openssh.git -

Age	Commit message (Collapse)	Author
2019-11-25	upstream: Add new structure for signature options	djm@openbsd.org
	This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
2019-11-01	upstream: Refactor signing - use sshkey_sign for everything,	djm@openbsd.org
	including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
2019-09-05	upstream: expose allowed_signers options parsing code in header for	djm@openbsd.org
	fuzzing rename to make more consistent with philosophically-similar auth options parsing API. OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c
2019-09-03	upstream: sshsig tweaks and improvements from and suggested by	djm@openbsd.org
	Markus ok markus/me OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
2019-09-03	upstream: sshsig: lightweight signature and verification ability	djm@openbsd.org
	for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign\|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@ OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb