Implement rsa-sha2-256 and rsa-sha2-512.

src/main/java/com/jcraft/jsch/Identity.java

@@ -52,6 +52,14 @@ public interface Identity{
    */
   public byte[] getSignature(byte[] data);
 
+  /**
+   * Signs on data with this identity, and returns the result.
+   * @param data data to be signed
+   * @param alg signature algorithm to use
+   * @return the signature
+   */
+  public byte[] getSignature(byte[] data, String alg);
+
   /**
    * @deprecated The decryption should be done automatically in #setPassphase(byte[] passphrase)
    * @see #setPassphrase(byte[] passphrase)

src/main/java/com/jcraft/jsch/IdentityFile.java

@@ -80,6 +80,16 @@ public byte[] getSignature(byte[] data){
     return kpair.getSignature(data);
   }
 
+  /**
+   * Signs on data with this identity, and returns the result.
+   * @param data data to be signed
+   * @param alg signature algorithm to use
+   * @return the signature
+   */
+  public byte[] getSignature(byte[] data, String alg){
+    return kpair.getSignature(data, alg);
+  }
+
   /**
    * @deprecated This method should not be invoked.
    * @see #setPassphrase(byte[] passphrase)

src/main/java/com/jcraft/jsch/JSch.java

@@ -37,7 +37,7 @@ public class JSch{
   static java.util.Hashtable config=new java.util.Hashtable();
   static{
     config.put("kex", "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1");
-    config.put("server_host_key", "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
+    config.put("server_host_key", "rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
     config.put("cipher.s2c", 
                "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
     config.put("cipher.c2s",
@@ -89,7 +89,9 @@ public class JSch{
     config.put("sha-512",         "com.jcraft.jsch.jce.SHA512");
     config.put("md5",           "com.jcraft.jsch.jce.MD5");
     config.put("signature.dss", "com.jcraft.jsch.jce.SignatureDSA");
-    config.put("signature.rsa", "com.jcraft.jsch.jce.SignatureRSA");
+    config.put("ssh-rsa",       "com.jcraft.jsch.jce.SignatureRSA");
+    config.put("rsa-sha2-256",  "com.jcraft.jsch.jce.SignatureRSASHA256");
+    config.put("rsa-sha2-512",  "com.jcraft.jsch.jce.SignatureRSASHA512");
     config.put("keypairgen.dsa",   "com.jcraft.jsch.jce.KeyPairGenDSA");
     config.put("keypairgen.rsa",   "com.jcraft.jsch.jce.KeyPairGenRSA");
     config.put("keypairgen.ecdsa", "com.jcraft.jsch.jce.KeyPairGenECDSA");
@@ -125,6 +127,7 @@ public class JSch{
     config.put("HashKnownHosts",  "no");
 
     config.put("PreferredAuthentications", "gssapi-with-mic,publickey,keyboard-interactive,password");
+    config.put("PubkeyAcceptedKeyTypes", "rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
 
     config.put("CheckCiphers", "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256");
     config.put("CheckKexes", "diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521");

src/main/java/com/jcraft/jsch/KeyExchange.java

@@ -213,8 +213,10 @@ protected boolean verify(String alg, byte[] K_S, int index,
       n=tmp;
 
       SignatureRSA sig=null;
+      Buffer buf=new Buffer(sig_of_H);
+      String foo=Util.byte2str(buf.getString());
       try{
-        Class c=Class.forName(session.getConfig("signature.rsa"));
+        Class c=Class.forName(session.getConfig(foo));
         sig=(SignatureRSA)(c.newInstance());
         sig.init();
       }

src/main/java/com/jcraft/jsch/KeyPair.java

@@ -71,7 +71,9 @@ public static KeyPair genKeyPair(JSch jsch, int type, int key_size) throws JSchE
   abstract int getKeySize();
 
   public abstract byte[] getSignature(byte[] data);
+  public abstract byte[] getSignature(byte[] data, String alg);
   public abstract Signature getVerifier();
+  public abstract Signature getVerifier(String alg);
 
   public abstract byte[] forSSHAgent() throws JSchException;
 

src/main/java/com/jcraft/jsch/KeyPairDSA.java

@@ -267,6 +267,10 @@ public byte[] getSignature(byte[] data){
     return null;
   }
 
