[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [PATCH 0/6] Fix ability to use ECDSA keys


Sorry, I meant to send the following message to the list too:

---------- Forwarded message ----------
From: Alan Dunn <amdunn@xxxxxxxxx>
Date: Fri, Mar 7, 2014 at 9:21 AM
Subject: Re: [PATCH 0/6] Fix ability to use ECDSA keys
To: Aris Adamantiadis <aris@xxxxxxxxxxxx>

It doesn't seem to break libgcrypt compilation for me, though I can't
verify (non-ECC) functionality because even with the current master I
have trouble connecting to a libssh server from a libgcrypt build (so
perhaps my environment for using libgcrypt is wrong in some way, but I
can't go and debug it right now).

Thanks for taking a look.

- Alan

On Fri, Mar 7, 2014 at 8:24 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx> wrote:
> Hi Alan,
>
> Ok for me for all your patches, under the condition that it doesn't
> break libgcrypt compilation (I'm not 100% sure about patch 2/6)
>
> Thanks for your contribution,
>
> Aris
> Le 7/03/14 15:13, Alan Dunn a écrit :
>> Hi folks,
>>
>> I've combined my ECDSA host key efforts into one patchset.  This
>> patchset fixes bugs that blocked use of ECDSA host keys, adds an
>> option to use ECDSA host keys (SSH_BIND_OPTIONS_ECDSAKEY), and then
>> incorporates the use of the ECDSA host keys into the main example
>> program.
>>
>> In the near future, I will also try to add a better
>> SSH_BIND_OPTIONS_HOSTKEY as discussed on the list.
>>
>> These changes were tested with the ssh_server_fork program, which now
>> can use an ECDSA host key.
>>
>> Changes since individual patches:
>> - Incorporated suggestions from Andreas
>> - New "-n" = "no default keys" option for ssh_server_fork for easier
>>   testing
>> - Broke off changes to docs as separate patch
>>
>> Alan Dunn (6):
>>   pki_crypto: Always copy ecdsa_nid into duplicated ECDSA keys
>>   pki: Use SHA-2 for session ID signing with ECDSA keys
>>   options: Allow use of host ECDSA key
>>   doc: Add ECDSA keys to docs, make key docs consistent
>>   examples: Add no default keys options to ssh_server_fork
>>   examples: Add ECDSA key option to ssh_server_fork
>>
>>  examples/ssh_server_fork.c |   63 ++++++++++++++++++++++++++++++++++++++++----
>>  include/libssh/server.h    |    3 ++-
>>  src/options.c              |   59 ++++++++++++++++++++++++-----------------
>>  src/pki.c                  |   59 ++++++++++++++++++++++++++++++++---------
>>  src/pki_crypto.c           |    4 +--
>>  5 files changed, 144 insertions(+), 44 deletions(-)
>>

References:
[PATCH 0/6] Fix ability to use ECDSA keysAlan Dunn <amdunn@xxxxxxxxx>
Re: [PATCH 0/6] Fix ability to use ECDSA keysAris Adamantiadis <aris@xxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org