summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/krl.c
AgeCommit message (Expand)Author
2020-04-03avoid another compiler warning spotted in -portableDamien Miller
2020-04-03fix format string (use %llu for uint64, not %lld). spotted by Darren andDamien Miller
2020-04-03give ssh-keygen the ability to dump the contents of a binary keyDamien Miller
2020-01-25factor out reading/writing sshbufs to dedicated functions;Damien Miller
2019-11-25Add new structure for signature optionsDamien Miller
2019-10-31Refactor signing - use sshkey_sign for everything, including the newDamien Miller
2019-09-06lots of things were relying on libcrypto headers to transitivelyDamien Miller
2019-06-21Add protection for private keys at rest in RAM against speculationDamien Miller
2018-09-12allow key revocation by SHA256 hash and allow ssh-keygen to create KRLsDamien Miller
2017-12-18pass negotiated signing algorithm though to sshkey_verify() andDamien Miller
2017-05-31Switch to recallocarray() for a few operations. Both growth and shrinkageTheo de Raadt
2017-03-10krl.cDarren Tucker
2016-09-12Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsTheo de Raadt
2015-12-31fix three bugs in KRL code related to (unused) signature support:Damien Miller
2015-12-11Remove NULL-checks before sshbuf_free().mmcc
2015-12-04implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)Markus Friedl
2015-09-02Fix occurrences of "r = func() != 0" which result in the wrong errorJonathan Gray
2015-07-03delete support for legacy v00 certificates; "sure" markus@ dtucker@Damien Miller
2015-06-24correct test to sshkey_sign(); spotted by Albert S.Damien Miller
2015-01-30permit KRLs that revoke certificates by serial number or key IDDamien Miller
2015-01-26small refactor and add some convenience functions;Damien Miller
2015-01-20Reduce use of <sys/param.h> and transition to <limits.h> throughout.Theo de Raadt
2015-01-19fix format strings in (disabled) debuggingDamien Miller
2015-01-18string truncation due to sizeof(size)Theo de Raadt
2015-01-14avoid BIGNUM in KRL code by using a simple bitmap;Damien Miller
2015-01-13sync changes from libopenssh; prepared by markus@Damien Miller
2015-01-12missing error assigment on sshbuf_put_string()Markus Friedl
2015-01-12free->sshkey_free; ok djm@Markus Friedl
2015-01-08deprecate key_load_private_pem() and sshkey_load_private_pem()Damien Miller
2014-12-21Add FingerprintHash option to control algorithm used for keyDamien Miller
2014-12-04convert KRL code to new buffer APIDamien Miller
2014-11-21fix NULL pointer dereference crash on invalid timestampDamien Miller
2014-11-17fix KRL generation when multiple CAs are in useDamien Miller
2014-06-24New key API: refactor key-related functions to be more library-like,Damien Miller
2014-06-24fix bug in KRL generation: multiple consecutive revoked certificateDamien Miller
2014-04-28buffer_get_string_ptr's return should be const to remindDamien Miller
2014-01-31replace most bzero with explicit_bzero, except a few that cna be memsetTed Unangst
2013-07-20fix verification error in (as-yet usused) KRL signature checking pathDamien Miller
2013-06-20don't leak the rdata blob on errors; ok djm@Markus Friedl
2013-04-05hush some {unused, printf type} warningsDamien Miller
2013-02-19Remove bogus include. ok djmDarren Tucker
2013-01-27actually use the xrealloc() return value; spotted by xi.wang AT gmail.comDamien Miller
2013-01-25redo last commit without the vi-vomit that snuck in:Damien Miller
2013-01-25Revert last. Breaks due to likely typo. Let djm@ fix later.Kenneth R Westerback
2013-01-24skip serial lookup when cert's serial number is zeroDamien Miller
2013-01-24fix handling of (unused) KRL signatures; skip string in correct bufferDamien Miller
2013-01-19RB_INSERT does not remove existing elments; ok djm@Markus Friedl
2013-01-18fix KRL generation bug for list sectionsDamien Miller
2013-01-18RCD IDs help us keep portable in synchDamien Miller
2013-01-17add support for Key Revocation Lists (KRLs). These are a compact way toDamien Miller