summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-ecdsa.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Make sshpkt_get_bignum2() allocate the bignum it is parsing ratherdjm2019-01-211-8/+6
| | | | | | than make the caller do it. Saves a lot of boilerplate code. from markus@ ok djm@
* hold our collective noses and use the openssl-1.1.x API in OpenSSH;djm2018-09-131-6/+19
| | | | feedback and ok tb@ jsing@ markus@
* Remove all guards for calls to OpenSSL free functions - all of thesejsing2018-02-071-5/+3
| | | | | | | | | functions handle NULL, from at least OpenSSL 1.0.1g onwards. Prompted by dtucker@ asking about guards for RSA_free(), when looking at openssh-portable pr#84 on github. ok deraadt@ dtucker@
* make argument == NULL tests more consistentdjm2016-04-211-2/+3
|
* Remove NULL-checks before sshbuf_free().mmcc2015-12-111-9/+5
| | | | ok djm@
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-109/+123
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlikedjm2014-02-031-4/+1
| | | | DSA_SIG_new. Reported by Batz Spear; ok markus@
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-4/+4
|
* Introduce digest API and use it to perform all hashing operationsdjm2014-01-091-16/+26
| | | | | | rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
* make the original RSA and DSA signing/verification code look more likedjm2013-12-271-5/+7
| | | | | | the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type rather than tediously listing all variants, use __func__ for debug/ error messages
* bye, bye xfree(); ok markus@djm2013-05-171-5/+5
|
* Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron, ok markus@miod2012-01-081-1/+2
|
* fix identdjm2010-09-101-1/+1
|
* ECDH/ECDSA compliance fix: these methods vary the hash function they usedjm2010-09-091-2/+4
| | | | | | | | | | | | | (SHA256/384/512) depending on the length of the curve in use. The previous code incorrectly used SHA256 in all cases. This fix will cause authentication failure when using 384 or 521-bit curve keys if one peer hasn't been upgraded and the other has. (256-bit curve keys work ok). In particular you may need to specify HostkeyAlgorithms when connecting to a server that has not been upgraded from an upgraded client. ok naddy@
* decl before code for compiler compatibilityderaadt2010-09-061-1/+1
|
* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) anddjm2010-08-311-0/+160
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.