summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
Commit message (Collapse)AuthorAgeFilesLines
* wrap stdint.h include in HAVE_STDINT_HDamien Miller2019-10-091-1/+3
| | | | | | make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen
* upstream: use a more common options order in SYNOPSIS and syncjmc@openbsd.org2019-10-041-17/+17
| | | | | | | | usage(); while here, no need for Bk/Ek; ok dtucker OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
* upstream: thinko in previous; spotted by Mantasdjm@openbsd.org2019-10-021-2/+2
| | | | | | | | | =?UTF-8?q?=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: ffa3f5a45e09752fc47d9041e2203ee2ec15b24d
* upstream: ban empty namespace strings for sdjm@openbsd.org2019-10-021-2/+2
| | | | | | | | | =?UTF-8?q?shsig;=20spotted=20by=20Mantas=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 7c5bcf40bed8f4e826230176f4aa353c52aeb698
* upstream: group and sort single letter options; ok deraadtjmc@openbsd.org2019-10-011-4/+4
| | | | OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
* upstream: identity_file[] should be PATH_MAX, not the arbitraryderaadt@openbsd.org2019-10-011-2/+2
| | | | | | number 1024 OpenBSD-Commit-ID: e775f94ad47ce9ab37bd1410d7cf3b7ea98b11b7
* upstream: Allow testing signature syntax and validity without verifyingdjm@openbsd.org2019-09-161-7/+23
| | | | | | | | | | that a signature came from a trusted signer. To discourage accidental or unintentional use, this is invoked by the deliberately ugly option name "check-novalidate" from Sebastian Kinne OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b
* upstream: key conversion should fail for !openssl builds, not falldjm@openbsd.org2019-09-081-2/+5
| | | | | | through to the key generation code OpenBSD-Commit-ID: b957436adc43c4941e61d61958a193a708bc83c9
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-1/+1
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* upstream: repair typo and editing mishapnaddy@openbsd.org2019-09-051-2/+2
| | | | OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e
* upstream: sshsig tweaks and improvements from and suggested bydjm@openbsd.org2019-09-031-5/+5
| | | | | | | | Markus ok markus/me OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
* upstream: sshsig: lightweight signature and verification abilitydjm@openbsd.org2019-09-031-4/+321
| | | | | | | | | | | | | | | | | for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@ OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
* upstream: factor out confirm_overwrite(); ok markus@djm@openbsd.org2019-09-031-11/+27
| | | | OpenBSD-Commit-ID: 304e95381b39c774c8fced7e5328b106a3ff0400
* upstream: constify an argumentdjm@openbsd.org2019-09-031-2/+2
| | | | OpenBSD-Commit-ID: 724bafc9f993746ad4303e95bede2c030de6233b
* upstream: print comment when printing pubkey from privatedjm@openbsd.org2019-09-021-7/+13
| | | | | | bz#3052; ok dtucker OpenBSD-Commit-ID: a91b2a8d5f1053d34d7fce44523c53fb534ba914
* upstream: Allow the maximimum uint32 value for the argument passed todtucker@openbsd.org2019-08-081-4/+5
| | | | | | | -b which allows better error messages from later validation. bz#3050, ok djm@ OpenBSD-Commit-ID: 10adf6876b2401b3dc02da580ebf67af05861673
* upstream: Many key types are supported now, so take care to checknaddy@openbsd.org2019-08-081-13/+15
| | | | | | | the size restrictions and apply the default size only to the matching key type. tweak and ok dtucker@ OpenBSD-Commit-ID: b825de92d79cc4cba19b298c61e99909488ff57e
* upstream: Accept the verbose flag when searching for host keys in knowndjm@openbsd.org2019-07-191-2/+10
| | | | | | | hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art signature too. bz#3003 "amusing, pretty" deraadt@ OpenBSD-Commit-ID: 686221a5447d6507f40a2ffba5393984d889891f
* upstream: remove mostly vestigal uuencode.[ch]; moving the only uniquedjm@openbsd.org2019-07-161-28/+25
| | | | | | | functionality there (wrapping of base64-encoded data) to sshbuf functions; feedback and ok markus@ OpenBSD-Commit-ID: 4dba6735d88c57232f6fccec8a08bdcfea44ac4c
* upstream: support PKCS8 as an optional format for storage ofdjm@openbsd.org2019-07-151-11/+14
| | | | | | | | | | | | | | private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1
* upstream: revert header removal that snuck into previousdjm@openbsd.org2019-07-081-1/+2
| | | | OpenBSD-Commit-ID: 3919cdd58989786660b8269b325646ef8856428e
* upstream: add a local implementation of BSD realpath() fordjm@openbsd.org2019-07-081-2/+1
| | | | | | | | sftp-server use ahead of OpenBSD's realpath changing to match POSIX; ok deraadt@ (thanks for snaps testing) OpenBSD-Commit-ID: 4f8cbf7ed8679f6237264301d104ecec64885d55
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-12/+12
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: Add protection for private keys at rest in RAM againstdjm@openbsd.org2019-06-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@ OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-081-2/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* upstream: Make the standard output messages of both methods oflum@openbsd.org2019-06-081-5/+16
