LIBSSH2_HOSTKEY_METHOD's hash_len
Patrick Monnerat
patrick at monnerat.net
Fri Mar 31 12:13:42 CEST 2023
On 3/31/23 04:30, Peter Stuge via libssh2-devel wrote:
> Patrick Monnerat via libssh2-devel wrote:
>> I noticed two things about field hash_len of structure
>> _LIBSSH2_HOSTKEY_METHOD:
>>
>> 1) It seems unused in the current code base,
> That seems right.
>
>
>> 2) If its goal is to describe the signing/verification algorithm, it is
>> wrongly set to MD5 in hostkey.c for hostkey_method_ssh_rsa,
>> hostkey_method_ssh_rsa_cert and hostkey_method_ssh_dss.
> Also seems right.
Hi Peter,
Thanks for confirmation.
> ssh_rsa and ssh_dss should be SHA1, what about ssh-rsa-cert-v01?
According to what is effectively done by the signing method, this should
be SHA1 too.
Another wrong value is for ssh-ed25519: this should be SHA512 instead of
SHA256.
> Let's just correct them. :)
Agreed!
Patrick
More information about the libssh2-devel
mailing list