Mercurial > dropbear
comparison gensignkey.c @ 1438:4f8eb331174f
add configuration option for default RSA size.
print key size with dropbearkey
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 24 Jun 2017 23:32:25 +0800 |
parents | bbc0a0ee3843 |
children | 7402218141d4 |
comparison
equal
deleted
inserted
replaced
1436:60fc6476e044 | 1438:4f8eb331174f |
---|---|
4 #include "ecdsa.h" | 4 #include "ecdsa.h" |
5 #include "genrsa.h" | 5 #include "genrsa.h" |
6 #include "gendss.h" | 6 #include "gendss.h" |
7 #include "signkey.h" | 7 #include "signkey.h" |
8 #include "dbrandom.h" | 8 #include "dbrandom.h" |
9 | |
10 #define RSA_DEFAULT_SIZE 2048 | |
11 #define DSS_DEFAULT_SIZE 1024 | |
12 | 9 |
13 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 10 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
14 static int buf_writefile(buffer * buf, const char * filename) { | 11 static int buf_writefile(buffer * buf, const char * filename) { |
15 int ret = DROPBEAR_FAILURE; | 12 int ret = DROPBEAR_FAILURE; |
16 int fd = -1; | 13 int fd = -1; |
53 static int get_default_bits(enum signkey_type keytype) | 50 static int get_default_bits(enum signkey_type keytype) |
54 { | 51 { |
55 switch (keytype) { | 52 switch (keytype) { |
56 #if DROPBEAR_RSA | 53 #if DROPBEAR_RSA |
57 case DROPBEAR_SIGNKEY_RSA: | 54 case DROPBEAR_SIGNKEY_RSA: |
58 return RSA_DEFAULT_SIZE; | 55 return DROPBEAR_DEFAULT_RSA_SIZE; |
59 #endif | 56 #endif |
60 #if DROPBEAR_DSS | 57 #if DROPBEAR_DSS |
61 case DROPBEAR_SIGNKEY_DSS: | 58 case DROPBEAR_SIGNKEY_DSS: |
62 return DSS_DEFAULT_SIZE; | 59 /* DSS for SSH only defines 1024 bits */ |
60 return 1024; | |
63 #endif | 61 #endif |
64 #if DROPBEAR_ECDSA | 62 #if DROPBEAR_ECDSA |
65 case DROPBEAR_SIGNKEY_ECDSA_KEYGEN: | 63 case DROPBEAR_SIGNKEY_ECDSA_KEYGEN: |
66 return ECDSA_DEFAULT_SIZE; | 64 return ECDSA_DEFAULT_SIZE; |
67 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: | 65 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: |
74 default: | 72 default: |
75 return 0; | 73 return 0; |
76 } | 74 } |
77 } | 75 } |
78 | 76 |
77 int signkey_generate_get_bits(enum signkey_type keytype, int bits) { | |
78 if (bits == 0) | |
79 { | |
80 bits = get_default_bits(keytype); | |
81 } | |
82 return bits; | |
83 } | |
84 | |
79 /* if skip_exist is set it will silently return if the key file exists */ | 85 /* if skip_exist is set it will silently return if the key file exists */ |
80 int signkey_generate(enum signkey_type keytype, int bits, const char* filename, int skip_exist) | 86 int signkey_generate(enum signkey_type keytype, int bits, const char* filename, int skip_exist) |
81 { | 87 { |
82 sign_key * key = NULL; | 88 sign_key * key = NULL; |
83 buffer *buf = NULL; | 89 buffer *buf = NULL; |
84 char *fn_temp = NULL; | 90 char *fn_temp = NULL; |
85 int ret = DROPBEAR_FAILURE; | 91 int ret = DROPBEAR_FAILURE; |
86 if (bits == 0) | 92 bits = signkey_generate_get_bits(keytype, bits); |
87 { | |
88 bits = get_default_bits(keytype); | |
89 } | |
90 | 93 |
91 /* now we can generate the key */ | 94 /* now we can generate the key */ |
92 key = new_sign_key(); | 95 key = new_sign_key(); |
93 | 96 |
94 seedrandom(); | 97 seedrandom(); |