auth: Support SHA2 extension for pubkey authentication (RFC 8332)

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-08-08 19:02:06 +03:00 · 2018-08-06 13:40:32 +02:00
parent 1f08aabe43
commit 82da0c3361
3 changed files with 35 additions and 7 deletions
--- a/src/pki.c
+++ b/src/pki.c
@@ -282,8 +282,8 @@ static enum ssh_digest_e ssh_key_hash_from_name(const char *name)
 *
 * @return              A hash type to be used.
 */
-static enum ssh_keytypes_e ssh_key_type_to_hash(ssh_session session,
-                                                enum ssh_keytypes_e type)
+static enum ssh_digest_e ssh_key_type_to_hash(ssh_session session,
+                                       enum ssh_keytypes_e type)
 {
    /* TODO this should also reflect supported key types specified in
     * configuration (ssh_config PubkeyAcceptedKeyTypes) */
@@ -309,6 +309,26 @@ static enum ssh_keytypes_e ssh_key_type_to_hash(ssh_session session,
    return SSH_DIGEST_AUTO;
 }

+/**
+ * @brief Gets signature algorithm name to be used with the given
+ *        key type.
+ *
+ * @param[in]  session  SSH session.
+ * @param[in]  type     The algorithm type to convert.
+ *
+ * @return              A string for the keytype or NULL if unknown.
+ */
+const char *
+ssh_key_get_signature_algorithm(ssh_session session,
+                                enum ssh_keytypes_e type)
+{
+    enum ssh_digest_e hash_type;
+
+    hash_type = ssh_key_type_to_hash(session, type);
+
+    return ssh_key_signature_to_char(type, hash_type);
+}
+
 /**
 * @brief Convert a ssh key algorithm name to a ssh key algorithm type.
 *