summaryrefslogtreecommitdiff
path: root/signkey.h
Commit message (Collapse)AuthorAgeFilesLines
* Implement server-side support for sk-ecdsa U2F-backed keys (#142)egor-duda2022-01-221-0/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement server-side support for sk-ecdsa U2F-backed keys * Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys * Fix one more potential out-of-bounds read * Check if nistp256 curve is used in sk-ecdsa-sha2- key It's the only allowed curve per PROTOCOL.u2f specification * Implement server-side support for sk-ed25519 FIDO2-backed keys * Keys with type sk-* make no sense as host keys, so they should be disabled * fix typo * Make sk-ecdsa call buf_ecdsa_verify This reduces code duplication, the SK code just handles the different message format. * Reduce sk specific code The application id can be stored in signkey, then we don't need to call sk-specific functions from svr-authpubkey * Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled * Proper cleanup of sk_app Co-authored-by: Matt Johnston <matt@codeconstruct.com.au>
* ext-info handling for server-sig-algsMatt Johnston2020-05-191-0/+2
| | | | only client side is handled
* split signkey_type and signature_type for RSA sha1 vs sha256Matt Johnston2020-05-171-8/+28
|
* use sigtype where appropriateMatt Johnston2020-04-061-8/+16
|
* Add Ed25519 support (#91)Vladislav Grishenko2020-03-111-0/+7
| | | | | | | | | | | | | | | | * Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys
* Pointer parameter could be declared as pointing to constFrancois Perrad2017-08-191-4/+4
|
* Convert #ifdef to #if, other build changesMatt Johnston2016-05-041-10/+10
|
* fix empty C prototypesFrancois Perrad2016-01-011-1/+1
|
* DROPBEAR_ prefix for include guards to avoid collisionsThorsten Horstmann2015-02-241-3/+3
|
* use oldstyle commentsMatt Johnston2013-11-141-2/+2
|
* Fix specifying a keysize for key generation, fix key name argumentsMatt Johnston2013-11-011-8/+6
|
* have separate ecdsa keys for each sizeMatt Johnston2013-05-251-6/+10
| | | | fix crash from the mp_alloc_init_multi change in RSA
* ecdsa is workingMatt Johnston2013-05-031-10/+10
|
* more ecdsa signkey work, not correctMatt Johnston2013-04-281-2/+26
|
* start on ecdsa keysMatt Johnston2013-04-091-0/+3
|
* Make _sign and _verify functions take a buffer* rather than void* and intMatt Johnston2013-04-061-4/+2
|
* Rename rsa_key to dropbear_rsa_key (and same for dss too) soMatt Johnston2010-07-211-2/+2
| | | | we don't conflict with libtomcrypt.
* New standard linked list to use, rather than adhoc SignKeyList or TCPFwdListMatt Johnston2009-07-061-0/+14
|
* Improve known_hosts checking.Matt Johnston2007-02-221-1/+1
|
* - Hostkey checking is mostly there, just aren't appending yet.Matt Johnston2004-08-081-1/+4
| | | | | - Rearranged various bits of the fingerprint/base64 type code, so it can be shared between versions
* Improved signkey codeMatt Johnston2004-08-031-0/+2
|
* Makefile.in contains updated files requiredMatt Johnston2004-06-011-0/+58
View Lorry Controller Status