summaryrefslogtreecommitdiff
path: root/ssh-ecdsa-sk.c
AgeCommit message (Collapse)Author
2019-12-15Put SK ECDSA bits inside ifdef OPENSSL_HAS_ECC.Darren Tucker
Fixes build when linking against OpenSSLs built with no-ec.
2019-12-14remove a bunch of ENABLE_SK #ifdefsDamien Miller
The ssh-sk-helper client API gives us a nice place to disable security key support when it is wasn't enabled at compile time, so we don't need to check everywere. Also, verification of security key signatures can remain enabled all the time - it has no additional dependencies. So sshd can accept security key pubkeys in authorized_keys, etc regardless of the host's support for dlopen, etc.
2019-11-27upstream: more debugging; behind DEBUG_SKdjm@openbsd.org
OpenBSD-Commit-ID: a978896227118557505999ddefc1f4c839818b60
2019-11-25upstream: Add new structure for signature optionsdjm@openbsd.org
This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
2019-11-25upstream: memleak in error pathdjm@openbsd.org
OpenBSD-Commit-ID: 93488431bf02dde85a854429362695d2d43d9112
2019-11-20Include openssl compat header.Darren Tucker
Fixes warning for ECDSA_SIG_set0 on OpenSSL versions prior to 1.1.
2019-11-20upstream: adjust on-wire signature encoding for ecdsa-sk keys todjm@openbsd.org
better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne NB. if you are depending on security keys (already?) then make sure you update both your clients and servers. OpenBSD-Commit-ID: 53d88d8211f0dd02a7954d3af72017b1a79c0679
2019-11-01autoconf pieces for U2F supportDamien Miller
Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable.
2019-11-01upstream: Initial infrastructure for U2F/FIDO supportdjm@openbsd.org
Key library support: including allocation, marshalling public/private keys and certificates, signature validation. feedback & ok markus@ OpenBSD-Commit-ID: a17615ba15e0f7932ac4360cb18fc9a9544e68c7