Implement the ExtendedAgent interface

This allows ssh to request sha256 and sha512 signatures
2020-05-04 03:53:25 -07:00 · 2020-05-04 03:53:25 -07:00 · 21da2d9b32
commit 21da2d9b32
parent 04122127c2
1 changed files with 22 additions and 0 deletions
--- a/internal/sshrimpagent/sshrimpagent.go
+++ b/internal/sshrimpagent/sshrimpagent.go
@ -107,3 +107,25 @@ func (r *sshrimpAgent) Signers() ([]ssh.Signer, error) {
 		r.signer,
 	}, nil
 }
+
+func (r *sshrimpAgent) SignWithFlags(key ssh.PublicKey, data []byte, flags agent.SignatureFlags) (*ssh.Signature, error) {
+	sign, ok := r.signer.(ssh.AlgorithmSigner)
+	if ok {
+		if flags&agent.SignatureFlagRsaSha512 == agent.SignatureFlagRsaSha512 {
+			s, err := sign.SignWithAlgorithm(rand.Reader, data, ssh.SigAlgoRSASHA2512)
+			if err == nil {
+				return s, err
+			}
+		}
+		if flags&agent.SignatureFlagRsaSha256 == agent.SignatureFlagRsaSha256 {
+			s, err := sign.SignWithAlgorithm(rand.Reader, data, ssh.SigAlgoRSASHA2256)
+			if err == nil {
+				return s, err
+			}
+		}
+	}
+	return r.Sign(key, data)
+}
+func (r *sshrimpAgent) Extension(extensionType string, contents []byte) ([]byte, error) {
+	return nil, agent.ErrExtensionUnsupported
+}