replacement in thrussh-keys/src/signature.rs at line 18
[4.6321]→[4.6321:6370](∅→∅) − RSA { hash: SignatureHash, bytes: Vec<u8> },
+ RSA {
+ hash: SignatureHash,
+ bytes: Vec<u8>,
+ },
+ P256(Vec<u8>), // Can't use SignatureBytes because ssh mpint encoding
edit in thrussh-keys/src/signature.rs at line 52
+ }
+ Signature::P256(ref bytes) => {
+ let t = b"ecdsa-sha2-nistp256";
+ bytes_
+ .write_u32::<BigEndian>((t.len() + bytes.len() + 8) as u32)
+ .unwrap();
+ bytes_.extend_ssh_string(t);
+ bytes_.extend_ssh_string(&bytes);
edit in thrussh-keys/src/signature.rs at line 87
+ b"ecdsa-sha2-nistp256" => Ok(Signature::P256(bytes.to_vec())),
edit in thrussh-keys/src/signature.rs at line 101
+ Signature::P256(ref signature) => &signature,
replacement in thrussh-keys/src/lib.rs at line 13
[4.22188]→[4.22188:22195](∅→∅) + #![cfg_attr(not(feature = "openssl"), doc = "```no_run")]
+ #![cfg_attr(feature = "openssl", doc = "```")]
edit in thrussh-keys/src/lib.rs at line 122
+ #[cfg(feature = "p256")]
edit in thrussh-keys/src/lib.rs at line 124
+ P256(#[from] p256::elliptic_curve::Error),
+
+ #[cfg(feature = "p256")]
+ #[error(transparent)]
+ P256ECDSA(#[from] p256::ecdsa::Error),
+
+ #[error(transparent)]
edit in thrussh-keys/src/lib.rs at line 154
+ const KEYTYPE_P256: &'static [u8] = b"ecdsa-sha2-nistp256";
replacement in thrussh-keys/src/lib.rs at line 158
[4.27555]→[4.27555:27563](∅→∅) edit in thrussh-keys/src/lib.rs at line 217
+ }
+ #[cfg(feature = "p256")]
+ key::PublicKey::P256(ref publickey) => {
+ use encoding::Encoding;
+ s.extend_ssh_string(b"ecdsa-sha2-nistp256");
+ s.extend_ssh_string(b"nistp256");
+ s.extend_ssh_string(&publickey.to_sec1_bytes());
edit in thrussh-keys/src/lib.rs at line 248
+ #[cfg(feature = "p256")]
+ key::KeyPair::P256(ref key) => {
+ use encoding::Encoding;
+ let public = p256::ecdsa::SigningKey::from(key)
+ .verifying_key()
+ .to_sec1_bytes();
+ s.extend_ssh_string(b"ecdsa-sha2-nistp256");
+ s.extend_ssh_string(b"nistp256");
+ s.extend_ssh_string(&public);
+ }
edit in thrussh-keys/src/lib.rs at line 479
+ -----END OPENSSH PRIVATE KEY-----";
+
+ #[cfg(feature = "p256")]
+ const P256_KEY: &'static str = "-----BEGIN OPENSSH PRIVATE KEY-----
+ b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAh
+ krrfr9PH+vNievobev0EAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAy
+ NTYAAAAIbmlzdHAyNTYAAABBBHtLt3JSpJSWyg7Tvx7LNuWEjX8lFJDupLh14RwW
+ zy5TaiVMM4iF+gZlzM12r6mVwWdQq9fTcN/QhElyR4m34oIAAACwe18misSLWNBp
+ kWsNwQD9+wZx6w4YHykv/hA1v4B1iavk176z4JwtzwnS0sDSW+ME2HEpO7uJMlAc
+ 1ZItX9W+dRdFjPkKYibMCCcylOIUrjqWkhFnFOpHrTsiyuIwBFwSrfis8r2AX5xb
+ EsDf+t3612/JMMTJMUvqsK9hxR6SrT73CS2W4/UbAQ1O0b7eDShH9zMyiMC4lYec
+ Ru6GNGRltIpY3hqCB6di+lzu6iPrMEE=
