tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,074 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
djm@openbsd.org 9a14c64c38 upstream: Refactor signing - use sshkey_sign for everything, 
including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.

Suggested by / ok markus@

OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
 2019-11-01 09:46:10 +11:00
djm@openbsd.org bab6feb01f upstream: expose allowed_signers options parsing code in header for 
fuzzing

rename to make more consistent with philosophically-similar auth
options parsing API.

OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c
 2019-09-05 14:56:51 +10:00
djm@openbsd.org d637c4aee6 upstream: sshsig tweaks and improvements from and suggested by 
Markus

ok markus/me

OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
 2019-09-03 18:40:24 +10:00
djm@openbsd.org 2a9c9f7272 upstream: sshsig: lightweight signature and verification ability 
for OpenSSH

This adds a simple manual signature scheme to OpenSSH.
Signatures can be made and verified using ssh-keygen -Y sign|verify

Signatures embed the key used to make them. At verification time, this
is matched via principal name against an authorized_keys-like list
of allowed signers.

Mostly by Sebastian Kinne w/ some tweaks by me

ok markus@

OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
 2019-09-03 18:40:23 +10:00