similar to: [PATCH] Enabling ECDSA in PKCS#11 support for ssh-agent

https://bugzilla.mindrot.org/show_bug.cgi?id=2474 Bug ID: 2474 Summary: Enabling ECDSA in PKCS#11 support for ssh-agent Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs

On 10/8/2015 4:49 AM, Simon Josefsson wrote: > Mathias Brossard <mathias at brossard.org> writes: > >> Hi, >> >> I have made a patch for enabling the use of ECDSA keys in the PKCS#11 >> support of ssh-agent which will be of interest to other users. > > Nice! What would it take to add support for Ed25519 too? Do we need to > allocate any new PKCS#11

Thomas Calderon <calderon.thomas at gmail.com> writes: > Hi, > > There is no need to add new mechanism identifiers to use specific curves. > > This can be done already using the CKM_ECDSA mechanism parameters (see > CKA_ECDSA_PARAMS > in the standard). > Given that the underlying HW or SW tokens supports Ed25519 curves, then you > could leverage it even with

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

On Mon, 13 Aug 2018, Blumenthal, Uri - 0553 - MITLL wrote: > Lack of time on the Open Source projects is understandable, and not uncommon. > > However, PKCS11 has been in the codebase practically forever - the ECC > patches that I saw did not alter the API or such. It is especially > non-invasive when digital signature is concerned. > > Considering how long those patches have

https://bugzilla.mindrot.org/show_bug.cgi?id=3202 Bug ID: 3202 Summary: Ed25519 key on HSM is not getting listed in ssh-add -l command Product: Portable OpenSSH Version: 8.2p1 Hardware: ARM64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-add

Hi all, I have no idea if this question is to easy to be answered, but I?m starting with R. So, here we go. I have a large dataset with a lot of steps a judicial case. A sample is attached. I?d like to do a cluster analysis to try to understand with one is the most usual path followed by this legal cases. After that, I?d like to plot a cluster tree. In the attached sample, the column: -

Hi, I'm interested in extending OpenSSH's PKCS#11 code to support ECDSA keys, but have so far been unable to find anyone who can sell me a smartcard that supports it. They certainly exist - AFAIK it's required by the US PIV standard, but obtaining cards that support it in single digit quantities seems all but impossible. Can anybody on this list help? I'd want 2-6 cards/tokens

Hello My question is the following. I have tried to find a similar subject in archives but not found (perhaps bad search!) and I tried R-help and I was advised that R-devel would perhaps better for my question So I wonder if it is possible to create a dll from a R code to use it in another language/program. Indeed, one of my colleague wrote a R code combining some R functions to create a

http://bugzilla.mindrot.org/show_bug.cgi?id=1371 Summary: Add PKCS#11 (Smartcards) support into OpenSSH Product: Portable OpenSSH Version: 4.7p1 Platform: All URL: http://alon.barlev.googlepages.com/openssh-pkcs11 OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component:

Hi, the IETF drafts had to be removed from the Debian package recently because IETF RFCs/drafts are (per default) not conformant to the Debian Free Software Guidelines, see <URL:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390665>. It would be nice if Phil and Luca could dual-license the drafts under a DFSG-free license also ... most straight-forward would be libtheora's own

I have a two-column table as follows where age is in the 1st column and the number of individuals is in the 2nd. age;no 1;21 2;31 3;9 4;12 5;6 Can I use mean() and sd() to calculate the mean and standard deviation from this or do I have to manually multiplicate 21*1+31*2 etc. / N?

https://bugzilla.mindrot.org/show_bug.cgi?id=2472 Bug ID: 2472 Summary: Add support to load additional certificates Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs at

Hi! I’m running glmer (lme4) models with biodiversity data and I’m having trouble with understanding/finding information on how the offset() option is implemented. Explicitly, I’m wondering if the offset is only implemented on the dependent variable (as I think it is), or does it also affect independent variables in the model (was told this by a stat guy at our department)? My data is

https://bugzilla.mindrot.org/show_bug.cgi?id=2319 Bug ID: 2319 Summary: [PATCH REVIEW] U2F authentication Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at

Hello everyone, as you could have noticed over the years, there are several bugs for PKCS#11 improvement and integration which are slipping under the radar for several releases, but the most painful ones are constantly updated by community to build, work and make our lives better. I wrote some of the patches, provided feedback to others, or offered other help here on mailing list, but did not

On Thu, 26 Oct 2017, James Bottomley wrote: > Engine keys are keys whose file format is understood by a specific > engine rather than by openssl itself. Since these keys are file > based, the pkcs11 interface isn't appropriate for them because they > don't actually represent tokens. What sort of keys do you have in mind here that can't be represented via PKCS#11? -d

Hello, PKCS#11 is a standard API interface that can be used in order to access cryptographic tokens. You can find the specification at http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most smartcard and other cryptographic device vendors support PKCS#11, opensc also provides PKCS#11 interface. I can easily make the scard.c, scard-opensc.c and ssh-agent.c support PKCS#11. PKCS#11 is

Hello OpenSSH developers, A week ago I've posted a patch that enables openssh to work with PKCS#11 tokens. I didn't receive any comments regarding the patch or reply to my questions. In current software world, providing a security product that does not support standard interface for external cryptographic hardware makes the product obsolete. Please comment my patch, so I can know

Hi all, Thanks for all your hard work! I was particularly excited to see FIDO/U2F support in the latest release. I'd like to make the following bug report in ssh-agent's PKCS#11 support: Steps to reproduce: 1. Configure a smart card (e.g. Yubikey in PIV mode) as an SSH key. 2. Add that key to ssh-agent. 3. Remove that key from ssh-agent. 4. Add that key to ssh-agent. Expected results: