search for: ec_key_new_by_curve_nam

Displaying 7 results from an estimated 7 matches for "ec_key_new_by_curve_nam".

2015 Apr 01
3
What did I miss when building openssh? cannot generate ecdsa key
I am assuming this is a user error (and the bug, if any is in configure not telling me how to activate it). I regularly see a message: Could not load host key: /etc/ssh/ssh_host_ecdsa_key And, obviously, I have never made the key before. I tried the following: ./ssh-keygen -t ecdsa -fssh_host_esdsa_key -N "" unknown key type ecdsa However, the syntax says it is a known type root at
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
...ich requires curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher suites are in use. At least the non-compliance is in the form of providing too much security rather than too little. */ nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set); ecdh = EC_KEY_new_by_curve_name(nid); if (ecdh == NULL) { /* Fall back option */ nid = NID_secp384r1; ecdh = EC_KEY_new_by_curve_name(nid); } if ((curve_name = OBJ_nid2sn(nid)) != NULL && set->verbose_ssl) i_debug("SSL: ellipt...
2013 Jul 06
1
[PATCH] login-common: Add support for ECDH/ECDHE cipher suites
...non-compliant with RFC 6460 which requires + curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher + suites are in use. At least the non-compliance is in the form of + providing too much security rather than too little. */ + nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set); + ecdh = EC_KEY_new_by_curve_name(nid); + if (ecdh == NULL) { + /* Fall back option */ + nid = NID_secp384r1; + ecdh = EC_KEY_new_by_curve_name(nid); + } + if ((curve_name = OBJ_nid2sn(nid)) != NULL) + i_debug("SSL: elliptic curve %s will be used for ECDH and" + " ECDHE key exchanges", curve_name);...
2017 Sep 22
2
Call for testing: OpenSSH 7.6
...NULL || ecdsap == NULL) return SSH_ERR_INVALID_ARGUMENT; - if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) { + fprintf(stderr, "%s bits %d\n", __func__, bits); return SSH_ERR_KEY_LENGTH; + } *ecdsap = NULL; if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -1881,6 +1888,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, goto out; } if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, +...
2015 Jun 23
2
Call for testing: OpenSSH 6.9
...char *blob, size_t len) bzero(s, l); free(s); } +#ifdef WITH_OPENSSL bn = BN_new(); sshbuf_get_bignum1(p1, bn); BN_clear_free(bn); bn = BN_new(); sshbuf_get_bignum2(p1, bn); BN_clear_free(bn); +#endif #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ASSERT_PTR_NE(eck, NULL); diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c index b598f05..7deacf9 100644 --- a/regress/unittests/sshkey/common.c +++ b/regress/unittests/sshkey/common.c @@ -70,6 +70,7 @@ load_text_file(const char *name) r...
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi, OpenSSH 6.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is