#
f6c05033 |
| 31-Aug-2010 |
djm <djm@openbsd.org> |
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equiv
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be subject to change.
feedback and ok markus@
show more ...
|
#
c3ded031 |
| 16-Apr-2010 |
djm <djm@openbsd.org> |
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the following changes:
move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix a
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the following changes:
move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
show more ...
|
#
b94e498e |
| 26-Feb-2010 |
djm <djm@openbsd.org> |
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and som
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file PROTOCOL.certkeys
feedback and ok markus@
show more ...
|
#
5d5698f1 |
| 27-Aug-2009 |
djm <djm@openbsd.org> |
Do not fall back to adding keys without contraints (ssh-add -c / -t ...) when the agent refuses the constrained add request. This was a useful migration measure back in 2002 when constraints were new
Do not fall back to adding keys without contraints (ssh-add -c / -t ...) when the agent refuses the constrained add request. This was a useful migration measure back in 2002 when constraints were new, but just adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
show more ...
|
#
bd9502d5 |
| 03-Aug-2006 |
deraadt <deraadt@openbsd.org> |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
a121c4e0 |
| 26-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <stdlib.h> out of includes.h
|
#
0deb6794 |
| 22-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <string.h> out of includes.h
|
#
eb2751a2 |
| 17-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <unistd.h> out of includes.h
|
#
089803ec |
| 09-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <fcntl.h> out of includes.h
|
#
3e070fac |
| 08-Jul-2006 |
stevesk <stevesk@openbsd.org> |
move #include <sys/socket.h> out of includes.h
|
#
4fad3025 |
| 30-Mar-2006 |
djm <djm@openbsd.org> |
replace {GET,PUT}_XXBIT macros with functionally similar functions, silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and
replace {GET,PUT}_XXBIT macros with functionally similar functions, silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and feedback from deraadt@
show more ...
|
#
a77e188d |
| 25-Mar-2006 |
deraadt <deraadt@openbsd.org> |
needed casts (always will be needed)
|
#
7ef31a41 |
| 25-Mar-2006 |
djm <djm@openbsd.org> |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
e6acff29 |
| 19-Mar-2006 |
deraadt <deraadt@openbsd.org> |
spacing
|
#
4bfeb04e |
| 19-Mar-2006 |
deraadt <deraadt@openbsd.org> |
RCSID() can die
|
#
74af437b |
| 17-Mar-2006 |
djm <djm@openbsd.org> |
another unreachable found by lint
|
#
4a6b003d |
| 17-Mar-2006 |
djm <djm@openbsd.org> |
unreachanble statement, found by lint
|
#
575d0831 |
| 20-Feb-2006 |
stevesk <stevesk@openbsd.org> |
move #include <sys/un.h> out of includes.h; ok djm@
|
#
d7d07780 |
| 17-Jun-2005 |
djm <djm@openbsd.org> |
make this -Wsign-compare clean; ok avsm@ markus@
|
#
c8b6d577 |
| 24-May-2005 |
avsm <avsm@openbsd.org> |
Switch atomicio to use a simpler interface; it now returns a size_t (containing number of bytes read/written), and indicates error by returning 0. EOF is signalled by errno==EPIPE. Typical use now b
Switch atomicio to use a simpler interface; it now returns a size_t (containing number of bytes read/written), and indicates error by returning 0. EOF is signalled by errno==EPIPE. Typical use now becomes:
if (atomicio(read, ..., len) != len) err(1,"read");
ok deraadt@, cloder@, djm@
show more ...
|
#
33b9b8de |
| 11-Aug-2004 |
avsm <avsm@openbsd.org> |
use atomicio instead of homegrown equivalents or read/write. markus@ ok
|
#
30e570c7 |
| 21-Nov-2003 |
djm <djm@openbsd.org> |
unexpand and delete whitespace at EOL; ok markus@
|
#
14bbd5bc |
| 18-Sep-2003 |
miod <miod@openbsd.org> |
A few signedness fixes for harmless situations; markus@ ok
|
#
4a391f71 |
| 28-Jun-2003 |
deraadt <deraadt@openbsd.org> |
deal with typing of write vs read in atomicio
|
#
006fce9f |
| 11-Jun-2003 |
djm <djm@openbsd.org> |
make agent constraints (lifetime, confirm) work with smartcard keys; ok markus@
|