replacement in thrussh-keys/src/lib.rs at line 509
[4.38717]→[4.1308:1340](∅→∅) − #[cfg(feature = "openssl")]
+ #[cfg(feature = "p256")]
+ fn test_decode_p256_secret_key() {
+ extern crate env_logger;
+ env_logger::try_init().unwrap_or(());
+ decode_secret_key(P256_KEY, Some("blabla")).unwrap();
+ }
+
+ #[test]
edit in thrussh-keys/src/lib.rs at line 640
+ #[cfg(feature = "p256")]
+ pub const PKCS8_P256: &'static str = "-----BEGIN ENCRYPTED PRIVATE KEY-----
+ MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh155uUbhbyFQICCAAw
+ DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEL4PGMOq8KM573vkRzh8GSMEgZBt
+ 6UPxhwgoiSqXdlfe/1hTzVKFjpFQNe5UUXxPHlw1a7+24sPzHwqY39tVWlbNO4QR
+ 0bwebnTG8/pMR2X/3Hch2d/okVlfpeqYTyiBcbW1nXAJtK+eorZ80P2UCHD/X7sj
+ iLhibttN17vvg7HZPqf9wQm+Mef97nmP13oEFU3s856haS3T0OVVh+d+dpLuntM=
+ -----END ENCRYPTED PRIVATE KEY-----";
+
replacement in thrussh-keys/src/lib.rs at line 731
[4.1667]→[4.49226:49248](∅→∅),
[4.49226]→[4.49226:49248](∅→∅) edit in thrussh-keys/src/lib.rs at line 737
+ #[test]
+ #[cfg(feature = "p256")]
+ fn test_pkcs8_p256() {
+ env_logger::try_init().unwrap_or(());
+ decode_secret_key(PKCS8_P256, Some("blabla")).unwrap();
+ }
+
edit in thrussh-keys/src/lib.rs at line 878
+ #[cfg(feature = "p256")]
+ fn test_client_agent_p256() {
+ let key = decode_secret_key(PKCS8_P256, Some("blabla")).unwrap();
+ test_client_agent(key)
+ }
+
+ #[test]
+ #[cfg(feature = "p256")]
+ fn test_client_agent_openssh_p256() {
+ let key = decode_secret_key(P256_KEY, Some("blabla")).unwrap();
+ test_client_agent(key)
+ }
+
+ #[test]
edit in thrussh-keys/src/key.rs at line 21
+ #[cfg(feature = "p256")]
+ use p256::ecdsa::signature::Verifier;
edit in thrussh-keys/src/key.rs at line 48
+ /// The name of the ecdsa-sha2-nistp256 algorithm for SSH.
+ pub const ECDSA_SHA2_NISTP256: Name = Name("ecdsa-sha2-nistp256");
edit in thrussh-keys/src/key.rs at line 114
+ #[doc(hidden)]
+ #[cfg(feature = "p256")]
+ P256(p256::PublicKey),
edit in thrussh-keys/src/key.rs at line 196
+ b"ecdsa-sha2-nistp256" if cfg!(feature = "p256") => {
+ #[cfg(feature = "p256")]
+ {
+ let mut p = pubkey.reader(0);
+ let key_algo = p.read_string()?;
+ let identifier = p.read_string()?;
+ if key_algo != b"ecdsa-sha2-nistp256" || identifier != b"nistp256" {
+ debug!("Rejecting {identifier:?} for not being nistp256");
+ return Err(Error::CouldNotReadKey.into());
+ }
+ let sec1_bytes = p.read_string()?;
+ return p256::PublicKey::from_sec1_bytes(sec1_bytes)
+ .map(PublicKey::P256)
+ .map_err(|e| {
+ debug!("from_sec1_bytes failure: {e:?}");
+ Error::CouldNotReadKey
+ });
+ }
+ #[cfg(not(feature = "p256"))]
+ unreachable!();
+ }
edit in thrussh-keys/src/key.rs at line 227
+ #[cfg(feature = "p256")]
