tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-26 07:15:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream commit

Browse Source 
correct some typos and remove a long-stale XXX note.

add specification for ed25519 certificates

mention no host certificate options/extensions are currently defined

pointed out by Simon Tatham

Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
This commit is contained in:
djm@openbsd.org 2016-05-03 10:27:59 +00:00 committed by Damien Miller
parent b466f956c3
commit fa58208c65
1 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
PROTOCOL.certkeys
View File

@ -100,9 +100,9 @@ DSA certificate
ECDSA certificate ECDSA certificate
string "ecdsa-sha2-nistp256@openssh.com" | string "ecdsa-sha2-nistp256-v01@openssh.com" |
"ecdsa-sha2-nistp384@openssh.com" | "ecdsa-sha2-nistp384-v01@openssh.com" |
"ecdsa-sha2-nistp521@openssh.com" "ecdsa-sha2-nistp521-v01@openssh.com"
string nonce string nonce
string curve string curve
string public_key string public_key
@ -118,6 +118,23 @@ ECDSA certificate
string signature key string signature key
string signature string signature
ED25519 certificate
string "ssh-ed25519-cert-v01@openssh.com"
string nonce
string pk
uint64 serial
uint32 type
string key id
string valid principals
uint64 valid after
uint64 valid before
string critical options
string extensions
string reserved
string signature key
string signature
The nonce field is a CA-provided random bitstring of arbitrary length The nonce field is a CA-provided random bitstring of arbitrary length
(but typically 16 or 32 bytes) included to make attacks that depend on (but typically 16 or 32 bytes) included to make attacks that depend on
inducing collisions in the signature hash infeasible. inducing collisions in the signature hash infeasible.
@ -129,6 +146,9 @@ p, q, g, y are the DSA parameters as described in FIPS-186-2.
curve and public key are respectively the ECDSA "[identifier]" and "Q" curve and public key are respectively the ECDSA "[identifier]" and "Q"
defined in section 3.1 of RFC5656. defined in section 3.1 of RFC5656.
pk is the encoded Ed25519 public key as defined by
draft-josefsson-eddsa-ed25519-03.
serial is an optional certificate serial number set by the CA to serial is an optional certificate serial number set by the CA to
provide an abbreviated way to refer to certificates from that CA. provide an abbreviated way to refer to certificates from that CA.
If a CA does not wish to number its certificates it must set this If a CA does not wish to number its certificates it must set this
@ -146,7 +166,7 @@ strings packed inside it. These principals list the names for which this
certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and
usernames for SSH_CERT_TYPE_USER certificates. As a special case, a usernames for SSH_CERT_TYPE_USER certificates. As a special case, a
zero-length "valid principals" field means the certificate is valid for zero-length "valid principals" field means the certificate is valid for
any principal of the specified type. XXX DNS wildcards? any principal of the specified type.
"valid after" and "valid before" specify a validity period for the "valid after" and "valid before" specify a validity period for the
certificate. Each represents a time in seconds since 1970-01-01 certificate. Each represents a time in seconds since 1970-01-01
@ -183,7 +203,7 @@ signature is computed over all preceding fields from the initial string
up to, and including the signature key. Signatures are computed and up to, and including the signature key. Signatures are computed and
encoded according to the rules defined for the CA's public key algorithm encoded according to the rules defined for the CA's public key algorithm
(RFC4253 section 6.6 for ssh-rsa and ssh-dss, RFC5656 for the ECDSA (RFC4253 section 6.6 for ssh-rsa and ssh-dss, RFC5656 for the ECDSA
types). types), and draft-josefsson-eddsa-ed25519-03 for Ed25519.
Critical options Critical options
---------------- ----------------
@ -203,8 +223,9 @@ option-specific information (see below). All options are
"critical", if an implementation does not recognise a option "critical", if an implementation does not recognise a option
then the validating party should refuse to accept the certificate. then the validating party should refuse to accept the certificate.
The supported options and the contents and structure of their No critical options are defined for host certificates at present. The
data fields are: supported user certificate options and the contents and structure of
their data fields are:
Name Format Description Name Format Description
----------------------------------------------------------------------------- -----------------------------------------------------------------------------
@ -233,8 +254,9 @@ as is the requirement that each name appear only once.
If an implementation does not recognise an extension, then it should If an implementation does not recognise an extension, then it should
ignore it. ignore it.
The supported extensions and the contents and structure of their data No extensions are defined for host certificates at present. The
fields are: supported user certificate extensions and the contents and structure of
their data fields are:
Name Format Description Name Format Description
----------------------------------------------------------------------------- -----------------------------------------------------------------------------
@ -262,4 +284,4 @@ permit-user-rc empty Flag indicating that execution of
of this script will not be permitted if of this script will not be permitted if
this option is not present. this option is not present.
$OpenBSD: PROTOCOL.certkeys,v 1.9 2012/03/28 07:23:22 djm Exp $ $OpenBSD: PROTOCOL.certkeys,v 1.10 2016/05/03 10:27:59 djm Exp $