libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-06 18:29:50 +09:00

Author	SHA1	Message	Date
Juraj Vijtiuk	778652460f	add mbedtls crypto support Summary: This patch adds support for mbedTLS as a crypto backend for libssh. mbedTLS is an SSL/TLS library that has been designed to mainly be used in embedded systems. It is loosely coupled and has a low memory footprint. mbedTLS also provides a cryptography library (libmbedcrypto) that can be used without the TLS modules. The patch is unfortunately quite big, since several new files had to be added. DSA is disabled at compile time, since mbedTLS doesn't support DSA Patch review and feedback would be appreciated, and if any issues or suggestions appear, I'm willing to work on them. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: * The patch has been tested with a Debug and MinSizeRel build, with libssh unit tests, client tests and the pkd tests. * All the tests have been run with valgrind's memcheck, drd and helgrind tools. * The examples/samplessh client works when built with the patch. Reviewers: asn, aris Subscribers: simonsj Differential Revision: https://bugs.libssh.org/D1	2017-12-28 11:17:39 +01:00
Justus Winter	f62cded9f0	pki_gcrypt: Handle ECDSA keys and signatures * ConfigureChecks.cmake: Set 'HAVE_ECC' and 'HAVE_GCRYPT_ECC' if applicable. * include/libssh/pki.h (struct ssh_key_struct): Fix type of field 'ecdsa'. (struct ssh_signature_struct): Likewise for 'ecdsa_sig'. * src/pki.c (ssh_pki_key_ecdsa_name): Relax guard now that the used function is also provided by the gcrypt backend. (ssh_signature_free): Free ecdsa signature. * src/pki_gcrypt.c (ECDSA_HEADER_{BEGIN,END}): New macros. (privatekey_string_to_buffer): Handle ECDSA keys. (pki_key_ecdsa_to_nid): New function. (pki_key_ecdsa_nid_to_gcrypt_name): Likewise. (pki_key_ecdsa_nid_to_name): Likewise. (pki_key_ecdsa_nid_to_char): Likewise. (pki_key_ecdsa_nid_from_name): Implement. (asn1_oi_to_nid): New function. (b64decode_ecdsa_privatekey): Likewise. (pki_private_key_from_base64): Handle ECDSA keys. (pki_pubkey_build_ecdsa): Implement. (pki_key_dup): Handle ECDSA keys. (pki_key_generate): Likewise. (pki_key_generate_ecdsa): Implement. (pki_key_compare): Handle ECDSA keys. (pki_publickey_to_blob): Likewise. (pki_signature_from_blob): Likewise. (pki_signature_verify): Likewise. (pki_do_sign): Likewise. (pki_do_sign_sessionid): Likewise. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2016-11-03 15:20:30 +01:00
Axel Eppe	bdfe6870f6	pki: Add certificate loading functions - ssh_pki_import_cert_base64() - ssh_pki_import_cert_file() - ssh_pki_import_cert_blob() Those functions are currently simple wrappers around their pubkey counterpart. - ssh_pki_copy_cert_to_privkey() This function copies the cert-specific data to a private key. Signed-off-by: Axel Eppe <aeppe@google.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>	2015-09-07 13:30:14 +02:00
Axel Eppe	6da4e21065	pki: Add rsa, dss certificate key type definitions - Add rsa/dsa (ssh-{rsa,dss}-cert-v01@openssh.com) as key types. - Add a cert_type member in the ssh_key struct. Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2015-09-07 13:29:23 +02:00
Aris	93c7b81b4e	ed25519: Generate, sign and verify keys. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>	2014-09-07 22:07:34 +02:00
Andreas Schneider	ac4c5699b1	pki: Add the type as a char pointer.	2013-10-18 23:22:24 +02:00
Andreas Schneider	5e7b15e2c1	pki: Fix declaration of ssh_pki_convert functions.	2013-07-22 10:20:14 +02:00
Andreas Schneider	d83b3d9ebe	pki: Limit privkey to 4M for now.	2013-06-17 12:07:32 +02:00
Andreas Schneider	b2f52799c2	include: Fix the LGPL header. This has been reported by rpmlint: libssh-devel.x86_64: W: incorrect-fsf-address libssh.h	2013-01-23 00:22:46 +01:00
Andreas Schneider	e403596d98	pki: Add a size limit for pubkey files.	2012-11-21 12:44:00 +01:00
Andreas Schneider	9070b04184	pki: Add ecdsa support for signature_to_blob.	2012-02-04 18:37:04 +01:00
