Added ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 key authentication support.
Didn't have to change too much. The ecdsa module already supported them, so just needed a little work to get the right ssh parameters into ECDSAKey and having it use ecdsa's features for identifying which key size is being used.
Added bits parameter to ecdsa generate function to make it compatible with RSAKey and DSSKey. Because of this, I could easily add ecdsa to demo_keygen.py.
Tested client login against all key sizes, added ecdsa t demo.py.
Generating ecdsa 256, 384 and 521 size keys works with demo_keygen.py
Existing tests for ecdsa-sha2-nistp256 all still work fine without modification.
added ecdsa to demo.py
ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 key authentication
Merge branch 'ecdsademo' into demo-keygen
added ecdsa keygen
small fix to ecdsa generate function
Thanks for this. Seems like it includes the changes from #610 too? If so, you can close #610, I don't actually mind "multi-change" PRs if the 2nd change is just in the demo folder :)
fix to GSS key exchange selection being hardcoded elsewhere, and ther…
…efore lacked the new diffie-hellman-group-exchange-sha256 kex
I've added a fix to transport.py where in the case of GSS, the key exchange algorithm list was replaced further on in the code, which has caused a later update which added diffie-hellman-group-exchange-sha256to be forgotten in that location. Moved the GSS preferred kex list to the top for consistency
missing one self
We're planning to merge #394 into master soon and that'll make it hard to merge this as-is. Pretty sure it'd be possible to take the general approach in here and apply it to the updated ecdsakey.py afterwards; I'm going to bump this to a 2.1 milestone with that in mind. (If @mchlt finds time to make this #394-friendly before 2.0 releases, I can make it part of 2.0, doesn't matter a ton to me either way.)
I'm going to have a version of my pull request done soon. Should I link that here or what?
Ok, I've updated my PR, now #731.
A quick overview of how mine differs from mchlt's:
Close to merging #731. I'd ideally like the demos to get updated too but it can wait for a bugfix or similar update once someone else has the time :)
EDIT: re: the GSS key stuff, from my reading that was simply a cleanup/format change on @mchlt's part and actually orthogonal to the ECDSA functionality update. So again, not a blocker AFAICT.
Changelog entry re #731, re #611