Age | Commit message (Expand) | Author |
2014-01-09 | Introduce digest API and use it to perform all hashing operations | Damien Miller |
2013-12-29 | to make sure we don't omit any key types as valid CA keys again, | Damien Miller |
2013-12-29 | correct comment for key_drop_cert() | Damien Miller |
2013-12-29 | correct comment for key_to_certified() | Damien Miller |
2013-12-29 | allow ed25519 keys to appear as certificate authorities | Damien Miller |
2013-12-07 | set k->cert = NULL after freeing it | Damien Miller |
2013-12-06 | support ed25519 keys (hostkeys and user identities) using the public domain | Markus Friedl |
2013-12-06 | new private key format, bcrypt as KDF by default; details in PROTOCOL.key; | Markus Friedl |
2013-12-06 | move private key (de)serialization to key.c; ok djm | Markus Friedl |
2013-12-02 | make key_to_blob() return a NULL blob on failure; part of | Damien Miller |
2013-10-29 | fix potential stack exhaustion caused by nested certificates; | Damien Miller |
2013-05-19 | Standardise logging of supplemental information during userauth. Keys | Damien Miller |
2013-05-17 | bye, bye xfree(); ok markus@ | Damien Miller |
2013-05-10 | memleak in cert_free(), wasn't actually freeing the struct; | Damien Miller |
2013-04-19 | add the ability to query supported ciphers, MACs, key type and KEX | Damien Miller |
2013-01-17 | add support for Key Revocation Lists (KRLs). These are a compact way to | Damien Miller |
2012-05-23 | add support for RFC6594 SSHFP DNS records for ECDSA key types. | Damien Miller |
2011-10-18 | remove explict search for \0 in packet strings, this job is now done | Damien Miller |
2011-05-17 | fatal() if asked to generate a legacy ECDSA cert (these don't exist) | Damien Miller |
2011-02-04 | fix uninitialised nonce variable; reported by Mateusz Kocielski | Damien Miller |
2010-11-10 | use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED. | Damien Miller |
2010-10-28 | fix a possible NULL deref on loading a corrupt ECDH key | Damien Miller |
2010-09-09 | ECDH/ECDSA compliance fix: these methods vary the hash function they use | Damien Miller |
2010-08-31 | Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and | Damien Miller |
2010-08-31 | Add buffer_get_cstring() and related functions that verify that the | Damien Miller |
2010-07-13 | s/timing_safe_cmp/timingsafe_bcmp/g | Damien Miller |
2010-07-13 | implement a timing_safe_cmp() function to compare memory without leaking | Damien Miller |
2010-05-07 | add some optional indirection to matching of principal names listed | Damien Miller |
2010-04-16 | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | Damien Miller |
2010-03-15 | also print certificate type (user or host) for ssh-keygen -L | Kevin Steves |
2010-03-04 | use buffer_get_string_ptr_ret() where we are checking the return | Damien Miller |
2010-03-03 | reject strings with embedded ASCII nul chars in certificate key IDs, | Damien Miller |
2010-02-26 | Add support for certificate key types for users and hosts. | Damien Miller |
2010-01-13 | Ignore and log any Protocol 1 keys where the claimed size is not equal to | Darren Tucker |
2009-12-11 | switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537 | Markus Friedl |
2008-10-10 | typo in error message; ok djm@ | Kevin Steves |
2008-07-25 | In random art visualization, make sure to use the end marker only at the | Alexander von Gernler |
2008-07-07 | /*NOTREACHED*/ for lint warning: | Kevin Steves |
2008-06-25 | add key length to visual fingerprint; zap magical constants; | Otto Moerbeek |
2008-06-12 | add my copyright, ok djm@ | Alexander von Gernler |
2008-06-12 | We already mark the start of the worm, now also mark the end of the worm | Alexander von Gernler |
2008-06-12 | supply the key type (rsa1, rsa, dsa) as a caption in the frame of the | Alexander von Gernler |
2008-06-12 | use an odd number of rows and columns and a separate start marker, looks | Otto Moerbeek |
2008-06-11 | #define statements that are not atoms need braces around them, else they | Alexander von Gernler |
2008-06-11 | simpler way of computing the augmentations; ok grunk@ | Otto Moerbeek |
2008-06-11 | Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the | Alexander von Gernler |
2007-07-12 | Delint: remove some unreachable statements, from Bret Lambert. | Ray Lai |
2006-11-06 | add missing checks for openssl return codes; with & ok djm@ | Markus Friedl |
2006-08-03 | almost entirely get rid of the culture of ".h files that include .h files" | Theo de Raadt |
2006-08-01 | move #include <stdio.h> out of includes.h | Kevin Steves |