History log of /openssh-portable/ssh-sk-helper.c (Results 1 - 13 of 13)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 816036f1 18-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8


Revision tags: V_8_4_P1, V_8_3_P1
# 4be56399 25-May-2020 djm@openbsd.org

upstream: fix memleak of signature; from Pedro Martelletto

OpenBSD-Commit-ID: d0a6eb07e77c001427d738b220dd024ddc64b2bb


Revision tags: V_8_2_P1
# 59d01f1d 25-Jan-2020 djm@openbsd.org

upstream: improve the error message for u2f enrollment errors by

making ssh-keygen be solely responsible for printing the error message and
convertint some more common error responses fr

upstream: improve the error message for u2f enrollment errors by

making ssh-keygen be solely responsible for printing the error message and
convertint some more common error responses from the middleware to a useful
ssherr.h status code. more detail remains visible via -v of course.

also remove indepedent copy of sk-api.h declarations in sk-usbhid.c
and just include it.

feedback & ok markus@

OpenBSD-Commit-ID: a4a8ffa870d9a3e0cfd76544bcdeef5c9fb1f1bb

show more ...


# 57b181ea 10-Jan-2020 djm@openbsd.org

upstream: pass the log-on-stderr flag and log level through to

ssh-sk-helper, making debugging a bit easier. ok markus@

OpenBSD-Commit-ID: 2e7aea6bf5770d3f38b7c7bba891069256c5a49a


# c312ca07 05-Jan-2020 djm@openbsd.org

upstream: Extends the SK API to accept a set of key/value options

for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields

upstream: Extends the SK API to accept a set of key/value options

for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to change
the API version for each.

At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O

This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.

feedback, fixes and ok markus@

OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc

show more ...


# c54cd189 30-Dec-2019 djm@openbsd.org

upstream: SK API and sk-helper error/PIN passing

Allow passing a PIN via the SK API (API major crank) and let the
ssh-sk-helper API follow.

Also enhance the ssh-sk-helper API to

upstream: SK API and sk-helper error/PIN passing

Allow passing a PIN via the SK API (API major crank) and let the
ssh-sk-helper API follow.

Also enhance the ssh-sk-helper API to support passing back an error
code instead of a complete reply. Will be used to signal "wrong PIN",
etc.

feedback and ok markus@

OpenBSD-Commit-ID: a1bd6b0a2421646919a0c139b8183ad76d28fb71

show more ...


# 27753a8e 30-Dec-2019 djm@openbsd.org

upstream: implement loading of resident keys in ssh-sk-helper

feedback and ok markus@

OpenBSD-Commit-ID: b273c23769ea182c55c4a7b8f9cbd9181722011a


# f45f3a8a 13-Dec-2019 Damien Miller

fixup


# 611073fb 13-Dec-2019 djm@openbsd.org

upstream: perform security key enrollment via ssh-sk-helper too.

This means that ssh-keygen no longer needs to link against ssh-sk-helper, and
only ssh-sk-helper needs libfido2 and /dev/

upstream: perform security key enrollment via ssh-sk-helper too.

This means that ssh-keygen no longer needs to link against ssh-sk-helper, and
only ssh-sk-helper needs libfido2 and /dev/uhid* access;

feedback & ok markus@

OpenBSD-Commit-ID: 9464233fab95708d2ff059f8bee29c0d1f270800

show more ...


# 2c55744a 12-Nov-2019 markus@openbsd.org

upstream: enable ed25519 support; ok djm

OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e


# e03a29e6 12-Nov-2019 markus@openbsd.org

upstream: rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm

OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19


# 764d51e0 31-Oct-2019 Damien Miller

autoconf pieces for U2F support

Mostly following existing logic for PKCS#11 - turning off support
when either libcrypto or dlopen(3) are unavailable.


# 07da39f7 31-Oct-2019 djm@openbsd.org

upstream: ssh-agent support for U2F/FIDO keys

feedback & ok markus@

OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb