This is an automated email from the ASF dual-hosted git repository. twolf pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 084e69b8183a3228f0b44acb0c17a5ec86ef44ab Author: Thomas Wolf <[email protected]> AuthorDate: Thu Aug 28 12:39:59 2025 +0200 Fix equals() & hashCode() for sk-* keys Include verifyRequired in both, and make the static utility methods in KeyUtils simply call Objects.equals(). --- .../apache/sshd/common/config/keys/KeyUtils.java | 22 ++-------------------- .../common/config/keys/u2f/SkED25519PublicKey.java | 6 ++++-- .../common/config/keys/u2f/SkEcdsaPublicKey.java | 6 ++++-- 3 files changed, 10 insertions(+), 24 deletions(-) diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyUtils.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyUtils.java index 8a4dac941..156be3327 100644 --- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyUtils.java +++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyUtils.java @@ -1254,29 +1254,11 @@ public final class KeyUtils { } public static boolean compareSkEcdsaKeys(SkEcdsaPublicKey k1, SkEcdsaPublicKey k2) { - if (Objects.equals(k1, k2)) { - return true; - } else if (k1 == null || k2 == null) { - return false; // both null is covered by Objects#equals - } else { - return Objects.equals(k1.getAppName(), k2.getAppName()) - && Objects.equals(k1.isNoTouchRequired(), k2.isNoTouchRequired()) - && Objects.equals(k1.isVerifyRequired(), k2.isVerifyRequired()) - && compareECKeys(k1.getDelegatePublicKey(), k2.getDelegatePublicKey()); - } + return Objects.equals(k1, k2); } public static boolean compareSkEd25519Keys(SkED25519PublicKey k1, SkED25519PublicKey k2) { - if (Objects.equals(k1, k2)) { - return true; - } else if (k1 == null || k2 == null) { - return false; // both null is covered by Objects#equals - } else { - return Objects.equals(k1.getAppName(), k2.getAppName()) - && Objects.equals(k1.isNoTouchRequired(), k2.isNoTouchRequired()) - && Objects.equals(k1.isVerifyRequired(), k2.isVerifyRequired()) - && SecurityUtils.compareEDDSAPPublicKeys(k1.getDelegatePublicKey(), k2.getDelegatePublicKey()); - } + return Objects.equals(k1, k2); } public static String getSignatureAlgorithm(String chosenAlgorithm, PublicKey key) { diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkED25519PublicKey.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkED25519PublicKey.java index 7e41ca7c5..c476851db 100644 --- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkED25519PublicKey.java +++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkED25519PublicKey.java @@ -25,6 +25,7 @@ import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.config.keys.impl.SkED25519PublicKeyEntryDecoder; import org.apache.sshd.common.keyprovider.KeyPairProvider; import org.apache.sshd.common.util.ValidateUtils; +import org.apache.sshd.common.util.security.SecurityUtils; public class SkED25519PublicKey implements SecurityKeyPublicKey<PublicKey> { @@ -111,7 +112,7 @@ public class SkED25519PublicKey implements SecurityKeyPublicKey<PublicKey> { @Override public int hashCode() { - return Objects.hash(appName, noTouchRequired, delegatePublicKey); + return Objects.hash(appName, noTouchRequired, verifyRequired, delegatePublicKey); } @Override @@ -129,7 +130,8 @@ public class SkED25519PublicKey implements SecurityKeyPublicKey<PublicKey> { SkED25519PublicKey other = (SkED25519PublicKey) obj; return Objects.equals(this.appName, other.appName) && this.noTouchRequired == other.noTouchRequired - && Objects.equals(this.delegatePublicKey, other.delegatePublicKey); + && this.verifyRequired == other.verifyRequired + && SecurityUtils.compareEDDSAPPublicKeys(this.delegatePublicKey, other.delegatePublicKey); } } diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkEcdsaPublicKey.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkEcdsaPublicKey.java index 449096f5e..8056adb16 100644 --- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkEcdsaPublicKey.java +++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/u2f/SkEcdsaPublicKey.java @@ -21,6 +21,7 @@ package org.apache.sshd.common.config.keys.u2f; import java.security.interfaces.ECPublicKey; import java.util.Objects; +import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.config.keys.impl.SkECDSAPublicKeyEntryDecoder; public class SkEcdsaPublicKey implements SecurityKeyPublicKey<ECPublicKey> { @@ -106,7 +107,7 @@ public class SkEcdsaPublicKey implements SecurityKeyPublicKey<ECPublicKey> { @Override public int hashCode() { - return Objects.hash(appName, noTouchRequired, delegatePublicKey); + return Objects.hash(appName, noTouchRequired, verifyRequired, delegatePublicKey); } @Override @@ -124,6 +125,7 @@ public class SkEcdsaPublicKey implements SecurityKeyPublicKey<ECPublicKey> { SkEcdsaPublicKey other = (SkEcdsaPublicKey) obj; return Objects.equals(this.appName, other.appName) && this.noTouchRequired == other.noTouchRequired - && Objects.equals(this.delegatePublicKey, other.delegatePublicKey); + && this.verifyRequired == other.verifyRequired + && KeyUtils.compareECKeys(this.delegatePublicKey, other.delegatePublicKey); } }
