| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | handle UMAC128 initialization like UMAC; ok djm@ markus@ |   naddy | 2015-01-15 | 1 | -2/+3 |
| | | |||||
| * | adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependencies |   markus | 2015-01-13 | 1 | -47/+47 |
| | | | | | ok djm@ | ||||
| * | UMAC can use our local fallback implementation of AES when OpenSSL isn't | naddy | 2014-04-30 | 1 | -15/+1 |
| | | | | | | available. Glue code straight from Ted Krovetz's original umac.c. ok markus@ | ||||
| * | make compiling against OpenSSL optional (make OPENSSL=no); | markus | 2014-04-29 | 1 | -2/+17 |
| | | | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm | ||||
| * | remove some logging that makes ssh debugging output very verbose; |   djm | 2014-02-07 | 1 | -6/+5 |
| | | | | | ok markus | ||||
| * | replace openssl HMAC with an implementation based on our ssh_digest_* | markus | 2014-01-27 | 1 | -43/+42 |
| | | | | | ok and feedback djm@ | ||||
| * | use standard types and formats for size_t like variables. ok dtucker |   tedu | 2014-01-04 | 1 | -3/+3 |
| | | |||||
| * | Output the effective values of Ciphers, MACs and KexAlgorithms when |   dtucker | 2013-11-07 | 1 | -4/+4 |
| | | | | | the default has not been overridden. ok markus@ | ||||
| * | force the MAC output to be 64-bit aligned so umac won't see unaligned | dtucker | 2013-06-03 | 1 | -8/+11 |
| | | | | | | accesses on strict-alignment architectures. bz#2101, patch from tomas.kuthan at oracle.com, ok djm@ | ||||
| * | bye, bye xfree(); ok markus@ | djm | 2013-05-17 | 1 | -3/+3 |
| | | |||||
| * | add the ability to query supported ciphers, MACs, key type and KEX | djm | 2013-04-19 | 1 | -20/+42 |
| | | | | | | algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@ | ||||
| * | fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@ |   sthen | 2012-12-11 | 1 | -2/+2 |
| | | |||||
| * | add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms | markus | 2012-12-11 | 1 | -12/+27 |
| | | | | | | | | that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@ | ||||
| * | add umac128 variant; ok djm@ at n2k12 | markus | 2012-10-04 | 1 | -1/+14 |
| | | |||||
| * | Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed | dtucker | 2012-06-28 | 1 | -3/+1 |
| | | | | | | from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus. | ||||
| * | fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before | djm | 2011-12-02 | 1 | -1/+2 |
| | | | | | | HMAC_init (this change in policy seems insane to me) ok dtucker@ | ||||
| * | Add new SHA256 and SHA512 based HMAC modes from | djm | 2011-08-02 | 1 | -1/+5 |
| | | | | | | | http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt feedback and ok markus@ | ||||
| * | upcast another size_t to u_long to match format | dtucker | 2008-06-13 | 1 | -2/+2 |
| | | |||||
| * | Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must |   pvalchev | 2007-06-07 | 1 | -27/+80 |
| | | | | | | | | | | | specify umac-64@openssh.com). Provides about 20% end-to-end speedup compared to hmac-md5. Represents a different approach to message authentication to that of HMAC that may be beneficial if HMAC based on one of its underlying hash algorithms is found to be vulnerable to a new attack. http://www.ietf.org/rfc/rfc4418.txt in conjunction with and OK djm@ | ||||
| * | Preserve MAC ctx between packets, saving 2xhash calls per-packet. | djm | 2007-06-05 | 1 | -13/+23 |
| | | | | | | | | Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5 patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm committing at his request) | ||||
| * | almost entirely get rid of the culture of ".h files that include .h files" |   deraadt | 2006-08-03 | 1 | -2/+5 |
| | | | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step | ||||
| * | move #include <string.h> out of includes.h |   stevesk | 2006-07-22 | 1 | -1/+3 |
| | | |||||
| * | replace {GET,PUT}_XXBIT macros with functionally similar functions, | djm | 2006-03-30 | 1 | -3/+3 |
| | | | | | | | silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and feedback from deraadt@ | ||||
| * | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | djm | 2006-03-25 | 1 | -0/+1 |
| | | | | | Theo nuked - our scripts to sync -portable need them in the files | ||||
| * | RCSID() can die | deraadt | 2006-03-19 | 1 | -1/+0 |
| | | |||||
| * | make this -Wsign-compare clean; ok avsm@ markus@ | djm | 2005-06-17 | 1 | -4/+7 |
| | | |||||
| * | A few signedness fixes for harmless situations; markus@ ok |   miod | 2003-09-18 | 1 | -2/+2 |
| | | |||||
| * | fix warnings (openssl 0.9.7 requires const) | markus | 2002-05-16 | 1 | -2/+2 |
| | | |||||
| * | use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@ | markus | 2002-01-25 | 1 | -2/+2 |
| | | |||||
| * | basic KNF done while i was looking for something else | deraadt | 2001-12-19 | 1 | -2/+2 |
| | | |||||
| * | fix whitespace: unexpand + trailing spaces. | markus | 2001-04-05 | 1 | -2/+2 |
| | | |||||
| * | 1) clean up the MAC support for SSH-2 | markus | 2001-02-11 | 1 | -0/+114 |
| 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@ | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |