summaryrefslogtreecommitdiff
path: root/ssh-rsa.c
Commit message (Collapse)AuthorAgeFilesLines
* - (dtucker) OpenBSD CVS SyncDarren Tucker2003-06-221-23/+14
| | | | | | | - markus@cvs.openbsd.org 2003/06/18 11:28:11 [ssh-rsa.c] backout last change, since it violates pkcs#1 switch to share/misc/license.template
* - markus@cvs.openbsd.org 2003/06/16 08:22:35Damien Miller2003-06-181-3/+3
| | | | | | | [ssh-rsa.c] make sure the signature has at least the expected length (don't insist on len == hlen + oidlen, since this breaks some smartcards) bugzilla #592; ok djm@
* - markus@cvs.openbsd.org 2003/02/12 09:33:04Damien Miller2003-02-241-2/+1
| | | | | [key.c key.h ssh-dss.c ssh-rsa.c] merge ssh-dss.h ssh-rsa.h into key.h; ok deraadt@
* - deraadt@cvs.openbsd.org 2002/11/21 23:03:51Ben Lindstrom2002-12-231-2/+2
| | | | | | [auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c sshconnect.c] KNF
* - stevesk@cvs.openbsd.org 2002/08/27 17:13:56Damien Miller2002-09-041-2/+3
| | | | | | [ssh-rsa.c] RSA_public_decrypt() returns -1 on error so len must be signed; ok markus@
* - markus@cvs.openbsd.org 2002/08/02 22:20:30Ben Lindstrom2002-08-201-7/+93
| | | | | | [ssh-rsa.c] replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser for authentication; ok deraadt/djm
* - markus@cvs.openbsd.org 2002/08/02 21:23:41Ben Lindstrom2002-08-201-3/+3
| | | | | [ssh-rsa.c] diff is u_int (2x); ok deraadt/provos
* - markus@cvs.openbsd.org 2002/07/04 10:41:47Ben Lindstrom2002-07-071-10/+8
| | | | | | [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c] don't allocate, copy, and discard if there is not interested in the data; ok deraadt@
* - deraadt@cvs.openbsd.org 2002/07/04 04:15:33Ben Lindstrom2002-07-071-1/+3
| | | | | [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c] patch memory leaks; grendel@zeitbombe.org
* - deraadt@cvs.openbsd.org 2002/06/23 03:30:58Ben Lindstrom2002-06-231-13/+11
| | | | | | [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c sshpty.c] various KNF and %d for unsigned
* - stevesk@cvs.openbsd.org 2002/06/10 16:53:06Ben Lindstrom2002-06-111-3/+3
| | | | | [auth-rsa.c ssh-rsa.c] display minimum RSA modulus in error(); ok markus@
* - markus@cvs.openbsd.org 2002/05/31 13:20:50Ben Lindstrom2002-06-061-2/+17
| | | | | | | [ssh-rsa.c] pad received signature with leading zeros, because RSA_verify expects a signature of RSA_size. the drafts says the signature is transmitted unpadded (e.g. putty does not pad), reported by anakin@pobox.com
* - markus@cvs.openbsd.org 2002/04/02 20:11:38Ben Lindstrom2002-04-031-9/+1
| | | | | [ssh-rsa.c] ignore SSH_BUG_SIGBLOB for ssh-rsa; #187
* - stevesk@cvs.openbsd.org 2002/03/29 19:18:33Ben Lindstrom2002-04-021-2/+3
| | | | | [auth-rsa.c ssh-rsa.c ssh.h] make RSA modulus minimum #define; ok markus@
* - markus@cvs.openbsd.org 2002/02/24 19:14:59Ben Lindstrom2002-02-261-5/+5
| | | | | | [auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c] signed vs. unsigned: make size arguments u_int, ok stevesk@
* - markus@cvs.openbsd.org 2002/01/25 21:42:11Damien Miller2002-02-051-13/+7
| | | | | | [ssh-dss.c ssh-rsa.c] use static EVP_MAX_MD_SIZE buffers for EVP_DigestFinal; ok stevesk@ don't use evp_md->md_size, it's not public.
* - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom2001-12-061-2/+2
| | | | | | | [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
* - markus@cvs.openbsd.org 2001/11/10 13:22:42Damien Miller2001-11-121-3/+3
| | | | | [ssh-rsa.c] KNF (unexpand)
* - markus@cvs.openbsd.org 2001/11/07 22:10:28Damien Miller2001-11-121-3/+3
| | | | | [ssh-dss.c ssh-rsa.c] missing free and sync dss/rsa code.
* - markus@cvs.openbsd.org 2001/11/07 21:40:21Damien Miller2001-11-121-1/+9
| | | | | [ssh-rsa.c] ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
* - stevesk@cvs.openbsd.org 2001/09/17 19:27:15Ben Lindstrom2001-09-181-3/+3
| | | | | [kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c] u_char*/char* cleanup; ok markus
* - markus@cvs.openbsd.org 2001/06/06 23:13:54Ben Lindstrom2001-06-091-2/+1
| | | | | [ssh-dss.c ssh-rsa.c] cleanup, remove old code
* - markus@cvs.openbsd.org 2001/03/27 10:57:00Ben Lindstrom2001-03-291-3/+4
| | | | | | [compat.c compat.h ssh-rsa.c] some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 signatures in SSH protocol 2, ok djm@
* - markus@cvs.openbsd.org 2001/03/27 10:34:08Ben Lindstrom2001-03-291-12/+22
| | | | | [ssh-rsa.c sshd.c] use EVP_get_digestbynid, reorder some calls and fix missing free.
* - itojun@cvs.openbsd.org 2001/02/08 19:30:52Ben Lindstrom2001-02-091-1/+2
| | | | | | | sync with netbsd tree changes. - more strict prototypes, include necessary headers - use paths.h/pathnames.h decls - size_t typecase to int -> u_long
* Hopefully things did not get mixed around too much. It compiles underBen Lindstrom2001-01-221-8/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linux and works. So that is at least a good sign. =) 20010122 - (bal) OpenBSD Resync - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus [servconf.c ssh.h sshd.c] only auth-chall.c needs #ifdef SKEY - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c packet.c pathname.h readconf.c scp.c servconf.c serverloop.c session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h ssh1.h sshconnect1.c sshd.c ttymodes.c] move ssh1 definitions to ssh1.h, pathnames to pathnames.h - markus@cvs.openbsd.org 2001/01/19 16:48:14 [sshd.8] fix typo; from stevesk@ - markus@cvs.openbsd.org 2001/01/19 16:50:58 [ssh-dss.c] clear and free digest, make consistent with other code (use dlen); from stevesk@ - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus [auth-options.c auth-options.h auth-rsa.c auth2.c] pass the filename to auth_parse_options() - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 [readconf.c] fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 [sshconnect2.c] dh_new_group() does not return NULL. ok markus@ - markus@cvs.openbsd.org 2001/01/20 21:33:42 [ssh-add.c] do not loop forever if askpass does not exist; from andrew@pimlott.ne.mediaone.net - djm@cvs.openbsd.org 2001/01/20 23:00:56 [servconf.c] Check for NULL return from strdelim; ok markus - djm@cvs.openbsd.org 2001/01/20 23:02:07 [readconf.c] KNF; ok markus - jakob@cvs.openbsd.org 2001/01/21 9:00:33 [ssh-keygen.1] remove -R flag; ok markus@ - markus@cvs.openbsd.org 2001/01/21 19:05:40 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c cipher.c cli.c clientloop.c clientloop.h compat.c compress.c deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c key.c key.h log-client.c log-server.c log.c log.h login.c login.h match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h ttysmodes.c uidswap.c xmalloc.c] split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch] - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve conflict when compiling for non-kerb install - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes on 1/19.