+ PublicKey::P256(_) => ECDSA_SHA2_NISTP256.0,
edit in thrussh-keys/src/key.rs at line 247
+ }
+ #[cfg(feature = "p256")]
+ &PublicKey::P256(ref public) => {
+ let mut reader = sig.reader(0);
+ let mut concat = [0u8; 64];
+ // Ad-hoc reading of mpints:
+ // - We only consider the last 32 bytes => leading 0 is still treated fine
+ // - We implicitly pad missing leading bytes as 0, which is also fine for a modular value
+ match reader.read_mpint() {
+ Ok(r) => r.into_iter().rev().enumerate().for_each(|(i, b)| {
+ if i < 32 {
+ concat[31 - i] = *b;
+ }
+ }),
+ Err(_) => {
+ debug!("Malformed scalar: r");
+ return false;
+ }
+ };
+ match reader.read_mpint() {
+ Ok(s) => s.into_iter().rev().enumerate().for_each(|(i, b)| {
+ if i < 32 {
+ concat[63 - i] = *b;
+ }
+ }),
+ Err(_) => {
+ debug!("Malformed scalar: s");
+ return false;
+ }
+ };
+
+ p256::ecdsa::Signature::from_slice(&concat)
+ .and_then(|sig| {
+ p256::ecdsa::VerifyingKey::from(public)
+ .verify(buffer, &sig)
+ .map(|()| true)
+ })
+ .unwrap_or(false)
edit in thrussh-keys/src/key.rs at line 333
+ #[cfg(feature = "p256")]
+ P256(p256::SecretKey),
edit in thrussh-keys/src/key.rs at line 347
+ #[cfg(feature = "p256")]
+ KeyPair::P256(_) => write!(f, "P256( (hidden) )"),
edit in thrussh-keys/src/key.rs at line 382
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(ref key) => PublicKey::P256(key.public_key().to_owned()),
edit in thrussh-keys/src/key.rs at line 393
+ #[cfg(feature = "p256")]
+ KeyPair::P256(_) => ECDSA_SHA2_NISTP256.0,
edit in thrussh-keys/src/key.rs at line 411
+ #[cfg(feature = "p256")]
+ pub fn generate_p256() -> Option<Self> {
+ Some(KeyPair::P256(p256::SecretKey::random(
+ &mut rand::rngs::OsRng::default(),
+ )))
+ }
+
edit in thrussh-keys/src/key.rs at line 430
+
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(ref secret) => {
+ let sig = p256::ecdsa::SigningKey::from(secret)
+ .sign_recoverable(to_sign)?
+ .0;
+
+ let mut bytes = vec![];
+ bytes.extend_ssh_mpint(&sig.r().as_ref().to_bytes());
+ bytes.extend_ssh_mpint(&sig.s().as_ref().to_bytes());
+ Ok(Signature::P256(bytes))
+ }
edit in thrussh-keys/src/key.rs at line 470
+ }
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(ref secret) => {
+ let sig = p256::ecdsa::SigningKey::from(secret)
+ .sign_recoverable(to_sign.as_ref())?
+ .0
+ .to_bytes();
+ buffer.push_u32_be((ECDSA_SHA2_NISTP256.0.len() + sig.len() + 8) as u32);
+ buffer.extend_ssh_string(ECDSA_SHA2_NISTP256.0.as_bytes());
+ buffer.extend_ssh_string(&sig);
edit in thrussh-keys/src/key.rs at line 506
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(ref secret) => {
+ let sig = p256::ecdsa::SigningKey::from(secret)
+ .sign_recoverable(&buffer)?
