diff options
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 0d0586576..1d2a93f66 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -2783,7 +2783,6 @@ main(int argc, char **argv) | |||
2783 | unsigned long long ull, cert_serial = 0; | 2783 | unsigned long long ull, cert_serial = 0; |
2784 | char *identity_comment = NULL, *ca_key_path = NULL; | 2784 | char *identity_comment = NULL, *ca_key_path = NULL; |
2785 | u_int32_t bits = 0; | 2785 | u_int32_t bits = 0; |
2786 | uint8_t sk_flags = SSH_SK_USER_PRESENCE_REQD; | ||
2787 | FILE *f; | 2786 | FILE *f; |
2788 | const char *errstr; | 2787 | const char *errstr; |
2789 | int log_level = SYSLOG_LEVEL_INFO; | 2788 | int log_level = SYSLOG_LEVEL_INFO; |
@@ -2796,6 +2795,9 @@ main(int argc, char **argv) | |||
2796 | unsigned long start_lineno = 0, lines_to_process = 0; | 2795 | unsigned long start_lineno = 0, lines_to_process = 0; |
2797 | BIGNUM *start = NULL; | 2796 | BIGNUM *start = NULL; |
2798 | #endif | 2797 | #endif |
2798 | #ifdef ENABLE_SK | ||
2799 | uint8_t sk_flags = SSH_SK_USER_PRESENCE_REQD; | ||
2800 | #endif | ||
2799 | 2801 | ||
2800 | extern int optind; | 2802 | extern int optind; |
2801 | extern char *optarg; | 2803 | extern char *optarg; |
@@ -2991,7 +2993,9 @@ main(int argc, char **argv) | |||
2991 | "number", optarg); | 2993 | "number", optarg); |
2992 | if (ull > 0xff) | 2994 | if (ull > 0xff) |
2993 | fatal("Invalid security key flags 0x%llx", ull); | 2995 | fatal("Invalid security key flags 0x%llx", ull); |
2996 | #ifdef ENABLE_SK | ||
2994 | sk_flags = (uint8_t)ull; | 2997 | sk_flags = (uint8_t)ull; |
2998 | #endif | ||
2995 | break; | 2999 | break; |
2996 | case 'z': | 3000 | case 'z': |
2997 | errno = 0; | 3001 | errno = 0; |
@@ -3250,10 +3254,14 @@ main(int argc, char **argv) | |||
3250 | printf("Generating public/private %s key pair.\n", | 3254 | printf("Generating public/private %s key pair.\n", |
3251 | key_type_name); | 3255 | key_type_name); |
3252 | if (type == KEY_ECDSA_SK) { | 3256 | if (type == KEY_ECDSA_SK) { |
3257 | #ifndef ENABLE_SK | ||
3258 | fatal("Security key support was disabled at compile time"); | ||
3259 | #else /* ENABLE_SK */ | ||
3253 | if (sshsk_enroll(sk_provider, | 3260 | if (sshsk_enroll(sk_provider, |
3254 | cert_key_id == NULL ? "ssh:" : cert_key_id, | 3261 | cert_key_id == NULL ? "ssh:" : cert_key_id, |
3255 | sk_flags, NULL, &private, NULL) != 0) | 3262 | sk_flags, NULL, &private, NULL) != 0) |
3256 | exit(1); /* error message already printed */ | 3263 | exit(1); /* error message already printed */ |
3264 | #endif /* ENABLE_SK */ | ||
3257 | } else if ((r = sshkey_generate(type, bits, &private)) != 0) | 3265 | } else if ((r = sshkey_generate(type, bits, &private)) != 0) |
3258 | fatal("sshkey_generate failed"); | 3266 | fatal("sshkey_generate failed"); |
3259 | if ((r = sshkey_from_private(private, &public)) != 0) | 3267 | if ((r = sshkey_from_private(private, &public)) != 0) |