summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: fix double words ok dtucker@jsg@openbsd.org2023-04-171-2/+2
| | | | OpenBSD-Commit-ID: 44d3223902fbce5276422bdc8063ab72a4078489
* upstream: use RSA/SHA256 when testing usability of private key;djm@openbsd.org2023-03-081-3/+5
| | | | | | based on fix in bz3546 by Dmitry Belyavskiy; with/ok dtucker OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba
* upstream: Fix mem and FILE leaks in moduli screening.dtucker@openbsd.org2023-03-051-1/+4
| | | | | | | | If multiple -Ocheckpoint= options are passed, the earlier ones would be overwritten and leaked. If we use an input file that wasn't stdin, close that. From Coverity CIDs 291884 and 291894. OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b
* upstream: Plug mem leak in moduli checkpoint option parsing.dtucker@openbsd.org2023-03-051-1/+2
| | | | | | From Coverity CID 291894. OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4
* upstream: Explicitly ignore return from fchmoddtucker@openbsd.org2023-02-281-2/+2
| | | | | | similar to other calls to prevent warning. OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
* upstream: let ssh-keygen and ssh-keyscan acceptdjm@openbsd.org2023-02-101-10/+20
| | | | | | | -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection. bz3493 ok dtucker@ OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
* upstream: remove '?' from getopt(3) loopscheloha@openbsd.org2022-12-091-2/+1
| | | | | | | | | | | | | | | | | userspace: remove vestigial '?' cases from top-level getopt(3) loops getopt(3) returns '?' when it encounters a flag not present in the in the optstring or if a flag is missing its option argument. We can handle this case with the "default" failure case with no loss of legibility. Hence, remove all the redundant "case '?':" lines. Prompted by dlg@. With help from dlg@ and millert@. Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2 ok naddy@ millert@ dlg@ OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
* upstream: fix parsing of hex cert expiry time; was checking whether thedjm@openbsd.org2022-11-071-2/+2
| | | | | | | | start time began with "0x", not the expiry time. from Ed Maste OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
* upstream: allow certificate validity intervals, sshsig verificationdjm@openbsd.org2022-08-111-3/+22
| | | | | | | | | | | | | | | | times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character. Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468 ok dtucker OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
* upstream: don't prompt for FIDO passphrase before attempting to enrolldjm@openbsd.org2022-08-051-9/+2
| | | | | | | | | the credential, just let the enroll operating fail and we'll attempt to get a PIN anyway. Might avoid some unneccessary PIN prompts. Part of GHPR#302 from Corinna Vinschen; ok dtucker@ OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
* upstream: ssh-keygen: fix touch prompt, pin retries;djm@openbsd.org2022-07-201-13/+10
| | | | | | part of GHPR329 from Pedro Martelletto OpenBSD-Commit-ID: 75d1005bd2ef8f29fa834c90d2684e73556fffe8
* upstream: when enrolling a resident key on a security token, checkdjm@openbsd.org2022-07-201-1/+26
| | | | | | | | | | | | if a credential with matching application and user ID strings already exists. if so, prompt the user for confirmation before overwriting the credential. patch from Pedro Martelletto via GHPR329 NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware implementations will need to adjust OpenBSD-Commit-ID: e45e9f1bf2b2f32d9850669e7a8dbd64acc5fca4
* upstream: pull passphrase reading and confirmation into a separatedjm@openbsd.org2022-07-201-28/+37
| | | | | | function so it can be used for FIDO2 PINs; no functional change OpenBSD-Commit-ID: bf34f76b8283cc1d3f54633e0d4f13613d87bb2f
* upstream: ssh-keygen -A: do not generate DSA keys by default.dtucker@openbsd.org2022-06-031-2/+1
| | | | | | | Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@ djm@ OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
* upstream: ssh-keygen: implement "verify-required" certificate option.naddy@openbsd.org2022-06-031-1/+11
| | | | | | | | | This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing. ok djm@ OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
