summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshkey.c
AgeCommit message (Expand)AuthorFilesLines
2020-06-22Add support for FIDO webauthn (verification only). webauthn is adjm1-1/+3
2020-04-11Refactor private key parsing. Eliminates a fair bit of duplicateddjm1-147/+40
2020-04-08add sshkey_parse_pubkey_from_private_fileblob_type()djm1-1/+65
2020-04-08simplify sshkey_parse_private_fileblob_type()djm1-16/+5
2020-04-08check private key type against requested key type in new-style privatedjm1-1/+7
2020-04-08check that pubkey in private key envelope matches actual private keydjm1-8/+19
2020-04-08refactor private key parsing a littledjm1-40/+114
2020-03-06sshkey_cert_check_authority requires reason to be set; ok djmmarkus1-3/+3
2020-03-06passphrase depends on kdfname, not ciphername (possible null-deref);markus1-8/+8
2020-02-26change explicit_bzero();free() to freezero()jsg1-29/+15
2020-01-21fix ssh-keygen not displaying authenticator touch prompt;djm1-1/+4
2019-12-30SK API and sk-helper error/PIN passingdjm1-2/+2
2019-12-13use ssh-sk-helper for all security key signing operationsdjm1-8/+5
2019-11-25Add new structure for signature optionsdjm1-5/+14
2019-11-18fix a bug that prevented serialisation of ed25519-sk keysdjm1-1/+2
2019-11-18fix bug that prevented certification of ed25519-sk keysdjm1-1/+7
2019-11-15remove most uses of BN_CTXdjm1-57/+33
2019-11-13in order to be able to figure out the number of signatures left onmarkus1-1/+6
2019-11-13fix shield/unshield for xmss keys:markus1-2/+2
2019-11-12enable ed25519 support; ok djmmarkus1-1/+153
2019-11-12implement sshsk_ed25519_inner_sig(); ok djmmarkus1-1/+6
2019-11-12rename sshsk_ecdsa_sign() to sshsk_sign(); ok djmmarkus1-3/+3
2019-11-12implement ssh-ed25519-sk verification; ok djm@markus1-1/+5
2019-10-31Refactor signing - use sshkey_sign for everything, including the newdjm1-8/+18
2019-10-31Initial infrastructure for U2F/FIDO supportdjm1-26/+179
2019-10-09fix an unreachable integer overflow similar to the XMSS case, and somedjm1-4/+22
2019-09-06fixes for !WITH_OPENSSL compilation; ok dtucker@djm1-1/+5
2019-09-03make get_sigtype public as sshkey_get_sigtype(); ok markus@djm1-7/+7
2019-07-16remove mostly vestigal uuencode.[ch]; moving the only uniquedjm1-20/+7
2019-07-15support PKCS8 as an optional format for storage of private keys,djm1-21/+55
2019-07-07Remove some set but never used variables. ok daraadt@dtucker1-4/+2
2019-06-27fix NULL deference (bzero) on error path added in last commit;djm1-2/+2
2019-06-23fix mismatch proto/decl from key shielding change; spotted via oss-fuzzdjm1-2/+2
2019-06-21Add protection for private keys at rest in RAM against speculationdjm1-17/+282
2019-05-20When signing certificates with an RSA key, default to using thedjm1-1/+8
2019-05-03Wrap XMSS including in ifdef. Patch from markus at blueflash.cc, ok djmdtucker1-2/+4
2019-01-21Make sshpkt_get_bignum2() allocate the bignum it is parsing ratherdjm1-70/+26
2018-10-11typo in plain RSA algorithm counterpart names for certificates;djm1-3/+3
2018-10-09Treat all PEM_read_bio_PrivateKey() errors when a passphrase is specifieddjm1-2/+11
2018-09-14garbage-collect moribund ssh_new_private() API.djm1-17/+6
2018-09-13hold our collective noses and use the openssl-1.1.x API in OpenSSH;djm1-289/+331
2018-09-12add sshkey_check_cert_sigtype() that checks a cert->signature_typedjm1-1/+22
2018-09-12add cert->signature_type field and keep it in sync with certificatedjm1-26/+67
2018-07-03some finesse to fix RSA-SHA2 certificate authentication for certsdjm1-4/+4
2018-07-03Improve strictness and control over RSA-SHA2 signature types:djm1-21/+75
2018-03-22ssh/xmss: fix deserialize for certs; ok djm@markus1-1/+6
2018-03-02refactor sshkey_read() to make it a little more, err, readable.djm1-113/+135
2018-02-23Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)markus1-15/+395
2018-02-14Some obvious freezero() conversions.jsing1-26/+11
2018-02-07Remove all guards for calls to OpenSSL free functions - all of thesejsing1-35/+18
Copyright © 1996 – 2026 Jason A. Donenfeld. All Rights Reverse Engineered.