From e65a0e3c556843356414fb950a9f6f731085d5ff Mon Sep 17 00:00:00 2001
From: Kenny Root <kenny@the-b.org>
Date: Tue, 17 Feb 2026 14:19:41 -0800
Subject: [PATCH] Handle Conscrypt EdDSA keys in authentication flow

AuthenticationManager used a strict "EdDSA" algorithm name check which
failed for Conscrypt keys (e.g., from Google Play Services) that may
use OID or other algorithm identifiers. Reuse PublicKeyUtils.isEd25519Key()
for consistent detection across all code paths.
---
 src/main/java/com/trilead/ssh2/auth/AuthenticationManager.java | 3 ++-
 src/main/java/com/trilead/ssh2/crypto/PublicKeyUtils.java      | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/trilead/ssh2/auth/AuthenticationManager.java b/src/main/java/com/trilead/ssh2/auth/AuthenticationManager.java
index 4bd5e9ac..76410cfb 100644
--- a/src/main/java/com/trilead/ssh2/auth/AuthenticationManager.java
+++ b/src/main/java/com/trilead/ssh2/auth/AuthenticationManager.java
@@ -1,6 +1,7 @@
 
 package com.trilead.ssh2.auth;
 
+import com.trilead.ssh2.crypto.PublicKeyUtils;
 import com.trilead.ssh2.crypto.keys.Ed25519PrivateKey;
 import com.trilead.ssh2.signature.RSASHA256Verify;
 import com.trilead.ssh2.signature.RSASHA512Verify;
@@ -316,7 +317,7 @@ else if (publicKey instanceof ECPublicKey)
 
 				tm.sendMessage(ua.getPayload());
 			}
-			else if ("EdDSA".equals(publicKey.getAlgorithm()))
+			else if (PublicKeyUtils.isEd25519Key(publicKey))
 			{
 				final String algo = Ed25519Verify.ED25519_ID;
 
diff --git a/src/main/java/com/trilead/ssh2/crypto/PublicKeyUtils.java b/src/main/java/com/trilead/ssh2/crypto/PublicKeyUtils.java
index 89509b3f..187451e2 100644
--- a/src/main/java/com/trilead/ssh2/crypto/PublicKeyUtils.java
+++ b/src/main/java/com/trilead/ssh2/crypto/PublicKeyUtils.java
@@ -102,7 +102,7 @@ public static byte[] extractPublicKeyBlob(PublicKey publicKey)
 	 * (e.g., JDK, Conscrypt/Google Play Services) which may use different algorithm names or
 	 * class names for Ed25519 keys.
 	 */
-	static boolean isEd25519Key(PublicKey publicKey) {
+	public static boolean isEd25519Key(PublicKey publicKey) {
 		String algorithm = publicKey.getAlgorithm();
 		if ("EdDSA".equals(algorithm) || "Ed25519".equals(algorithm) || "1.3.101.112".equals(algorithm)) {
 			return true;