdpOP/Fol5BQLBgcsyiU+LM1SuaC' \
+        'rzd8c9vyaTA1CxrkxaZh+buAi0PmdDtaDrHd42gqZkXCKavyvgM5o2CkQ5LJHCgzpXy0' \
+        '5qNFzmThBSkb+XtoxbyagBiGbVZtSVow6Xa7qewz= dummy@gitlab.com'
+      end
+
+      factory :rsa_deploy_key_2048, class: 'DeployKey'
+    end
+
+    factory :dsa_key_2048 do
+      key do
+        'ssh-dss AAAAB3NzaC1kc3MAAAEBAO/3/NPLA/zSFkMOCaTtGo+uos1flfQ5f038Uk+G' \
+        'Y9AeLGzX+Srhw59GdVXmOQLYBrOt5HdGwqYcmLnE2VurUGmhtfeO5H+3p5pGJbkS0Gxp' \
+        'YH1HRO9lWsncF3Hh1w4lYsDjkclDiSTdfTuN8F4Kb3DXNnVSCieeonp+B25F/CXagyTQ' \
+        '/pvNmHFeYgGCVdnBtFdi+xfxaZ8NKdPrGggzokbKHElDZQ4Xo5EpdcyLajgM7nB2r2Rz' \
+        'OrmeaevKi5lV68ehRa9Yyrb7vxvwiwBwOgqR/mnN7Gnaq1jUdmJY+ct04Qwx37f5jvhv' \
+        '5gA4U40SGMoiHM8RFIN7Ksz0jsyX73MAAAAVALRWOfjfzHpK7KLz4iqDvvTUAevJAAAB' \
+        'AEa9NZ+6y9iQ5erGsdfLTXFrhSefTG0NhghoO/5IFkSGfd8V7kzTvCHaFrcfpEA5kP8t' \
+        'poeOG0TASB6tgGOxm1Bq4Wncry5RORBPJlAVpDGRcvZ931ddH7IgltEInS6za2uH6F/1' \
+        'M1QfKePSLr6xJ1ZLYfP0Og5KTp1x6yMQvfwV0a+XdA+EPgaJWLWp/pWwKWa0oLUgjsIH' \
+        'MYzuOGh5c708uZrmkzqvgtW2NgXhcIroRgynT3IfI2lP2rqqb3uuuE/qH5UCUFO+Dc3H' \
+        'nAFNeQDT/M25AERdPYBAY5a+iPjIgO+jT7BfmfByT+AZTqZySrCyc7nNZL3YgGLK0l6A' \
+        '1GgAAAEBAN9FpFOdIXE+YEZhKl1vPmbcn+b1y5zOl6N4x1B7Q8pD/pLMziWROIS8uLzb' \
+        'aZ0sMIWezHIkxuo1iROMeT+jtCubn7ragaN6AX7nMpxYUH9+mYZZs/fyElt6wCviVhTI' \
+        'zM+u7VdQsnZttOOlQfogHdL+SpeAft0DsfJjlcgQnsLlHQKv6aPqCPYUST2nE7RyW/Ex' \
+        'PrMxLtOWt0/j8RYHbwwqvyeZqBz3ESBgrS9c5tBdBfauwYUV/E7gPLOU3OZFw9ue7o+z' \
+        'wzoTZqW6Xouy5wtWvSLQSLT5XwOslmQz8QMBxD0AQyDfEFGsBCWzmbTgKv9uqrBjubsS' \
+        'Taja+Cf9kMo== dummy@gitlab.com'
+      end
+    end
+
+    factory :ecdsa_key_256 do
+      key do
+        'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYA' \
+        'AABBBJZmkzTgY0fiCQ+DVReyH/fFwTFz0XoR3RUO0u+199H19KFw7mNPxRSMOVS7tEtO' \
+        'Nj3Q7FcZXfqthHvgAzDiHsc= dummy@gitlab.com'
+      end
+    end
+
+    factory :ed25519_key_256 do
+      key do
+        'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETnVTgzqC1gatgSlC4zH6aYt2CAQzgJOhDRvf59ohL6 dummy@gitlab.com'
+      end
+    end
   end
 end

spec/features/admin/admin_settings_spec.rb

@@ -79,6 +79,26 @@ feature 'Admin updates settings' do
     end
   end
+  scenario 'Change Keys settings' do
+    uncheck 'RSA'
+    uncheck 'DSA'
+    uncheck 'ED25519'
+    select '384', from: 'Minimum ECDSA key length'
+    click_on 'Save'
+
+    expect(page).to have_content 'Application settings saved successfully'
+
+    expect(find_field('RSA', checked: false)).not_to be_checked
+    expect(find_field('DSA', checked: false)).not_to be_checked
+    expect(find_field('ED25519', checked: false)).not_to be_checked
+    expect(find_field('Minimum ECDSA key length').value).to eq '384'
+
+    uncheck 'ECDSA'
+    click_on 'Save'
+
+    expect(page).to have_content "Allowed key types can't be blank"
+  end
+
   def check_all_events
     page.check('Active')
     page.check('Push')

spec/features/profiles/keys_spec.rb

@@ -28,6 +28,22 @@ feature 'Profile > SSH Keys' do
       expect(page).to have_content("Title: #{attrs[:title]}")
       expect(page).to have_content(attrs[:key])
     end
+
+    context 'when only DSA and ECDSA keys are allowed' do
+      before do
+        stub_application_setting(allowed_key_types: %w[dsa ecdsa])
+      end
+
+      scenario 'shows a validation error' do
+        attrs = attributes_for(:key)
+
+        fill_in('Key', with: attrs[:key])
+        fill_in('Title', with: attrs[:title])
+        click_button('Add key')
+
+        expect(page).to have_content('Key type is not allowed. Must be DSA or ECDSA')
+      end
+    end
   end
   scenario 'User sees their keys' do