On windows, I tried to sign a file. The created signature file ends with \r\n as it's windows. Then I tried to verify the signature. It fails with the error message "Couldn't parse signature: missing header". =================== Relevant Code =================== sshsig_dearmor() -> calls timingsafe_bcmp() timingsafe_bcmp() -> This function fails as "\r\n" != "\n" #define BEGIN_SIGNATURE "-----BEGIN SSH SIGNATURE-----\n" =================== Steps: =================== PS E:\code\openssh-portable> get-content -raw .\version.h | .\bin\x64\Debug\ssh-keygen.exe -vvv -Y sign -f .\id_rsa -n "abc" | out-file .\id_rsa.sig PS E:\code\openssh-portable> get-content -raw ./version.h | .\bin\x64\Debug\ssh-keygen.exe -vvv -Y verify -s E:\code\openssh-portable\id_rsa.sig -n "abc" -f E:\code\openssh-portable\id_rsa.pub -I test Couldn't parse signature: missing header verify: sshsig_armor: invalid format
Native Windows is not a configuration supported by the OpenSSH team. Are you running the Microsoft fork? If so you should report problems directly to them.
That being said, I think we should be insensitive to whitespace at EOL in the header.
Created attachment 3348 [details] accept \r\n at end of signature banner Please try this patch