[Bug 3829] New: SSH signature armor protocol documentation issue

bugzilla-daemon Fri, 30 May 2025 08:09:46 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=3829


            Bug ID: 3829
           Summary: SSH signature armor protocol documentation issue
           Product: Portable OpenSSH
           Version: 10.0p2
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: trivial
          Priority: P5
         Component: Documentation
          Assignee: [email protected]
          Reporter: [email protected]

The SSHSIG protocol states that "The base64 encoded blob SHOULD be
broken up by newlines every 76 characters." [1] 

However, it seems that it's in practise broken up each 70 characters in
a signature generated with ssh-keygen.  It's also quite clear in the
code that it's 70 characters and not 76 [2].

[1]:
https://github.com/openssh/openssh-portable/blob/73ef0563a59f90324f8426c017f38e20341b555f/PROTOCOL.sshsig#L21

[2]:
https://github.com/openssh/openssh-portable/blob/73ef0563a59f90324f8426c017f38e20341b555f/sshbuf-misc.c#L151

PS: The PROTOCOL.sshsig might not be precise enough to be reproduced
independently.  We're trying to reproduce openssh results with libssh
here, the protocol is respected at first glance, but we don't get the
same results :
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/536

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3829] New: SSH signature armor protocol documentation issue

Reply via email to