Merge pull request #2309 from hagau/ssh_rsa_sha2_auth

Use correct signature format identifier when creating SSH signatures for RSA with SHA256 & SHA512
2018-05-01 13:55:54 +02:00
parent 4151d37d14 6b0ac338ca
commit ff6c4d50e3
3 changed files with 141 additions and 18 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java
@@ -194,10 +194,20 @@ public class SshAuthenticationService extends Service {
            byte[] rawSignature = authResult.getSignature();
            byte[] sshSignature;
            try {
-                if (authSubKeyAlgorithm == PublicKeyAlgorithmTags.ECDSA) {
-                    sshSignature = SshSignatureConverter.getSshSignatureEcDsa(rawSignature, authSubKeyCurveOid);
-                } else {
-                    sshSignature = SshSignatureConverter.getSshSignature(rawSignature, authSubKeyAlgorithm);
+                switch (authSubKeyAlgorithm) {
+                    case PublicKeyAlgorithmTags.ECDSA:
+                        sshSignature = SshSignatureConverter.getSshSignatureEcDsa(rawSignature, authSubKeyCurveOid);
+                        break;
+                    case PublicKeyAlgorithmTags.RSA_SIGN:
+                    case PublicKeyAlgorithmTags.RSA_GENERAL:
+                        sshSignature = SshSignatureConverter.getSshSignatureRsa(rawSignature, hashAlgorithmTag);
+                        break;
+                    case PublicKeyAlgorithmTags.DSA:
+                    case PublicKeyAlgorithmTags.EDDSA:
+                        sshSignature = SshSignatureConverter.getSshSignature(rawSignature, authSubKeyAlgorithm);
+                        break;
+                    default:
+                        throw new NoSuchAlgorithmException("Unknown algorithm");
                }
            } catch (NoSuchAlgorithmException e) {
                return createExceptionErrorResult(SshAuthenticationApiError.INTERNAL_ERROR,