Implement server-side support for sk-ecdsa U2F-backed keys (#142) * Implement server-side support for sk-ecdsa U2F-backed keys * Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys * Fix one more potential out-of-bounds read * Check if nistp256 curve is used in sk-ecdsa-sha2- key It's the only allowed curve per PROTOCOL.u2f specification * Implement server-side support for sk-ed25519 FIDO2-backed keys * Keys with type sk-* make no sense as host keys, so they should be disabled * fix typo * Make sk-ecdsa call buf_ecdsa_verify This reduces code duplication, the SK code just handles the different message format. * Reduce sk specific code The application id can be stored in signkey, then we don't need to call sk-specific functions from svr-authpubkey * Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled * Proper cleanup of sk_app Co-authored-by: Matt Johnston <[email protected]>

Building with the diet libc
---------------------------

This package optionally can be built with the diet libc instead of the
glibc to provide small statically linked programs.  The resulting package
has no dependency on any other package.

To use the diet libc, make sure the latest versions of the dietlibc-dev
package is installed, and set DEB_BUILD_OPTIONS=diet in the environment
when building the package, e.g.:

 # apt-get install dietlibc-dev
 $ DEB_BUILD_OPTIONS=diet fakeroot apt-get source -b dropbear

 -- Gerrit Pape <[email protected]>, Sat, 17 Jul 2004 19:09:34 +0000