* upstream: Allow existing -U (use agent) flag to work with "-Y sign"djm@openbsd.org2022-05-091-7/+12
| | | | | | | operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429, suggested by Adam Szkoda; ok dtucker@ OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
* upstream: improve error message when 'ssh-keygen -Y sign' is unable todjm@openbsd.org2022-05-091-6/+13
| | | | | | load a private key; bz3429, reported by Adam Szkoda ok dtucker@ OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
* upstream: helpful commentdjm@openbsd.org2022-03-181-1/+2
| | | | OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
* upstream: ssh-keygen -Y check-novalidate requires namespace or SEGVdjm@openbsd.org2022-03-181-1/+7
| | | | | | will ensue. Patch from Mateusz Adamowski via GHPR#307 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
* upstream: mark const string array contents const too, i.e. staticdjm@openbsd.org2022-02-021-2/+2
| | | | | | const char *array => static const char * const array from Mike Frysinger OpenBSD-Commit-ID: a664e31ea6a795d7c81153274a5f47b22bdc9bc1
* upstream: add a comment so I don't make this mistake againdjm@openbsd.org2022-01-071-3/+5
| | | | OpenBSD-Commit-ID: 69c7f2362f9de913bb29b6318580c5a1b52c921e
* upstream: fix cut-and-pasto in error messagedjm@openbsd.org2022-01-071-2/+2
| | | | OpenBSD-Commit-ID: 4cc5c619e4b456cd2e9bb760d17e3a9c84659198
* upstream: allow selection of hash at sshsig signing time; codedjm@openbsd.org2022-01-051-15/+28
| | | | | | | already supported either sha512 (default) or sha256, but plumbing wasn't there mostly by Linus Nordberg OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
* upstream: add missing -O option to usage() for ssh-keygen -Y sign;djm@openbsd.org2022-01-051-2/+2
| | | | | | from Linus Nordberg OpenBSD-Commit-ID: 4e78feb4aa830727ab76bb2e3d940440ae1d7af0
* upstream: move sig_process_opts() to before sig_sign(); nodjm@openbsd.org2022-01-051-38/+39
| | | | | | functional code change OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
* upstream: fix indenting in last commitdjm@openbsd.org2021-11-281-2/+2
| | | | OpenBSD-Commit-ID: 8b9ba989815d0dec1fdf5427a4a4b58eb9cac4d2
* upstream: Add ssh-keygen -Y match-principals operation to performdjm@openbsd.org2021-11-271-1/+41
| | | | | | | | | | | matching of principals names against an allowed signers file. Requested by and mostly written by Fabian Stelzer, towards a TOFU model for SSH signatures in git. Some tweaks by me. "doesn't bother me" deraadt@ OpenBSD-Commit-ID: 8d1b71f5a4127bc5e10a880c8ea6053394465247
* upstream: ssh-keygen: make verify-time argument parsing optionaldjm@openbsd.org2021-10-291-4/+6
| | | | | | From Fabian Stelzer OpenBSD-Commit-ID: 1ff35e4c366a45a073663df90381be6a8ef4d370
* upstream: When downloading resident keys from a FIDO token, passdjm@openbsd.org2021-10-281-34/+59
| | | | | | | | | | | | | | | back the user ID that was used when the key was created and append it to the filename the key is written to (if it is not the default). Avoids keys being clobbered if the user created multiple resident keys with the same application string but different user IDs. feedback Pedro Martelletto; ok markus NB. increments SSH_SK_VERSION_MAJOR OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
* upstream: Dynamically allocate encoded HashKnownHosts and free asdtucker@openbsd.org2021-10-061-1/+2
| | | | | | | | | appropriate. Saves 1k of static storage and prevents snprintf "possible truncation" warnings from newer compilers (although in this case it's false positive since the actual sizes are limited by the output size of the SHA1). ok djm@ OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
* upstream: correct my mistake in previous fix; spotted by halexdjm@openbsd.org2021-09-081-2/+2
| | | | OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
* upstream: avoid NULL deref in -Y find-principals. Report and fixdjm@openbsd.org2021-09-071-2/+3
| | | | | | | | | from Carlo Marcelo Arenas Belón MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
* upstream: when verifying sshsig signatures, support an optiondjm@openbsd.org2021-08-111-4/+19
| | | | | | | (-Oprint-pubkey) to dump the full public key to stdout; based on patch from Fabian Stelzer; ok markus@ OpenBSD-Commit-ID: 0598000e5b9adfb45d42afa76ff80daaa12fc3e2
