summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh-pkcs11.c
AgeCommit message (Expand)Author
2021-11-18avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already did thisDamien Miller
2021-08-11remove a bunch of %p in format strings; leftovers of debuggingsDamien Miller
2021-06-25fix decoding of X.509 subject name; from Leif Thuresson via bz3327Damien Miller
2020-11-22when loading PKCS#11 keys, include the key fingerprints and provider/slotDamien Miller
2020-10-18use the new variant log macros instead of prepending __func__ andDamien Miller
2020-05-29fix compilation on !HAVE_DLOPEN platforms; stub function was notDamien Miller
2020-03-13improve error messages for some common PKCS#11 C_Login failure cases;Damien Miller
2020-03-06pkcs11_register_provider: return < 0 on error; ok djmMarkus Friedl
2020-01-25expose PKCS#11 key labels/X.509 subjects as commentsDamien Miller
2019-10-01revert unconditional forced login implemented in r1.41 of ssh-pkcs11.c;Damien Miller
2019-09-05if a PKCS#11 token returns no keys then try to login and refetchDamien Miller
2019-09-02downgrade PKCS#11 "provider returned no slots" warning from log levelDamien Miller
2019-03-08fix use-after-free in ssh-pkcs11; found by hshoexer w/AFLMarkus Friedl
2019-02-04fix NULL-deref crash in PKCS#11 code when attempting login to a tokenDamien Miller
2019-01-22Correct some bugs in PKCS#11 token PIN handling at initial login,Damien Miller
2019-01-22Support keys that set the CKA_ALWAYS_AUTHENTICATE by requring aDamien Miller
2019-01-21always print the caller's error message in ossl_error(), even when thereDamien Miller
2019-01-21get the ex_data (pkcs11_key object) back from the keys at theDamien Miller
2019-01-21use ECDSA_SIG_set0() instead of poking signature values intoDamien Miller
2019-01-20we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHOD now, so thereDamien Miller
2019-01-20KNF previous; from markus@Damien Miller
2019-01-20use OpenSSL's RSA reference counting hooks to implicitly clean upDamien Miller
2019-01-20make the PKCS#11 RSA code more like the new PKCS#11 ECDSA code:Damien Miller
2019-01-20fix leak of ECDSA pkcs11_key objectsDamien Miller
2019-01-20use EVP_PKEY_get0_EC_KEY() instead of direct access of EC_KEY internalsDamien Miller
2019-01-20cleanup PKCS#11 ECDSA pubkey loading: the returned object should neverDamien Miller
2019-01-20cleanup unnecessary code in ECDSA pkcs#11 signature support: theDamien Miller
2019-01-20add support for ECDSA keys in PKCS#11 tokensDamien Miller
2018-09-13hold our collective noses and use the openssl-1.1.x API in OpenSSH;Damien Miller
2018-02-07Remove all guards for calls to OpenSSL free functions - all of theseJoel Sing
2017-05-31Switch to recallocarray() for a few operations. Both growth and shrinkageTheo de Raadt
2017-05-30sshkey_new() might return NULL (pkcs#11 code only); ok djm@Markus Friedl
2016-10-28Improve pkcs11_add_provider() logging: demote some excessivelyDamien Miller
2016-02-12avoid fatal() for PKCS11 tokens that present empty key IDsDamien Miller
2015-07-18don't ignore PKCS#11 hosted keys that return empty CKA_ID;Damien Miller
2015-07-18skip uninitialised PKCS#11 slots; patch from Jakub Jelen in bz#2427Damien Miller
2015-05-27support PKCS#11 devices with external PIN entry devicesDamien Miller
2015-04-24rename xrealloc() to xreallocarray() since it follows that form.Theo de Raadt
2015-02-03missing ;Theo de Raadt
2015-02-02handle PKCS#11 C_Login returning CKR_USER_ALREADY_LOGGED_IN;Damien Miller
2015-01-15sync ssh-keysign, ssh-keygen and some dependencies to the newDamien Miller
2014-06-24New key API: refactor key-related functions to be more library-like,Damien Miller
2014-05-02revert __bounded change; it causes way more problems for portable thanDamien Miller
2014-03-26use __bounded(...) attribute recently added to sys/cdefs.h instead ofDamien Miller
2013-11-13add missing braces found by pedroMarkus Friedl
2013-11-06from portable: s/true/true_val/ to avoid name collisions on dump platformsDamien Miller
2013-11-02support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;Markus Friedl
2013-07-12fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@Damien Miller
2013-05-17bye, bye xfree(); ok markus@Damien Miller
2010-06-08check length of value returned C_GetAttributValue for != 0Markus Friedl