[GitHub] [mina-sshd] lgoldstein commented on a change in pull request #164: [SSHD-1053] Fix signature string for openssh certificate host key algorithms

Thu, 10 Sep 2020 08:45:24 -0700 


lgoldstein commented on a change in pull request #164:
URL: https://github.com/apache/mina-sshd/pull/164#discussion_r486445262



##########
File path: 
sshd-common/src/main/java/org/apache/sshd/common/signature/Signature.java
##########
@@ -93,4 +93,12 @@ default void update(SessionContext session, byte[] hash) 
throws Exception {
      * @throws Exception If failed to calculate the signature
      */
     byte[] sign(SessionContext session) throws Exception;
+
+    /**
+     * Get the original ssh name of the signature algorithm
+     * Only used for ssh cert variants, defaults to null
+     */
+    default String getSshAlgorithmName() {
+        return null;
+    }

Review comment:
       - Javadoc is not properly formatted (missing `@return`)
   - Why return null and not the actual name even if not a variant ?

##########
File path: sshd-core/src/main/java/org/apache/sshd/server/kex/DHGServer.java
##########
@@ -129,7 +129,7 @@ public boolean next(int cmd, Buffer buffer) throws 
Exception {
         sig.update(session, h);
 
         buffer.clear();
-        buffer.putString(algo);
+        buffer.putString(sig.getSshAlgorithmName() != null ? 
sig.getSshAlgorithmName() : algo);

Review comment:
       See remark regarding `null`...

##########
File path: 
sshd-common/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java
##########
@@ -52,8 +52,20 @@
 
     private int verifierSignatureSize = -1;
 
+    private final String sshAlgorithmName;
+
     protected SignatureRSA(String algorithm) {
+        this(algorithm, null);
+    }
+
+    protected SignatureRSA(String algorithm, String sshAlgorithmName) {
         super(algorithm);
+        this.sshAlgorithmName = sshAlgorithmName;
+    }

Review comment:
       Let's not allow null/empty SSH algorithm name - see 
`ValidateUtils.checkNotNullOrEmpty`




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to