Package: wnpp Severity: wishlist Owner: Simon Josefsson <si...@josefsson.org>
* Package name : golang-github-hiddeco-sshsig Version : 0.1.0-1 Upstream Author : Hidde Beydals * URL : https://github.com/hiddeco/sshsig * License : Apache-2.0 Programming Lang: Go Description : SSH Signature: sign and verify messages using SSH keys (Go library) This Go library implements the SSHSIG wire protocol (https://github.com/openssh/openssh- portable/blob/V_9_2_P1/PROTOCOL.sshsig), and can be used to sign and verify messages using SSH keys. . Compared to other implementations, this library does all the following: . * Accepts an io.Reader as input for signing and verifying messages. * Performs simple public key fingerprint and namespace mismatch checks in Verify. Malicious input will still fail signature verification, but this provides more useful error messages. * Properly uses ssh-sha2-512 as signature algorithm when signing with an RSA private key, as described in the protocol (https://github.com/openssh/openssh- portable/blob/V_9_2_P1/PROTOCOL.sshsig#L69-L72). * Does not accept a Sign operation without a namespace as specified in the protocol (https://github.com/openssh/openssh- portable/blob/V_9_2_P1/PROTOCOL.sshsig#L57). * Allows Verify operations to be performed without a namespace, ensuring compatibility with loose implementations. * Provides Armor and Unarmor functions to encode/decode the signature to/from an (armored) PEM format. . For more information about the use of this library, see the Go Reference (https://pkg.go.dev/github.com/hiddeco/sshsig). https://salsa.debian.org/go-team/packages/golang-github-hiddeco-sshsig /Simon
signature.asc
Description: PGP signature