* upstream: Don't omit ssh-keygen -y from usage when built withoutdtucker@openbsd.org2021-07-241-2/+2
| | | | | | OpenSSL. It is actually available, albeit only for ed25519 keys. OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
* upstream: Exclude key conversion options from usage when builtdtucker@openbsd.org2021-07-241-1/+3
| | | | | | | | without OpenSSL since those are not available, similar to what we currently do with the moduli screening options. We can also use this to skip the conversion regression tests in this case. OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
* upstream: Let allowed signers files used by ssh-keygen(1)djm@openbsd.org2021-07-231-8/+50
| | | | | | | | signatures support key lifetimes, and allow the verification mode to specify a signature time to check at. This is intended for use by git to support signing objects using ssh keys. ok dtucker@ OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
* upstream: silence redundant error message; reported by Fabian Stelzerdjm@openbsd.org2021-07-091-2/+3
| | | | OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2
* upstream: Order includes as per style(9). Portable already hasdtucker@openbsd.org2021-07-081-1/+1
| | | | | | these so this removes a handful of diffs between the two. OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-8/+8
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: pwcopy() struct passwd that we're going to reuse across adjm@openbsd.org2021-03-131-1/+2
| | | | | | bunch of library calls; bz3273 ok dtucker@ OpenBSD-Commit-ID: b6eafa977b2e44607b1b121f5de855107809b762
* upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*djm@openbsd.org2020-12-211-2/+2
| | | | | | | | | | | | | | | | | Add load_hostkeys_file() and hostkeys_foreach_file() that accept a FILE* argument instead of opening the file directly. Original load_hostkeys() and hostkeys_foreach() are implemented using these new interfaces. Add a u_int note field to the hostkey_entry and hostkey_foreach_line structs that is passed directly from the load_hostkeys() and hostkeys_foreach() call. This is a lightweight way to annotate results between different invocations of load_hostkeys(). ok markus@ OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20
* upstream: Include cipher.h for declaration of cipher_by_name.dtucker@openbsd.org2020-11-291-1/+2
| | | | OpenBSD-Commit-ID: ddfebbca03ca0e14e00bbad9d35f94b99655d032
* upstream: Document ssh-keygen -Z, sanity check its argument earlier anddtucker@openbsd.org2020-11-271-3/+6
| | | | | | | provide a better error message if it's not correct. Prompted by bz#2879, ok djm@ jmc@ OpenBSD-Commit-ID: 484178a173e92230fb1803fb4f206d61f7b58005
* upstream: when requesting a security key touch on stderr, inform thedjm@openbsd.org2020-11-091-2/+2
| | | | | | user once the touch has been recorded; requested by claudio@ ok markus@ OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233
* Remove preprocessor directive from log macro calls.Darren Tucker2020-11-091-1/+2
| | | | | | Preprocessor directives inside macro calls, such as the new log macros, are undefined behaviour and do not work with, eg old GCCs. Put the entire log call inside the ifdef for OPENSSL_HAS_NISTP521.
* upstream: fix type of nid in type_bits_valid(); github PR#202 fromdjm@openbsd.org2020-10-291-2/+2
| | | | | | github user thingsconnected OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485
* upstream: whitespace; no code changedjm@openbsd.org2020-10-291-2/+2
| | | | OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-170/+134
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: when writing an attestation blob for a FIDO key, record alldjm@openbsd.org2020-09-091-17/+27
| | | | | | | | | | the data needed to verify the attestation. Previously we were missing the "authenticator data" that is included in the signature. spotted by Ian Haken feedback Pedro Martelletto and Ian Haken; ok markus@ OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
* upstream: debug()-print a little info about FIDO-specific keydjm@openbsd.org2020-08-271-2/+6
| | | | | | fields via "ssh-keygen -vyf /path/key" OpenBSD-Commit-ID: cf315c4fe77db43947d111b00155165cb6b577cf
View Lorry Controller Status