Support for ecdsa certs

[Ed W]

Hi Matt

I'm still very interested to see if we can add this feature to
Dropbear.  Any chance you could consider taking a look at it again?

As I said before, I would be interested to sponsor such a feature

In particular I'm interested in compatibility with the same in openssh,
so kex: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521

Many thanks

Ed W

On 24/08/2011 13:22, Matt Johnston wrote:
> It's a feature I'd like to add, I'll take a look at how much
> is involved and get back to you off-list.
>
> Cheers,
> Matt
>
> On Wed, Aug 24, 2011 at 01:03:11PM +0100, Ed W wrote:
>> Hi, assuming what you say isn't a complete blocker - are you open to
>> "sponsorship" to add it as a feature?
>>
>> Cheers
>>
>> Ed W
>>
>>
>> On 24/08/2011 12:54, Matt Johnston wrote:
>>> Hi,
>>>
>>> Sorry for the delayed reply. I have a very brief look at it.
>>> The actual SSH protocol parts probably aren't too hard to
>>> implement, just some similar bits to the existing code in
>>> *kex.c and dsa.c.  However I don't know how good
>>> libtomcrypt and libtommath's ECC support is, so possibly
>>> that could be a problem. 
>>>
>>> Cheers,
>>> Matt
>>>
>>> On Fri, Aug 12, 2011 at 10:37:54AM +0100, Ed W wrote:
>>>> Hi, What is required to extend dropbear to support ecdsa certificates -
>>>> I'm mainly interested in the client support, but server support would be
>>>> nice also?
>>>>
>>>> Thanks
>>>>
>>>> Ed W