Attachment #1493 for bug #1371

View | Details | Raw Unified | Return to bug 1371 | Differences between

and this patch

Lines 35-40 Link Here

(-)ssh/ssh-keygen.c (-1 / +28 lines)
35	#include "uuencode.h"	35	#include "uuencode.h"
36	#include "buffer.h"	36	#include "buffer.h"
37	#include "pathnames.h"	37	#include "pathnames.h"
		38	#include "pkcs11.h"
38	#include "log.h"	39	#include "log.h"
39	#include "misc.h"	40	#include "misc.h"
40	#include "match.h"	41	#include "match.h"
Lines 1014-1019 usage(void) Link Here
1014	fprintf(stderr, " -g Use generic DNS resource record format.\n");	1015	fprintf(stderr, " -g Use generic DNS resource record format.\n");
1015	fprintf(stderr, " -H Hash names in known_hosts file.\n");	1016	fprintf(stderr, " -H Hash names in known_hosts file.\n");
1016	fprintf(stderr, " -i Convert RFC 4716 to OpenSSH key file.\n");	1017	fprintf(stderr, " -i Convert RFC 4716 to OpenSSH key file.\n");
		1018	#ifdef ENABLE_PKCS11
		1019	fprintf(stderr, " -K provider Show PKCS#11 provider ids, format:\n");
		1020	fprintf(stderr, " lib[:prot_auth[:private_mode[:cert_is_private]]]\n");
		1021	fprintf(stderr, " prot_auth - 1 to allow protected mode authentication.\n");
		1022	fprintf(stderr, " private_mode - Private key mode, see man page.\n");
		1023	fprintf(stderr, " cert_is_private - 1 if login is required to access certificates.\n");
		1024	#endif /* ENABLE_PKCS11 */
1017	fprintf(stderr, " -l Show fingerprint of key file.\n");	1025	fprintf(stderr, " -l Show fingerprint of key file.\n");
1018	fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n");	1026	fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n");
1019	fprintf(stderr, " -N phrase Provide new passphrase.\n");	1027	fprintf(stderr, " -N phrase Provide new passphrase.\n");
Lines 1054-1059 main(int argc, char **argv) Link Here
1054	BIGNUM *start = NULL;	1062	BIGNUM *start = NULL;
1055	FILE *f;	1063	FILE *f;
1056	const char *errstr;	1064	const char *errstr;
		1065	#ifdef ENABLE_PKCS11
		1066	pkcs11_provider *pkcs11_provider = NULL;
		1067	#endif /* ENABLE_PKCS11 */
1057		1068
1058	extern int optind;	1069	extern int optind;
1059	extern char *optarg;	1070	extern char *optarg;
Lines 1076-1082 main(int argc, char **argv) Link Here
1076	}	1087	}
1077		1088
1078	while ((opt = getopt(argc, argv,	1089	while ((opt = getopt(argc, argv,
1079	"degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {	1090	"degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:K:")) != -1) {
1080	switch (opt) {	1091	switch (opt) {
1081	case 'b':	1092	case 'b':
1082	bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr);	1093	bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr);
Lines 1201-1206 main(int argc, char **argv) Link Here
1201	if (BN_hex2bn(&start, optarg) == 0)	1212	if (BN_hex2bn(&start, optarg) == 0)
1202	fatal("Invalid start point.");	1213	fatal("Invalid start point.");
1203	break;	1214	break;
		1215	#ifdef ENABLE_PKCS11
		1216	case 'K':
		1217	if ((pkcs11_provider = pkcs11_parse_provider(optarg)) == NULL)
		1218	fatal("Cannot parse PKCS#11 provider.");
		1219	break;
		1220	#endif /* ENABLE_PKCS11 */
1204	case '?':	1221	case '?':
1205	default:	1222	default:
1206	usage();	1223	usage();
Lines 1255-1260 main(int argc, char **argv) Link Here
1255	exit(0);	1272	exit(0);
1256	}	1273	}
1257	}	1274	}
		1275	#ifdef ENABLE_PKCS11
		1276	if (pkcs11_provider != NULL) {
		1277	pkcs11_initialize(1, -1);
		1278	pkcs11_add_provider(pkcs11_provider);
		1279	pkcs11_show_ids();
		1280	pkcs11_terminate();
		1281	pkcs11_free_provider(pkcs11_provider);
		1282	return (0);
		1283	}
		1284	#endif /* ENABLE_PKCS11 */
1258	if (reader_id != NULL) {	1285	if (reader_id != NULL) {
1259	#ifdef SMARTCARD	1286	#ifdef SMARTCARD
1260	if (download)	1287	if (download)

Return to bug 1371