From 4c66383a05c7832baf57496d70543320b060f69b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Prante?= <joergprante@gmail.com>
Date: Wed, 29 May 2024 13:19:34 +0200
Subject: [PATCH] add bit if X is odd in ed25519 public key writing

---
 .../sshd/fs/test/SftpWithPrivateKeyReaderTest.java       | 2 +-
 .../main/java/org/apache/sshd/common/util/ArrayUtil.java | 8 ++++++++
 .../java/org/apache/sshd/common/util/buffer/Buffer.java  | 9 ++++++---
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/files-sftp-fs/src/test/java/org/apache/sshd/fs/test/SftpWithPrivateKeyReaderTest.java b/files-sftp-fs/src/test/java/org/apache/sshd/fs/test/SftpWithPrivateKeyReaderTest.java
index 816c83f..2e2664d 100644
--- a/files-sftp-fs/src/test/java/org/apache/sshd/fs/test/SftpWithPrivateKeyReaderTest.java
+++ b/files-sftp-fs/src/test/java/org/apache/sshd/fs/test/SftpWithPrivateKeyReaderTest.java
@@ -24,7 +24,7 @@ public class SftpWithPrivateKeyReaderTest {
     public void testXbib() throws Exception {
         Map<String, String> env = new HashMap<>();
         env.put("username", "joerg");
-        URI uri = URI.create("sftp://xbib.org");
+        URI uri = URI.create("sftp://alkmene");
         try (SshClient sshClient = ClientBuilder.builder()
                 .build()) {
             sshClient.setNioWorkers(1);
diff --git a/files-sftp/src/main/java/org/apache/sshd/common/util/ArrayUtil.java b/files-sftp/src/main/java/org/apache/sshd/common/util/ArrayUtil.java
index e0c3f80..39e9fa4 100644
--- a/files-sftp/src/main/java/org/apache/sshd/common/util/ArrayUtil.java
+++ b/files-sftp/src/main/java/org/apache/sshd/common/util/ArrayUtil.java
@@ -5,6 +5,14 @@ public class ArrayUtil {
     private ArrayUtil() {
     }
 
+    public static String toHex(byte[] data) {
+        StringBuilder sb = new StringBuilder();
+        for (byte b : data) {
+            sb.append(Character.forDigit((b & 240) >> 4, 16)).append(Character.forDigit((b & 15), 16));
+        }
+        return sb.toString();
+    }
+
     public static void reverse(byte[] arr) {
         int i = 0;
         int j = arr.length - 1;
diff --git a/files-sftp/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java b/files-sftp/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java
index fad1a8b..64e8b9b 100644
--- a/files-sftp/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java
+++ b/files-sftp/src/main/java/org/apache/sshd/common/util/buffer/Buffer.java
@@ -919,9 +919,12 @@ public abstract class Buffer implements Readable {
                 putBytes(cert.getSignature());
             }
             case EdECPublicKey edECPublicKey -> {
-                byte[] b = edECPublicKey.getPoint().getY().toByteArray();
-                ArrayUtil.reverse(b);
-                putBytes(b);
+                byte[] arr = edECPublicKey.getPoint().getY().toByteArray();
+                ArrayUtil.reverse(arr);
+                if (edECPublicKey.getPoint().isXOdd()) {
+                    arr[arr.length - 1] |= (byte) 0x80;
+                }
+                putBytes(arr);
             }
             default -> throw new BufferException("Unsupported raw public key algorithm: " + key.getAlgorithm());
         }