openssh-portable

Commit Graph

Author	SHA1	Message	Date
djm@openbsd.org	d8b2838c5d	upstream: remove stray semicolon after closing brace of function; from Michael Forney OpenBSD-Commit-ID: fda95acb799bb160d15e205ee126117cf33da3a7	2019-11-28 09:38:11 +11:00
djm@openbsd.org	a70d92f236	upstream: adjust on-wire signature encoding for ecdsa-sk keys to better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne NB. if you are depending on security keys (already?) then make sure you update both your clients and servers. OpenBSD-Commit-ID: 53d88d8211f0dd02a7954d3af72017b1a79c0679	2019-11-20 09:27:29 +11:00
naddy@openbsd.org	723a536986	upstream: add the missing WITH_OPENSSL ifdefs after the ED25519-SK addition; ok djm@ OpenBSD-Commit-ID: a9545e1c273e506cf70e328cbb9d0129b6d62474	2019-11-20 09:26:59 +11:00
djm@openbsd.org	9a1225e8ca	upstream: tweak debug message OpenBSD-Commit-ID: 2bf336d3be0b7e3dd97920d7e7471146a281d2b9	2019-11-18 11:54:56 +11:00
djm@openbsd.org	4103a3ec7c	upstream: a little debug() in the security key interface OpenBSD-Commit-ID: 4c70300609a5c8b19707207bb7ad4109e963b0e8	2019-11-17 09:44:43 +11:00
djm@openbsd.org	6bff9521ab	upstream: directly support U2F/FIDO2 security keys in OpenSSH by linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging. OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069	2019-11-15 09:57:30 +11:00
markus@openbsd.org	dffd02e297	upstream: fix check for sig_s; noted by qsa at qualys.com OpenBSD-Commit-ID: 34198084e4afb424a859f52c04bb2c9668a52867	2019-11-15 08:50:10 +11:00
djm@openbsd.org	fccff339ca	upstream: allow an empty attestation certificate returned by a security key enrollment - these are possible for tokens that only offer self- attestation. This also needs support from the middleware. ok markus@ OpenBSD-Commit-ID: 135eeeb937088ef6830a25ca0bbe678dfd2c57cc	2019-11-13 10:15:47 +11:00
markus@openbsd.org	b556cc3cbf	upstream: remove extra layer for ed25519 signature; ok djm@ OpenBSD-Commit-ID: 7672d9d0278b4bf656a12d3aab0c0bfe92a8ae47	2019-11-13 08:54:09 +11:00
markus@openbsd.org	3fcf69ace1	upstream: check sig_r and sig_s for ssh-sk keys; ok djm OpenBSD-Commit-ID: 1a1e6a85b5f465d447a3800f739e35c5b74e0abc	2019-11-13 08:54:09 +11:00
markus@openbsd.org	fd1a3b5e38	upstream: update sk-api to version 2 for ed25519 support; ok djm OpenBSD-Commit-ID: 77aa4d5b6ab17987d8a600907b49573940a0044a	2019-11-13 08:49:59 +11:00
markus@openbsd.org	7c32b51edb	upstream: implement sshsk_ed25519_assemble(); ok djm OpenBSD-Commit-ID: af9ec838b9bc643786310b5caefc4ca4754e68c6	2019-11-13 08:49:52 +11:00
markus@openbsd.org	fe05a36dc0	upstream: implement sshsk_ed25519_inner_sig(); ok djm OpenBSD-Commit-ID: f422d0052c6d948fe0e4b04bc961f37fdffa0910	2019-11-13 08:49:52 +11:00
markus@openbsd.org	e03a29e655	upstream: rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19	2019-11-13 08:49:52 +11:00
markus@openbsd.org	bc7b5d6187	upstream: factor out sshsk_ecdsa_inner_sig(); ok djm@ OpenBSD-Commit-ID: 07e41997b542f670a15d7e2807143fe01efef584	2019-11-13 08:48:48 +11:00
markus@openbsd.org	cef84a062d	upstream: factor out sshsk_ecdsa_assemble(); ok djm@ OpenBSD-Commit-ID: 2313761a3a84ccfe032874d638d3c363e0f14026	2019-11-13 08:48:48 +11:00
Damien Miller	764d51e044	autoconf pieces for U2F support Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable.	2019-11-01 13:35:34 +11:00
djm@openbsd.org	ed3467c1e1	upstream: U2F/FIDO middleware interface Supports enrolling (generating) keys and signatures. feedback & ok markus@ OpenBSD-Commit-ID: 73d1dd5939454f9c7bd840f48236cba41e8ad592	2019-11-01 09:46:09 +11:00

18 Commits