aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/libssh/agent.h3
-rw-r--r--src/agent.c8
2 files changed, 11 insertions, 0 deletions
diff --git a/include/libssh/agent.h b/include/libssh/agent.h
index 8f9ef941..0142f575 100644
--- a/include/libssh/agent.h
+++ b/include/libssh/agent.h
@@ -66,6 +66,9 @@
#define SSH_COM_AGENT2_FAILURE 102
#define SSH_AGENT_OLD_SIGNATURE 0x01
+/* Signature flags from draft-miller-ssh-agent-02 */
+#define SSH_AGENT_RSA_SHA2_256 0x02
+#define SSH_AGENT_RSA_SHA2_512 0x04
struct ssh_agent_struct {
struct ssh_socket_struct *sock;
diff --git a/src/agent.c b/src/agent.c
index bcde62aa..15a62556 100644
--- a/src/agent.c
+++ b/src/agent.c
@@ -548,6 +548,14 @@ ssh_string ssh_agent_sign_data(ssh_session session,
return NULL;
}
+ /* Add Flags: SHA2 extension (RFC 8332) if negotiated */
+ if (pubkey->type == SSH_KEYTYPE_RSA) {
+ if (session->extensions & SSH_EXT_SIG_RSA_SHA512) {
+ flags |= SSH_AGENT_RSA_SHA2_512;
+ } else if (session->extensions & SSH_EXT_SIG_RSA_SHA256) {
+ flags |= SSH_AGENT_RSA_SHA2_256;
+ }
+ }
if (ssh_buffer_add_u32(request, htonl(flags)) < 0) {
ssh_buffer_free(request);
return NULL;