Details
-
Improvement
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
2.5.1
-
None
Description
The current code iterates over the keys the user provided and then attempts to find a single matching signature factory. However, for some key types (e.g., RSA) there is more than one possible signature - e.g., ssh-rsa, rsa-sha2-256, rsa-sha2-512. The code should try all matching signature factories in the same order as the user defined them.
Pseudo code
for (KeyPair kp : userKeys) { Collection<String> aliases = KeyUtils.getAllKeyTypeAliases(kp); for (SignatureFactory factory : userSignatures) { // NOTE: need to check how not to confuse ...-cert@openssh,com.. key type aliases if (aliases.contains(factory.getName()) { tryPublicKeyAuth(factory, kp); } } }