* NOTE: This update changes the RSA key generation. *NEW RSA KEYSBen Lindstrom2001-01-181-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NEED TO BE GENERATED* =) Refer to to entry "2001/01/16 19:20:06" for more details. 20010118 - (bal) Super Sized OpenBSD Resync - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus [sshd.c] maxfd+1 - markus@cvs.openbsd.org 2001/01/13 17:59:18 [ssh-keygen.1] small ssh-keygen manpage cleanup; stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/13 18:03:07 [scp.c ssh-keygen.c sshd.c] getopt() returns -1 not EOF; stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/13 18:06:54 [ssh-keyscan.c] use SSH_DEFAULT_PORT; from stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/13 18:12:47 [ssh-keyscan.c] free() -> xfree(); fix memory leak; from stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/13 18:14:13 [ssh-add.c] typo, from stevesk@sweden.hp.com - markus@cvs.openbsd.org 2001/01/13 18:32:50 [packet.c session.c ssh.c sshconnect.c sshd.c] split out keepalive from packet_interactive (from dale@accentre.com) set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too. - markus@cvs.openbsd.org 2001/01/13 18:36:45 [packet.c packet.h] reorder, typo - markus@cvs.openbsd.org 2001/01/13 18:38:00 [auth-options.c] fix comment - markus@cvs.openbsd.org 2001/01/13 18:43:31 [session.c] Wall - markus@cvs.openbsd.org 2001/01/13 19:14:08 [clientloop.h clientloop.c ssh.c] move callback to headerfile - markus@cvs.openbsd.org 2001/01/15 21:40:10 [ssh.c] use log() instead of stderr - markus@cvs.openbsd.org 2001/01/15 21:43:51 [dh.c] use error() not stderr! - markus@cvs.openbsd.org 2001/01/15 21:45:29 [sftp-server.c] rename must fail if newpath exists, debug off by default - markus@cvs.openbsd.org 2001/01/15 21:46:38 [sftp-server.c] readable long listing for sftp-server, ok deraadt@ - markus@cvs.openbsd.org 2001/01/16 19:20:06 [key.c ssh-rsa.c] make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from galb@vandyke.com. note that you have to delete older ssh2-rsa keys, since they are in the wrong format, too. they must be removed from .ssh/authorized_keys2 and .ssh/known_hosts2, etc. (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP .ssh/authorized_keys2) additionally, we now check that BN_num_bits(rsa->n) >= 768. - markus@cvs.openbsd.org 2001/01/16 20:54:27 [sftp-server.c] remove some statics. simpler handles; idea from nisse@lysator.liu.se - deraadt@cvs.openbsd.org 2001/01/16 23:58:08 [bufaux.c radix.c sshconnect.h sshconnect1.c] indent - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may be missing such feature.
* 20010107Ben Lindstrom2001-01-061-4/+1
| | | | | | | | | | | | | | | | | | | | | | | - (bal) OpenBSD Sync - markus@cvs.openbsd.org 2001/01/06 11:23:27 [ssh-rsa.c] remove unused - itojun@cvs.openbsd.org 2001/01/05 08:23:29 [ssh-keyscan.1] missing .El - markus@cvs.openbsd.org 2001/01/04 22:41:03 [session.c sshconnect.c] consistent use of _PATH_BSHELL; from stevesk@pobox.com - djm@cvs.openbsd.org 2001/01/04 22:35:32 [ssh.1 sshd.8] Mention AES as available SSH2 Cipher; ok markus - markus@cvs.openbsd.org 2001/01/04 22:25:58 [sshd.c] sync usage()/man with defaults; from stevesk@pobox.com - markus@cvs.openbsd.org 2001/01/04 22:21:26 [sshconnect2.c] handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server that prints a banner (e.g. /etc/issue.net)
* One way to massive patch. <sigh> It compiles and works under Linux..Ben Lindstrom2000-12-221-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | And I think I have all the bits right from the OpenBSD tree. 20001222 - Updated RCSID for pty.c - (bal) OpenBSD CVS Updates: - markus@cvs.openbsd.org 2000/12/21 15:10:16 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ - markus@cvs.openbsd.org 2000/12/20 19:26:56 [authfile.c] allow ssh -i userkey for root - markus@cvs.openbsd.org 2000/12/20 19:37:21 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] fix prototypes; from stevesk@pobox.com - markus@cvs.openbsd.org 2000/12/20 19:32:08 [sshd.c] init pointer to NULL; report from Jan.Ivan@cern.ch - markus@cvs.openbsd.org 2000/12/19 23:17:54 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char unsigned' with u_char.
* - (djm) Merge OpenBSD changes:Damien Miller2000-11-131-0/+163
- markus@cvs.openbsd.org 2000/11/06 16:04:56 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c ssh.c] agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi - markus@cvs.openbsd.org 2000/11/06 16:13:27 [ssh.c sshconnect.c sshd.c] do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/11/06 16:16:35 [sshconnect.c] downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - markus@cvs.openbsd.org 2000/11/09 18:04:40 [auth1.c] typo; from mouring@pconline.com - markus@cvs.openbsd.org 2000/11/12 12:03:28 [ssh-agent.c] off-by-one when removing a key from the agent - markus@cvs.openbsd.org 2000/11/12 12:50:39 [auth-rh-rsa.c auth2.c authfd.c authfd.h] [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - (djm) Fix up Makefile and Redhat init script to create RSA host keys - (djm) Change to interim version