Skip to content

ssh: sign and verify #316

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

ssh: sign and verify #316

wants to merge 1 commit into from
+162 −0

Conversation

caarlos0
Copy link
Contributor

@caarlos0 caarlos0 commented Mar 20, 2025
edited
Loading

Initial implementation of proposal of SSHSIG
closes golang/go#68197

Want to make sure the API is all right before
adding more tests.
Also seeking feedback on how to best test
this - is it OK to sign and verify in the
same test, or do you have other ideas?
Maybe a fixed rand reader?

@caarlos0
ssh: sign and verify
40fe82d 
Initial implementation of proposal
golang/go#68197.

Want to make sure the API is all right before adding more tests.
Also seeking feedback on how to best test this - is it OK to sign and
verify in the same test, or do you have other ideas? (maybe a fixed rand
reader?).
@gopherbot
Copy link
Contributor

This PR (HEAD: 40fe82d) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/crypto/+/659715.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

@caarlos0
Copy link
Contributor Author

PS, usage would be something like this:

const ns = "my@namespace"
const data = "the data to be signed"

// to sign:
signer, _ := ssh.ParsePrivateKey(keypem)
signature, _ := ssh.Sign(signer, rand.Reader, []byte(data), ns)

// to verify:
pub, _ := ssh.ParsePublicKey(pubkeypem)
block, _ := pem.Decode(signature)
err := ssh.Verify(pub, []byte(data), block.Bytes, ns)

@caarlos0 caarlos0 mentioned this pull request Mar 20, 2025
Open
@gopherbot
Copy link
Contributor

Message from Gopher Robot:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/659715.
After addressing review feedback, remember to publish your drafts!

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

proposal: x/crypto/ssh: add SSHSIG support
2 participants
@caarlos0 @gopherbot