diff options
-rw-r--r-- | include/libssh/agent.h | 3 | ||||
-rw-r--r-- | src/agent.c | 8 |
2 files changed, 11 insertions, 0 deletions
diff --git a/include/libssh/agent.h b/include/libssh/agent.h index 8f9ef941..0142f575 100644 --- a/include/libssh/agent.h +++ b/include/libssh/agent.h @@ -66,6 +66,9 @@ #define SSH_COM_AGENT2_FAILURE 102 #define SSH_AGENT_OLD_SIGNATURE 0x01 +/* Signature flags from draft-miller-ssh-agent-02 */ +#define SSH_AGENT_RSA_SHA2_256 0x02 +#define SSH_AGENT_RSA_SHA2_512 0x04 struct ssh_agent_struct { struct ssh_socket_struct *sock; diff --git a/src/agent.c b/src/agent.c index bcde62aa..15a62556 100644 --- a/src/agent.c +++ b/src/agent.c @@ -548,6 +548,14 @@ ssh_string ssh_agent_sign_data(ssh_session session, return NULL; } + /* Add Flags: SHA2 extension (RFC 8332) if negotiated */ + if (pubkey->type == SSH_KEYTYPE_RSA) { + if (session->extensions & SSH_EXT_SIG_RSA_SHA512) { + flags |= SSH_AGENT_RSA_SHA2_512; + } else if (session->extensions & SSH_EXT_SIG_RSA_SHA256) { + flags |= SSH_AGENT_RSA_SHA2_256; + } + } if (ssh_buffer_add_u32(request, htonl(flags)) < 0) { ssh_buffer_free(request); return NULL; |