Mercurial > dropbear
comparison gensignkey.c @ 846:b298bb438625 keyondemand
refactor key generation, make it generate as required.
Needs UI in server command line options
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 07 Nov 2013 00:18:52 +0800 |
| parents | |
| children | f4bb964c8678 |
comparison
equal
deleted
inserted
replaced
| 845:774ad9b112ef | 846:b298bb438625 |
|---|---|
| 1 #include "includes.h" | |
| 2 #include "dbutil.h" | |
| 3 #include "buffer.h" | |
| 4 #include "ecdsa.h" | |
| 5 #include "genrsa.h" | |
| 6 #include "gendss.h" | |
| 7 #include "signkey.h" | |
| 8 | |
| 9 #define RSA_DEFAULT_SIZE 2048 | |
| 10 #define DSS_DEFAULT_SIZE 1024 | |
| 11 | |
| 12 // Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE | |
| 13 static int buf_writefile(buffer * buf, const char * filename) { | |
| 14 int ret = DROPBEAR_FAILURE; | |
| 15 int fd = -1; | |
| 16 | |
| 17 fd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); | |
| 18 if (fd < 0) { | |
| 19 dropbear_log(LOG_ERR, "Couldn't create new file %s: %s", | |
| 20 filename, strerror(errno)); | |
| 21 goto out; | |
| 22 } | |
| 23 | |
| 24 /* write the file now */ | |
| 25 while (buf->pos != buf->len) { | |
| 26 int len = write(fd, buf_getptr(buf, buf->len - buf->pos), | |
| 27 buf->len - buf->pos); | |
| 28 if (errno == EINTR) { | |
| 29 continue; | |
| 30 } | |
| 31 if (len <= 0) { | |
| 32 dropbear_log(LOG_ERR, "Failed writing file %s: %s", | |
| 33 filename, strerror(errno)); | |
| 34 goto out; | |
| 35 } | |
| 36 buf_incrpos(buf, len); | |
| 37 } | |
| 38 | |
| 39 ret = DROPBEAR_SUCCESS; | |
| 40 | |
| 41 out: | |
| 42 if (fd >= 0) { | |
| 43 m_close(fd); | |
| 44 } | |
| 45 return ret; | |
| 46 } | |
| 47 | |
| 48 /* returns 0 on failure */ | |
| 49 static int get_default_bits(enum signkey_type keytype) | |
| 50 { | |
| 51 switch (keytype) { | |
| 52 #ifdef DROPBEAR_RSA | |
| 53 case DROPBEAR_SIGNKEY_RSA: | |
| 54 return RSA_DEFAULT_SIZE; | |
| 55 #endif | |
| 56 #ifdef DROPBEAR_DSS | |
| 57 case DROPBEAR_SIGNKEY_DSS: | |
| 58 return DSS_DEFAULT_SIZE; | |
| 59 #endif | |
| 60 #ifdef DROPBEAR_ECDSA | |
| 61 case DROPBEAR_SIGNKEY_ECDSA_KEYGEN: | |
| 62 return ECDSA_DEFAULT_SIZE; | |
| 63 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: | |
| 64 return 521; | |
| 65 case DROPBEAR_SIGNKEY_ECDSA_NISTP384: | |
| 66 return 384; | |
| 67 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: | |
| 68 return 256; | |
| 69 #endif | |
| 70 default: | |
| 71 return 0; | |
| 72 } | |
| 73 } | |
| 74 | |
| 75 | |
| 76 int signkey_generate(enum signkey_type keytype, int bits, const char* filename) | |
| 77 { | |
| 78 sign_key * key = NULL; | |
| 79 buffer *buf = NULL; | |
| 80 int ret = DROPBEAR_FAILURE; | |
| 81 if (bits == 0) | |
| 82 { | |
| 83 bits = get_default_bits(keytype); | |
| 84 } | |
| 85 | |
| 86 /* now we can generate the key */ | |
| 87 key = new_sign_key(); | |
| 88 | |
| 89 switch(keytype) { | |
| 90 #ifdef DROPBEAR_RSA | |
| 91 case DROPBEAR_SIGNKEY_RSA: | |
| 92 key->rsakey = gen_rsa_priv_key(bits); | |
| 93 break; | |
| 94 #endif | |
| 95 #ifdef DROPBEAR_DSS | |
| 96 case DROPBEAR_SIGNKEY_DSS: | |
| 97 key->dsskey = gen_dss_priv_key(bits); | |
| 98 break; | |
| 99 #endif | |
| 100 #ifdef DROPBEAR_ECDSA | |
| 101 case DROPBEAR_SIGNKEY_ECDSA_KEYGEN: | |
| 102 case DROPBEAR_SIGNKEY_ECDSA_NISTP521: | |
| 103 case DROPBEAR_SIGNKEY_ECDSA_NISTP384: | |
| 104 case DROPBEAR_SIGNKEY_ECDSA_NISTP256: | |
| 105 { | |
| 106 ecc_key *ecckey = gen_ecdsa_priv_key(bits); | |
| 107 keytype = ecdsa_signkey_type(ecckey); | |
| 108 *signkey_key_ptr(key, keytype) = ecckey; | |
| 109 } | |
| 110 break; | |
| 111 #endif | |
| 112 default: | |
| 113 dropbear_exit("Internal error"); | |
| 114 } | |
| 115 | |
| 116 buf = buf_new(MAX_PRIVKEY_SIZE); | |
| 117 | |
| 118 buf_put_priv_key(buf, key, keytype); | |
| 119 sign_key_free(key); | |
| 120 key = NULL; | |
| 121 buf_setpos(buf, 0); | |
| 122 ret = buf_writefile(buf, filename); | |
| 123 | |
| 124 buf_burn(buf); | |
| 125 buf_free(buf); | |
| 126 buf = NULL; | |
| 127 return ret; | |
| 128 } |