summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshkey.c
AgeCommit message (Expand)Author
2021-07-12Use existing format_absolute_time() function when printing cert validityDarren Tucker
2021-07-05Fix a couple of whitespace things. Portable already has these so thisDarren Tucker
2021-04-03highly polished whitespace, mostly fixing spaces-for-tab and badDamien Miller
2021-02-02fix memleaks in private key deserialisation; enforce more consistencyDamien Miller
2021-01-26move check_host_cert() from sshconnect,c to sshkey.c and refactorDamien Miller
2021-01-15Make output buffer larger to prevent potential truncation warnings fromDarren Tucker
2020-10-19Adapt XMSS to new logging infrastructure. With markus@, ok djm@.Darren Tucker
2020-08-27support for user-verified FIDO keysDamien Miller
2020-06-24only call sshkey_xmss_init() once for KEY_XMSS_CERT; ok djmMarkus Friedl
2020-06-22Add support for FIDO webauthn (verification only). webauthn is aDamien Miller
2020-04-11Refactor private key parsing. Eliminates a fair bit of duplicatedDamien Miller
2020-04-08add sshkey_parse_pubkey_from_private_fileblob_type()Damien Miller
2020-04-08simplify sshkey_parse_private_fileblob_type()Damien Miller
2020-04-08check private key type against requested key type in new-style privateDamien Miller
2020-04-08check that pubkey in private key envelope matches actual private keyDamien Miller
2020-04-08refactor private key parsing a littleDamien Miller
2020-03-06sshkey_cert_check_authority requires reason to be set; ok djmMarkus Friedl
2020-03-06passphrase depends on kdfname, not ciphername (possible null-deref);Markus Friedl
2020-02-26change explicit_bzero();free() to freezero()Jonathan Gray
2020-01-21fix ssh-keygen not displaying authenticator touch prompt;Damien Miller
2019-12-30SK API and sk-helper error/PIN passingDamien Miller
2019-12-13use ssh-sk-helper for all security key signing operationsDamien Miller
2019-11-25Add new structure for signature optionsDamien Miller
2019-11-18fix a bug that prevented serialisation of ed25519-sk keysDamien Miller
2019-11-18fix bug that prevented certification of ed25519-sk keysDamien Miller
2019-11-15remove most uses of BN_CTXDamien Miller
2019-11-13in order to be able to figure out the number of signatures left onMarkus Friedl
2019-11-13fix shield/unshield for xmss keys:Markus Friedl
2019-11-12enable ed25519 support; ok djmMarkus Friedl
2019-11-12implement sshsk_ed25519_inner_sig(); ok djmMarkus Friedl
2019-11-12rename sshsk_ecdsa_sign() to sshsk_sign(); ok djmMarkus Friedl
2019-11-12implement ssh-ed25519-sk verification; ok djm@Markus Friedl
2019-10-31Refactor signing - use sshkey_sign for everything, including the newDamien Miller
2019-10-31Initial infrastructure for U2F/FIDO supportDamien Miller
2019-10-09fix an unreachable integer overflow similar to the XMSS case, and someDamien Miller
2019-09-06fixes for !WITH_OPENSSL compilation; ok dtucker@Damien Miller
2019-09-03make get_sigtype public as sshkey_get_sigtype(); ok markus@Damien Miller
2019-07-16remove mostly vestigal uuencode.[ch]; moving the only uniqueDamien Miller
2019-07-15support PKCS8 as an optional format for storage of private keys,Damien Miller
2019-07-07Remove some set but never used variables. ok daraadt@Darren Tucker
2019-06-27fix NULL deference (bzero) on error path added in last commit;Damien Miller
2019-06-23fix mismatch proto/decl from key shielding change; spotted via oss-fuzzDamien Miller
2019-06-21Add protection for private keys at rest in RAM against speculationDamien Miller
2019-05-20When signing certificates with an RSA key, default to using theDamien Miller
2019-05-03Wrap XMSS including in ifdef. Patch from markus at blueflash.cc, ok djmDarren Tucker
2019-01-21Make sshpkt_get_bignum2() allocate the bignum it is parsing ratherDamien Miller
2018-10-11typo in plain RSA algorithm counterpart names for certificates;Damien Miller
2018-10-09Treat all PEM_read_bio_PrivateKey() errors when a passphrase is specifiedDamien Miller
2018-09-14garbage-collect moribund ssh_new_private() API.Damien Miller
2018-09-13hold our collective noses and use the openssl-1.1.x API in OpenSSH;Damien Miller