What version of Go are you using (go version)?

I was using the newest release of https://github.com/buptczq/WinCryptSSHAgent

Does this issue reproduce with the latest release?

As far as my code analysis goes: yes

What operating system and processor architecture are you using (go env)?

Windows 10, x64

What did you do?

TL;DR: realizing, the -c-flag of ssh-add is ignored by https://github.com/buptczq/WinCryptSSHAgent, while -t isn't.

for more details, please see buptczq/WinCryptSSHAgent#55

After opening the issue there, I further investigated and understood, the problem is in the library. Especially in the keyring-implementation of the ssh agent: https://github.com/golang/crypto/blob/a769d52b0f97a420f3dcafc17f8b3384217859a2/ssh/agent/keyring.go.

While https://github.com/golang/crypto/blob/a769d52b0f97a420f3dcafc17f8b3384217859a2/ssh/agent/keyring.go#L147-L148 says "Note that any constraints given are ignored.", the time constraint really isn't, as appropriate handling was added in golang/crypto@8e06e8d. However, the claim "and will ask the user to confirm a signing operation if ConfirmBeforeUse is set." in the commit description is not true: as far as I understand the code, no sch handling was/is included in the file.

What did you expect to see?

I expected, that either both flags are ignored/not supported (as common on windows in Pageant as well as Microsoft OpenSSH) or both flags are supported. At best of course the latest.

What did you see instead?

As described above: ssh-add -t is handled correctly, while ssh-add -c isn't.