Temporarily work around SSHJ compatibility issues (#1142)

Using ECDSA either as a key exchange or a host key algorithm fails with
SSHJ 0.30.0 on Android, but should again become possible in 0.31.0.

While we wait for the release, demote ECDSA in the list of key
algorithms (as it should still be available for public key auth) and
remove it from the list of key exchange algorithms.

(cherry picked from commit 0d2788ab54)
This commit is contained in:
Fabian Henneke 2020-10-08 17:54:18 +02:00 committed by Harsh Shandilya
parent c70c1792f6
commit 6139693d4f
No known key found for this signature in database
GPG key ID: 366D7BBAD1031E80

View file

@ -214,9 +214,6 @@ class SshjConfig : ConfigImpl() {
keyExchangeFactories = listOf(
Curve25519SHA256.Factory(),
FactoryLibSsh(),
ECDHNistP.Factory521(),
ECDHNistP.Factory384(),
ECDHNistP.Factory256(),
DHGexSHA256.Factory(),
// Sends "ext-info-c" with the list of key exchange algorithms. This is needed to get
// rsa-sha2-* key types to work with some servers (e.g. GitHub).
@ -230,10 +227,10 @@ class SshjConfig : ConfigImpl() {
KeyAlgorithms.EdDSA25519(),
KeyAlgorithms.RSASHA512(),
KeyAlgorithms.RSASHA256(),
KeyAlgorithms.SSHRSA(),
KeyAlgorithms.ECDSASHANistp521(),
KeyAlgorithms.ECDSASHANistp384(),
KeyAlgorithms.ECDSASHANistp256(),
KeyAlgorithms.SSHRSA(),
).map {
OpenKeychainWrappedKeyAlgorithmFactory(it)
}