quexten/goldwarden
1
1
Fork 0
mirror of https://github.com/quexten/goldwarden.git synced 2024-11-23 21:44:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #123 from csutcliff/ExtendedAgent

Browse Source 
Implement ExtendedAgent
This commit is contained in:
Bernd Schoolmann 2024-02-23 13:43:38 +01:00 committed by GitHub
commit 23a336e4b3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
agent/ssh/ssh.go
View File

@ -81,6 +81,10 @@ func Eq(a, b ssh.PublicKey) bool {
}
func (vaultAgent vaultAgent) Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error) {
return vaultAgent.SignWithFlags(key, data, agent.SignatureFlagReserved)
}
func (vaultAgent vaultAgent) SignWithFlags(key ssh.PublicKey, data []byte, flags agent.SignatureFlags) (*ssh.Signature, error) {
log.Info("Sign Request for key: %s", ssh.FingerprintSHA256(key))
if vaultAgent.vault.Keyring.IsLocked() {
if !vaultAgent.unlockRequestAction() {
@ -156,7 +160,30 @@ func (vaultAgent vaultAgent) Sign(key ssh.PublicKey, data []byte) (*ssh.Signatur
} else {
notify.Notify("Goldwarden", fmt.Sprintf("SSH Signing Request Approved for %s", sshKey.Name), "", 10*time.Second, func() {})
}
return signer.Sign(rand, data)
algo := ""
switch flags {
case agent.SignatureFlagRsaSha256:
algo = ssh.KeyAlgoRSASHA256
case agent.SignatureFlagRsaSha512:
algo = ssh.KeyAlgoRSASHA512
default:
return signer.Sign(rand, data)
}
log.Info("%s algorithm requested", algo)
algoSigner, err := ssh.NewSignerWithAlgorithms(signer.(ssh.AlgorithmSigner), []string{algo})
if err != nil {
return nil, err
}
return algoSigner.SignWithAlgorithm(rand, data, algo)
}
func (vaultAgent) Extension(extensionType string, contents []byte) ([]byte, error) {
return nil, agent.ErrExtensionUnsupported
}
func (vaultAgent) Signers() ([]ssh.Signer, error) {