diff options
author | Matt Johnston <matt@ucc.asn.au> | 2020-05-25 20:23:02 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2020-05-25 20:23:02 +0800 |
commit | 5a2225370446cc90746c98acf71a9ad888ce7a5c (patch) | |
tree | ec68dbf3579852d30da2be9d15af7f93b0ac1241 | |
parent | 7871273feb1a2e76857ddcc80b1fe7e7081b60b1 (diff) | |
download | dropbear-5a2225370446cc90746c98acf71a9ad888ce7a5c.tar.gz |
rsa-sha256 for ssh-agent
-rw-r--r-- | agentfwd.h | 5 | ||||
-rw-r--r-- | cli-agentfwd.c | 10 | ||||
-rw-r--r-- | cli-authpubkey.c | 2 |
3 files changed, 13 insertions, 4 deletions
@@ -32,6 +32,9 @@ #if DROPBEAR_CLI_AGENTFWD +/* From OpenSSH authfd.h */ +#define SSH_AGENT_RSA_SHA2_256 0x02 + /* An agent reply can be reasonably large, as it can * contain a list of all public keys held by the agent. * 10000 is arbitrary */ @@ -40,7 +43,7 @@ /* client functions */ void cli_load_agent_keys(m_list * ret_list); void agent_buf_sign(buffer *sigblob, sign_key *key, - const buffer *data_buf); + const buffer *data_buf, enum signature_type type); void cli_setup_agent(const struct Channel *channel); #ifdef __hpux diff --git a/cli-agentfwd.c b/cli-agentfwd.c index 2821f62..00454dc 100644 --- a/cli-agentfwd.c +++ b/cli-agentfwd.c @@ -255,11 +255,12 @@ void cli_load_agent_keys(m_list *ret_list) { } void agent_buf_sign(buffer *sigblob, sign_key *key, - const buffer *data_buf) { + const buffer *data_buf, enum signature_type sigtype) { buffer *request_data = NULL; buffer *response = NULL; unsigned int siglen; int packet_type; + int flags = 0; /* Request format byte SSH2_AGENTC_SIGN_REQUEST @@ -271,7 +272,12 @@ void agent_buf_sign(buffer *sigblob, sign_key *key, buf_put_pub_key(request_data, key, key->type); buf_putbufstring(request_data, data_buf); - buf_putint(request_data, 0); +#if DROPBEAR_RSA_SHA256 + if (sigtype == DROPBEAR_SIGNATURE_RSA_SHA256) { + flags |= SSH_AGENT_RSA_SHA2_256; + } +#endif + buf_putint(request_data, flags); response = agent_request(SSH2_AGENTC_SIGN_REQUEST, request_data); diff --git a/cli-authpubkey.c b/cli-authpubkey.c index 49f79c3..fef0f27 100644 --- a/cli-authpubkey.c +++ b/cli-authpubkey.c @@ -130,7 +130,7 @@ static void cli_buf_put_sign(buffer* buf, sign_key *key, enum signature_type sig /* Format the agent signature ourselves, as buf_put_sign would. */ buffer *sigblob; sigblob = buf_new(MAX_PUBKEY_SIZE); - agent_buf_sign(sigblob, key, data_buf); + agent_buf_sign(sigblob, key, data_buf, sigtype); buf_putbufstring(buf, sigblob); buf_free(sigblob); } else |