summaryrefslogtreecommitdiffstats
path: root/sshsig.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Add ssh-keygen -Y match-principals operation to performdjm@openbsd.org2021-11-271-1/+5
| | | | | | | | | | | matching of principals names against an allowed signers file. Requested by and mostly written by Fabian Stelzer, towards a TOFU model for SSH signatures in git. Some tweaks by me. "doesn't bother me" deraadt@ OpenBSD-Commit-ID: 8d1b71f5a4127bc5e10a880c8ea6053394465247
* upstream: Let allowed signers files used by ssh-keygen(1)djm@openbsd.org2021-07-231-3/+3
| | | | | | | | signatures support key lifetimes, and allow the verification mode to specify a signature time to check at. This is intended for use by git to support signing objects using ssh keys. ok dtucker@ OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
* upstream: Add RCS IDs to the few files that are missing them; fromdjm@openbsd.org2020-08-311-0/+1
| | | | | | Pedro Martelletto OpenBSD-Commit-ID: 39aa37a43d0c75ec87f1659f573d3b5867e4a3b3
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-3/+5
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: ssh-keygen -Y find-principals fixes based on feedbackdjm@openbsd.org2020-01-251-3/+2
| | | | | | | | | | | | | | | | from Markus: use "principals" instead of principal, as allowed_signers lines may list multiple. When the signing key is a certificate, emit only principals that match the certificate principal list. NB. the command -Y name changes: "find-principal" => "find-principals" ok markus@ OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf
* upstream: missing header change from previous; spotted by dtucker@djm@openbsd.org2020-01-231-0/+10
| | | | OpenBSD-Commit-ID: 321ce74c0a5bbd0f02fa3f20cb5cf2a952c6b96f
* upstream: Add new structure for signature optionsdjm@openbsd.org2019-11-251-2/+4
| | | | | | | | | | | This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-10-311-5/+6
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* upstream: expose allowed_signers options parsing code in header fordjm@openbsd.org2019-09-051-0/+8
| | | | | | | | | fuzzing rename to make more consistent with philosophically-similar auth options parsing API. OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c
* upstream: sshsig tweaks and improvements from and suggested bydjm@openbsd.org2019-09-031-11/+17
| | | | | | | | Markus ok markus/me OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
* upstream: sshsig: lightweight signature and verification abilitydjm@openbsd.org2019-09-031-0/+78
for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@ OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb