[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm

[Morten Linderud]

Hi,

I sent this patch back inn april and I still have a need for this. Would it be
possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`?

-- 
Morten Linderud
PGP: 9C02FF419FECBE16

On Thu, Apr 11, 2024 at 09:16:39PM +0200, Morten Linderud wrote:
> `ssh-keygen -Y sign` only selects the signing algorithm `rsa-sha2-512`
> and this prevents ssh-agent implementations that can't support sha512
> from signing messages.
> 
> An example of this is TPMs which mostly only really supports sha256
> widely.
> 
> This change enables `ssh-keygen -Y sign` to honor the `hashalg` option
> for the signing algorithm.
> 
> Signed-off-by: Morten Linderud <morten at linderud.pw>
> ---
>  sshsig.c | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/sshsig.c b/sshsig.c
> index 470b286a3..033b43353 100644
> --- a/sshsig.c
> +++ b/sshsig.c
> @@ -190,8 +190,14 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg,
>  	}
>  
>  	/* If using RSA keys then default to a good signature algorithm */
> -	if (sshkey_type_plain(key->type) == KEY_RSA)
> -		sign_alg = RSA_SIGN_ALG;
> +	if (sshkey_type_plain(key->type) == KEY_RSA){
> +		if (hashalg == NULL)
> +			sign_alg = RSA_SIGN_ALG;
> +		else if (strcmp(hashalg, "sha256") == 0)
> +			sign_alg = "rsa-sha2-256";
> +		else if (strcmp(hashalg, "sha512") == 0)
> +			sign_alg = "rsa-sha2-512";
> +	}
>  
>  	if (signer != NULL) {
>  		if ((r = signer(key, &sig, &slen,
> -- 
> 2.44.0
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20241123/f62f7654/attachment.asc>