+  public byte[] getSignature(byte[] data, String alg){
+    return getSignature(data);
+  }
+
   public Signature getVerifier(){
     try{      
       Class c=Class.forName((String)jsch.getConfig("signature.dss"));
@@ -291,6 +295,10 @@ public Signature getVerifier(){
     return null;
   }
 
+  public Signature getVerifier(String alg){
+    return getVerifier();
+  }
+
   static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
 
     byte[][] tmp = buf.getBytes(7, "invalid key format");

src/main/java/com/jcraft/jsch/KeyPairECDSA.java

@@ -320,6 +320,10 @@ public byte[] getSignature(byte[] data){
     return null;
   }
 
+  public byte[] getSignature(byte[] data, String al){
+    return getSignature(data);
+  }
+
   public Signature getVerifier(){
     try{
       Class c=Class.forName((String)jsch.getConfig("ecdsa-sha2-"+new String(name)));
@@ -343,6 +347,10 @@ public Signature getVerifier(){
     return null;
   }
 
+  public Signature getVerifier(String alg){
+    return getVerifier();
+  }
+
   static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
 
     byte[][] tmp = buf.getBytes(5, "invalid key format");

src/main/java/com/jcraft/jsch/KeyPairPKCS8.java

@@ -210,10 +210,18 @@ public byte[] getSignature(byte[] data){
     return kpair.getSignature(data);
   }
 
+  public byte[] getSignature(byte[] data, String alg){
+    return kpair.getSignature(data, alg);
+  }
+
   public Signature getVerifier(){
     return kpair.getVerifier();
   }
 
+  public Signature getVerifier(String alg){
+    return kpair.getVerifier(alg);
+  }
+
   public byte[] forSSHAgent() throws JSchException {
     return kpair.forSSHAgent();
   }

src/main/java/com/jcraft/jsch/KeyPairRSA.java

@@ -317,16 +317,20 @@ public int getKeySize(){
   }
 
   public byte[] getSignature(byte[] data){
+    return getSignature(data, "ssh-rsa");
+  }
+
+  public byte[] getSignature(byte[] data, String alg){
     try{      
-      Class c=Class.forName((String)jsch.getConfig("signature.rsa"));
+      Class c=Class.forName(jsch.getConfig(alg));
       SignatureRSA rsa=(SignatureRSA)(c.newInstance());
       rsa.init();
       rsa.setPrvKey(prv_array, n_array);
 
       rsa.update(data);
       byte[] sig = rsa.sign();
       byte[][] tmp = new byte[2][];
-      tmp[0] = sshrsa;
+      tmp[0] = Util.str2byte(alg);
       tmp[1] = sig;
       return Buffer.fromBytes(tmp).buffer;
     }
@@ -336,8 +340,12 @@ public byte[] getSignature(byte[] data){
   }
 
   public Signature getVerifier(){
+    return getVerifier("ssh-rsa");
+  }
+
+  public Signature getVerifier(String alg){
     try{      
-      Class c=Class.forName((String)jsch.getConfig("signature.rsa"));
+      Class c=Class.forName(jsch.getConfig(alg));
       SignatureRSA rsa=(SignatureRSA)(c.newInstance());
       rsa.init();
 

src/main/java/com/jcraft/jsch/OpenSSHConfig.java

@@ -47,6 +47,7 @@ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  *   <li>Hostname</li>
  *   <li>Port</li>
  *   <li>PreferredAuthentications</li>
+ *   <li>PubkeyAcceptedKeyTypes</li>
  *   <li>IdentityFile</li>
  *   <li>NumberOfPasswordPrompts</li>
  *   <li>ConnectTimeout</li>

src/main/java/com/jcraft/jsch/Session.java

@@ -2726,6 +2726,7 @@ private void applyConfig() throws JSchException {
     checkConfig(config, "StrictHostKeyChecking");
     checkConfig(config, "HashKnownHosts");
     checkConfig(config, "PreferredAuthentications");
+    checkConfig(config, "PubkeyAcceptedKeyTypes");
     checkConfig(config, "MaxAuthTries");
     checkConfig(config, "ClearAllForwardings");