+ .0
+ .to_bytes();
+ buffer.push_u32_be((ECDSA_SHA2_NISTP256.0.len() + sig.len() + 8) as u32);
+ buffer.extend_ssh_string(ECDSA_SHA2_NISTP256.0.as_bytes());
+ buffer.extend_ssh_string(&sig);
+ }
edit in thrussh-keys/src/key.rs at line 576
+ if t == b"ecdsa-sha2-nistp256" {
+ #[cfg(feature = "p256")]
+ {
+ let sec1_bytes = pos.read_string()?;
+ return p256::PublicKey::from_sec1_bytes(sec1_bytes)
+ .map(PublicKey::P256)
+ .map_err(|_| Error::CouldNotReadKey);
+ }
+ }
edit in thrussh-keys/src/format/pkcs8.rs at line 21
[4.72005]→[4.6266:6294](∅→∅) − #[cfg(feature = "openssl")]
edit in thrussh-keys/src/format/pkcs8.rs at line 22
+ const ECPUBLICKEY: &'static [u64] = &[1, 2, 840, 10045, 2, 1];
+ const P256: &'static [u64] = &[1, 2, 840, 10045, 3, 1, 7];
replacement in thrussh-keys/src/format/pkcs8.rs at line 202
[4.78532]→[4.6404:6432](∅→∅) − #[cfg(feature = "openssl")]
+ // #[cfg(feature = "openssl")]
replacement in thrussh-keys/src/format/pkcs8.rs at line 206
[4.78713]→[4.78713:78765](∅→∅) − reader.next().read_null()?;
− Ok(oid)
+ if oid.components().as_slice() == ECPUBLICKEY {
+ reader.next().read_oid()
+ } else {
+ reader.next().read_null()?;
+ Ok(oid)
+ }
replacement in thrussh-keys/src/format/pkcs8.rs at line 213
[4.78774]→[4.78774:78866](∅→∅),
[4.78866]→[4.1519:1599](∅→∅),
[4.1599]→[4.78954:79215](∅→∅),
[4.78954]→[4.78954:79215](∅→∅),
[4.79215]→[4.1600:1671](∅→∅),
[4.1671]→[4.79294:80149](∅→∅),
[4.79294]→[4.79294:80149](∅→∅) − if oid.components().as_slice() == RSA {
− let seq = &reader.next().read_bytes()?;
− let rsa: Result<Rsa<Private>, Error> = yasna::parse_der(seq, |reader| {
− reader.read_sequence(|reader| {
− let version = reader.next().read_u32()?;
− if version != 0 {
− return Ok(Err(Error::CouldNotReadKey.into()));
− }
− use openssl::bn::BigNum;
− let mut read_key = || -> Result<Rsa<Private>, Error> {
− Ok(Rsa::from_private_components(
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
− )?)
− };
− Ok(read_key())
+ if oid.components().as_slice() == RSA && cfg!(feature = "openssl") {
+ #[cfg(feature = "openssl")]
+ {
+ let seq = &reader.next().read_bytes()?;
+ let rsa: Result<Rsa<Private>, Error> = yasna::parse_der(seq, |reader| {
+ reader.read_sequence(|reader| {
+ let version = reader.next().read_u32()?;
+ if version != 0 {
+ return Ok(Err(Error::CouldNotReadKey.into()));
+ }
+ use openssl::bn::BigNum;
+ let mut read_key = || -> Result<Rsa<Private>, Error> {
+ Ok(Rsa::from_private_components(
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ BigNum::from_slice(&reader.next().read_biguint()?.to_bytes_be())?,
+ )?)
+ };
+ Ok(read_key())
+ })
+ })?;
+ Ok(key::KeyPair::RSA {
+ key: rsa?,
+ hash: SignatureHash::SHA2_256,
replacement in thrussh-keys/src/format/pkcs8.rs at line 243
[4.80164]→[4.80164:80285](∅→∅) − })?;
− Ok(key::KeyPair::RSA {
− key: rsa?,
− hash: SignatureHash::SHA2_256,
− })
+ }
+ #[cfg(not(feature = "openssl"))]
+ unreachable!()
+ } else if oid.components().as_slice() == P256 && cfg!(feature = "p256") {
+ #[cfg(feature = "p256")]
+ {
+ let bytes = &reader.next().read_bytes()?;
+ Ok(key::KeyPair::P256(p256::SecretKey::from_sec1_der(bytes)?))
