security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Code Activity
b4cb20cfc3
gnupg/common
History
Werner Koch b4cb20cfc3 ssh: Support ECDSA keys. 
* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.

(cherry picked from commit 649b31c663)

Solved conflicts:

	agent/protect.c
	agent/t-protect.c
        common/ssh-utils.c (different variabale name)
2013-07-01 20:31:16 +02:00
..
asshelp.c Start the agent on demand if option --enable-standard socket has been 2010-05-04 09:56:42 +00:00
asshelp.h Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
audit.c Backported some stuff from trunk 2009-12-03 19:39:39 +00:00
audit.h Backported some stuff from trunk 2009-12-03 19:39:39 +00:00
b64dec.c Add Base64 decoder. Not yet used but complements out encoder. 2008-06-09 14:49:28 +00:00
b64enc.c Minor cleanups. 2008-04-07 19:31:12 +00:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-02 19:28:02 +01:00
common-defs.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
convert.c Add a few translations to the audit-log. 2009-01-19 16:15:30 +00:00
dns-cert.c Support DNS CERT lookups via ADNS 2009-12-08 12:43:27 +00:00
dns-cert.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
estream-printf.c estream: Avoid printing leading zeroes by %p on 32 bit systems. 2012-01-31 15:29:30 +01:00
estream-printf.h Updated estream. 2007-08-22 10:55:07 +00:00
estream.c estream: New function es_fclose_snatch. 2013-07-01 20:31:14 +02:00
estream.h estream: New function es_fclose_snatch. 2013-07-01 20:31:14 +02:00
exaudit.awk Started to implement the audit log feature. 2007-11-19 16:03:50 +00:00
exechelp.c Start the agent on demand if option --enable-standard socket has been 2010-05-04 09:56:42 +00:00
exechelp.h Make sure not to leak file descriptors if running gpg-agent with a 2009-03-19 07:09:31 +00:00
exstatus.awk Started to implement the audit log feature. 2007-11-19 16:03:50 +00:00
gc-opt-flags.h Factored common gpgconf constants out 2007-08-02 18:12:43 +00:00
get-passphrase.c 2009-09-23 Marcus Brinkmann <marcus@g10code.de> 2010-02-12 15:15:34 +00:00
get-passphrase.h Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
gettime.c Remove duplicated code. 2009-03-16 09:44:44 +00:00
gnupg.ico w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
gpgrlhelp.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
helpfile.c Add support for help stuff to audit.c 2007-12-06 19:02:42 +00:00
homedir.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
http.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
http.h Bring the fix for bug 739 on 1.4 over to 2.0 (bug 1479) 2013-02-28 13:48:58 -05:00
i18n.c Revamped the W32 gettext implementation. 2008-11-04 19:54:02 +00:00
i18n.h Factored utf8 switching code out to i18n.c. 2007-10-19 15:58:38 +00:00
init.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
init.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
iobuf.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
iobuf.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
isascii.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
keyserver.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
localename.c Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
Makefile.am w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
membuf.c Import/export of pkcs#12 now uses the gpg-agent directly. 2009-04-01 10:51:53 +00:00
membuf.h Allow configuraton of pinentry tooltip. 2007-12-04 11:23:31 +00:00
miscellaneous.c Use more warning options with modern GCCs. 2008-10-17 19:18:46 +00:00
mkerrors Changed to GPLv3. 2007-07-04 19:49:40 +00:00
mkerrtok Changed to GPLv3. 2007-07-04 19:49:40 +00:00
mkstrtable.awk Started to implement the audit log feature. 2007-11-19 16:03:50 +00:00
openpgpdefs.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
percent.c Import/export of pkcs#12 now uses the gpg-agent directly. 2009-04-01 10:51:53 +00:00
pka.c Removed some set but unused variables. 2011-08-04 12:22:04 +02:00
pka.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
README This commit was manufactured by cvs2svn to create branch 2003-08-05 17:11:04 +00:00
session-env.c Fix bug#1311 2011-01-10 15:16:07 +01:00
session-env.h Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
sexp-parse.h Allow verification of some broken S-TRUST generated signatures. 2007-12-13 15:45:40 +00:00
sexputil.c Alow batch ode for gpgsm --gen-key. 2009-07-01 18:30:33 +00:00
signal.c Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
simple-pwquery.c Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
simple-pwquery.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
srv.c Support PKA and SRV DNS lookups under w32 2009-12-07 17:11:59 +00:00
srv.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
ssh-utils.c ssh: Support ECDSA keys. 2013-07-01 20:31:16 +02:00
ssh-utils.h New functions to compute an ssh style fingerprint. 2011-08-04 12:37:13 +02:00
status.c Return a more specific error code for missing issuer certificates 2010-09-16 14:32:38 +00:00
status.h gpg: Add a DECRYPTION_INFO status. 2012-01-31 15:14:20 +01:00
sysutils.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
sysutils.h Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
t-b64.c Add Base64 decoder. Not yet used but complements out encoder. 2008-06-09 14:49:28 +00:00
t-convert.c Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
t-exechelp.c Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
t-gettime.c Fix a bug in estream_snprintf. Found by a failed t-gettime under Windows. 2008-10-19 16:10:46 +00:00
t-helpfile.c Created help files form the current po entries. 2007-12-04 15:00:14 +00:00
t-percent.c Import/export of pkcs#12 now uses the gpg-agent directly. 2009-04-01 10:51:53 +00:00
t-session-env.c Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
t-sexputil.c New helper function factored out of ../scd and equipped with test code. 2009-05-07 15:01:47 +00:00
t-ssh-utils.c Support a confirm flag for ssh. 2011-08-04 14:42:31 +02:00
t-sysutils.c Add missing file 2007-08-23 08:40:11 +00:00
tlv.c Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
tlv.h Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
ttyio.c w32: Almost everywhere include winsock2.h before windows.h. 2013-04-23 18:06:46 +02:00
ttyio.h * ttyio.h, ttyio.c (tty_enable_completion): Some ifdefs around 2009-08-11 18:34:16 +00:00
util.h Return a more specific error code for missing issuer certificates 2010-09-16 14:32:38 +00:00
w32info-rc.h.in w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
xasprintf.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
xreadline.c Fixed a bunch of little bugs as reported by Fabian Keil. 2009-06-24 14:03:09 +00:00
yesno.c Ask for the keysize when generating a new card key. 2009-08-05 11:24:43 +00:00

README 

Stuff used by several modules of GnuPG.

These directories use it:

gpg
sm
agent

These directories don't use it:

kbx