Mercurial > dropbear
annotate dropbearkey.c @ 994:5c5ade336926
Prefer stronger algorithms in algorithm negotiation.
Prefer diffie-hellman-group14-sha1 (2048 bit) over
diffie-hellman-group1-sha1 (1024 bit).
Due to meet-in-the-middle attacks the effective key length of
three key 3DES is 112 bits. AES is stronger and faster then 3DES.
Prefer to delay the start of compression until after authentication
has completed. This avoids exposing compression code to attacks
from unauthenticated users.
(github pull request #9)
| author | Fedor Brunner <fedor.brunner@azet.sk> |
|---|---|
| date | Fri, 23 Jan 2015 23:00:25 +0800 |
| parents | 220f55d540ae |
| children | 6fb4c010c448 |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 /* The format of the keyfiles is basically a raw dump of the buffer. Data types |
|
603
3aa74a4d83ae
Refer to RFCs rather than drafts, update some section references
Matt Johnston <matt@ucc.asn.au>
parents:
457
diff
changeset
|
26 * are specified in the transport rfc 4253 - string is a 32-bit len then the |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 * non-null-terminated string, mp_int is a 32-bit len then the bignum data. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 * The actual functions are buf_put_rsa_priv_key() and buf_put_dss_priv_key() |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 * RSA: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 * string "ssh-rsa" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 * mp_int e |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 * mp_int n |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 * mp_int d |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 * mp_int p (newer versions only) |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 * mp_int q (newer versions only) |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 * DSS: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 * string "ssh-dss" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 * mp_int p |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 * mp_int q |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 * mp_int g |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 * mp_int y |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 * mp_int x |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 #include "includes.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 #include "signkey.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 #include "buffer.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 #include "dbutil.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 #include "genrsa.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 #include "gendss.h" |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
54 #include "ecdsa.h" |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
55 #include "crypto_desc.h" |
|
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
56 #include "dbrandom.h" |
|
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
57 #include "gensignkey.h" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 static void printhelp(char * progname); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
62 static void printpubkey(sign_key * key, int keytype); |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
63 static int printpubfile(const char* filename); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 /* Print a help message */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 static void printhelp(char * progname) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 fprintf(stderr, "Usage: %s -t <type> -f <filename> [-s bits]\n" |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
69 "-t type Type of key to generate. One of:\n" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 #ifdef DROPBEAR_RSA |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
71 " rsa\n" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 #ifdef DROPBEAR_DSS |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
74 " dss\n" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 #endif |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
76 #ifdef DROPBEAR_ECDSA |
|
797
45f1bc96f357
Fix build for dropbearkey and ecdsa with certain options
Matt Johnston <matt@ucc.asn.au>
parents:
795
diff
changeset
|
77 " ecdsa\n" |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
78 #endif |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
79 "-f filename Use filename for the secret key\n" |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
80 "-s bits Key size in bits, should be a multiple of 8 (optional)\n" |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
81 #ifdef DROPBEAR_DSS |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
82 " DSS has a fixed size of 1024 bits\n" |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
83 #endif |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
84 #ifdef DROPBEAR_ECDSA |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
85 " ECDSA has sizes " |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
86 #ifdef DROPBEAR_ECC_256 |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
87 "256 " |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
88 #endif |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
89 #ifdef DROPBEAR_ECC_384 |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
90 "384 " |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
91 #endif |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
92 #ifdef DROPBEAR_ECC_521 |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
93 "521 " |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
94 #endif |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
95 "\n" |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
96 #endif |
|
94
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
97 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n" |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
98 #ifdef DEBUG_TRACE |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
99 "-v verbose\n" |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
100 #endif |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
101 ,progname); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
104 /* fails fatally */ |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
105 static void check_signkey_bits(enum signkey_type type, int bits) |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
106 { |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
107 switch (type) { |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
108 #ifdef DROPBEAR_RSA |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
109 case DROPBEAR_SIGNKEY_RSA: |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
110 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) { |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
111 dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a" |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
112 " multiple of 8\n"); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
113 } |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
114 break; |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
115 #endif |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
116 #ifdef DROPEAR_DSS |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
117 case DROPBEAR_SIGNKEY_DSS: |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
118 if (bits != 1024) { |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
119 dropbear_exit("DSS keys have a fixed size of 1024 bits\n"); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
120 exit(EXIT_FAILURE); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
121 } |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
122 #endif |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
123 default: |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
124 (void)0; /* quiet, compiler. ecdsa handles checks itself */ |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
