Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist from ftp.openbsd.org
details: https://anonhg.NetBSD.org/src/rev/f361194b9ae1
branches: trunk
changeset: 767613:f361194b9ae1
user: christos <christos%NetBSD.org@localhost>
date: Sun Jul 24 15:08:11 2011 +0000
description:
from ftp.openbsd.org
diffstat:
crypto/external/bsd/openssh/dist/PROTOCOL | 61 +++++-
crypto/external/bsd/openssh/dist/PROTOCOL.agent | 44 +++-
crypto/external/bsd/openssh/dist/PROTOCOL.certkeys | 89 +++++++---
crypto/external/bsd/openssh/dist/PROTOCOL.mux | 28 +-
crypto/external/bsd/openssh/dist/bufec.c | 140 ++++++++++++++++
crypto/external/bsd/openssh/dist/kexecdh.c | 112 +++++++++++++
crypto/external/bsd/openssh/dist/kexecdhc.c | 157 ++++++++++++++++++
crypto/external/bsd/openssh/dist/kexecdhs.c | 162 +++++++++++++++++++
crypto/external/bsd/openssh/dist/pkcs11.h | 1 -
crypto/external/bsd/openssh/dist/roaming_dummy.c | 1 -
crypto/external/bsd/openssh/dist/roaming_serv.c | 1 -
crypto/external/bsd/openssh/dist/schnorr.h | 1 -
crypto/external/bsd/openssh/dist/ssh-ecdsa.c | 162 +++++++++++++++++++
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 | 1 -
crypto/external/bsd/openssh/dist/ssh-pkcs11.h | 1 -
15 files changed, 887 insertions(+), 74 deletions(-)
diffs (truncated from 1264 to 300 lines):
diff -r 1bc314035b3b -r f361194b9ae1 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Sun Jul 24 14:00:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Sun Jul 24 15:08:11 2011 +0000
@@ -12,7 +12,9 @@
The protocol used by OpenSSH's ssh-agent is described in the file
PROTOCOL.agent
-1. transport: Protocol 2 MAC algorithm "umac-64%openssh.com@localhost"
+1. Transport protocol changes
+
+1.1. transport: Protocol 2 MAC algorithm "umac-64%openssh.com@localhost"
This is a new transport-layer MAC method using the UMAC algorithm
(rfc4418). This method is identical to the "umac-64" method documented
@@ -20,7 +22,7 @@
http://www.openssh.com/txt/draft-miller-secsh-umac-01.txt
-2. transport: Protocol 2 compression algorithm "zlib%openssh.com@localhost"
+1.2. transport: Protocol 2 compression algorithm "zlib%openssh.com@localhost"
This transport-layer compression method uses the zlib compression
algorithm (identical to the "zlib" method in rfc4253), but delays the
@@ -31,14 +33,27 @@
http://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt
-3. transport: New public key algorithms "ssh-rsa-cert-v00%openssh.com@localhost" and
- "ssh-dsa-cert-v00%openssh.com@localhost"
+1.3. transport: New public key algorithms "ssh-rsa-cert-v00%openssh.com@localhost",
+ "ssh-dsa-cert-v00%openssh.com@localhost",
+ "ecdsa-sha2-nistp256-cert-v01%openssh.com@localhost",
+ "ecdsa-sha2-nistp384-cert-v01%openssh.com@localhost" and
+ "ecdsa-sha2-nistp521-cert-v01%openssh.com@localhost"
-OpenSSH introduces two new public key algorithms to support certificate
+OpenSSH introduces new public key algorithms to support certificate
authentication for users and hostkeys. These methods are documented in
the file PROTOCOL.certkeys
-4. connection: Channel write close extension "eow%openssh.com@localhost"
+1.4. transport: Elliptic Curve cryptography
+
+OpenSSH supports ECC key exchange and public key authentication as
+specified in RFC5656. Only the ecdsa-sha2-nistp256, ecdsa-sha2-nistp384
+and ecdsa-sha2-nistp521 curves over GF(p) are supported. Elliptic
+curve points encoded using point compression are NOT accepted or
+generated.
+
+2. Connection protocol changes
+
+2.1. connection: Channel write close extension "eow%openssh.com@localhost"
The SSH connection protocol (rfc4254) provides the SSH_MSG_CHANNEL_EOF
message to allow an endpoint to signal its peer that it will send no
@@ -77,8 +92,8 @@
Other SSH implementations may be whitelisted to receive this message
upon request.
-5. connection: disallow additional sessions extension
- "no-more-sessions%openssh.com@localhost"
+2.2. connection: disallow additional sessions extension
+ "no-more-sessions%openssh.com@localhost"
Most SSH connections will only ever request a single session, but a
attacker may abuse a running ssh client to surreptitiously open
@@ -105,7 +120,7 @@
servers (identified by banner). Other SSH implementations may be
whitelisted to receive this message upon request.
