SSHSIG format discrepancy?
Damien Miller
djm at mindrot.org
Wed Oct 2 18:07:46 AEST 2019
On Wed, 2 Oct 2019, Mantas Mikulėnas wrote:
> Hello,
>
> I'm trying to implement OpenSSH's new SSHSIG format in my own Python
> script (an older project for signing data using ssh-agent), and it seems
> like the "data wrapper" format used by ssh-keygen doesn't exactly match
> what is documented in PROTOCOL.
>
> The documentation says that H(message) is written as a `string`, which
> implies it being prefixed with uint32 length as other SSH strings are.
>
> However, I found that sshsig_wrap_sign() uses sshbuf_putb() and not
> put_string(), and I've *only* managed to achieve compatibility by
> directly appending h_message *without* the string-length prefix.
>
> Which format is the correct one?
The PROTOCOL.sshsig file is correct. I've committed a fix.
> (Additionally: Shouldn't ssh-keygen reject -n "" to enforce the "empty
> namespace is forbidden" rule?)
I've fixed this too.
Thanks!
More information about the openssh-unix-dev
mailing list