Mercurial > dropbear

comparison svr-runopts.c @ 1659:d32bcb5c557d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add Ed25519 support (#91) * Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys
author Vladislav Grishenko <themiron@users.noreply.github.com>
date Wed, 11 Mar 2020 21:09:45 +0500
parents cc0fc5131c5c
children 4b4cfc92c5b7
comparison
equal deleted inserted replaced
1658:7402218141d4 1659:d32bcb5c557d
55 " - rsa %s\n" 55 " - rsa %s\n"
56 #endif 56 #endif
57 #if DROPBEAR_ECDSA 57 #if DROPBEAR_ECDSA
58 " - ecdsa %s\n" 58 " - ecdsa %s\n"
59 #endif 59 #endif
60 #if DROPBEAR_ED25519
61 " - ed25519 %s\n"
62 #endif
60 #if DROPBEAR_DELAY_HOSTKEY 63 #if DROPBEAR_DELAY_HOSTKEY
61 "-R Create hostkeys as required\n" 64 "-R Create hostkeys as required\n"
62 #endif 65 #endif
63 "-F Don't fork into background\n" 66 "-F Don't fork into background\n"
64 #ifdef DISABLE_SYSLOG 67 #ifdef DISABLE_SYSLOG
114 #if DROPBEAR_RSA 117 #if DROPBEAR_RSA
115 RSA_PRIV_FILENAME, 118 RSA_PRIV_FILENAME,
116 #endif 119 #endif
117 #if DROPBEAR_ECDSA 120 #if DROPBEAR_ECDSA
118 ECDSA_PRIV_FILENAME, 121 ECDSA_PRIV_FILENAME,
122 #endif
123 #if DROPBEAR_ED25519
124 ED25519_PRIV_FILENAME,
119 #endif 125 #endif
120 MAX_AUTH_TRIES, 126 MAX_AUTH_TRIES,
121 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE, 127 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE,
122 DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT); 128 DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT);
123 } 129 }
536 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) { 542 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
537 loadhostkey_helper("ECDSA521", (void**)&read_key->ecckey521, (void**)&svr_opts.hostkey->ecckey521, fatal_duplicate); 543 loadhostkey_helper("ECDSA521", (void**)&read_key->ecckey521, (void**)&svr_opts.hostkey->ecckey521, fatal_duplicate);
538 } 544 }
539 #endif 545 #endif
540 #endif /* DROPBEAR_ECDSA */ 546 #endif /* DROPBEAR_ECDSA */
547
548 #if DROPBEAR_ED25519
549 if (type == DROPBEAR_SIGNKEY_ED25519) {
550 loadhostkey_helper("ed25519", (void**)&read_key->ed25519key, (void**)&svr_opts.hostkey->ed25519key, fatal_duplicate);
551 }
552 #endif
553
541 sign_key_free(read_key); 554 sign_key_free(read_key);
542 TRACE(("leave loadhostkey")) 555 TRACE(("leave loadhostkey"))
543 } 556 }
544 557
545 static void addhostkey(const char *keyfile) { 558 static void addhostkey(const char *keyfile) {
577 #endif 590 #endif
578 591
579 #if DROPBEAR_ECDSA 592 #if DROPBEAR_ECDSA
580 loadhostkey(ECDSA_PRIV_FILENAME, 0); 593 loadhostkey(ECDSA_PRIV_FILENAME, 0);
581 #endif 594 #endif
595 #if DROPBEAR_ED25519
596 loadhostkey(ED25519_PRIV_FILENAME, 0);
597 #endif
582 } 598 }
583 599
584 #if DROPBEAR_RSA 600 #if DROPBEAR_RSA
585 if (!svr_opts.delay_hostkey && !svr_opts.hostkey->rsakey) { 601 if (!svr_opts.delay_hostkey && !svr_opts.hostkey->rsakey) {
586 disablekey(DROPBEAR_SIGNKEY_RSA); 602 disablekey(DROPBEAR_SIGNKEY_RSA);
640 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521); 656 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521);
641 } 657 }
642 #endif 658 #endif
643 #endif /* DROPBEAR_ECDSA */ 659 #endif /* DROPBEAR_ECDSA */
644 660
661 #if DROPBEAR_ED25519
662 if (!svr_opts.delay_hostkey && !svr_opts.hostkey->ed25519key) {
663 disablekey(DROPBEAR_SIGNKEY_ED25519);
664 } else {
665 any_keys = 1;
666 }
667 #endif
668
645 if (!any_keys) { 669 if (!any_keys) {
646 dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey."); 670 dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");
647 } 671 }
648 } 672 }