Skip to content

Commit

Permalink
Eliminate ssh.isAcceptableAlgo() helper
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevapple
stevapple committed Aug 28, 2024
1 parent d2b96c7 commit 3cce5b9
Showing 1 changed file with 2 additions and 12 deletions.
14 changes: 2 additions & 12 deletions crypto/ssh/pipe.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ func (s *Downstream) ReadAuthRequest(skipQuery bool) (*AuthRequest, error) {
return nil, parseError(msgUserAuthRequest)
}
algo := string(algoBytes)
if !isAcceptableAlgo(algo) {
if !contains(supportedPubKeyAuthAlgos, underlyingAlgo(algo)) {
return nil, fmt.Errorf("ssh: algorithm %q not accepted", algo)
}

Expand All @@ -162,7 +162,7 @@ func (s *Downstream) ReadAuthRequest(skipQuery bool) (*AuthRequest, error) {
if !ok || len(payload) > 0 {
return nil, parseError(msgUserAuthRequest)
}
if !isAcceptableAlgo(sig.Format) {
if !contains(supportedPubKeyAuthAlgos, underlyingAlgo(sig.Format)) {
return nil, fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
}
if underlyingAlgo(algo) != sig.Format {
Expand Down Expand Up @@ -465,13 +465,3 @@ func (s *PipeSession) RunPipe() error {
}()
return <-c
}

func isAcceptableAlgo(algo string) bool {
switch algo {
case KeyAlgoRSA, KeyAlgoRSASHA256, KeyAlgoRSASHA512, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoSKECDSA256, KeyAlgoED25519, KeyAlgoSKED25519,
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01,
CertAlgoRSASHA256v01, CertAlgoRSASHA512v01:
return true
}
return false
}

0 comments on commit 3cce5b9

Please sign in to comment.