diff options
| author | markus@openbsd.org <markus@openbsd.org> | 2018-02-23 15:58:37 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-02-26 11:40:41 +1100 |
| commit | 1b11ea7c58cd5c59838b5fa574cd456d6047b2d4 (patch) | |
| tree | 7e96cb41b5234b9d327f7c8f41392f09aed0994e /sshd.c | |
| parent | 7d330a1ac02076de98cfc8fda05353d57b603755 (diff) | |
upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 6 |
1 files changed, 5 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshd.c,v 1.504 2018/02/11 21:16:56 dtucker Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.505 2018/02/23 15:58:38 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -705,6 +705,7 @@ list_hostkey_types(void) | |||
| 705 | case KEY_DSA: | 705 | case KEY_DSA: |
| 706 | case KEY_ECDSA: | 706 | case KEY_ECDSA: |
| 707 | case KEY_ED25519: | 707 | case KEY_ED25519: |
| 708 | case KEY_XMSS: | ||
| 708 | if (buffer_len(&b) > 0) | 709 | if (buffer_len(&b) > 0) |
| 709 | buffer_append(&b, ",", 1); | 710 | buffer_append(&b, ",", 1); |
| 710 | p = key_ssh_name(key); | 711 | p = key_ssh_name(key); |
| @@ -726,6 +727,7 @@ list_hostkey_types(void) | |||
| 726 | case KEY_DSA_CERT: | 727 | case KEY_DSA_CERT: |
| 727 | case KEY_ECDSA_CERT: | 728 | case KEY_ECDSA_CERT: |
| 728 | case KEY_ED25519_CERT: | 729 | case KEY_ED25519_CERT: |
| 730 | case KEY_XMSS_CERT: | ||
| 729 | if (buffer_len(&b) > 0) | 731 | if (buffer_len(&b) > 0) |
| 730 | buffer_append(&b, ",", 1); | 732 | buffer_append(&b, ",", 1); |
| 731 | p = key_ssh_name(key); | 733 | p = key_ssh_name(key); |
| @@ -752,6 +754,7 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) | |||
| 752 | case KEY_DSA_CERT: | 754 | case KEY_DSA_CERT: |
| 753 | case KEY_ECDSA_CERT: | 755 | case KEY_ECDSA_CERT: |
| 754 | case KEY_ED25519_CERT: | 756 | case KEY_ED25519_CERT: |
| 757 | case KEY_XMSS_CERT: | ||
| 755 | key = sensitive_data.host_certificates[i]; | 758 | key = sensitive_data.host_certificates[i]; |
| 756 | break; | 759 | break; |
| 757 | default: | 760 | default: |
| @@ -1734,6 +1737,7 @@ main(int ac, char **av) | |||
| 1734 | case KEY_DSA: | 1737 | case KEY_DSA: |
| 1735 | case KEY_ECDSA: | 1738 | case KEY_ECDSA: |
| 1736 | case KEY_ED25519: | 1739 | case KEY_ED25519: |
| 1740 | case KEY_XMSS: | ||
| 1737 | if (have_agent || key != NULL) | 1741 | if (have_agent || key != NULL) |
| 1738 | sensitive_data.have_ssh2_key = 1; | 1742 | sensitive_data.have_ssh2_key = 1; |
| 1739 | break; | 1743 | break; |