Add support for ECDSA key sizes 384 and 521 alongside the existing 256.

Previously only 256-bit was handled and in certain cases (private key
reading) 384- and 521-bit keys were treated as 256-bit keys causing
silent errors.

Tests have been added to specifically test the 384 and 521 keysizes. As
RFC 5656 defines 256, 384, and 521 as the required keysizes this seems a
good set to test. Also, this will cover the branches at ecdsakey.py:55.
Test keys were renamed and test_client.py was modified as a result.

This also fixes two bugs in ecdsakey.py. First, when calculating bytes
needed to store a key, the assumption was made that the key size (in
bits) was divisible by 8 (see line 137). This has been fixed by rounding
up (wasn't an issue as only 256-bit keys were used before). Another bug
was that the key padding in asbytes was being done backwards (was
padding on current_length - needed_length bytes).

1 files changed, 1 insertions, 1 deletions

diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py
index 38ac866b..2ee3d27f 100644
--- a/paramiko/hostkeys.py
+++ b/paramiko/hostkeys.py
@@ -331,7 +331,7 @@ class HostKeyEntry:
                 key = RSAKey(data=decodebytes(key))
             elif keytype == 'ssh-dss':
                 key = DSSKey(data=decodebytes(key))
-            elif keytype == 'ecdsa-sha2-nistp256':
+            elif keytype in ECDSAKey.supported_key_format_identifiers():
                 key = ECDSAKey(data=decodebytes(key), validate_point=False)
             else:
                 log.info("Unable to handle key of type %s" % (keytype,))