go.crypto/ssh: implement ECDH.

Implement elliptic-curve Diffie-Hellman, including host key signature verification. Moves host key cryptographic verification to ClientConn.handshake(), so RSA host keys are also verified. Fixes golang/go#6158. R=dave, agl CC=golang-dev https://golang.org/cl/13021045
author: Han-Wen Nienhuys <hanwen@google.com> 2013-08-28 10:50:25 -0400
committer: Adam Langley <agl@golang.org> 2013-08-28 10:50:25 -0400
commit: d7d50b0a7ca68e2c21897511107809de9cee1137 (patch)
tree: 9460758fc9413fbfc36c2f9d8319a56ac2586c20 /ssh/client_auth_test.go
parent: b725ff72eb4ef6b906846cc73efacaab8da3b2d1 (diff)
download: go-x-crypto-d7d50b0a7ca68e2c21897511107809de9cee1137.tar.xz
1 files changed, 20 insertions, 0 deletions
diff --git a/ssh/client_auth_test.go b/ssh/client_auth_test.go
index d339ffe..ff64ad7 100644
--- a/ssh/client_auth_test.go
+++ b/ssh/client_auth_test.go
@@ -16,6 +16,7 @@ import (
 	"io"
 	"io/ioutil"
 	"math/big"
+	"strings"
 	"testing"
 )
 
@@ -356,3 +357,22 @@ func TestClientUnsupportedCipher(t *testing.T) {
 		c.Close()
 	}
 }
+
+func TestClientUnsupportedKex(t *testing.T) {
+	kc := new(keychain)
+	kc.keys = append(kc.keys, rsakey)
+	config := &ClientConfig{
+		User: "testuser",
+		Auth: []ClientAuth{
+			ClientAuthKeyring(kc),
+		},
+		Crypto: CryptoConfig{
+			KeyExchanges: []string{"diffie-hellman-group-exchange-sha256"}, // not currently supported
+		},
+	}
+	c, err := Dial("tcp", newMockAuthServer(t), config)
+	if err == nil || !strings.Contains(err.Error(), "no common algorithms") {
+		t.Errorf("got %v, expected 'no common algorithms'", err)
+		c.Close()
+	}
+}
author	Han-Wen Nienhuys <hanwen@google.com>	2013-08-28 10:50:25 -0400
committer	Adam Langley <agl@golang.org>	2013-08-28 10:50:25 -0400
commit	d7d50b0a7ca68e2c21897511107809de9cee1137 (patch)
tree	9460758fc9413fbfc36c2f9d8319a56ac2586c20 /ssh/client_auth_test.go
parent	b725ff72eb4ef6b906846cc73efacaab8da3b2d1 (diff)
download	go-x-crypto-d7d50b0a7ca68e2c21897511107809de9cee1137.tar.xz