Google Git
Sign in
go / crypto.git / 3375612bf41a8cdb0cdfdc21e6ca2c7ae0f764b5
commit3375612bf41a8cdb0cdfdc21e6ca2c7ae0f764b5[log] [tgz]
authorIlia Mirkin <imirkin@alum.mit.edu>Tue Jul 16 15:48:14 2024 -0400
committerGopher Robot <gobot@golang.org>Fri Jul 26 16:39:19 2024 +0000
tree9c19635aa5deb5ced79e9f1a3e443791ad92bbe4
parentbb80217080b0e04c6e73e5dcd9f3a9bb11fe23f6 [diff]
ssh: add support for unpadded RSA signatures

The original SSH RFC 4253 explicitly disallows padding. This applies to
ssh-rsa signatures.

The updated SSH RFC 8332 which defines the SHA2 RSA signature variants
explicitly calls out the existence of signers who produce short
signatures and specifies that verifiers may allow this behavior.

In practice, PuTTY 0.81 and prior versions, as well as SSH.NET prior to
2024.1.0 always generated short signatures. Furthermore, PuTTY is
embedded in other software like WinSCP and FileZilla, which are updated
on their own schedules as well. This leads to occasional unexplained
login errors, when using RSA keys.

OpenSSH server allows these short signatures for all RSA algorithms.

Fixes golang/go#68286

Change-Id: Ia60ece21bf9c111c490fac0c066443ed5ff7dd29
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/598534
Reviewed-by: Nicola Murino <nicola.murino@gmail.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Nicola Murino <nicola.murino@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2 files changed
tree: 9c19635aa5deb5ced79e9f1a3e443791ad92bbe4
  1. acme/
  2. argon2/
  3. bcrypt/
  4. blake2b/
  5. blake2s/
  6. blowfish/
  7. bn256/
  8. cast5/
  9. chacha20/
  10. chacha20poly1305/
  11. cryptobyte/
  12. curve25519/
  13. ed25519/
  14. hkdf/
  15. internal/
  16. md4/
  17. nacl/
  18. ocsp/
  19. openpgp/
  20. otr/
  21. pbkdf2/
  22. pkcs12/
  23. poly1305/
  24. ripemd160/
  25. salsa20/
  26. scrypt/
  27. sha3/
  28. ssh/
  29. tea/
  30. twofish/
  31. x509roots/
  32. xtea/
  33. xts/
  34. .gitattributes
  35. .gitignore
  36. codereview.cfg
  37. CONTRIBUTING.md
  38. go.mod
  39. go.sum
  40. LICENSE
  41. PATENTS
  42. README.md
README.md

Go Cryptography

Go Reference

This repository holds supplementary Go cryptography libraries.

Download/Install

The easiest way to install is to run go get -u golang.org/x/crypto/.... You can also manually git clone the repository to $GOPATH/src/golang.org/x/crypto.

Report Issues / Send Patches

This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.

The main issue tracker for the crypto repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/crypto:” in the subject line, so it is easy to find.

Note that contributions to the cryptography package receive additional scrutiny due to their sensitive nature. Patches may take longer than normal to receive feedback.