# # # patch "keys.cc" # from [5376311f4ca747dd7941c0acf8e03e8bc26f84fb] # to [7679d9eb3cc805010e7429feacc1db0fd1498ece] # # patch "ssh_agent.cc" # from [06e459f7effab27601e3720f7ad186ad211a4e6c] # to [cfa27e2676788362cdc2dcb519bd258b52d0e18d] # ============================================================ --- keys.cc 5376311f4ca747dd7941c0acf8e03e8bc26f84fb +++ keys.cc 7679d9eb3cc805010e7429feacc1db0fd1498ece @@ -373,11 +373,13 @@ make_signature(app_state & app, L(FL(" ssh key matches monotone key")); string sdata; a->sign_data(*si, tosign, sig_string); - //exit(0); } } } - } else { + }// else { + + string ssh_sig = sig_string; + SecureVector sig; // we permit the user to relax security here, by caching a decrypted key @@ -407,7 +409,12 @@ make_signature(app_state & app, sig = signer->sign_message(reinterpret_cast(tosign.data()), tosign.size()); sig_string = string(reinterpret_cast(sig.begin()), sig.size()); + //} + + if (app.opts.ssh_sign_given) { + E(ssh_sig == sig_string, F("make_signature: ssh_sig (%i) != sig_string (%i)\nssh_sig : %s\nsig_string: %s") % ssh_sig.length() % sig_string.length() % encode_hexenc(ssh_sig) % encode_hexenc(sig_string)); } + L(FL("produced %d-byte signature") % sig_string.size()); encode_base64(rsa_sha1_signature(sig_string), signature); } ============================================================ --- ssh_agent.cc 06e459f7effab27601e3720f7ad186ad211a4e6c +++ ssh_agent.cc cfa27e2676788362cdc2dcb519bd258b52d0e18d @@ -292,6 +292,10 @@ ssh_agent::sign_data(RSA_PublicKey const u32 out_len; get_string_from_buf(packet_in, packet_in_loc, out_len, out); L(FL("agent: signed data length: %u (%u)") % out_len % out.length()); + + L(FL("agent: removing first 32 bytes of signing response")); + out = out.substr(32); + L(FL("agent: signed data output length: %u") % out.length()); } // Local Variables: