aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2018-06-26 12:22:31 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-08-31 14:18:34 +0200
commitebb01549d0ac8cf270bece10c9d38b2b38def10d (patch)
tree243a38d7553a2e453e00d9e88441c6f40f5d7984
parent945469c9e07c59fe816f32b1a9301c2c5b50cfc7 (diff)
downloadlibssh-ebb01549d0ac8cf270bece10c9d38b2b38def10d.tar.gz
libssh-ebb01549d0ac8cf270bece10c9d38b2b38def10d.tar.xz
libssh-ebb01549d0ac8cf270bece10c9d38b2b38def10d.zip
SHA2 extension in the ssh-agent interface
The new constants for flags are defined in draft-miller-ssh-agent-02 are active if the SHA2 extension is negotiated with the server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/agent.h3
-rw-r--r--src/agent.c8
2 files changed, 11 insertions, 0 deletions
diff --git a/include/libssh/agent.h b/include/libssh/agent.h
index 8f9ef941..0142f575 100644
--- a/include/libssh/agent.h
+++ b/include/libssh/agent.h
@@ -66,6 +66,9 @@
#define SSH_COM_AGENT2_FAILURE 102
#define SSH_AGENT_OLD_SIGNATURE 0x01
+/* Signature flags from draft-miller-ssh-agent-02 */
+#define SSH_AGENT_RSA_SHA2_256 0x02
+#define SSH_AGENT_RSA_SHA2_512 0x04
struct ssh_agent_struct {
struct ssh_socket_struct *sock;
diff --git a/src/agent.c b/src/agent.c
index bcde62aa..15a62556 100644
--- a/src/agent.c
+++ b/src/agent.c
@@ -548,6 +548,14 @@ ssh_string ssh_agent_sign_data(ssh_session session,
return NULL;
}
+ /* Add Flags: SHA2 extension (RFC 8332) if negotiated */
+ if (pubkey->type == SSH_KEYTYPE_RSA) {
+ if (session->extensions & SSH_EXT_SIG_RSA_SHA512) {
+ flags |= SSH_AGENT_RSA_SHA2_512;
+ } else if (session->extensions & SSH_EXT_SIG_RSA_SHA256) {
+ flags |= SSH_AGENT_RSA_SHA2_256;
+ }
+ }
if (ssh_buffer_add_u32(request, htonl(flags)) < 0) {
ssh_buffer_free(request);
return NULL;