summaryrefslogtreecommitdiff
path: root/krl.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: avoid printing hash algorithm twice; from lucas AT sexy.isdjm@openbsd.org2022-04-281-2/+2
| | | | OpenBSD-Commit-ID: 9d24671e10a84141b7c504396cabad600e47a941
* upstream: The RB_GENERATE_STATIC(3) macro expands to a series ofdjm@openbsd.org2021-06-041-4/+4
| | | | | | | function definitions and not a statement, so there should be no semicolon following them. Patch from Michael Forney OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-53/+47
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-3/+4
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: avoid another compiler warning spotted in -portabledjm@openbsd.org2020-04-031-6/+9
| | | | OpenBSD-Commit-ID: 1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7
* upstream: fix format string (use %llu for uint64, not %lld). spotted bydjm@openbsd.org2020-04-031-4/+4
| | | | | | Darren and his tinderbox tests OpenBSD-Commit-ID: 3b4587c3d9d46a7be9bdf028704201943fba96c2
* upstream: give ssh-keygen the ability to dump the contents of adjm@openbsd.org2020-04-031-1/+93
| | | | | | binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
* upstream: factor out reading/writing sshbufs to dedicateddjm@openbsd.org2020-01-261-13/+3
| | | | | | functions; feedback and ok markus@ OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
* upstream: Add new structure for signature optionsdjm@openbsd.org2019-11-251-2/+2
| | | | | | | | | | | This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-11-011-2/+2
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* remove duplicate #includesDamien Miller2019-10-021-1/+0
| | | | Prompted by Jakub Jelen
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* Include stdlib.h for free() and calloc().Darren Tucker2019-07-231-0/+1
|
* upstream: Add protection for private keys at rest in RAM againstdjm@openbsd.org2019-06-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@ OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
* upstream: allow key revocation by SHA256 hash and allow ssh-keygendjm@openbsd.org2018-09-121-29/+97
| | | | | | to create KRLs using SHA256/base64 key fingerprints; ok markus@ OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
* upstream commitdjm@openbsd.org2017-12-191-2/+2
| | | | | | | | pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
* upstream commitderaadt@openbsd.org2017-06-011-2/+2
| | | | | | | | | Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
* upstream commitdtucker@openbsd.org2017-03-121-3/+4
| | | | | | krl.c Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
* upstream commitderaadt@openbsd.org2016-09-121-8/+7
| | | | | | | | Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
* upstream commitdjm@openbsd.org2016-01-071-4/+3
| | | | | | | | | fix three bugs in KRL code related to (unused) signature support: verification length was being incorrectly calculated, multiple signatures were being incorrectly processed and a NULL dereference that occurred when signatures were verified. Reported by Carl Jackson Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
* upstream commitmmcc@openbsd.org2015-12-181-9/+5
| | | | | | | | Remove NULL-checks before sshbuf_free(). ok djm@ Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
* upstream commitmarkus@openbsd.org2015-12-071-2/+2
| | | | | | | | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
* upstream commitjsg@openbsd.org2015-09-031-2/+2
| | | | | | | | | Fix occurrences of "r = func() != 0" which result in the wrong error codes being returned due to != having higher precedence than =. ok deraadt@ markus@ Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
* upstream commitdjm@openbsd.org2015-07-151-5/+5
| | | | | | | delete support for legacy v00 certificates; "sure" markus@ dtucker@ Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
* upstream commitdjm@openbsd.org2015-06-251-2/+2
| | | | | | correct test to sshkey_sign(); spotted by Albert S. Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
* upstream commitdjm@openbsd.org2015-01-301-38/+64
| | | | | permit KRLs that revoke certificates by serial number or key ID without scoping to a particular CA; ok markus@
* upstream commitdjm@openbsd.org2015-01-271-12/+5
| | | | | small refactor and add some convenience functions; ok markus
* upstream commitderaadt@openbsd.org2015-01-261-2/+2
| | | | | Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
* upstream commitdjm@openbsd.org2015-01-201-4/+4
| | | | fix format strings in (disabled) debugging
* upstream commitderaadt@openbsd.org2015-01-201-2/+2
| | | | string truncation due to sizeof(size) ok djm markus
* more --without-opensslDamien Miller2015-01-151-3/+0
| | | | | | fix some regressions caused by upstream merges enable KRLs now that they no longer require BIGNUMs
* support --without-openssl at configure timeDamien Miller2015-01-151-0/+3
| | | | | | | | Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
* upstream commitdjm@openbsd.org2015-01-151-21/+41
| | | | | avoid BIGNUM in KRL code by using a simple bitmap; feedback and ok markus
* upstream commitdjm@openbsd.org2015-01-141-50/+48
| | | | | | sync changes from libopenssh; prepared by markus@ mostly debug output tweaks, a couple of error return value changes and some other minor stuff
* upstream commitmarkus@openbsd.org2015-01-131-3/+3
| | | | missing error assigment on sshbuf_put_string()
* upstream commitmarkus@openbsd.org2015-01-131-2/+2
| | | | free->sshkey_free; ok djm@
* upstream commitdjm@openbsd.org2015-01-091-2/+2
| | | | | | | | | | | | | | | | deprecate key_load_private_pem() and sshkey_load_private_pem() interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* upstream commitdjm@openbsd.org2014-12-221-3/+5
| | | | | | | | Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* upstream commitdjm@openbsd.org2014-12-051-316/+335
| | | | | | convert KRL code to new buffer API ok markus@
* upstream commitdjm@openbsd.org2014-11-241-3/+7
| | | | | | fix NULL pointer dereference crash on invalid timestamp found using Michal Zalewski's afl fuzzer
* upstream commitdjm@openbsd.org2014-11-171-1/+2
| | | | | | | | | | | | | fix KRL generation when multiple CAs are in use We would generate an invalid KRL when revoking certs by serial number for multiple CA keys due to a section being written out twice. Also extend the regress test to catch this case by having it produce a multi-CA KRL. Reported by peter AT pean.org
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-4/+4
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - djm@cvs.openbsd.org 2014/06/24 00:52:02Damien Miller2014-07-021-1/+2
| | | | | | | | | [krl.c] fix bug in KRL generation: multiple consecutive revoked certificate serial number ranges could be serialised to an invalid format. Readers of a broken KRL caused by this bug will fail closed, so no should-have-been-revoked key will be accepted.
* - djm@cvs.openbsd.org 2014/04/28 03:09:18Damien Miller2014-05-151-3/+5
| | | | | | | | [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] [ssh-keygen.c] buffer_get_string_ptr's return should be const to remind callers that futzing with it will futz with the actual buffer contents
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-6/+6
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - djm@cvs.openbsd.org 2013/07/20 22:20:42Damien Miller2013-07-251-2/+2
| | | | | [krl.c] fix verification error in (as-yet usused) KRL signature checking path
* - markus@cvs.openbsd.org 2013/06/20 19:15:06Damien Miller2013-07-181-8/+11
| | | | | [krl.c] don't leak the rdata blob on errors; ok djm@
* - djm@cvs.openbsd.org 2013/04/05 00:14:00Damien Miller2013-04-231-6/+11
| | | | | [auth2-gss.c krl.c sshconnect2.c] hush some {unused, printf type} warnings
* - dtucker@cvs.openbsd.org 2013/02/19 02:12:47Darren Tucker2013-04-051-1/+1
| | | | | | [krl.c] Remove bogus include. ok djm (id sync only)
* - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneededTim Rice2013-02-191-1/+0
| | | | err.h include from krl.c. Additional portability fixes for modpipe. OK djm
View Lorry Controller Status