Proposal Details

I'd like to propose we support encoding and decoding SSHSIG signature format.

I already have a working implementation (armoring a *ssh.Signature and then parsing it back into the signed data), but I'm not sure what the api should look like.

We have a couple of steps to create a signature:

• create a blob
• sign the blob (this signing step is already implemented here)
• create the signed data
• encode it into a PEM format

To verify a signature, we need to:

• create a blob
• decode the previously created PEM formatted signature
• call publickey.Verify(blob, decodedBlod)

Given all this, I'd suggest the following functions:

func CreateBlob(r io.Reader) ([]byte, error) // or (io.Reader, error)
func Encode(pk ssh.PublicKey, sig *ssh.Signature) ([]byte, error) // or (io.Reader, error)
func Decode(r io.Reader) (*ssh.Signature, ssh.PublicKey, error)

We would also need these two structs:

// Blob according to the SSHSIG protocol.
type Blob struct {
	Namespace     string
	Reserved      string
	HashAlgorithm string
	Hash          string
}

// SignedData according to the SSHSIG protocol.
type SignedData struct {
	MagicPreamble [6]byte
	Version       uint32
	PublicKey     string
	Namespace     string
	Reserved      string
	HashAlgorithm string
	Signature     string
}

and some constants:

const (
	magicPreamble = "SSHSIG"
	version       = 1
	namespace     = "file"
	hashAlgorithm = "sha512"
	armorType     = "SSH SIGNATURE"
)

There's also the discussion of which hash algorithms to support... only rsa-sha2-512 or rsa-sha2-256, which I think it's easy enough to support both.

Finally, the namespace, not sure if we allow to customize that or not.

Anyway, I would love to work on this, just need some direction on how the API should look like.