summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
Commit message (Collapse)AuthorAgeFilesLines
...
* upstream: Add new structure for signature optionsdjm@openbsd.org2019-11-251-3/+10
| | | | | | | | | | | This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
* upstream: more missing mentions of ed25519-sk; ok djm@naddy@openbsd.org2019-11-201-2/+2
| | | | OpenBSD-Commit-ID: f242e53366f61697dffd53af881bc5daf78230ff
* upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org2019-11-201-1/+1
| | | | | | WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
* upstream: Fix incorrect error message when key certification failsdjm@openbsd.org2019-11-181-2/+2
| | | | OpenBSD-Commit-ID: 7771bd77ee73f7116df37c734c41192943a73cee
* upstream: allow *-sk key types to be turned into certificatesdjm@openbsd.org2019-11-181-4/+2
| | | | OpenBSD-Commit-ID: cd365ee343934862286d0b011aa77fa739d2a945
* upstream: missing break in getopt switch; spotted by Sebastian Kinnedjm@openbsd.org2019-11-181-1/+2
| | | | OpenBSD-Commit-ID: f002dbf14dba5586e8407e90f0141148ade8e8fc
* upstream: directly support U2F/FIDO2 security keys in OpenSSH bydjm@openbsd.org2019-11-151-1/+6
| | | | | | | | linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging. OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
* upstream: security keys typically need to be tapped/touched indjm@openbsd.org2019-11-131-3/+11
| | | | | | | | | order to perform a signature operation. Notify the user when this is expected via the TTY (if available) or $SSH_ASKPASS if we can. ok markus@ OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609
* Remove leftover if statement from sync.Darren Tucker2019-11-131-1/+0
|
* upstream: enable ed25519 support; ok djmmarkus@openbsd.org2019-11-131-7/+18
| | | | OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
* upstream: duplicate 'x' character in getopt(3) optstringdjm@openbsd.org2019-11-111-2/+2
| | | | OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7
* upstream: Fill in missing man page bits for U2F security key support:naddy@openbsd.org2019-11-081-2/+3
| | | | | | | | | | | | | Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@ OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
* autoconf pieces for U2F supportDamien Miller2019-11-011-1/+9
| | | | | Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable.
* upstream: fix -Wshadow warningdjm@openbsd.org2019-11-011-2/+2
| | | | OpenBSD-Commit-ID: 3441eb04f872a00c2483c11a5f1570dfe775103c
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-11-011-7/+11
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* upstream: ssh-keygen support for generating U2F/FIDO keysdjm@openbsd.org2019-11-011-6/+35
| | | | OpenBSD-Commit-ID: 6ce04f2b497ac9dd8c327f76f1e6c724fb1d1b37
* upstream: free buf before return; reported by krishnaiah bommudjm@openbsd.org2019-10-161-1/+2
| | | | OpenBSD-Commit-ID: 091bb23a6e913af5d4f72c50030b53ce1cef4de1
* wrap stdint.h include in HAVE_STDINT_HDamien Miller2019-10-091-1/+3
| | | | | | make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen
* upstream: use a more common options order in SYNOPSIS and syncjmc@openbsd.org2019-10-041-17/+17
| | | | | | | | usage(); while here, no need for Bk/Ek; ok dtucker OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
* upstream: thinko in previous; spotted by Mantasdjm@openbsd.org2019-10-021-2/+2
| | | | | | | | | =?UTF-8?q?=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: ffa3f5a45e09752fc47d9041e2203ee2ec15b24d
* upstream: ban empty namespace strings for sdjm@openbsd.org2019-10-021-2/+2
| | | | | | | | | =?UTF-8?q?shsig;=20spotted=20by=20Mantas=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 7c5bcf40bed8f4e826230176f4aa353c52aeb698
* upstream: group and sort single letter options; ok deraadtjmc@openbsd.org2019-10-011-4/+4
| | | | OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
* upstream: identity_file[] should be PATH_MAX, not the arbitraryderaadt@openbsd.org2019-10-011-2/+2
| | | | | | number 1024 OpenBSD-Commit-ID: e775f94ad47ce9ab37bd1410d7cf3b7ea98b11b7
* upstream: Allow testing signature syntax and validity without verifyingdjm@openbsd.org2019-09-161-7/+23
| | | | | | | | | | that a signature came from a trusted signer. To discourage accidental or unintentional use, this is invoked by the deliberately ugly option name "check-novalidate" from Sebastian Kinne OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b
* upstream: key conversion should fail for !openssl builds, not falldjm@openbsd.org2019-09-081-2/+5
| | | | | | through to the key generation code OpenBSD-Commit-ID: b957436adc43c4941e61d61958a193a708bc83c9
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-1/+1
