Fix determinism failures in cgtest.

Thanks to Pavel and his CI for pointing out what I'd forgotten: the automated test of cmdgen.c expects that round-tripping a PPK file to some other format and back will regenerate the identical file. Of course, with a randomised salt in the new-look password hash, that isn't true any more in normal usage. Fixed by adding an option in the existing parameters structure to provide a salt override. That shouldn't be used anywhere except cgtest, but in cgtest, it restores the determinism we need. Another potential (but not guaranteed) source of difference is the automatic time-scaling of the Argon2 parameter choice. So I've turned that off too, while I'm at it.
2025-07-01 11:32:48 -05:00 · 2021-02-21 14:37:59 +00:00
parent 342972ee60
commit 8eb4cd5674
4 changed files with 30 additions and 1 deletions
--- a/ssh.h
+++ b/ssh.h
@ -1243,6 +1243,14 @@ typedef struct ppk_save_parameters {
        uint32_t argon2_milliseconds;  /* if auto == true */
    };
    uint32_t argon2_parallelism;
+
+    /* The ability to choose a specific salt is only intended for the
+     * use of the automated test of PuTTYgen. It's a (mild) security
+     * risk to do it with any passphrase you actually care about,
+     * because it invalidates the entire point of having a salt in the
+     * first place. */
+    const uint8_t *salt;
+    size_t saltlen;
 } ppk_save_parameters;
 extern const ppk_save_parameters ppk_save_default_parameters;