Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssh: sign and verify #316

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

ssh: sign and verify #316

wants to merge 1 commit into from
+162 −0

Conversation

caarlos0
Copy link
Contributor

@caarlos0 caarlos0 commented Mar 20, 2025
edited
Loading

Initial implementation of proposal of SSHSIG
closes golang/go#68197

Want to make sure the API is all right before
adding more tests.
Also seeking feedback on how to best test
this - is it OK to sign and verify in the
same test, or do you have other ideas?
Maybe a fixed rand reader?

@caarlos0
ssh: sign and verify
40fe82d 
Initial implementation of proposal
golang/go#68197.

Want to make sure the API is all right before adding more tests.
Also seeking feedback on how to best test this - is it OK to sign and
verify in the same test, or do you have other ideas? (maybe a fixed rand
reader?).
@gopherbot
Copy link
Contributor

This PR (HEAD: 40fe82d) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/crypto/+/659715.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

@caarlos0
Copy link
Contributor Author

PS, usage would be something like this:

const ns = "my@namespace"
const data = "the data to be signed"

// to sign:
signer, _ := ssh.ParsePrivateKey(keypem)
signature, _ := ssh.Sign(signer, rand.Reader, []byte(data), ns)

// to verify:
pub, _ := ssh.ParsePublicKey(pubkeypem)
block, _ := pem.Decode(signature)
err := ssh.Verify(pub, []byte(data), block.Bytes, ns)

@caarlos0 caarlos0 mentioned this pull request Mar 20, 2025
Open
@gopherbot
Copy link
Contributor

Message from Gopher Robot:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/659715.
After addressing review feedback, remember to publish your drafts!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

proposal: x/crypto/ssh: add SSHSIG support
2 participants
@caarlos0 @gopherbot