-6. connection: Tunnel forward extension "tun%openssh.com@localhost"
+2.3. connection: Tunnel forward extension "tun%openssh.com@localhost"
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun%openssh.com@localhost"
channel type. This channel type supports forwarding of network packets
@@ -166,7 +181,9 @@
The "frame" field contains an IEEE 802.3 Ethernet frame, including
header.
-7. sftp: Reversal of arguments to SSH_FXP_SYMLINK
+3. SFTP protocol changes
+
+3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK
When OpenSSH's sftp-server was implemented, the order of the arguments
to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately,
@@ -179,7 +196,7 @@
string targetpath
string linkpath
-8. sftp: Server extension announcement in SSH_FXP_VERSION
+3.2. sftp: Server extension announcement in SSH_FXP_VERSION
OpenSSH's sftp-server lists the extensions it supports using the
standard extension announcement mechanism in the SSH_FXP_VERSION server
@@ -200,7 +217,7 @@
extension with multiple versions (though this is unlikely). Clients MUST
check the version number before attempting to use the extension.
-9. sftp: Extension request "posix-rename%openssh.com@localhost"
+3.3. sftp: Extension request "posix-rename%openssh.com@localhost"
This operation provides a rename operation with POSIX semantics, which
are different to those provided by the standard SSH_FXP_RENAME in
@@ -217,7 +234,7 @@
This extension is advertised in the SSH_FXP_VERSION hello with version
"1".
-10. sftp: Extension requests "statvfs%openssh.com@localhost" and
+3.4. sftp: Extension requests "statvfs%openssh.com@localhost" and
"fstatvfs%openssh.com@localhost"
These requests correspond to the statvfs and fstatvfs POSIX system
@@ -258,4 +275,20 @@
Both the "statvfs%openssh.com@localhost" and "fstatvfs%openssh.com@localhost" extensions are
advertised in the SSH_FXP_VERSION hello with version "2".
-$OpenBSD: PROTOCOL,v 1.15 2010/02/26 20:29:54 djm Exp $
+10. sftp: Extension request "hardlink%openssh.com@localhost"
+
+This request is for creating a hard link to a regular file. This
+request is implemented as a SSH_FXP_EXTENDED request with the
+following format:
+
+ uint32 id
+ string "hardlink%openssh.com@localhost"
+ string oldpath
+ string newpath
+
+On receiving this request the server will perform the operation
+link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
+This extension is advertised in the SSH_FXP_VERSION hello with version
+"1".
+
+$OpenBSD: PROTOCOL,v 1.17 2010/12/04 00:18:01 djm Exp $
diff -r 1bc314035b3b -r f361194b9ae1 crypto/external/bsd/openssh/dist/PROTOCOL.agent
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.agent Sun Jul 24 14:00:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.agent Sun Jul 24 15:08:11 2011 +0000
@@ -159,8 +159,8 @@
2.2.3 Add protocol 2 key
-The OpenSSH agent supports DSA and RSA keys for protocol 2. DSA keys may
-be added using the following request
+The OpenSSH agent supports DSA, ECDSA and RSA keys for protocol 2. DSA
+keys may be added using the following request
byte SSH2_AGENTC_ADD_IDENTITY or
SSH2_AGENTC_ADD_ID_CONSTRAINED
@@ -182,6 +182,30 @@
string key_comment
constraint[] key_constraints
+ECDSA keys may be added using the following request
+
+ byte SSH2_AGENTC_ADD_IDENTITY or
+ SSH2_AGENTC_ADD_ID_CONSTRAINED
+ string "ecdsa-sha2-nistp256" |
+ "ecdsa-sha2-nistp384" |
+ "ecdsa-sha2-nistp521"
+ string ecdsa_curve_name
+ string ecdsa_public_key
+ mpint ecdsa_private
+ string key_comment
+ constraint[] key_constraints
+
+ECDSA certificates may be added with:
+ byte SSH2_AGENTC_ADD_IDENTITY or
+ SSH2_AGENTC_ADD_ID_CONSTRAINED
+ string "ecdsa-sha2-nistp256-cert-v01%openssh.com@localhost" |
+ "ecdsa-sha2-nistp384-cert-v01%openssh.com@localhost" |
+ "ecdsa-sha2-nistp521-cert-v01%openssh.com@localhost"
+ string certificate
+ mpint ecdsa_private_key
+ string key_comment
+ constraint[] key_constraints
+
RSA keys may be added with this request:
byte SSH2_AGENTC_ADD_IDENTITY or
@@ -214,7 +238,7 @@
protocol 1 "add key" request, the private key is overspecified to avoid
redundant processing.
-For both DSA and RSA key add requests, "key_constraints" may only be
+For DSA, ECDSA and RSA key add requests, "key_constraints" may only be
present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED.
