[
https://issues.apache.org/jira/browse/SSHD-988?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17097194#comment-17097194
]
Lyor Goldstein commented on SSHD-988:
-------------------------------------
There seem to be some internal limitations when compared to our current code:
{code:java|title=OpenSSHPrivateKeyUtil#parsePrivateKeyBlob}
String cipherName = kIn.readString();
if (!"none".equals(cipherName)) // <<== what about bcrypt encrypted keys
{
throw new IllegalStateException("encrypted keys not supported");
}
int publicKeyCount = kIn.readU32();
if (publicKeyCount != 1) // <<== while it is unlikely to encounter multiple
keys the spec (and our code) support it
{
throw new IllegalStateException("multiple keys not supported");
}
String keyType = pkIn.readString();
if (!"ssh-ed25519".equals(keyType)) // <<== the spec (and our code) allow
for RSA/DSS/EC keys as well
{
throw new IllegalStateException("can not parse private key of type " +
keyType);
}
{code}
> Replace net.ip artifact with Bouncycastle for EDDSA key support
> ---------------------------------------------------------------
>
> Key: SSHD-988
> URL: https://issues.apache.org/jira/browse/SSHD-988
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.4.0
> Reporter: Lyor Goldstein
> Assignee: Lyor Goldstein
> Priority: Major
>
> As of version 1.6 _Bouncycastle_ seems to support EDDSA keys. By replacing
> {{net,ip}} module with it we decrease the amount of external dependencies
> libraries.
> An important part of this effort would be to ensure that we preserve the
> ability to read (and perhaps write) keys from files with the current formats
> already supported (PEM, _Putty_, _OpenSSH_, etc.)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
