version 1.7, 2019/11/18 04:34:47 |
version 1.8, 2019/11/19 22:23:19 |
|
|
For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1 |
For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1 |
format data in the pre-authentication attack surface. Therefore, the |
format data in the pre-authentication attack surface. Therefore, the |
signature format used on the wire in SSH2_USERAUTH_REQUEST packets will |
signature format used on the wire in SSH2_USERAUTH_REQUEST packets will |
be reformatted slightly and the ecdsa_signature_blob value has the encoding: |
be reformatted to better match the existing signature encoding: |
|
|
mpint r |
string "sk-ecdsa-sha2-nistp256@openssh.com" |
mpint s |
string ecdsa_signature |
byte flags |
byte flags |
uint32 counter |
uint32 counter |
|
|
Where 'r' and 's' are extracted by the client or token middleware from the |
Where the "ecdsa_signature" field follows the RFC5656 ECDSA signature |
ecdsa_signature field returned from the hardware. |
encoding: |
|
|
|
mpint r |
|
mpint s |
|
|
For Ed25519 keys the signature is encoded as: |
For Ed25519 keys the signature is encoded as: |
|
|