Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
x/crypto/ssh/agent: Accept Flags in Agent.Sign() #22087
I was trying unsuccessfully to get ssh-agent to sign a JWT via the x/crypto/ssh/agent.Agent::Sign() interface.
In https://github.com/golang/crypto/blob/master/ssh/agent/client.go#L371, the Flags in signRequestAgentMsg was left as default (0).
In OpenSSH ssh-agent, https://github.com/openssh/openssh-portable/blob/master/ssh-agent.c#L262, the signing algorithm is being determined by parsing the flags sent in the signRequestAgentMsg - 2 for rsa-sha2-256 and 4 for rsa-sha2-512, and sending 0 probably defaults the algorithm to SHA1.
It seems that allowing the caller to specify flags, or at a higher level, an algorithm name, would be able to resolve this, but I'm not sure what is the best way to implement this.