Support SK-ECDSA leaf certificates
This commit is contained in:
Родитель
0ef6709803
Коммит
3848df5516
|
@ -12,16 +12,17 @@ module SSHData
|
|||
TYPE_HOST = 2
|
||||
|
||||
# Certificate algorithm identifiers
|
||||
ALGO_RSA = "ssh-rsa-cert-v01@openssh.com"
|
||||
ALGO_DSA = "ssh-dss-cert-v01@openssh.com"
|
||||
ALGO_ECDSA256 = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
|
||||
ALGO_ECDSA384 = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
|
||||
ALGO_ECDSA521 = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
|
||||
ALGO_ED25519 = "ssh-ed25519-cert-v01@openssh.com"
|
||||
ALGO_RSA = "ssh-rsa-cert-v01@openssh.com"
|
||||
ALGO_DSA = "ssh-dss-cert-v01@openssh.com"
|
||||
ALGO_ECDSA256 = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
|
||||
ALGO_ECDSA384 = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
|
||||
ALGO_ECDSA521 = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
|
||||
ALGO_ED25519 = "ssh-ed25519-cert-v01@openssh.com"
|
||||
ALGO_SK_ECDSA256 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
|
||||
|
||||
ALGOS = [
|
||||
ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521,
|
||||
ALGO_ED25519
|
||||
ALGO_ED25519, ALGO_SK_ECDSA256
|
||||
]
|
||||
|
||||
CRITICAL_OPTION_FORCE_COMMAND = "force-command"
|
||||
|
|
|
@ -81,12 +81,13 @@ module SSHData
|
|||
]
|
||||
|
||||
PUBLIC_KEY_ALGO_BY_CERT_ALGO = {
|
||||
Certificate::ALGO_RSA => PublicKey::ALGO_RSA,
|
||||
Certificate::ALGO_DSA => PublicKey::ALGO_DSA,
|
||||
Certificate::ALGO_ECDSA256 => PublicKey::ALGO_ECDSA256,
|
||||
Certificate::ALGO_ECDSA384 => PublicKey::ALGO_ECDSA384,
|
||||
Certificate::ALGO_ECDSA521 => PublicKey::ALGO_ECDSA521,
|
||||
Certificate::ALGO_ED25519 => PublicKey::ALGO_ED25519,
|
||||
Certificate::ALGO_RSA => PublicKey::ALGO_RSA,
|
||||
Certificate::ALGO_DSA => PublicKey::ALGO_DSA,
|
||||
Certificate::ALGO_ECDSA256 => PublicKey::ALGO_ECDSA256,
|
||||
Certificate::ALGO_ECDSA384 => PublicKey::ALGO_ECDSA384,
|
||||
Certificate::ALGO_ECDSA521 => PublicKey::ALGO_ECDSA521,
|
||||
Certificate::ALGO_ED25519 => PublicKey::ALGO_ED25519,
|
||||
Certificate::ALGO_SK_ECDSA256 => PublicKey::ALGO_SK_ECDSA256
|
||||
}
|
||||
|
||||
CERT_ALGO_BY_PUBLIC_KEY_ALGO = {
|
||||
|
@ -96,6 +97,7 @@ module SSHData
|
|||
PublicKey::ALGO_ECDSA384 => Certificate::ALGO_ECDSA384,
|
||||
PublicKey::ALGO_ECDSA521 => Certificate::ALGO_ECDSA521,
|
||||
PublicKey::ALGO_ED25519 => Certificate::ALGO_ED25519,
|
||||
PublicKey::ALGO_SK_ECDSA256 => Certificate::ALGO_SK_ECDSA256
|
||||
}
|
||||
|
||||
KEY_FIELDS_BY_PUBLIC_KEY_ALGO = {
|
||||
|
|
|
@ -265,6 +265,14 @@ describe SSHData::Certificate do
|
|||
SSHData::PublicKey::ED25519 # ca key type
|
||||
]
|
||||
|
||||
test_cases << [
|
||||
:skecdsa_leaf_for_rsa_ca, # name
|
||||
"skecdsa_leaf_for_rsa_ca-cert.pub", # fixture
|
||||
SSHData::Certificate::ALGO_SK_ECDSA256, # algo
|
||||
SSHData::PublicKey::SKECDSA, # public key type
|
||||
SSHData::PublicKey::RSA # ca key type
|
||||
]
|
||||
|
||||
test_cases.each do |name, fixture_name, algo, public_key_class, ca_key_class|
|
||||
describe(name) do
|
||||
let(:openssh) { fixture(fixture_name).strip }
|
||||
|
|
Загрузка…
Ссылка в новой задаче