diff options
Diffstat (limited to 'lib/net/ssh/authentication/key_manager.rb')
-rw-r--r-- | lib/net/ssh/authentication/key_manager.rb | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/lib/net/ssh/authentication/key_manager.rb b/lib/net/ssh/authentication/key_manager.rb index ac86cc8..563702c 100644 --- a/lib/net/ssh/authentication/key_manager.rb +++ b/lib/net/ssh/authentication/key_manager.rb @@ -158,7 +158,7 @@ module Net # Regardless of the identity's origin or who does the signing, this # will always return the signature in an SSH2-specified "signature # blob" format. - def sign(identity, data) + def sign(identity, data, sig_alg = nil) info = known_identities[identity] or raise KeyManagerError, "the given identity is unknown to the key manager" if info[:key].nil? && info[:from] == :file @@ -170,14 +170,27 @@ module Net end if info[:key] - return Net::SSH::Buffer.from(:string, identity.ssh_signature_type, - :mstring, info[:key].ssh_do_sign(data.to_s)).to_s + if sig_alg.nil? + signed = info[:key].ssh_do_sign(data.to_s) + sig_alg = identity.ssh_signature_type + else + signed = info[:key].ssh_do_sign(data.to_s, sig_alg) + end + return Net::SSH::Buffer.from(:string, sig_alg, + :mstring, signed).to_s end if info[:from] == :agent raise KeyManagerError, "the agent is no longer available" unless agent - return agent.sign(info[:identity], data.to_s) + case sig_alg + when "rsa-sha2-512" + return agent.sign(info[:identity], data.to_s, Net::SSH::Authentication::Agent::SSH_AGENT_RSA_SHA2_512) + when "rsa-sha2-256" + return agent.sign(info[:identity], data.to_s, Net::SSH::Authentication::Agent::SSH_AGENT_RSA_SHA2_256) + else + return agent.sign(info[:identity], data.to_s) + end end raise KeyManagerError, "[BUG] can't determine identity origin (#{info.inspect})" |