aboutsummaryrefslogtreecommitdiff
path: root/pkg/types/binary/ssh
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/types/binary/ssh')
-rw-r--r--pkg/types/binary/ssh/ssh.go34
1 files changed, 34 insertions, 0 deletions
diff --git a/pkg/types/binary/ssh/ssh.go b/pkg/types/binary/ssh/ssh.go
new file mode 100644
index 0000000..9693476
--- /dev/null
+++ b/pkg/types/binary/ssh/ssh.go
@@ -0,0 +1,34 @@
+// package ssh provides selected parts of the SSH data format, see:
+//
+// - https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig
+// - https://datatracker.ietf.org/doc/html/rfc4251#section-5
+//
+package ssh
+
+import (
+ "bytes"
+ "encoding/binary"
+)
+
+// ToSignBlob outputs the raw bytes to be signed for a given namespace and
+// message. The reserved string is empty and the specified hash is SHA256.
+func ToSignBlob(namespace string, hashedMessage []byte) []byte {
+ buf := bytes.NewBuffer(nil)
+
+ buf.Write([]byte("SSHSIG"))
+ addString(buf, namespace)
+ addString(buf, "")
+ addString(buf, "sha256")
+ addString(buf, string(hashedMessage[:]))
+
+ return buf.Bytes()
+}
+
+func addUint32(buf *bytes.Buffer, num uint32) {
+ binary.Write(buf, binary.BigEndian, num)
+}
+
+func addString(buf *bytes.Buffer, str string) {
+ addUint32(buf, uint32(len(str)))
+ buf.Write([]byte(str))
+}