+ }
+ #[cfg(not(feature = "p256"))]
+ unreachable!()
edit in thrussh-keys/src/format/pkcs8.rs at line 259
[4.6436]→[4.6436:6578](∅→∅),
[4.6578]→[4.80347:80350](∅→∅),
[4.80347]→[4.80347:80350](∅→∅) − #[cfg(not(feature = "openssl"))]
− fn read_key_v0(_: &mut BERReaderSeq) -> Result<key::KeyPair, Error> {
− Err(Error::CouldNotReadKey.into())
− }
−
edit in thrussh-keys/src/format/pkcs8.rs at line 271
+ #[cfg(feature = "p256")]
+ key::KeyPair::P256(_) => println!("P256"),
edit in thrussh-keys/src/format/pkcs8.rs at line 328
+ #[cfg(feature = "p256")]
+ key::KeyPair::P256(ref key) => writer.next().write_der(
+ p256::pkcs8::EncodePrivateKey::to_pkcs8_der(key)
+ .expect("Writing p256 as pkcs8")
+ .as_bytes(),
+ ),
replacement in thrussh-keys/src/format/openssh.rs at line 3
[4.86880]→[4.86880:86930](∅→∅) − use crate::{Error, KEYTYPE_ED25519, KEYTYPE_RSA};
+ use crate::{Error, KEYTYPE_ED25519, KEYTYPE_P256, KEYTYPE_RSA};
edit in thrussh-keys/src/format/openssh.rs at line 71
+ });
+ }
+ } else if key_type == KEYTYPE_P256 && cfg!(feature = "p256") {
+ #[cfg(feature = "p256")]
+ {
+ let _nistp256 = position.read_string()?;
+ let pub_bytes = position.read_string()?;
+ let sec_bytes = position.read_mpint()?;
+ let _comment = position.read_string()?;
+ let mut key_bytes = [0u8; 32];
+ // Reading mpints in a naive way, but sufficient for modular values here
+ sec_bytes.into_iter().rev().enumerate().for_each(|(i, b)| {
+ if i < 32 {
+ key_bytes[31 - i] = *b;
+ }
edit in thrussh-keys/src/format/openssh.rs at line 87
+ let key = p256::SecretKey::from_bytes(&key_bytes.into())?;
+ if key.public_key().to_sec1_bytes().as_ref() != pub_bytes {
+ return Err(Error::CouldNotReadKey);
+ }
+ return Ok(key::KeyPair::P256(key));
edit in thrussh-keys/src/agent/server.rs at line 257
+ #[cfg(feature = "p256")]
+ b"ecdsa-sha2-nistp256" => {
+ let public_ = r.read_string()?;
+ let pos1 = r.position;
+ let priv_ = r.read_mpint()?;
+ let _comment = r.read_string()?;
+ let mut priv_bytes = [0u8; 32];
+ priv_.into_iter().rev().enumerate().for_each(|(i, b)| {
+ if i < 32 {
+ priv_bytes[31 - i] = *b;
+ }
+ });
+ let key =
+ crate::key::KeyPair::P256(p256::SecretKey::from_bytes(&priv_bytes.into())?);
+ if public_ != crate::PublicKeyBase64::public_key_bytes(&key) {
+ return Ok(false);
+ }
+ (self.buf[pos0..pos1].to_vec(), key)
+ }
edit in thrussh-keys/src/agent/client.rs at line 127
+ self.buf.extend_ssh_string(b"");
+ }
+ #[cfg(feature = "p256")]
+ key::KeyPair::P256(ref key) => {
+ self.buf.extend_ssh_string(b"ecdsa-sha2-nistp256");
+ self.buf.extend_ssh_string(b"nistp256");
+ let bytes = key.public_key().to_sec1_bytes();
+ self.buf.extend_ssh_string(&bytes);
+ self.buf.extend_ssh_mpint(&key.to_bytes());
edit in thrussh-keys/src/agent/client.rs at line 275
+ #[cfg(feature = "p256")]
+ b"ecdsa-sha2-nistp256" => {
+ let nistp256 = r.read_string()?;
+ if nistp256 != b"nistp256" {
+ return Err(Error::UnsupportedKeyType(nistp256.to_vec()));
+ }
+ let key = r.read_string()?;
+ keys.push(PublicKey::P256(p256::PublicKey::from_sec1_bytes(key)?));
+ }
edit in thrussh-keys/src/agent/client.rs at line 418
+ b"ecdsa-sha2-nistp256" => Ok(Signature::P256(sig.to_vec())),
edit in thrussh-keys/src/agent/client.rs at line 519
+ #[cfg(feature = "p256")]
+ PublicKey::P256(ref key) => {
+ buf.extend(&[0, 0, 0, 0]);
+ let len0 = buf.len();
+ buf.extend_ssh_string(b"ecdsa-sha2-nistp256");
+ let mut inner_buf = vec![];
