diff options
author | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
commit | 8668706d0f52654fe64c0ca41a96113aeab8d2b8 (patch) | |
tree | 73e78e1ea3d39206e39870bbe0af17d6c430fb51 /ssh-keygen.c | |
parent | 2cd7929250cf9e9f658d70dcd452f529ba08c942 (diff) |
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 085f1ec55..e2aa215b2 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.246 2014/04/29 18:01:49 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.247 2014/06/24 01:13:21 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -482,7 +482,9 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) | |||
482 | buffer_get_bignum_bits(&b, key->rsa->iqmp); | 482 | buffer_get_bignum_bits(&b, key->rsa->iqmp); |
483 | buffer_get_bignum_bits(&b, key->rsa->q); | 483 | buffer_get_bignum_bits(&b, key->rsa->q); |
484 | buffer_get_bignum_bits(&b, key->rsa->p); | 484 | buffer_get_bignum_bits(&b, key->rsa->p); |
485 | rsa_generate_additional_parameters(key->rsa); | 485 | if (rsa_generate_additional_parameters(key->rsa) != 0) |
486 | fatal("%s: rsa_generate_additional_parameters " | ||
487 | "error", __func__); | ||
486 | break; | 488 | break; |
487 | } | 489 | } |
488 | rlen = buffer_len(&b); | 490 | rlen = buffer_len(&b); |
@@ -1637,12 +1639,12 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) | |||
1637 | public->cert->valid_after = cert_valid_from; | 1639 | public->cert->valid_after = cert_valid_from; |
1638 | public->cert->valid_before = cert_valid_to; | 1640 | public->cert->valid_before = cert_valid_to; |
1639 | if (v00) { | 1641 | if (v00) { |
1640 | prepare_options_buf(&public->cert->critical, | 1642 | prepare_options_buf(public->cert->critical, |
1641 | OPTIONS_CRITICAL|OPTIONS_EXTENSIONS); | 1643 | OPTIONS_CRITICAL|OPTIONS_EXTENSIONS); |
1642 | } else { | 1644 | } else { |
1643 | prepare_options_buf(&public->cert->critical, | 1645 | prepare_options_buf(public->cert->critical, |
1644 | OPTIONS_CRITICAL); | 1646 | OPTIONS_CRITICAL); |
1645 | prepare_options_buf(&public->cert->extensions, | 1647 | prepare_options_buf(public->cert->extensions, |
1646 | OPTIONS_EXTENSIONS); | 1648 | OPTIONS_EXTENSIONS); |
1647 | } | 1649 | } |
1648 | public->cert->signature_key = key_from_private(ca); | 1650 | public->cert->signature_key = key_from_private(ca); |
@@ -1913,19 +1915,19 @@ do_show_cert(struct passwd *pw) | |||
1913 | printf("\n"); | 1915 | printf("\n"); |
1914 | } | 1916 | } |
1915 | printf(" Critical Options: "); | 1917 | printf(" Critical Options: "); |
1916 | if (buffer_len(&key->cert->critical) == 0) | 1918 | if (buffer_len(key->cert->critical) == 0) |
1917 | printf("(none)\n"); | 1919 | printf("(none)\n"); |
1918 | else { | 1920 | else { |
1919 | printf("\n"); | 1921 | printf("\n"); |
1920 | show_options(&key->cert->critical, v00, 1); | 1922 | show_options(key->cert->critical, v00, 1); |
1921 | } | 1923 | } |
1922 | if (!v00) { | 1924 | if (!v00) { |
1923 | printf(" Extensions: "); | 1925 | printf(" Extensions: "); |
1924 | if (buffer_len(&key->cert->extensions) == 0) | 1926 | if (buffer_len(key->cert->extensions) == 0) |
1925 | printf("(none)\n"); | 1927 | printf("(none)\n"); |
1926 | else { | 1928 | else { |
1927 | printf("\n"); | 1929 | printf("\n"); |
1928 | show_options(&key->cert->extensions, v00, 0); | 1930 | show_options(key->cert->extensions, v00, 0); |
1929 | } | 1931 | } |
1930 | } | 1932 | } |
1931 | exit(0); | 1933 | exit(0); |