[Bug 3829] New: SSH signature armor protocol documentation issue
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat May 31 01:08:50 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3829
Bug ID: 3829
Summary: SSH signature armor protocol documentation issue
Product: Portable OpenSSH
Version: 10.0p2
Hardware: Other
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
Reporter: ngraves at ngraves.fr
The SSHSIG protocol states that "The base64 encoded blob SHOULD be
broken up by newlines every 76 characters." [1]
However, it seems that it's in practise broken up each 70 characters in
a signature generated with ssh-keygen. It's also quite clear in the
code that it's 70 characters and not 76 [2].
[1]:
https://github.com/openssh/openssh-portable/blob/73ef0563a59f90324f8426c017f38e20341b555f/PROTOCOL.sshsig#L21
[2]:
https://github.com/openssh/openssh-portable/blob/73ef0563a59f90324f8426c017f38e20341b555f/sshbuf-misc.c#L151
PS: The PROTOCOL.sshsig might not be precise enough to be reproduced
independently. We're trying to reproduce openssh results with libssh
here, the protocol is respected at first glance, but we don't get the
same results :
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/536
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list