Description
Reproduction steps
I'm trying to validate SSH hostkeys against known_hosts.
libgit2 currently exposes an md5 and/or a sha1 of the cert. However, since 2015, openssh writes sha256 hashes by default to known_hosts.
Expected behavior
Ideally, I'd like access to the raw, unhashed cert data, so that I can hash it with whatever algorithm is required to match what is in known_hosts. Failing that, I'd like the sha256 hash to be added, and for the md5 and sha1 sums to also always be present, so that we can match whatever happens to be in known_hosts.
Perhaps even better would be for libgit2 to have built-in known_hosts support, although that's significantly more complicated.
Version of libgit2 (release number or SHA1)
f04a58b (HEAD as of Oct 7, 2019)
(And I'm using git2go, which is frustratingly stuck back on v27, with unreviewed PRs waiting to bring it up to speed.)