@@ -1234,3 +1234,51 @@ func TestPublicKeyAndAlgoCompatibility(t *testing.T) {
12341234 t .Error ("cert login passed with incompatible public key type and algorithm" )
12351235 }
12361236}
1237+
1238+ func TestClientAuthGPGAgentCompat (t * testing.T ) {
1239+ clientConfig := & ClientConfig {
1240+ User : "testuser" ,
1241+ HostKeyCallback : InsecureIgnoreHostKey (),
1242+ Auth : []AuthMethod {
1243+ // algorithm rsa-sha2-512 and signature format ssh-rsa.
1244+ configurablePublicKeyCallback {
1245+ signer : testSigners ["rsa" ].(AlgorithmSigner ),
1246+ signatureAlgo : KeyAlgoRSASHA512 ,
1247+ signatureFormat : KeyAlgoRSA ,
1248+ },
1249+ },
1250+ }
1251+ if err := tryAuth (t , clientConfig ); err != nil {
1252+ t .Fatalf ("unable to dial remote side: %s" , err )
1253+ }
1254+ }
1255+
1256+ func TestCertAuthOpenSSHCompat (t * testing.T ) {
1257+ cert := & Certificate {
1258+ Key : testPublicKeys ["rsa" ],
1259+ ValidBefore : CertTimeInfinity ,
1260+ CertType : UserCert ,
1261+ }
1262+ cert .SignCert (rand .Reader , testSigners ["ecdsa" ])
1263+ certSigner , err := NewCertSigner (cert , testSigners ["rsa" ])
1264+ if err != nil {
1265+ t .Fatalf ("NewCertSigner: %v" , err )
1266+ }
1267+
1268+ clientConfig := & ClientConfig {
1269+ User : "user" ,
1270+ HostKeyCallback : InsecureIgnoreHostKey (),
1271+ Auth : []AuthMethod {
1272+ // algorithm [email protected] and signature format 1273+ // rsa-sha2-256.
1274+ configurablePublicKeyCallback {
1275+ signer : certSigner .(AlgorithmSigner ),
1276+ signatureAlgo : CertAlgoRSAv01 ,
1277+ signatureFormat : KeyAlgoRSASHA256 ,
1278+ },
1279+ },
1280+ }
1281+ if err := tryAuth (t , clientConfig ); err != nil {
1282+ t .Fatalf ("unable to dial remote side: %s" , err )
1283+ }
1284+ }
0 commit comments