crypto icon indicating copy to clipboard operation
crypto copied to clipboard
verified publisher icon golang

ssh/agent: support smartcard extensions

Open Foxboron opened this issue 1 month ago • 5 comments

This probably needs a bit more work but this patch allows me to at least serve the requests to add/remove smartcard with the Go crypto/ssh/agent module.

A bit of feedback and/or direction if this is the right approach would be appreciated.

Tested this with a small patch on ssh-tpm-agent.

λ ssh-tpm-agent-dev dev Ɇ » git diff agent/agent.go
diff --git a/agent/agent.go b/agent/agent.go
index 76a2610a613a..7e74f0f4cf3d 100644
--- a/agent/agent.go
+++ b/agent/agent.go
@@ -50,7 +50,10 @@ type Agent struct {
        agents   []agent.ExtendedAgent
 }

-var _ agent.ExtendedAgent = &Agent{}
+var (
+       _ agent.ExtendedAgent  = &Agent{}
+       _ agent.SmartcardAgent = &Agent{}
+)

 func (a *Agent) Extension(extensionType string, contents []byte) ([]byte, error) {
        slog.Debug("called extensions")
@@ -319,6 +322,18 @@ func (a *Agent) Add(key agent.AddedKey) error {
        return nil
 }

+func (a *Agent) AddSmartcard(key agent.AddedSmartcardKey) error {
+       slog.Debug("called addsmartcard")
+       fmt.Println(key.PIN)
+       fmt.Println(key.ReaderID)
+       return nil
+}
+
+func (a *Agent) RemoveSmartcard(key agent.RemovedSmartcardKey) error {
+       slog.Debug("called removesmartcard")
+       return nil
+}
+
 func (a *Agent) Remove(sshkey ssh.PublicKey) error {
        slog.Debug("called remove")
        a.mu.Lock()

Foxboron avatar Nov 24 '25 20:11 Foxboron

This PR (HEAD: 05bef1b5e93b2566668768a37d22e050578bd0f7) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/crypto/+/724100.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

gopherbot avatar Nov 24 '25 21:11 gopherbot

Message from Gopher Robot:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/724100. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Nov 24 '25 21:11 gopherbot

Message from Nicola Murino:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/724100. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Dec 14 '25 17:12 gopherbot

Message from Morten Linderud:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/724100. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Dec 14 '25 17:12 gopherbot

Message from Nicola Murino:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/724100. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Dec 15 '25 06:12 gopherbot