125 } |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
126 } |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
127 |
|
30
223b0f5f8dce
Switching to the magical new Makefile, and new dbmulti style
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
128 #if defined(DBMULTI_dropbearkey) || !defined(DROPBEAR_MULTI) |
|
223b0f5f8dce
Switching to the magical new Makefile, and new dbmulti style
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
129 #if defined(DBMULTI_dropbearkey) && defined(DROPBEAR_MULTI) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 int dropbearkey_main(int argc, char ** argv) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 #else |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
132 int main(int argc, char ** argv) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 int i; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
136 char ** next = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 char * filename = NULL; |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
138 enum signkey_type keytype = DROPBEAR_SIGNKEY_NONE; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 char * typetext = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
140 char * sizetext = NULL; |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
141 unsigned int bits = 0; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
142 int printpub = 0; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 |
| 795 | 144 crypto_init(); |
| 145 seedrandom(); | |
| 146 | |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
147 /* get the commandline options */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
148 for (i = 1; i < argc; i++) { |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
149 if (argv[i] == NULL) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
150 continue; /* Whack */ |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
151 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
152 if (next) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
153 *next = argv[i]; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
154 next = NULL; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
155 continue; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
157 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
158 if (argv[i][0] == '-') { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 switch (argv[i][1]) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
160 case 'f': |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
161 next = &filename; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
162 break; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
163 case 't': |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
164 next = &typetext; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
165 break; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
166 case 's': |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
167 next = &sizetext; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
168 break; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
169 case 'y': |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
170 printpub = 1; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
171 break; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 case 'h': |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
173 printhelp(argv[0]); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 exit(EXIT_SUCCESS); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
175 break; |
|
94
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
176 #ifdef DEBUG_TRACE |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
177 case 'v': |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
178 debug_trace = 1; |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
179 break; |
|
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
73
diff
changeset
|
180 #endif |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
181 default: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
182 fprintf(stderr, "Unknown argument %s\n", argv[i]); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
183 printhelp(argv[0]); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
184 exit(EXIT_FAILURE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
185 break; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
186 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
188 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
189 |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
190 if (!filename) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
191 fprintf(stderr, "Must specify a key filename\n"); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
192 printhelp(argv[0]); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
193 exit(EXIT_FAILURE); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
194 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
195 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
196 if (printpub) { |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
197 int ret = printpubfile(filename); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
198 exit(ret); |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
199 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
200 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 /* check/parse args */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
202 if (!typetext) { |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
203 fprintf(stderr, "Must specify key type\n"); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 printhelp(argv[0]); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 exit(EXIT_FAILURE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
207 |
|
841
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
208 #ifdef DROPBEAR_RSA |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
209 if (strcmp(typetext, "rsa") == 0) |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
210 { |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
211 keytype = DROPBEAR_SIGNKEY_RSA; |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
212 } |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
213 #endif |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
214 #ifdef DROPBEAR_DSS |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
215 if (strcmp(typetext, "dss") == 0) |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
216 { |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
217 keytype = DROPBEAR_SIGNKEY_DSS; |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
218 } |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
219 #endif |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
220 #ifdef DROPBEAR_ECDSA |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
221 if (strcmp(typetext, "ecdsa") == 0) |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
222 { |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
223 keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN; |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
224 } |
|
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
225 #endif |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
226 |
|
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
227 if (keytype == DROPBEAR_SIGNKEY_NONE) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
228 fprintf(stderr, "Unknown key type '%s'\n", typetext); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
229 printhelp(argv[0]); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
230 exit(EXIT_FAILURE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
231 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 if (sizetext) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 if (sscanf(sizetext, "%u", &bits) != 1) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 fprintf(stderr, "Bits must be an integer\n"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 exit(EXIT_FAILURE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 } |
