Update sshj to 0.30.0 and improve algorithm order

app/src/main/java/com/zeapo/pwdstore/git/config/SshjConfig.kt

@@ -6,17 +6,15 @@ package com.zeapo.pwdstore.git.config
 
 import com.github.ajalt.timberkt.Timber
 import com.github.ajalt.timberkt.d
-import com.hierynomus.sshj.signature.SignatureEdDSA
+import com.hierynomus.sshj.key.KeyAlgorithms
 import com.hierynomus.sshj.transport.cipher.BlockCiphers
+import com.hierynomus.sshj.transport.kex.ExtInfoClientFactory
 import com.hierynomus.sshj.transport.mac.Macs
 import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile
 import java.security.Security
 import net.schmizz.keepalive.KeepAliveProvider
 import net.schmizz.sshj.ConfigImpl
 import net.schmizz.sshj.common.LoggerFactory
-import net.schmizz.sshj.signature.SignatureECDSA
-import net.schmizz.sshj.signature.SignatureRSA
-import net.schmizz.sshj.signature.SignatureRSA.FactoryCERT
 import net.schmizz.sshj.transport.compression.NoneCompression
 import net.schmizz.sshj.transport.kex.Curve25519SHA256
 import net.schmizz.sshj.transport.kex.Curve25519SHA256.FactoryLibSsh
@@ -202,7 +200,7 @@ class SshjConfig : ConfigImpl() {
         version = "OpenSSH_8.2p1 Ubuntu-4ubuntu0.1"
 
         initKeyExchangeFactories()
-        initSignatureFactories()
+        initKeyAlgorithms()
         initRandomFactory()
         initFileKeyProviderFactories()
         initCipherFactories()
@@ -218,17 +216,22 @@ class SshjConfig : ConfigImpl() {
             ECDHNistP.Factory384(),
             ECDHNistP.Factory256(),
             DHGexSHA256.Factory(),
+            // Sends "ext-info-c" with the list of key exchange algorithms. This is needed to get
+            // rsa-sha2-* key types to work with some servers (e.g. GitHub).
+            ExtInfoClientFactory(),
         )
     }
 
-    private fun initSignatureFactories() {
-        signatureFactories = listOf(
-            SignatureEdDSA.Factory(),
-            SignatureECDSA.Factory256(),
-            SignatureECDSA.Factory384(),
-            SignatureECDSA.Factory521(),
-            SignatureRSA.Factory(),
-            FactoryCERT(),
+    private fun initKeyAlgorithms() {
+        keyAlgorithms = listOf(
+            KeyAlgorithms.SSHRSACertV01(),
+            KeyAlgorithms.EdDSA25519(),
+            KeyAlgorithms.RSASHA512(),
+            KeyAlgorithms.RSASHA256(),
+            KeyAlgorithms.ECDSASHANistp521(),
+            KeyAlgorithms.ECDSASHANistp384(),
+            KeyAlgorithms.ECDSASHANistp256(),
+            KeyAlgorithms.SSHRSA(),
         )
     }
 
@@ -249,18 +252,18 @@ class SshjConfig : ConfigImpl() {
 
     private fun initCipherFactories() {
         cipherFactories = listOf(
-            BlockCiphers.AES128CTR(),
-            BlockCiphers.AES192CTR(),
             BlockCiphers.AES256CTR(),
+            BlockCiphers.AES192CTR(),
+            BlockCiphers.AES128CTR(),
         )
     }
 
     private fun initMACFactories() {
         macFactories = listOf(
-            Macs.HMACSHA2256(),
+            Macs.HMACSHA2512Etm(),
             Macs.HMACSHA2256Etm(),
             Macs.HMACSHA2512(),
-            Macs.HMACSHA2512Etm(),
+            Macs.HMACSHA2256(),
         )
     }
 

buildSrc/src/main/java/Dependencies.kt

@@ -59,7 +59,7 @@ object Dependencies {
         const val jgit_java7 = "org.eclipse.jgit:org.eclipse.jgit.java7:3.7.1.201504261725-r"
         const val leakcanary = "com.squareup.leakcanary:leakcanary-android:2.4"
         const val plumber = "com.squareup.leakcanary:plumber-android:2.4"
-        const val sshj = "com.hierynomus:sshj:0.29.0"
+        const val sshj = "com.hierynomus:sshj:0.30.0"
         const val ssh_auth = "org.sufficientlysecure:sshauthentication-api:1.0"
         const val timber = "com.jakewharton.timber:timber:4.7.1"
         const val timberkt = "com.github.ajalt:timberkt:1.5.1"