[
https://issues.apache.org/jira/browse/SSHD-1104?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lyor Goldstein updated SSHD-1104:
---------------------------------
Summary: Fix Client Side Support for RFC 8332 rsa-sha2-256, rsa-sha2-512
public key authentication (was: Improve Client Side Support for RFC 8332
rsa-sha2-256, rsa-sha2-512 public key authentication)
> Fix Client Side Support for RFC 8332 rsa-sha2-256, rsa-sha2-512 public key
> authentication
> -----------------------------------------------------------------------------------------
>
> Key: SSHD-1104
> URL: https://issues.apache.org/jira/browse/SSHD-1104
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.5.1
> Reporter: Justin Tay
> Priority: Minor
>
> The readme on the client side support for RFC 8332 is misleading. It implies
> that the client side just requires specific initialization so the impression
> is that either setting the kex extension handler or signature factories
> should get the client to be able to use public key authentication using
> rsa-sha2-256 or rsa-sha2-512.
> However after removing the ssh-rsa signature factory and encountering an
> error I noticed that in UserAuthPublicKey and KeyPairIdentity the signature
> algo (P. K. Alg. Name) is always set to be the key type (P. K. Format) which
> will always be ssh-rsa ie. algo = KeyUtils.getKeyType(getPublicKey()) so P.
> K. Alg. Name always equals P. K. Format and doesn't make calls to
> KeyUtils.getAllEquivalentKeyTypes or check the configured signature factories.
> Getting this to work required overriding UserAuthPublicKey,
> UserAuthPublicKeyFactory and awkward handling of the
> KeyPairIdentity/PublicKeyIdentity for signing which was more than what I
> expected.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
