View | Details | Raw Unified | Return to bug 3082 | Differences between
and this patch

Collapse All | Expand All

(-)openssh-8.0p1/openbsd-compat/arc4random.c (+9 lines)
Lines 232-237 arc4random_addrandom(u_char *dat, int da Link Here
232
	_ARC4_UNLOCK();
232
	_ARC4_UNLOCK();
233
}
233
}
234
234
235
void
236
arc4random_set(void *buf, size_t n)
237
{
238
	_rs_init(buf, n);
239
	rs_have = 0;
240
	memset(rs_buf, 0, RSBUFSZ);
241
	rs_count = 1600000;
242
}
243
235
u_int32_t
244
u_int32_t
236
arc4random(void)
245
arc4random(void)
237
{
246
{
(-)openssh-8.0p1/ssh-keygen.c (-3 / +12 lines)
Lines 60-66 Link Here
60
#include "digest.h"
60
#include "digest.h"
61
#include "utf8.h"
61
#include "utf8.h"
62
#include "authfd.h"
62
#include "authfd.h"
63
63
#include "crypto_api.h"
64
#ifdef WITH_OPENSSL
64
#ifdef WITH_OPENSSL
65
# define DEFAULT_KEY_TYPE_NAME "rsa"
65
# define DEFAULT_KEY_TYPE_NAME "rsa"
66
#else
66
#else
Lines 2419-2424 main(int argc, char **argv) Link Here
2419
{
2419
{
2420
	char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2;
2420
	char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2;
2421
	char *rr_hostname = NULL, *ep, *fp, *ra;
2421
	char *rr_hostname = NULL, *ep, *fp, *ra;
2422
	char *derive_from = NULL;
2422
	struct sshkey *private, *public;
2423
	struct sshkey *private, *public;
2423
	struct passwd *pw;
2424
	struct passwd *pw;
2424
	struct stat st;
2425
	struct stat st;
Lines 2465-2474 main(int argc, char **argv) Link Here
2465
	if (gethostname(hostname, sizeof(hostname)) < 0)
2466
	if (gethostname(hostname, sizeof(hostname)) < 0)
2466
		fatal("gethostname: %s", strerror(errno));
2467
		fatal("gethostname: %s", strerror(errno));
2467
2468
2468
	/* Remaining characters: Ydw */
2469
	/* Remaining characters: Yw */
2469
	while ((opt = getopt(argc, argv, "ABHLQUXceghiklopquvxy"
2470
	while ((opt = getopt(argc, argv, "ABHLQUXceghiklopquvxy"
2470
	    "C:D:E:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:"
2471
	    "C:D:E:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:"
2471
	    "a:b:f:g:j:m:n:r:s:t:z:")) != -1) {
2472
	    "a:b:d:f:g:j:m:n:r:s:t:z:")) != -1) {
2472
		switch (opt) {
2473
		switch (opt) {
2473
		case 'A':
2474
		case 'A':
2474
			gen_all_hostkeys = 1;
2475
			gen_all_hostkeys = 1;
Lines 2479-2484 main(int argc, char **argv) Link Here
2479
				fatal("Bits has bad value %s (%s)",
2480
				fatal("Bits has bad value %s (%s)",
2480
					optarg, errstr);
2481
					optarg, errstr);
2481
			break;
2482
			break;
2483
		case 'd':
2484
			derive_from = optarg;
2485
			break;
2482
		case 'E':
2486
		case 'E':
2483
			fingerprint_hash = ssh_digest_alg_by_name(optarg);
2487
			fingerprint_hash = ssh_digest_alg_by_name(optarg);
2484
			if (fingerprint_hash == -1)
2488
			if (fingerprint_hash == -1)
Lines 2773-2778 main(int argc, char **argv) Link Here
2773
			exit(0);
2777
			exit(0);
2774
		}
2778
		}
2775
	}
2779
	}
2780
	if (derive_from) {
2781
		unsigned char hbuf[64];
2782
		crypto_hash_sha512(hbuf, derive_from, strlen(derive_from));
2783
		arc4random_set(hbuf, sizeof(hbuf));
2784
	}
2776
2785
2777
#ifdef WITH_OPENSSL
2786
#ifdef WITH_OPENSSL
2778
	if (do_gen_candidates) {
2787
	if (do_gen_candidates) {
(-)openssh-8.0p1/openbsd-compat/openbsd-compat.h (+4 lines)
Lines 218-223 void arc4random_buf(void *, size_t); Link Here
218
u_int32_t arc4random_uniform(u_int32_t);
218
u_int32_t arc4random_uniform(u_int32_t);
219
#endif
219
#endif
220
220
221
#ifndef HAVE_ARC4RANDOM_SET
222
void arc4random_set(void *buf, size_t n);
223
#endif
224
221
#ifndef HAVE_ASPRINTF
225
#ifndef HAVE_ASPRINTF
222
int asprintf(char **, const char *, ...);
226
int asprintf(char **, const char *, ...);
223
#endif
227
#endif
(-)openssh-8.0p1/ssh-keygen.1 (+3 lines)
Lines 51-56 Link Here
51
.Op Fl C Ar comment
51
.Op Fl C Ar comment
52
.Op Fl f Ar output_keyfile
52
.Op Fl f Ar output_keyfile
53
.Op Fl m Ar format
53
.Op Fl m Ar format
54
.Op Fl d Ar data
54
.Nm ssh-keygen
55
.Nm ssh-keygen
55
.Fl p
56
.Fl p
56
.Op Fl P Ar old_passphrase
57
.Op Fl P Ar old_passphrase
Lines 274-279 Provides a new comment. Link Here
274
Requests changing the comment in the private and public key files.
275
Requests changing the comment in the private and public key files.
275
The program will prompt for the file containing the private keys, for
276
The program will prompt for the file containing the private keys, for
276
the passphrase if the key has one, and for the new comment.
277
the passphrase if the key has one, and for the new comment.
278
.It Fl d Ar data
279
Derive the generated key from the given data deterministically.
277
.It Fl D Ar pkcs11
280
.It Fl D Ar pkcs11
278
Download the public keys provided by the PKCS#11 shared library
281
Download the public keys provided by the PKCS#11 shared library
279
.Ar pkcs11 .
282
.Ar pkcs11 .

Return to bug 3082