| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@ |   djm | 2015-01-14 | 1 | -1/+9 |
| | | |||||
| * | New key API: refactor key-related functions to be more library-like, | djm | 2014-06-24 | 1 | -140/+158 |
| | | | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. | ||||
| * | make compiling against OpenSSL optional (make OPENSSL=no); |   markus | 2014-04-29 | 1 | -4/+78 |
| | | | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm | ||||
| * | remove some logging that makes ssh debugging output very verbose; | djm | 2014-02-07 | 1 | -3/+1 |
| | | | | | ok markus | ||||
| * | convert memset of potentially-private data to explicit_bzero() | djm | 2014-02-02 | 1 | -4/+4 |
| | | |||||
| * | replace openssl MD5 with our ssh_digest_*; ok djm@ | markus | 2014-01-27 | 1 | -8/+6 |
| | | |||||
| * | Add a special case for the DH group size for 3des-cbc, which has an |   dtucker | 2014-01-25 | 1 | -1/+9 |
| | | | | | | | | | effective strength much lower than the key size. This causes problems with some cryptlib implementations, which don't support group sizes larger than 4k but also don't use the largest group size it does support as specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, reduced by me with input from Markus. ok djm@ markus@ | ||||
| * | new private key format, bcrypt as KDF by default; details in PROTOCOL.key; | markus | 2013-12-06 | 1 | -9/+9 |
| | | | | | feedback and lots help from djm; ok djm@ | ||||
| * | correct bzero of chacha20+poly1305 key context. bz#2177 from | djm | 2013-12-02 | 1 | -2/+2 |
| | | | | | | | Loganaden Velvindron @ AfriNIC Also make it a memset for consistency with the rest of cipher.c | ||||
| * | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" | djm | 2013-11-21 | 1 | -8/+57 |
| | | | | | | | | | | | | | | | that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@ | ||||
| * | Output the effective values of Ciphers, MACs and KexAlgorithms when | dtucker | 2013-11-07 | 1 | -4/+4 |
| | | | | | the default has not been overridden. ok markus@ | ||||
| * | bye, bye xfree(); ok markus@ | djm | 2013-05-17 | 1 | -5/+5 |
| | | |||||
| * | add the ability to query supported ciphers, MACs, key type and KEX | djm | 2013-04-19 | 1 | -16/+39 |
| | | | | | | algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@ | ||||
| * | remove ACSS, now that it is gone from libcrypto too | djm | 2013-01-26 | 1 | -5/+3 |
| | | |||||
| * | improve error message for integrity failure in AES-GCM modes; ok markus@ | djm | 2013-01-12 | 1 | -3/+7 |
| | | |||||
| * | support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) | markus | 2013-01-08 | 1 | -27/+95 |
| | | | | | ok and feedback djm@ | ||||
| * | use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled |   naddy | 2012-12-12 | 1 | -14/+6 |
| | | | | | counter mode code; ok djm@ | ||||
| * | add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms | markus | 2012-12-11 | 1 | -5/+17 |
| | | | | | | | | that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@ | ||||
| * | Work around the CPNI-957037 Plaintext Recovery Attack by always | markus | 2009-01-26 | 1 | -21/+28 |
| | | | | | | | reading 256K of data on packet size or HMAC errors (in CBC mode only). Help, feedback and ok djm@ Feedback from Martin Albrecht and Paterson Kenny | ||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -2/+3 |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | ||||
| * | move #include <string.h> out of includes.h |   stevesk | 2006-07-22 | 1 | -3/+5 |
| | | |||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | ||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 |
| | | |||||
| * | spacing | djm | 2005-07-16 | 1 | -2/+2 |
| | | |||||
| * | make this -Wsign-compare clean; ok avsm@ markus@ | djm | 2005-06-17 | 1 | -4/+4 |
| | | |||||
| * | Correctly initialize end of array sentinel; ok djm@ | dtucker | 2005-06-09 | 1 | -2/+2 |
| | | |||||
| * | add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes; | djm | 2005-05-23 | 1 | -18/+33 |
| | | | | | ok markus@ | ||||
| * | config option "Ciphers" should be case-sensitive; ok dtucker@ | djm | 2005-01-23 | 1 | -4/+6 |
| | | |||||
| * | remove fallback AES support for old OpenSSL, as OpenBSD has had it for many | djm | 2004-12-22 | 1 | -28/+1 |
| | | | | | years now; ok deraadt@ | ||||
| * | more s/illegal/invalid/ | markus | 2004-07-28 | 1 | -2/+2 |
| | | |||||
| * | spaces | deraadt | 2004-07-11 | 1 | -16/+16 |
| | | |||||
| * | make ssh -Wshadow clean, no functional changes |   avsm | 2004-06-21 | 1 | -9/+9 |
| | | | | | markus@ ok | ||||
| * | rename acss@opebsd.org to acss@openssh.org |   hshoexer | 2004-01-23 | 1 | -2/+2 |
| | | | | | ok deraadt@ | ||||
| * | enable acss for ssh | hshoexer | 2004-01-23 | 1 | -3/+4 |
| | | | | | ok deraadt@ markus@ | ||||
| * | constify. ok markus@ & djm@ |   jakob | 2003-11-10 | 1 | -6/+6 |
| | | |||||
| * | experimental support for aes-ctr modes from | markus | 2003-05-17 | 1 | -1/+12 |
| | | | | | | http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt ok djm@ | ||||
| * | split out custom EVP ciphers | markus | 2003-05-15 | 1 | -301/+6 |
| | | |||||
| * | hide cipher details; ok djm@ | markus | 2003-04-12 | 1 | -53/+50 |
| | | |||||
| * | debug->debug2, unify debug messages | markus | 2002-11-21 | 1 | -2/+2 |
| | | |||||
| * | EVP_CIPH_CUSTOM_IV for our own rijndael | markus | 2002-07-12 | 1 | -2/+2 |
| | | |||||
| * | KNF | deraadt | 2002-06-23 | 1 | -1/+13 |
| | | |||||
| * | make the monitor sync the transfer ssh1 session key; | markus | 2002-06-19 | 1 | -30/+7 |
| | | | | | | transfer keycontext only for RC4 (this is still depends on EVP implementation details and is broken). | ||||
| * | __FUNCTION__ -> __func__ | markus | 2002-06-04 | 1 | -13/+13 |
| | | |||||
| * | use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of | markus | 2002-05-30 | 1 | -5/+23 |
| | | | | | our own implementation. allow use of AES hardware via libcrypto, ok deraadt@ | ||||
| * | fix warnings (openssl 0.9.7 requires const) | markus | 2002-05-16 | 1 | -8/+8 |
| | | |||||
| * | re-add rijndael-cbc@lysator.liu.se for MacSSH; ash@lab.poc.net | markus | 2002-04-03 | 1 | -3/+5 |
| | | |||||
| * | KNF whitespace | markus | 2002-03-19 | 1 | -6/+6 |
| | | |||||
| * | export/import cipher states; needed by ssh-privsep | markus | 2002-03-18 | 1 | -1/+174 |
| | | |||||
| * | switch to EVP, ok djm@ deraadt@ | markus | 2002-02-18 | 1 | -370/+313 |
| | | |||||
| * | hide some more implementation details of cipher.[ch] and prepares for move | markus | 2002-02-14 | 1 | -11/+36 |
| | | | | | to EVP, ok deraadt@ | ||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |