This PR migrates the registry away from ssh-keygen and over to the ssh2 node library as per #591. This is because mismatched ssh-keygen versions have been giving us a lot of headaches in the transfer operation and it would be nicer to be able to sign and verify data using a specific version of the ssh2 library via Spago (and anyone else who wants to sign data using the registry library).
Unfortunately, I'm not exactly sure how to handle translating the signature buffer that we receive from ssh2's sign method into a string suitable for use in a JSON payload and back; a first cut with Buffer.toString using a UTF8 encoding was no good, and I don't have time to dig in to what encoding should be used just yet.
For that reason you'll see the tests are failing. I'll need to come back and fix that part but everything else should be OK.
This PR migrates the registry away from
ssh-keygen
and over to the ssh2 node library as per #591. This is because mismatched ssh-keygen versions have been giving us a lot of headaches in the transfer operation and it would be nicer to be able to sign and verify data using a specific version of the ssh2 library via Spago (and anyone else who wants to sign data using the registry library).Unfortunately, I'm not exactly sure how to handle translating the signature buffer that we receive from ssh2's
sign
method into a string suitable for use in a JSON payload and back; a first cut withBuffer.toString
using a UTF8 encoding was no good, and I don't have time to dig in to what encoding should be used just yet.For that reason you'll see the tests are failing. I'll need to come back and fix that part but everything else should be OK.