diff options
Diffstat (limited to 'pkg/types/binary/ssh')
| -rw-r--r-- | pkg/types/binary/ssh/ssh.go | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/pkg/types/binary/ssh/ssh.go b/pkg/types/binary/ssh/ssh.go new file mode 100644 index 0000000..9693476 --- /dev/null +++ b/pkg/types/binary/ssh/ssh.go @@ -0,0 +1,34 @@ +// package ssh provides selected parts of the SSH data format, see: +// +// - https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig +// - https://datatracker.ietf.org/doc/html/rfc4251#section-5 +// +package ssh + +import ( + "bytes" + "encoding/binary" +) + +// ToSignBlob outputs the raw bytes to be signed for a given namespace and +// message. The reserved string is empty and the specified hash is SHA256. +func ToSignBlob(namespace string, hashedMessage []byte) []byte { + buf := bytes.NewBuffer(nil) + + buf.Write([]byte("SSHSIG")) + addString(buf, namespace) + addString(buf, "") + addString(buf, "sha256") + addString(buf, string(hashedMessage[:])) + + return buf.Bytes() +} + +func addUint32(buf *bytes.Buffer, num uint32) { + binary.Write(buf, binary.BigEndian, num) +} + +func addString(buf *bytes.Buffer, str string) { + addUint32(buf, uint32(len(str))) + buf.Write([]byte(str)) +} |