mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-07-02 03:52:49 -05:00
Fix determinism failures in cgtest.
Thanks to Pavel and his CI for pointing out what I'd forgotten: the automated test of cmdgen.c expects that round-tripping a PPK file to some other format and back will regenerate the identical file. Of course, with a randomised salt in the new-look password hash, that isn't true any more in normal usage. Fixed by adding an option in the existing parameters structure to provide a salt override. That shouldn't be used anywhere except cgtest, but in cgtest, it restores the determinism we need. Another potential (but not guaranteed) source of difference is the automatic time-scaling of the Argon2 parameter choice. So I've turned that off too, while I'm at it.
This commit is contained in:
@ -1507,7 +1507,10 @@ strbuf *ppk_save_sb(ssh2_userkey *key, const char *passphrase,
|
||||
|
||||
/* Invent a salt for the password hash. */
|
||||
strbuf *passphrase_salt = strbuf_new();
|
||||
random_read(strbuf_append(passphrase_salt, 16), 16);
|
||||
if (params.salt)
|
||||
put_data(passphrase_salt, params.salt, params.saltlen);
|
||||
else
|
||||
random_read(strbuf_append(passphrase_salt, 16), 16);
|
||||
|
||||
cipher_mac_keys_blob = strbuf_new();
|
||||
ssh2_ppk_derive_keys(3, ciphertype,
|
||||
|
Reference in New Issue
Block a user