|
457
e430a26064ee
Make dropbearkey only generate 1024 bit keys
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
238 |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
239 check_signkey_bits(keytype, bits);; |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
240 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
242 fprintf(stderr, "Generating key, this may take a while...\n"); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
243 if (signkey_generate(keytype, bits, filename) == DROPBEAR_FAILURE) |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
244 { |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
245 dropbear_exit("Failed to generate key.\n"); |
|
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
246 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
248 printpubfile(filename); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
250 return EXIT_SUCCESS; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
252 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
253 |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
254 static int printpubfile(const char* filename) { |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
255 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
256 buffer *buf = NULL; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
257 sign_key *key = NULL; |
|
841
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
840
diff
changeset
|
258 enum signkey_type keytype; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
259 int ret; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
260 int err = DROPBEAR_FAILURE; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
261 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
262 buf = buf_new(MAX_PRIVKEY_SIZE); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
263 ret = buf_readfile(buf, filename); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
264 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
265 if (ret != DROPBEAR_SUCCESS) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
266 fprintf(stderr, "Failed reading '%s'\n", filename); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
267 goto out; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
268 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
269 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
270 key = new_sign_key(); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
271 keytype = DROPBEAR_SIGNKEY_ANY; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
272 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
273 buf_setpos(buf, 0); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
274 ret = buf_get_priv_key(buf, key, &keytype); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
275 if (ret == DROPBEAR_FAILURE) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
276 fprintf(stderr, "Bad key in '%s'\n", filename); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
277 goto out; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
278 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
279 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
280 printpubkey(key, keytype); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
281 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
282 err = DROPBEAR_SUCCESS; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
283 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
284 out: |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
285 buf_burn(buf); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
286 buf_free(buf); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
287 buf = NULL; |
| 340 | 288 if (key) { |
| 289 sign_key_free(key); | |
| 290 key = NULL; | |
| 291 } | |
|
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
292 return err; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
293 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
294 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
295 static void printpubkey(sign_key * key, int keytype) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
296 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
297 buffer * buf = NULL; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
298 unsigned char base64key[MAX_PUBKEY_SIZE*2]; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
299 unsigned long base64len; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
300 int err; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
301 const char * typestring = NULL; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
302 char *fp = NULL; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
303 int len; |
|
324
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
304 struct passwd * pw = NULL; |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
305 char * username = NULL; |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
306 char hostname[100]; |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
307 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
308 buf = buf_new(MAX_PUBKEY_SIZE); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
309 buf_put_pub_key(buf, key, keytype); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
310 buf_setpos(buf, 4); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
311 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
312 len = buf->len - buf->pos; |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
313 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
314 base64len = sizeof(base64key); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
315 err = base64_encode(buf_getptr(buf, len), len, base64key, &base64len); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
316 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
317 if (err != CRYPT_OK) { |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
318 fprintf(stderr, "base64 failed"); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
319 } |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
320 |
|
794
d386defb5376
more ecdsa signkey work, not correct
Matt Johnston <matt@ucc.asn.au>
parents:
766
diff
changeset
|
321 typestring = signkey_name_from_type(keytype, NULL); |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
322 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
323 fp = sign_key_fingerprint(buf_getptr(buf, len), len); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
324 |
|
324
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
325 /* a user@host comment is informative */ |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
326 username = ""; |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
327 pw = getpwuid(getuid()); |
|
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
324
diff
changeset
|
328 if (pw) { |
|
324
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
329 username = pw->pw_name; |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
330 } |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
331 |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
332 gethostname(hostname, sizeof(hostname)); |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
333 hostname[sizeof(hostname)-1] = '\0'; |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
334 |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
335 printf("Public key portion is:\n%s %s %s@%s\nFingerprint: %s\n", |
|
bc7c134982df
Include user@host in the pubkey line, since it's sometimes very useful
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
336 typestring, base64key, username, hostname, fp); |
|
73
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
337 |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
338 m_free(fp); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
339 buf_free(buf); |
|
0bf5cebe622c
Dropbearkey can now print out pubkey portions
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
340 } |