| | | | | | | changing a key pair's comments (using -c and -C) more applicable to both methods. ok and suggestions djm@ dtucker@ OpenBSD-Commit-ID: b379338118109eb36e14a65bc0a12735205b3de6
* upstream: Expand comment to document rationale for default keydtucker@openbsd.org2019-03-261-3/+10
| | | | | | sizes. "seems worthwhile" deraadt. OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
* upstream: Increase the default RSA key size to 3072 bits. Based ondtucker@openbsd.org2019-03-261-3/+6
| | | | | | | | the estimates from NIST Special Publication 800-57, 3k bits provides security equivalent to 128 bits which is the smallest symmetric cipher we enable by default. ok markus@ deraadt@ OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
* upstream: ssh-keygen -D pkcs11.so needs to initialize pkcs11benno@openbsd.org2019-02-111-2/+2
| | | | | | interactive, so it can ask for the smartcards PIN. ok markus@ OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab
* upstream: allow auto-incrementing certificate serial number for certsdjm@openbsd.org2019-01-231-5/+12
| | | | | | signed in a single commandline. OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b
* upstream: move a bunch of global flag variables to main(); make thedjm@openbsd.org2019-01-231-94/+82
| | | | | | rest static OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc
* upstream: add -m to usage(); reminded by jmc@djm@openbsd.org2019-01-231-3/+4
| | | | OpenBSD-Commit-ID: bca476a5236e8f94210290b3e6a507af0434613e
* refactor libcrypto initialisationDamien Miller2018-11-231-5/+2
| | | | | | | | | | Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
* Fix error message w/out nistp521.Manoj Ampalam2018-11-101-0/+4
| | | | | Correct error message when OpenSSL doesn't support certain ECDSA key lengths.
* upstream: when printing certificate contents "ssh-keygen -Lfdjm@openbsd.org2018-10-221-3/+4
| | | | | | /path/certificate", include the algorithm that the CA used to sign the cert. OpenBSD-Commit-ID: 1ea20b5048a851a7a0758dcb9777a211a2c0dddd
* upstream: garbage-collect moribund ssh_new_private() API.djm@openbsd.org2018-09-141-3/+3
| | | | OpenBSD-Commit-ID: 7c05bf13b094093dfa01848a9306c82eb6e95f6c
* upstream: hold our collective noses and use the openssl-1.1.x API indjm@openbsd.org2018-09-131-15/+46
| | | | | | OpenSSH; feedback and ok tb@ jsing@ markus@ OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
* upstream: allow key revocation by SHA256 hash and allow ssh-keygendjm@openbsd.org2018-09-121-8/+67
| | | | | | to create KRLs using SHA256/base64 key fingerprints; ok markus@ OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
* upstream: Use new private key format by default. This format isdjm@openbsd.org2018-08-081-3/+4
| | | | | | | | | | | | suported by OpenSSH >= 6.5 (released January 2014), so it should be supported by most OpenSSH versions in active use. It is possible to convert new-format private keys to the older format using "ssh-keygen -f /path/key -pm PEM". ok deraadt dtucker OpenBSD-Commit-ID: e3bd4f2509a2103bfa2f710733426af3ad6d8ab8
* missing headersDamien Miller2018-07-131-0/+1
|
* upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@markus@openbsd.org2018-07-101-2/+2
| | | | OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
* upstream: switch config file parsing to getline(3) as this avoidsmarkus@openbsd.org2018-06-071-8/+17
| | | | | | static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
* upstream: whitespacedjm@openbsd.org2018-06-011-2/+2
| | | | OpenBSD-Commit-ID: e5edb5e843ddc9b73a8e46518899be41d5709add
* upstream: return correct exit code when searching for and hashingdjm@openbsd.org2018-06-011-5/+4
| | | | | | | known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772 Report and fix from Anton Kremenetsky OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
* upstream: add valid-before="[time]" authorized_keys option. Adjm@openbsd.org2018-03-141-39/+5
| | | | | | simple way of giving a key an expiry date. ok markus@ OpenBSD-Commit-ID: 1793b4dd5184fa87f42ed33c7b0f4f02bc877947
* upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org2018-02-261-4/+15
| | | | | | | | | Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
* upstream commitdjm@openbsd.org2018-02-101-1/+3
| | | | | | | Refuse to create a certificate with an unusable number of principals; Prompted by gdestuynder via github OpenBSD-Commit-ID: 8cfae2451e8f07810e3e2546dfdcce66984cbd29
* upstream commitdjm@openbsd.org2018-02-101-2/+3
| | | | | | | | fatal if we're unable to write all the public key; previously we would silently ignore errors writing the comment and terminating newline. Prompted by github PR from WillerZ; ok dtucker OpenBSD-Commit-ID: 18fbfcfd4e8c6adbc84820039b64d70906e49831
* upstream commitjsing@openbsd.org2018-02-081-23/+1
| | | | | | | | | | | Remove some #ifdef notyet code from OpenSSL 0.9.8 days. These functions have never appeared in OpenSSL and are likely never to do so. "kill it with fire" djm@ OpenBSD-Commit-ID: fee9560e283fd836efc2631ef381658cc673d23e
View Lorry Controller Status