Displaying 7 results from an estimated 7 matches for "ec_key_new_by_curve_nam".
Did you mean:
ec_key_new_by_curve_name
2015 Apr 01
3
What did I miss when building openssh? cannot generate ecdsa key
I am assuming this is a user error (and the bug, if any is in configure not
telling me how to activate it).
I regularly see a message:
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
And, obviously, I have never made the key before.
I tried the following:
./ssh-keygen -t ecdsa -fssh_host_esdsa_key -N ""
unknown key type ecdsa
However, the syntax says it is a known type
root at
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
...ich requires
curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher
suites are in use. At least the non-compliance is in the form of
providing too much security rather than too little. */
nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set);
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL) {
/* Fall back option */
nid = NID_secp384r1;
ecdh = EC_KEY_new_by_curve_name(nid);
}
if ((curve_name = OBJ_nid2sn(nid)) != NULL && set->verbose_ssl)
i_debug("SSL: ellipt...
2013 Jul 06
1
[PATCH] login-common: Add support for ECDH/ECDHE cipher suites
...non-compliant with RFC 6460 which requires
+ curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher
+ suites are in use. At least the non-compliance is in the form of
+ providing too much security rather than too little. */
+ nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set);
+ ecdh = EC_KEY_new_by_curve_name(nid);
+ if (ecdh == NULL) {
+ /* Fall back option */
+ nid = NID_secp384r1;
+ ecdh = EC_KEY_new_by_curve_name(nid);
+ }
+ if ((curve_name = OBJ_nid2sn(nid)) != NULL)
+ i_debug("SSL: elliptic curve %s will be used for ECDH and"
+ " ECDHE key exchanges", curve_name);...
2017 Sep 22
2
Call for testing: OpenSSH 7.6
...NULL || ecdsap == NULL)
return SSH_ERR_INVALID_ARGUMENT;
- if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1)
+ if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) {
+ fprintf(stderr, "%s bits %d\n", __func__, bits);
return SSH_ERR_KEY_LENGTH;
+ }
*ecdsap = NULL;
if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) {
ret = SSH_ERR_ALLOC_FAIL;
@@ -1881,6 +1888,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
goto out;
}
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ fprintf(stderr, "%s num_bits %d min %d\n", __func__,
+...
2015 Jun 23
2
Call for testing: OpenSSH 6.9
...char *blob, size_t len)
bzero(s, l);
free(s);
}
+#ifdef WITH_OPENSSL
bn = BN_new();
sshbuf_get_bignum1(p1, bn);
BN_clear_free(bn);
bn = BN_new();
sshbuf_get_bignum2(p1, bn);
BN_clear_free(bn);
+#endif
#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
ASSERT_PTR_NE(eck, NULL);
diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c
index b598f05..7deacf9 100644
--- a/regress/unittests/sshkey/common.c
+++ b/regress/unittests/sshkey/common.c
@@ -70,6 +70,7 @@ load_text_file(const char *name)
r...
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi,
OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi,
OpenSSH 6.9 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This release contains
some substantial new features and a number of bugfixes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is