[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 0/6] Fix ability to use ECDSA keys


Hi folks,

I've combined my ECDSA host key efforts into one patchset.  This
patchset fixes bugs that blocked use of ECDSA host keys, adds an
option to use ECDSA host keys (SSH_BIND_OPTIONS_ECDSAKEY), and then
incorporates the use of the ECDSA host keys into the main example
program.

In the near future, I will also try to add a better
SSH_BIND_OPTIONS_HOSTKEY as discussed on the list.

These changes were tested with the ssh_server_fork program, which now
can use an ECDSA host key.

Changes since individual patches:
- Incorporated suggestions from Andreas
- New "-n" = "no default keys" option for ssh_server_fork for easier
  testing
- Broke off changes to docs as separate patch

Alan Dunn (6):
  pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keys
  pki: Use SHA-2 for session ID signing with ECDSA keys
  options: Allow use of host ECDSA key
  doc: Add ECDSA keys to docs, make key docs consistent
  examples: Add no default keys options to ssh_server_fork
  examples: Add ECDSA key option to ssh_server_fork

 examples/ssh_server_fork.c |   63 ++++++++++++++++++++++++++++++++++++++++----
 include/libssh/server.h    |    3 ++-
 src/options.c              |   59 ++++++++++++++++++++++++-----------------
 src/pki.c                  |   59 ++++++++++++++++++++++++++++++++---------
 src/pki_crypto.c           |    4 +--
 5 files changed, 144 insertions(+), 44 deletions(-)

-- 
1.7.9.5


Archive administrator: postmaster@lists.cynapses.org