+ inner_buf.extend_ssh_string(b"nistp256");
+ inner_buf.extend_ssh_string(&key.to_sec1_bytes());
+ buf.extend(&inner_buf);
+ let len1 = buf.len();
+ BigEndian::write_u32(&mut buf[5..], (len1 - len0) as u32);
+ }
edit in thrussh-keys/Cargo.toml at line 42
+ p256 = { version = "0.13", optional = true, features = [ "ecdsa" ] }
replacement in thrussh-keys/Cargo.toml at line 56
[4.14182]→[4.14182:14203](∅→∅) replacement in thrussh/src/negotiation.rs at line 54
− #[cfg(feature = "openssl")]
+ #[cfg(all(feature = "openssl", feature = "p256"))]
+ pub const DEFAULT: Preferred = Preferred {
+ kex: &[kex::CURVE25519],
+ key: &[
+ key::ED25519,
+ key::ECDSA_SHA2_NISTP256,
+ key::RSA_SHA2_256,
+ key::RSA_SHA2_512,
+ ],
+ cipher: &[cipher::chacha20poly1305::NAME],
+ mac: &["none"],
+ compression: &["none", "zlib", "zlib@openssh.com"],
+ };
+
+ #[cfg(all(not(feature = "openssl"), feature = "p256"))]
+ pub const DEFAULT: Preferred = Preferred {
+ kex: &[kex::CURVE25519],
+ key: &[key::ED25519, key::ECDSA_SHA2_NISTP256],
+ cipher: &[cipher::chacha20poly1305::NAME],
+ mac: &["none"],
+ compression: &["none", "zlib", "zlib@openssh.com"],
+ };
+
+ #[cfg(all(feature = "openssl", not(feature = "p256")))]
replacement in thrussh/src/negotiation.rs at line 86
− #[cfg(not(feature = "openssl"))]
+ #[cfg(all(not(feature = "openssl"), not(feature = "p256")))]
replacement in thrussh/src/negotiation.rs at line 97
[4.270449]→[4.270449:270517](∅→∅) − key: &[key::ED25519, key::RSA_SHA2_256, key::RSA_SHA2_512],
+ key: &[
+ key::ED25519,
+ key::ECDSA_SHA2_NISTP256,
+ key::RSA_SHA2_256,
+ key::RSA_SHA2_512,
+ ],
replacement in thrussh/src/negotiation.rs at line 127
[4.270951]→[3.1141:1174](∅→∅) − #[cfg(not(feature = "openssl"))]
+ #[cfg(feature = "p256")]
+ use thrussh_keys::key::ECDSA_SHA2_NISTP256;
replacement in thrussh/src/negotiation.rs at line 131
[4.541]→[4.270951:270994](∅→∅),
[4.270951]→[4.270951:270994](∅→∅) − use thrussh_keys::key::{ED25519, SSH_RSA};
+ use thrussh_keys::key::SSH_RSA;
edit in thrussh/src/negotiation.rs at line 139
+ #[cfg(feature = "p256")]
+ &PublicKey::P256(_) => ECDSA_SHA2_NISTP256.0,
edit in thrussh/src/negotiation.rs at line 151
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(_) => ECDSA_SHA2_NISTP256.0,
edit in thrussh/src/key.rs at line 41
+ }
+ #[cfg(feature = "p256")]
+ &PublicKey::P256(_) => {
+ use thrussh_keys::PublicKeyBase64;
+ buffer.extend(&self.public_key_bytes());
edit in thrussh/src/key.rs at line 69
+ #[cfg(feature = "p256")]
+ &KeyPair::P256(_) => {
+ use thrussh_keys::PublicKeyBase64;
+ buffer.extend(&self.public_key_bytes());
+ }
replacement in thrussh/examples/remote_shell_call.rs at line 9
− let pem = std::fs::read("./my-aws-key.pem")?;
+ let pem = std::fs::read_to_string("./my-aws-key.pem")?;
replacement in thrussh/examples/remote_shell_call.rs at line 42
[4.1167]→[4.1167:1187](∅→∅) replacement in thrussh/examples/remote_shell_call.rs at line 46
[4.1288]→[4.1288:1454](∅→∅) − let key_pair = key::KeyPair::RSA {
− key: openssl::rsa::Rsa::private_key_from_pem(pem)?,
− hash: key::SignatureHash::SHA2_512,
− };
+ let key_pair = decode_secret_key(pem, None)?;
edit in thrussh/Cargo.toml at line 43
+ p256 = [ "thrussh-keys/p256" ]
+ openssl = [ "thrussh-keys/openssl", "dep:openssl" ]
replacement in cryptovec/src/lib.rs at line 403
[4.439904]→[4.439904:439944](∅→∅) − /// CryptoVec::from_slice(b"test");
+ /// cryptovec::CryptoVec::from_slice(b"test");