| Age | Commit message (Expand) | Author |
|---|
| 2019-10-09 | fix an unreachable integer overflow similar to the XMSS case, and some | Damien Miller |
| 2019-09-06 | fixes for !WITH_OPENSSL compilation; ok dtucker@ | Damien Miller |
| 2019-09-03 | make get_sigtype public as sshkey_get_sigtype(); ok markus@ | Damien Miller |
| 2019-07-16 | remove mostly vestigal uuencode.[ch]; moving the only unique | Damien Miller |
| 2019-07-15 | support PKCS8 as an optional format for storage of private keys, | Damien Miller |
| 2019-07-07 | Remove some set but never used variables. ok daraadt@ | Darren Tucker |
| 2019-06-27 | fix NULL deference (bzero) on error path added in last commit; | Damien Miller |
| 2019-06-23 | fix mismatch proto/decl from key shielding change; spotted via oss-fuzz | Damien Miller |
| 2019-06-21 | Add protection for private keys at rest in RAM against speculation | Damien Miller |
| 2019-05-20 | When signing certificates with an RSA key, default to using the | Damien Miller |
| 2019-05-03 | Wrap XMSS including in ifdef. Patch from markus at blueflash.cc, ok djm | Darren Tucker |
| 2019-01-21 | Make sshpkt_get_bignum2() allocate the bignum it is parsing rather | Damien Miller |
| 2018-10-11 | typo in plain RSA algorithm counterpart names for certificates; | Damien Miller |
| 2018-10-09 | Treat all PEM_read_bio_PrivateKey() errors when a passphrase is specified | Damien Miller |
| 2018-09-14 | garbage-collect moribund ssh_new_private() API. | Damien Miller |
| 2018-09-13 | hold our collective noses and use the openssl-1.1.x API in OpenSSH; | Damien Miller |
| 2018-09-12 | add sshkey_check_cert_sigtype() that checks a cert->signature_type | Damien Miller |
| 2018-09-12 | add cert->signature_type field and keep it in sync with certificate | Damien Miller |
| 2018-07-03 | some finesse to fix RSA-SHA2 certificate authentication for certs | Damien Miller |
| 2018-07-03 | Improve strictness and control over RSA-SHA2 signature types: | Damien Miller |
| 2018-03-22 | ssh/xmss: fix deserialize for certs; ok djm@ | Markus Friedl |
| 2018-03-02 | refactor sshkey_read() to make it a little more, err, readable. | Damien Miller |
| 2018-02-23 | Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures) | Markus Friedl |
| 2018-02-14 | Some obvious freezero() conversions. | Joel Sing |
| 2018-02-07 | Remove all guards for calls to OpenSSL free functions - all of these | Joel Sing |
| 2017-12-18 | pass negotiated signing algorithm though to sshkey_verify() and | Damien Miller |
| 2017-12-18 | sshkey_sigtype() function to return the type of a signature; | Damien Miller |
| 2017-10-13 | BIO_get_mem_data() is supposed to take a char* as pointer argument, | Damien Miller |
| 2017-08-12 | Switch from aes256-cbc to aes256-ctr for encrypting new-style | Damien Miller |
| 2017-07-19 | fix support for unknown key types; ok djm@ | Markus Friedl |
| 2017-07-01 | remove post-SSHv1 removal dead code from rsa.c and merge the | Damien Miller |
| 2017-06-28 | Allow ssh-keygen to use a key held in ssh-agent as a CA when signing | Damien Miller |
| 2017-06-09 | better translate libcrypto errors by looking deeper in the accursed | Damien Miller |
| 2017-05-31 | Switch to recallocarray() for a few operations. Both growth and shrinkage | Theo de Raadt |
| 2017-05-08 | make requesting bad ECDSA bits yield the same error (SSH_ERR_KEY_LENGTH) | Damien Miller |
| 2017-05-07 | Refuse RSA keys <1024 bits in length. Improve reporting for keys that | Damien Miller |
| 2017-04-30 | remove KEY_RSA1 | Damien Miller |
| 2017-04-30 | remove SSHv1 ciphers; ok markus@ | Damien Miller |
| 2017-04-30 | unifdef WITH_SSH1 | Damien Miller |
| 2017-03-10 | fix regression in 7.4 server-sig-algs, where we were accidentally | Damien Miller |
| 2017-03-10 | Check for NULL argument to sshkey_read. Patch from jjelen at redhat.com | Darren Tucker |
| 2017-02-17 | ifdef out "rsa1" from the list of supported keytypes when compiled without | Darren Tucker |
| 2017-02-10 | bring back r1.34 that was backed out for problems loading public keys: | Damien Miller |
| 2016-10-24 | Remove dead breaks, found via opencoverage.net. ok deraadt@ | Darren Tucker |
| 2016-10-04 | add a comment about implicitly-expected checks to | Damien Miller |
| 2016-09-26 | Avoid a theoretical signed integer overflow should BN_num_bytes() | Damien Miller |
| 2016-09-12 | list all supported signature algorithms in the server-sig-algs | Damien Miller |
| 2016-09-12 | Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions | Theo de Raadt |
| 2016-08-03 | small refactor of cipher.c: make ciphercontext opaque to callers | Damien Miller |
| 2016-06-19 | revert 1.34; causes problems loading public keys | Damien Miller |
