Invalid Signature Using Public Key Auth

[drewdh]

Since SSHy doesn't have support for publickey authentication, I'm adding it as an option in the ssh_connection method in the auth_handler.js file. I'm able to send the first SSH_MSG_USERAUTH_REQUEST without the signature and get back a SSH_MSG_USERAUTH_PK_OK. But when I send the next message with the signature, I always get a SSH_MSG_USERAUTH_FAILURE.

I'm doing the signing with another library (sshpk-browser) and forming the signature below using SSHy based on the SSH schema.

Can anyone see any potential issues with how I am forming the signature?

    const decodedPublicKey = config.privateKey.toPublic().toString('ssh', { hashAlgo: 'sha512' }).split(' ')[1];
    const publicKey = atob(decodedPublicKey);

    var m = new SSHyClient.Message();
    m.add_bytes(String.fromCharCode(SSHyClient.MSG_USERAUTH_REQUEST));
    m.add_string(this.termUsername);
    m.add_string('ssh-connection');
    m.add_string('publickey');
    m.add_boolean(true); // has signature
    m.add_string('rsa-sha2-512'); // public key algorithm name
    m.add_string(publicKey); // public key

    // Create signature
    var sigMsg = new SSHyClient.Message();
    sigMsg.add_string(SSHyClient.kex.sessionId);
    sigMsg.add_bytes(String.fromCharCode(SSHyClient.MSG_USERAUTH_REQUEST));
    sigMsg.add_string(this.termUsername);
    sigMsg.add_string('ssh-connection');
    sigMsg.add_string('publickey');
    sigMsg.add_boolean(true); // has signature
    sigMsg.add_string('rsa-sha2-512');
    sigMsg.add_string(publicKey);
    const sigMsgString = sigMsg.toString();

    // Sign signature
    const sign = config.privateKey.createSign('sha512');
    sign.update(sigMsgString);
    const signature = sign.sign();

    m.add_string(atob(signatureToString)); // signature

    this.parceler.send(m);