Andreas Schneider	acfc8ea83f	priv: Remove crypto.h and add correct includes to src files.	2011-09-18 21:37:17 +02:00
Andreas Schneider	808c7a9be4	pki: Add ssh_pki_export_pubkey_rsa1().	2011-09-05 11:28:19 +02:00
Andreas Schneider	a0e3facac7	pki: Add ecdsa key support.	2011-09-02 23:10:23 +02:00
Andreas Schneider	822c68eb8e	pki: Use consistent API for ssh_pki_export_privkey_to_pubkey().	2011-08-30 10:28:57 +02:00
Andreas Schneider	60b92e458e	pki: Use consistent API for ssh_pki_export_pubkey_blob().	2011-08-30 10:16:53 +02:00
Andreas Schneider	149be78ee0	pki: We need only one signature verify blob function. This fixes the build without server.	2011-08-23 08:19:53 +02:00
Andreas Schneider	82ca6a6c53	pki: Add ssh_srv_pki_signature_verify_blob().	2011-08-22 18:41:47 +02:00
Andreas Schneider	5cc98ed720	pki: Add ssh_pki_signature_verify_blob().	2011-08-22 18:39:56 +02:00
Andreas Schneider	79ffd49940	pki: Add ssh_srv_pki_do_sign_sessionid().	2011-08-22 13:48:25 +02:00
Andreas Schneider	1b57445f6b	pki: Add ssh_pki_do_sign_agent().	2011-08-21 13:43:20 +02:00
Andreas Schneider	c041261921	pki: Create a pki private header file.	2011-08-21 11:15:29 +02:00
Andreas Schneider	a4b2518761	pki: Add ssh_pki_import_signature_blob().	2011-08-21 11:03:53 +02:00
Andreas Schneider	4f19a304d1	pki: Add ssh_pki_export_signature_blob().	2011-08-21 10:11:05 +02:00
Andreas Schneider	ce41747fae	pki: Introduce ssh_signature.	2011-08-20 18:37:43 +02:00
Andreas Schneider	743a00dad4	pki: Fix build warnings.	2011-08-20 11:07:54 +02:00
Andreas Schneider	c575de17a8	pki: Use a consistent naming scheme.	2011-08-19 11:14:23 +02:00
Andreas Schneider	254c30be2e	pki: Remove session from ssh_pki_import_pubkey_* functions.	2011-08-16 19:33:24 +02:00
Andreas Schneider	25a2108809	pki: Remove session from ssh_pki_import_privkey_* functions.	2011-08-16 18:53:18 +02:00
Andreas Schneider	3f70bce373	pki: Rename ssh_pki_publickey_to_string and make it public.	2011-08-16 00:47:43 +02:00
Andreas Schneider	6c1b508efd	pki: Rename ssh_pki_import_pubkey_string and make it public. It should be named ssh_pki_import_pubkey_blob().	2011-08-16 00:47:43 +02:00
Andreas Schneider	6ffee22448	pki: Add ssh_pki_publickey_to_string().	2011-08-15 18:48:08 +02:00
Andreas Schneider	2780f76247	pki: Flags are a bit mask so use hex.	2011-08-15 18:48:08 +02:00
Andreas Schneider	c77b23b32a	pki: Cleanup pki header.	2011-08-15 18:48:08 +02:00
Andreas Schneider	190ae27463	pki: Added ssh_key_dup().	2011-08-15 16:26:58 +02:00
Andreas Schneider	0523adf95c	pki: Add ssh_pki_import_pubkey_string().	2011-08-13 12:13:09 +02:00
Andreas Schneider	74d755873d	pki: Use const.	2011-08-13 11:26:03 +02:00
Andreas Schneider	bec483bc18	pki: Add ssh_pki_import_pubkey_base64().	2011-08-08 15:28:31 +02:00
Andreas Schneider	f81444bd57	pki: Add pki_do_sign().	2011-08-08 15:28:31 +02:00
Andreas Schneider	9bed334da3	pki: Add ssh_pki_convert_key_to_privatekey().	2011-08-08 15:28:31 +02:00
Andreas Schneider	36ee2d3332	pki: Create pki_publickey_from_privatekey().	2011-08-08 15:28:31 +02:00
Andreas Schneider	f55cd7de43	pki: Improve ssh_key_import_private().	2011-08-08 15:28:31 +02:00
Andreas Schneider	9569d053d8	pki: Improve ssh_pki_import_privkey_base64().	2011-08-08 15:28:31 +02:00
Andreas Schneider	028888719a	pki: Add pki_privatekey_type_from_string().	2011-08-08 15:28:31 +02:00
Andreas Schneider	d8b41bcac3	pki: Add placeholder for ecdsa and certs.	2011-08-08 15:28:31 +02:00
Andreas Schneider	c75581fb93	pki: Make ssh_key_is_private() a public function.	2011-06-15 18:27:05 +02:00
Andreas Schneider	27cedaa0b6	pki: Make ssh_key_is_public() a public function.	2011-06-15 18:27:05 +02:00
Andreas Schneider	88e2f17b97	pki: Make ssh_key_type a public function.	2011-06-11 13:04:22 +02:00
milo	6e58342abc	[pki] remove unused functions	2011-04-18 17:40:27 +02:00
milo	b308bb9d52	[pki] added ssh_pki_do_sign() function	2011-04-14 14:05:44 +02:00

1 2

56 Commits