LIBSSH2_HOSTKEY_METHOD's hash_len

Patrick Monnerat patrick at monnerat.net
Fri Mar 31 12:13:42 CEST 2023


On 3/31/23 04:30, Peter Stuge via libssh2-devel wrote:
> Patrick Monnerat via libssh2-devel wrote:
>> I noticed two things about field hash_len of structure
>> _LIBSSH2_HOSTKEY_METHOD:
>>
>> 1) It seems unused in the current code base,
> That seems right.
>
>
>> 2) If its goal is to describe the signing/verification algorithm, it is
>> wrongly set to MD5 in hostkey.c for hostkey_method_ssh_rsa,
>> hostkey_method_ssh_rsa_cert and hostkey_method_ssh_dss.
> Also seems right.

Hi Peter,

Thanks for confirmation.

> ssh_rsa and ssh_dss should be SHA1, what about ssh-rsa-cert-v01?

According to what is effectively done by the signing method, this should 
be SHA1 too.

Another wrong value is for ssh-ed25519: this should be SHA512 instead of 
SHA256.

> Let's just correct them. :)

Agreed!

Patrick



More information about the libssh2-devel mailing list