Bugzilla – Attachment 1493 Details for
Bug 1371
Add PKCS#11 (Smartcards) support into OpenSSH
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
2007_all_pkcs11-ssh-keygen.patch
2007_all_pkcs11-ssh-keygen.patch (text/plain), 2.67 KB, created by
Alon Bar-Lev
on 2008-04-26 22:39:00 AEST
(
hide
)
Description:
2007_all_pkcs11-ssh-keygen.patch
Filename:
MIME Type:
Creator:
Alon Bar-Lev
Created:
2008-04-26 22:39:00 AEST
Size:
2.67 KB
patch
obsolete
>[PATCH] PKCS#11 support in ssh-keygen > >Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> > >--- > >diff -urNp ssh/ssh-keygen.c ssh.new/ssh-keygen.c >--- ssh/ssh-keygen.c 2008-01-20 00:37:19.000000000 +0200 >+++ ssh.new/ssh-keygen.c 2008-04-26 12:32:56.000000000 +0300 >@@ -35,6 +35,7 @@ > #include "uuencode.h" > #include "buffer.h" > #include "pathnames.h" >+#include "pkcs11.h" > #include "log.h" > #include "misc.h" > #include "match.h" >@@ -1014,6 +1015,13 @@ usage(void) > fprintf(stderr, " -g Use generic DNS resource record format.\n"); > fprintf(stderr, " -H Hash names in known_hosts file.\n"); > fprintf(stderr, " -i Convert RFC 4716 to OpenSSH key file.\n"); >+#ifdef ENABLE_PKCS11 >+ fprintf(stderr, " -K provider Show PKCS#11 provider ids, format:\n"); >+ fprintf(stderr, " lib[:prot_auth[:private_mode[:cert_is_private]]]\n"); >+ fprintf(stderr, " prot_auth - 1 to allow protected mode authentication.\n"); >+ fprintf(stderr, " private_mode - Private key mode, see man page.\n"); >+ fprintf(stderr, " cert_is_private - 1 if login is required to access certificates.\n"); >+#endif /* ENABLE_PKCS11 */ > fprintf(stderr, " -l Show fingerprint of key file.\n"); > fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); > fprintf(stderr, " -N phrase Provide new passphrase.\n"); >@@ -1054,6 +1062,9 @@ main(int argc, char **argv) > BIGNUM *start = NULL; > FILE *f; > const char *errstr; >+#ifdef ENABLE_PKCS11 >+ pkcs11_provider *pkcs11_provider = NULL; >+#endif /* ENABLE_PKCS11 */ > > extern int optind; > extern char *optarg; >@@ -1076,7 +1087,7 @@ main(int argc, char **argv) > } > > while ((opt = getopt(argc, argv, >- "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { >+ "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:K:")) != -1) { > switch (opt) { > case 'b': > bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr); >@@ -1201,6 +1212,12 @@ main(int argc, char **argv) > if (BN_hex2bn(&start, optarg) == 0) > fatal("Invalid start point."); > break; >+#ifdef ENABLE_PKCS11 >+ case 'K': >+ if ((pkcs11_provider = pkcs11_parse_provider(optarg)) == NULL) >+ fatal("Cannot parse PKCS#11 provider."); >+ break; >+#endif /* ENABLE_PKCS11 */ > case '?': > default: > usage(); >@@ -1255,6 +1272,16 @@ main(int argc, char **argv) > exit(0); > } > } >+#ifdef ENABLE_PKCS11 >+ if (pkcs11_provider != NULL) { >+ pkcs11_initialize(1, -1); >+ pkcs11_add_provider(pkcs11_provider); >+ pkcs11_show_ids(); >+ pkcs11_terminate(); >+ pkcs11_free_provider(pkcs11_provider); >+ return (0); >+ } >+#endif /* ENABLE_PKCS11 */ > if (reader_id != NULL) { > #ifdef SMARTCARD > if (download)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1493">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1371
:
1444
|
1463
|
1464
|
1465
|
1466
|
1467
|
1468
|
1469
|
1470
|
1471
|
1477
|
1478
|
1484
|
1485
|
1486
|
1487
|
1488
|
1489
|
1490
|
1491
|
1492
| 1493 |
1494
|
1495
|
1496
|
1497
|
1547
|
1557
|
1558