"J.H.M. Dassen" <[EMAIL PROTECTED]> writes:
> On Tue, Feb 02, 1999 at 22:14:36 +0100, Balazs Scheidler wrote:
> > In the meantime I think I will write support for ssh2-style signatures and
> > make it a configure-time option.
>
> The updated IETF secsh drafts have changes in the transport layer. It would
> be interesting to know if the draft now prescribes SSH2's behaviour.
The new definition is
uint32 length
string "ssh-dss"
string dss_signature_blob
This is incompatible with *both* the old draft and the current ssh2
behaviour. Furthermore, the format of "dss_signature_blob" is not
described at all in the new draft, at least I have not been able to
find it anywhere. *sigh*
Any ideas about how to interpret it? My guess is that we have 20
octets representing r and 20 octets representing s. But that is just a
guess, nothing more.
I would be most grateful if someone could enligten me as to what the
new signature format (i.e. the signature blod) really is. And of
course, I'm also curious about why the format in the previous draft
(which was simple, unambigously described, and easy to implement) was
abandoned.
For reference, the old format was
uint32 length
string "ssh-dss"
mpint r
mpint s
The format used by current ssh2 versions, as far as I know, is
something like
uint32 length
string r
string s
where the strings are expected to always have length 20 (160 bits),
and where the strings are interpreted as non-negative numbers. (i.e.
the strings may have leading zero octets, if that is necessary to make
them 20 octets long, and the most significant bit can be 1 without
implying a negative sign).
Regards,
/Niels Möller
