| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | When signing certificates with an RSA key, default to using the |   djm | 2019-05-20 | 1 | -1/+8 |
| * | Wrap XMSS including in ifdef. Patch from markus at blueflash.cc, ok djm |   dtucker | 2019-05-03 | 1 | -2/+4 |
| * | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather | djm | 2019-01-21 | 1 | -70/+26 |
| * | typo in plain RSA algorithm counterpart names for certificates; | djm | 2018-10-11 | 1 | -3/+3 |
| * | Treat all PEM_read_bio_PrivateKey() errors when a passphrase is specified | djm | 2018-10-09 | 1 | -2/+11 |
| * | garbage-collect moribund ssh_new_private() API. | djm | 2018-09-14 | 1 | -17/+6 |
| * | hold our collective noses and use the openssl-1.1.x API in OpenSSH; | djm | 2018-09-13 | 1 | -289/+331 |
| * | add sshkey_check_cert_sigtype() that checks a cert->signature_type | djm | 2018-09-12 | 1 | -1/+22 |
| * | add cert->signature_type field and keep it in sync with certificate | djm | 2018-09-12 | 1 | -26/+67 |
| * | some finesse to fix RSA-SHA2 certificate authentication for certs | djm | 2018-07-03 | 1 | -4/+4 |
| * | Improve strictness and control over RSA-SHA2 signature types: | djm | 2018-07-03 | 1 | -21/+75 |
| * | ssh/xmss: fix deserialize for certs; ok djm@ |   markus | 2018-03-22 | 1 | -1/+6 |
| * | refactor sshkey_read() to make it a little more, err, readable. | djm | 2018-03-02 | 1 | -113/+135 |
| * | Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) | markus | 2018-02-23 | 1 | -15/+395 |
| * | Some obvious freezero() conversions. |   jsing | 2018-02-14 | 1 | -26/+11 |
| * | Remove all guards for calls to OpenSSL free functions - all of these | jsing | 2018-02-07 | 1 | -35/+18 |
| * | pass negotiated signing algorithm though to sshkey_verify() and | djm | 2017-12-18 | 1 | -4/+5 |
| * | sshkey_sigtype() function to return the type of a signature; | djm | 2017-12-18 | 1 | -1/+26 |
| * | BIO_get_mem_data() is supposed to take a char* as pointer argument, | djm | 2017-10-13 | 1 | -2/+2 |
| * | Switch from aes256-cbc to aes256-ctr for encrypting new-style | djm | 2017-08-12 | 1 | -2/+2 |
| * | fix support for unknown key types; ok djm@ | markus | 2017-07-19 | 1 | -6/+1 |
| * | remove post-SSHv1 removal dead code from rsa.c and merge the | djm | 2017-07-01 | 1 | -4/+3 |
| * | Allow ssh-keygen to use a key held in ssh-agent as a CA when signing | djm | 2017-06-28 | 1 | -4/+21 |
| * | better translate libcrypto errors by looking deeper in the accursed | djm | 2017-06-09 | 1 | -40/+62 |
| * | Switch to recallocarray() for a few operations. Both growth and shrinkage |   deraadt | 2017-05-31 | 1 | -3/+4 |
| * | make requesting bad ECDSA bits yield the same error (SSH_ERR_KEY_LENGTH) | djm | 2017-05-08 | 1 | -3/+4 |
| * | Refuse RSA keys <1024 bits in length. Improve reporting for keys that | djm | 2017-05-07 | 1 | -5/+24 |
| * | remove KEY_RSA1 | djm | 2017-04-30 | 1 | -56/+7 |
| * | remove SSHv1 ciphers; ok markus@ | djm | 2017-04-30 | 1 | -6/+2 |
| * | unifdef WITH_SSH1 | djm | 2017-04-30 | 1 | -379/+1 |
| * | fix regression in 7.4 server-sig-algs, where we were accidentally | djm | 2017-03-10 | 1 | -3/+5 |
| * | Check for NULL argument to sshkey_read. Patch from jjelen at redhat.com | dtucker | 2017-03-10 | 1 | -1/+4 |
| * | ifdef out "rsa1" from the list of supported keytypes when compiled without | dtucker | 2017-02-17 | 1 | -1/+3 |
| * | bring back r1.34 that was backed out for problems loading public keys: | djm | 2017-02-10 | 1 | -5/+46 |
| * | Remove dead breaks, found via opencoverage.net. ok deraadt@ | dtucker | 2016-10-24 | 1 | -2/+1 |
| * | add a comment about implicitly-expected checks to | djm | 2016-10-04 | 1 | -1/+9 |
| * | Avoid a theoretical signed integer overflow should BN_num_bytes() | djm | 2016-09-26 | 1 | -3/+6 |
| * | list all supported signature algorithms in the server-sig-algs | djm | 2016-09-12 | 1 | -3/+3 |
| * | Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions | deraadt | 2016-09-12 | 1 | -7/+6 |
| * | small refactor of cipher.c: make ciphercontext opaque to callers | djm | 2016-08-03 | 1 | -23/+14 |
| * | revert 1.34; causes problems loading public keys | djm | 2016-06-19 | 1 | -39/+2 |
| * | translate OpenSSL error codes to something more meaninful; | djm | 2016-06-17 | 1 | -2/+39 |
| * | support SHA256 and SHA512 RSA signatures in certificates; | djm | 2016-05-02 | 1 | -3/+3 |
| * | make private key loading functions consistently handle NULL | djm | 2016-04-09 | 1 | -16/+24 |
| * | Remove NULL-checks before sshbuf_free(). |   mmcc | 2015-12-11 | 1 | -19/+10 |
| * | Remove NULL-checks before sshkey_free(). | mmcc | 2015-12-11 | 1 | -9/+5 |
| * | Remove NULL-checks before free(). | mmcc | 2015-12-10 | 1 | -11/+6 |
| * | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) | markus | 2015-12-04 | 1 | -20/+23 |
| * | move the certificate validity formatting code to sshkey.[ch] | djm | 2015-11-19 | 1 | -1/+38 |
| * | Replace remaining calls to index(3) with strchr(3). OK jca@ krw@ |   millert | 2015-11-16 | 1 | -3/+3 |