The agent will reply with a SSH_AGENT_SUCCESS if the key has been
@@ -294,8 +318,7 @@
string key_blob
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key
-Algorithms" for either of the supported key types: "ssh-dss" or
-"ssh-rsa".
+Algorithms" for any of the supported protocol 2 key types.
The agent will delete any private key matching the specified public key
and return SSH_AGENT_SUCCESS. If no such key was found, the agent will
@@ -364,8 +387,7 @@
string key_comment
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key
-Algorithms" for either of the supported key types: "ssh-dss" or
-"ssh-rsa".
+Algorithms" for any of the supported protocol 2 key types.
2.6 Private key operations
@@ -429,9 +451,9 @@
uint32 flags
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key
-Algorithms" for either of the supported key types: "ssh-dss" or
-"ssh-rsa". "flags" is a bit-mask, but at present only one possible value
-is defined (see below for its meaning):
+Algorithms" for any of the supported protocol 2 key types. "flags" is
+a bit-mask, but at present only one possible value is defined (see below
+for its meaning):
SSH_AGENT_OLD_SIGNATURE 1
@@ -535,4 +557,4 @@
SSH_AGENT_CONSTRAIN_LIFETIME 1
SSH_AGENT_CONSTRAIN_CONFIRM 2
-$OpenBSD: PROTOCOL.agent,v 1.5 2010/02/26 20:29:54 djm Exp $
+$OpenBSD: PROTOCOL.agent,v 1.6 2010/08/31 11:54:45 djm Exp $
diff -r 1bc314035b3b -r f361194b9ae1 crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys Sun Jul 24 14:00:36 2011 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys Sun Jul 24 15:08:11 2011 +0000
@@ -5,31 +5,37 @@
----------
The SSH protocol currently supports a simple public key authentication
-mechanism. Unlike other public key implementations, SSH eschews the
-use of X.509 certificates and uses raw keys. This approach has some
-benefits relating to simplicity of configuration and minimisation
-of attack surface, but it does not support the important use-cases
-of centrally managed, passwordless authentication and centrally
-certified host keys.
+mechanism. Unlike other public key implementations, SSH eschews the use
+of X.509 certificates and uses raw keys. This approach has some benefits
+relating to simplicity of configuration and minimisation of attack
+surface, but it does not support the important use-cases of centrally
+managed, passwordless authentication and centrally certified host keys.
These protocol extensions build on the simple public key authentication
-system already in SSH to allow certificate-based authentication.
-The certificates used are not traditional X.509 certificates, with
-numerous options and complex encoding rules, but something rather
-more minimal: a key, some identity information and usage options
-that have been signed with some other trusted key.
+system already in SSH to allow certificate-based authentication. The
+certificates used are not traditional X.509 certificates, with numerous
+options and complex encoding rules, but something rather more minimal: a
+key, some identity information and usage options that have been signed
+with some other trusted key.
A sshd server may be configured to allow authentication via certified
-keys, by extending the existing ~/.ssh/authorized_keys mechanism
-to allow specification of certification authority keys in addition
-to raw user keys. The ssh client will support automatic verification
-of acceptance of certified host keys, by adding a similar ability
-to specify CA keys in ~/.ssh/known_hosts.
+keys, by extending the existing ~/.ssh/authorized_keys mechanism to
+allow specification of certification authority keys in addition to
+raw user keys. The ssh client will support automatic verification of
+acceptance of certified host keys, by adding a similar ability to
+specify CA keys in ~/.ssh/known_hosts.
+
+Certified keys are represented using new key types:
-Certified keys are represented using two new key types:
-ssh-rsa-cert-v01%openssh.com@localhost and ssh-dss-cert-v01%openssh.com@localhost that
-include certification information along with the public key that is used
-to sign challenges. ssh-keygen performs the CA signing operation.
+ ssh-rsa-cert-v01%openssh.com@localhost
+ ssh-dss-cert-v01%openssh.com@localhost
+ ecdsa-sha2-nistp256-cert-v01%openssh.com@localhost
+ ecdsa-sha2-nistp384-cert-v01%openssh.com@localhost
+ ecdsa-sha2-nistp521-cert-v01%openssh.com@localhost
+
+These include certification information along with the public key
+that is used to sign challenges. ssh-keygen performs the CA signing
+operation.
Protocol extensions
-------------------
@@ -47,10 +53,9 @@
New public key formats
----------------------
-The ssh-rsa-cert-v01%openssh.com@localhost and ssh-dss-cert-v01%openssh.com@localhost key
-types take a similar high-level format (note: data types and
-encoding are as per RFC4251 section 5). The serialised wire encoding of
-these certificates is also used for storing them on disk.
+The certificate key types take a similar high-level format (note: data
+types and encoding are as per RFC4251 section 5). The serialised wire
+encoding of these certificates is also used for storing them on disk.
Home |
Main Index |
Thread Index |
Old Index