summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-pkcs11.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* fix compilation on !HAVE_DLOPEN platforms; stub function was notdjm2020-05-291-2/+3
* improve error messages for some common PKCS#11 C_Login failure cases;djm2020-03-131-4/+19
* pkcs11_register_provider: return < 0 on error; ok djmmarkus2020-03-061-1/+3
* expose PKCS#11 key labels/X.509 subjects as commentsdjm2020-01-251-53/+89
* revert unconditional forced login implemented in r1.41 of ssh-pkcs11.c;djm2019-10-011-26/+5
* if a PKCS#11 token returns no keys then try to login and refetchdjm2019-09-051-11/+33
* downgrade PKCS#11 "provider returned no slots" warning from log leveldjm2019-09-021-2/+2
* fix use-after-free in ssh-pkcs11; found by hshoexer w/AFLmarkus2019-03-081-1/+3
* fix NULL-deref crash in PKCS#11 code when attempting login to a tokendjm2019-02-041-2/+17
* Correct some bugs in PKCS#11 token PIN handling at initial login,djm2019-01-221-12/+22
* Support keys that set the CKA_ALWAYS_AUTHENTICATE by requring adjm2019-01-221-26/+95
* always print the caller's error message in ossl_error(), even when theredjm2019-01-211-2/+3
* get the ex_data (pkcs11_key object) back from the keys at thedjm2019-01-211-9/+8
* use ECDSA_SIG_set0() instead of poking signature values intodjm2019-01-211-3/+14
* we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHOD now, so theredjm2019-01-201-7/+3
* KNF previous; from markus@djm2019-01-201-6/+6
* use OpenSSL's RSA reference counting hooks to implicitly clean updjm2019-01-201-35/+21
* make the PKCS#11 RSA code more like the new PKCS#11 ECDSA code:djm2019-01-201-16/+29
* fix leak of ECDSA pkcs11_key objectsdjm2019-01-201-2/+21
* use EVP_PKEY_get0_EC_KEY() instead of direct access of EC_KEY internalsdjm2019-01-201-4/+3
* cleanup PKCS#11 ECDSA pubkey loading: the returned object should neverdjm2019-01-201-10/+14
* cleanup unnecessary code in ECDSA pkcs#11 signature support: thedjm2019-01-201-25/+16
* add support for ECDSA keys in PKCS#11 tokensdjm2019-01-201-204/+1149
* hold our collective noses and use the openssl-1.1.x API in OpenSSH;djm2018-09-131-16/+41
* Remove all guards for calls to OpenSSL free functions - all of thesejsing2018-02-071-3/+2
* Switch to recallocarray() for a few operations. Both growth and shrinkagederaadt2017-05-311-3/+3
* sshkey_new() might return NULL (pkcs#11 code only); ok djm@markus2017-05-301-2/+3
* Improve pkcs11_add_provider() logging: demote some excessivelydjm2016-10-281-15/+26
* avoid fatal() for PKCS11 tokens that present empty key IDsdjm2016-02-121-3/+5
* don't ignore PKCS#11 hosted keys that return empty CKA_ID;djm2015-07-181-6/+14
* skip uninitialised PKCS#11 slots; patch from Jakub Jelen in bz#2427djm2015-07-181-1/+6
* support PKCS#11 devices with external PIN entry devicesdjm2015-05-271-12/+20
* rename xrealloc() to xreallocarray() since it follows that form.deraadt2015-04-241-2/+2
* missing ;deraadt2015-02-031-2/+2
* handle PKCS#11 C_Login returning CKR_USER_ALREADY_LOGGED_IN;djm2015-02-021-5/+7
* sync ssh-keysign, ssh-keygen and some dependencies to the newdjm2015-01-151-13/+13
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-2/+2
* revert __bounded change; it causes way more problems for portable thandjm2014-05-021-2/+2
* use __bounded(...) attribute recently added to sys/cdefs.h instead ofdjm2014-03-261-2/+2
* add missing braces found by pedromarkus2013-11-131-2/+2
* from portable: s/true/true_val/ to avoid name collisions on dump platformsdjm2013-11-061-3/+3
* support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;markus2013-11-021-28/+98
* fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@djm2013-07-121-6/+6
* bye, bye xfree(); ok markus@djm2013-05-171-15/+12
* check length of value returned C_GetAttributValue for != 0markus2010-06-081-2/+8
* retry lookup for private key if there's no matching key with CKA_SIGNmarkus2010-04-151-11/+34
* Add $OpenBSD$ tags in comments, our portable-syncing scripts use thesedjm2010-02-241-0/+1
* dlclose() call should also be #ifdef HAVE_DLOPENderaadt2010-02-211-0/+2
* unbreak build for NOPIC systems; noticed, help and ok deraadt@markus2010-02-201-0/+9
* replace our obsolete smartcard code with PKCS#11.markus2010-02-081-0/+544
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.