openssh bugs - Apr 2019 - [Bug 2994] New: SSH certificate signing does not work with SHA256 hashing algorithm

https://bugzilla.mindrot.org/show_bug.cgi?id=2994

            Bug ID: 2994
           Summary: SSH certificate signing does not work with SHA256
                    hashing algorithm
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: amd64
                OS: Mac OS X
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: denisenkom at gmail.com

Repro instructions:
ssh-keygen -f server_ca
ssh-keygen -f userkey
ssh-keygen -s server_ca -I ident -t rsa-sha2-256 -n user userkey.pub &&
ssh-keygen -L -f userkey-cert.pub
Signed user key userkey-cert.pub: id "ident" serial 0 for user valid
forever
userkey-cert.pub:
        Type: ssh-rsa-cert-v01 at openssh.com user certificate
        Public key: RSA-CERT
SHA256:vGA3iSIWLZNdTjBoKzzAGH8daBV9Kvf9yZ3AhTyZ6IM
        Signing CA: RSA
SHA256:TgQchZRAwiD8VRLdOmIDqoIyc6btwxIbPFMYI/JAUag
        Key ID: "ident"
        Serial: 0
        Valid: forever
        Principals: 
                user
        Critical Options: (none)
        Extensions: 
                permit-X11-forwarding
                permit-agent-forwarding
                permit-port-forwarding
                permit-pty
                permit-user-rc

As you can see certificate type is ssh-rsa-cert-v0, it should be
rsa-sha2-256-cert-v01 instead.

The problem seems to be with sshkey_ssh_name function, which takes
first matching key type (which is SHA1), if that is the right place
than this function should be changed to also take into account hash
algorithm.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2994

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|---                         |WORKSFORME

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
The key type remains ssh-rsa-cert-v01 at openssh.com regardless of
signature.

OpenSSH 8.0 includes the signature type in ssh-keygen -L output and
this allows your to check the that it is what you expect. E.g. (note
the "Signing CA" line)

[djm at hako ssh]$ ssh-keygen -Lf /tmp/k_rsa-cert.pub 
/tmp/k_rsa-cert.pub:
        Type: ssh-rsa-cert-v01 at openssh.com user certificate
        Public key: RSA-CERT
SHA256:/4T+gq8FyJEPTdXS1VaghSypcBubXiFW5AW4V0/a6VM
        Signing CA: RSA
SHA256:sy2Nq/dLCwg2dESiOgCT0NmASiVIUCapmlkANCjTr2s (using rsa-sha2-256)
        Key ID: "id"
        Serial: 0
        Valid: forever
        Principals: (none)
        Critical Options: (none)
        Extensions: 
                permit-X11-forwarding
                permit-agent-forwarding
                permit-port-forwarding
                permit-pty
                permit-user-rc

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2994

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.