diff --git a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjConfig.kt b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjConfig.kt index 1ea0359c..6c409329 100644 --- a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjConfig.kt +++ b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjConfig.kt @@ -6,17 +6,15 @@ package com.zeapo.pwdstore.git.config import com.github.ajalt.timberkt.Timber import com.github.ajalt.timberkt.d -import com.hierynomus.sshj.signature.SignatureEdDSA +import com.hierynomus.sshj.key.KeyAlgorithms import com.hierynomus.sshj.transport.cipher.BlockCiphers +import com.hierynomus.sshj.transport.kex.ExtInfoClientFactory import com.hierynomus.sshj.transport.mac.Macs import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile import java.security.Security import net.schmizz.keepalive.KeepAliveProvider import net.schmizz.sshj.ConfigImpl import net.schmizz.sshj.common.LoggerFactory -import net.schmizz.sshj.signature.SignatureECDSA -import net.schmizz.sshj.signature.SignatureRSA -import net.schmizz.sshj.signature.SignatureRSA.FactoryCERT import net.schmizz.sshj.transport.compression.NoneCompression import net.schmizz.sshj.transport.kex.Curve25519SHA256 import net.schmizz.sshj.transport.kex.Curve25519SHA256.FactoryLibSsh @@ -202,7 +200,7 @@ class SshjConfig : ConfigImpl() { version = "OpenSSH_8.2p1 Ubuntu-4ubuntu0.1" initKeyExchangeFactories() - initSignatureFactories() + initKeyAlgorithms() initRandomFactory() initFileKeyProviderFactories() initCipherFactories() @@ -218,17 +216,22 @@ class SshjConfig : ConfigImpl() { ECDHNistP.Factory384(), ECDHNistP.Factory256(), DHGexSHA256.Factory(), + // Sends "ext-info-c" with the list of key exchange algorithms. This is needed to get + // rsa-sha2-* key types to work with some servers (e.g. GitHub). + ExtInfoClientFactory(), ) } - private fun initSignatureFactories() { - signatureFactories = listOf( - SignatureEdDSA.Factory(), - SignatureECDSA.Factory256(), - SignatureECDSA.Factory384(), - SignatureECDSA.Factory521(), - SignatureRSA.Factory(), - FactoryCERT(), + private fun initKeyAlgorithms() { + keyAlgorithms = listOf( + KeyAlgorithms.SSHRSACertV01(), + KeyAlgorithms.EdDSA25519(), + KeyAlgorithms.RSASHA512(), + KeyAlgorithms.RSASHA256(), + KeyAlgorithms.ECDSASHANistp521(), + KeyAlgorithms.ECDSASHANistp384(), + KeyAlgorithms.ECDSASHANistp256(), + KeyAlgorithms.SSHRSA(), ) } @@ -249,18 +252,18 @@ class SshjConfig : ConfigImpl() { private fun initCipherFactories() { cipherFactories = listOf( - BlockCiphers.AES128CTR(), - BlockCiphers.AES192CTR(), BlockCiphers.AES256CTR(), + BlockCiphers.AES192CTR(), + BlockCiphers.AES128CTR(), ) } private fun initMACFactories() { macFactories = listOf( - Macs.HMACSHA2256(), + Macs.HMACSHA2512Etm(), Macs.HMACSHA2256Etm(), Macs.HMACSHA2512(), - Macs.HMACSHA2512Etm(), + Macs.HMACSHA2256(), ) } diff --git a/buildSrc/src/main/java/Dependencies.kt b/buildSrc/src/main/java/Dependencies.kt index 931b579d..c4714a0e 100644 --- a/buildSrc/src/main/java/Dependencies.kt +++ b/buildSrc/src/main/java/Dependencies.kt @@ -59,7 +59,7 @@ object Dependencies { const val jgit_java7 = "org.eclipse.jgit:org.eclipse.jgit.java7:3.7.1.201504261725-r" const val leakcanary = "com.squareup.leakcanary:leakcanary-android:2.4" const val plumber = "com.squareup.leakcanary:plumber-android:2.4" - const val sshj = "com.hierynomus:sshj:0.29.0" + const val sshj = "com.hierynomus:sshj:0.30.0" const val ssh_auth = "org.sufficientlysecure:sshauthentication-api:1.0" const val timber = "com.jakewharton.timber:timber:4.7.1" const val timberkt = "com.github.ajalt:timberkt:1.5.1"