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* upstream: repair typo and editing mishapnaddy@openbsd.org2019-09-051-2/+2
| | | | OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e
* upstream: sshsig tweaks and improvements from and suggested bydjm@openbsd.org2019-09-031-5/+5
| | | | | | | | Markus ok markus/me OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
* upstream: sshsig: lightweight signature and verification abilitydjm@openbsd.org2019-09-031-4/+321
| | | | | | | | | | | | | | | | | for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@ OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
* upstream: factor out confirm_overwrite(); ok markus@djm@openbsd.org2019-09-031-11/+27
| | | | OpenBSD-Commit-ID: 304e95381b39c774c8fced7e5328b106a3ff0400
* upstream: constify an argumentdjm@openbsd.org2019-09-031-2/+2
| | | | OpenBSD-Commit-ID: 724bafc9f993746ad4303e95bede2c030de6233b
* upstream: print comment when printing pubkey from privatedjm@openbsd.org2019-09-021-7/+13
| | | | | | bz#3052; ok dtucker OpenBSD-Commit-ID: a91b2a8d5f1053d34d7fce44523c53fb534ba914
* upstream: Allow the maximimum uint32 value for the argument passed todtucker@openbsd.org2019-08-081-4/+5
| | | | | | | -b which allows better error messages from later validation. bz#3050, ok djm@ OpenBSD-Commit-ID: 10adf6876b2401b3dc02da580ebf67af05861673
* upstream: Many key types are supported now, so take care to checknaddy@openbsd.org2019-08-081-13/+15
| | | | | | | the size restrictions and apply the default size only to the matching key type. tweak and ok dtucker@ OpenBSD-Commit-ID: b825de92d79cc4cba19b298c61e99909488ff57e
* upstream: Accept the verbose flag when searching for host keys in knowndjm@openbsd.org2019-07-191-2/+10
| | | | | | | hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art signature too. bz#3003 "amusing, pretty" deraadt@ OpenBSD-Commit-ID: 686221a5447d6507f40a2ffba5393984d889891f
* upstream: remove mostly vestigal uuencode.[ch]; moving the only uniquedjm@openbsd.org2019-07-161-28/+25
| | | | | | | functionality there (wrapping of base64-encoded data) to sshbuf functions; feedback and ok markus@ OpenBSD-Commit-ID: 4dba6735d88c57232f6fccec8a08bdcfea44ac4c
* upstream: support PKCS8 as an optional format for storage ofdjm@openbsd.org2019-07-151-11/+14
| | | | | | | | | | | | | | private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1
* upstream: revert header removal that snuck into previousdjm@openbsd.org2019-07-081-1/+2
| | | | OpenBSD-Commit-ID: 3919cdd58989786660b8269b325646ef8856428e
* upstream: add a local implementation of BSD realpath() fordjm@openbsd.org2019-07-081-2/+1
| | | | | | | | sftp-server use ahead of OpenBSD's realpath changing to match POSIX; ok deraadt@ (thanks for snaps testing) OpenBSD-Commit-ID: 4f8cbf7ed8679f6237264301d104ecec64885d55
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-12/+12
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: Add protection for private keys at rest in RAM againstdjm@openbsd.org2019-06-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@ OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-081-2/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* upstream: Make the standard output messages of both methods oflum@openbsd.org2019-06-081-5/+16
| | | | | | | changing a key pair's comments (using -c and -C) more applicable to both methods. ok and suggestions djm@ dtucker@ OpenBSD-Commit-ID: b379338118109eb36e14a65bc0a12735205b3de6
* upstream: Expand comment to document rationale for default keydtucker@openbsd.org2019-03-261-3/+10
| | | | | | sizes. "seems worthwhile" deraadt. OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
* upstream: Increase the default RSA key size to 3072 bits. Based ondtucker@openbsd.org2019-03-261-3/+6
| | | | | | | | the estimates from NIST Special Publication 800-57, 3k bits provides security equivalent to 128 bits which is the smallest symmetric cipher we enable by default. ok markus@ deraadt@ OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
* upstream: ssh-keygen -D pkcs11.so needs to initialize pkcs11benno@openbsd.org2019-02-111-2/+2
| | | | | | interactive, so it can ask for the smartcards PIN. ok markus@ OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab
* upstream: allow auto-incrementing certificate serial number for certsdjm@openbsd.org2019-01-231-5/+12
| | | | | | signed in a single commandline. OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b
* upstream: move a bunch of global flag variables to main(); make thedjm@openbsd.org2019-01-231-94/+82
| | | | | | rest static OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc
* upstream: add -m to usage(); reminded by jmc@djm@openbsd.org2019-01-231-3/+4
| | | | OpenBSD-Commit-ID: bca476a5236e8f94210290b3e6a507af0434613e
View Lorry Controller Status