Mercurial > dropbear
comparison dropbearkey.c @ 1733:d529a52b2f7c coverity coverity
merge coverity from main
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 26 Jun 2020 21:07:34 +0800 |
parents | 435cfb9ec96e |
children | be236878efcf |
comparison
equal
deleted
inserted
replaced
1643:b59623a64678 | 1733:d529a52b2f7c |
---|---|
41 * mp_int q | 41 * mp_int q |
42 * mp_int g | 42 * mp_int g |
43 * mp_int y | 43 * mp_int y |
44 * mp_int x | 44 * mp_int x |
45 * | 45 * |
46 * Ed25519: | |
47 * string "ssh-ed25519" | |
48 * string k (32 bytes) + A (32 bytes) | |
49 * | |
46 */ | 50 */ |
47 #include "includes.h" | 51 #include "includes.h" |
48 #include "signkey.h" | 52 #include "signkey.h" |
49 #include "buffer.h" | 53 #include "buffer.h" |
50 #include "dbutil.h" | 54 #include "dbutil.h" |
51 | 55 |
52 #include "genrsa.h" | 56 #include "genrsa.h" |
53 #include "gendss.h" | 57 #include "gendss.h" |
58 #include "gened25519.h" | |
54 #include "ecdsa.h" | 59 #include "ecdsa.h" |
55 #include "crypto_desc.h" | 60 #include "crypto_desc.h" |
56 #include "dbrandom.h" | 61 #include "dbrandom.h" |
57 #include "gensignkey.h" | 62 #include "gensignkey.h" |
58 | 63 |
73 #if DROPBEAR_DSS | 78 #if DROPBEAR_DSS |
74 " dss\n" | 79 " dss\n" |
75 #endif | 80 #endif |
76 #if DROPBEAR_ECDSA | 81 #if DROPBEAR_ECDSA |
77 " ecdsa\n" | 82 " ecdsa\n" |
83 #endif | |
84 #if DROPBEAR_ED25519 | |
85 " ed25519\n" | |
78 #endif | 86 #endif |
79 "-f filename Use filename for the secret key.\n" | 87 "-f filename Use filename for the secret key.\n" |
80 " ~/.ssh/id_dropbear is recommended for client keys.\n" | 88 " ~/.ssh/id_dropbear is recommended for client keys.\n" |
81 "-s bits Key size in bits, should be a multiple of 8 (optional)\n" | 89 "-s bits Key size in bits, should be a multiple of 8 (optional)\n" |
82 #if DROPBEAR_DSS | 90 #if DROPBEAR_DSS |
93 #if DROPBEAR_ECC_521 | 101 #if DROPBEAR_ECC_521 |
94 "521 " | 102 "521 " |
95 #endif | 103 #endif |
96 "\n" | 104 "\n" |
97 #endif | 105 #endif |
106 #if DROPBEAR_ED25519 | |
107 " Ed25519 has a fixed size of 256 bits\n" | |
108 #endif | |
98 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n" | 109 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n" |
99 #if DEBUG_TRACE | 110 #if DEBUG_TRACE |
100 "-v verbose\n" | 111 "-v verbose\n" |
101 #endif | 112 #endif |
102 ,progname); | 113 ,progname); |
104 | 115 |
105 /* fails fatally */ | 116 /* fails fatally */ |
106 static void check_signkey_bits(enum signkey_type type, int bits) | 117 static void check_signkey_bits(enum signkey_type type, int bits) |
107 { | 118 { |
108 switch (type) { | 119 switch (type) { |
120 #if DROPBEAR_ED25519 | |
121 case DROPBEAR_SIGNKEY_ED25519: | |
122 if (bits != 256) { | |
123 dropbear_exit("Ed25519 keys have a fixed size of 256 bits\n"); | |
124 exit(EXIT_FAILURE); | |
125 } | |
126 break; | |
127 #endif | |
109 #if DROPBEAR_RSA | 128 #if DROPBEAR_RSA |
110 case DROPBEAR_SIGNKEY_RSA: | 129 case DROPBEAR_SIGNKEY_RSA: |
111 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) { | 130 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) { |
112 dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a" | 131 dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a" |
113 " multiple of 8\n"); | 132 " multiple of 8\n"); |
114 } | 133 } |
115 break; | 134 break; |
116 #endif | 135 #endif |
117 #ifdef DROPEAR_DSS | 136 #if DROPEAR_DSS |
118 case DROPBEAR_SIGNKEY_DSS: | 137 case DROPBEAR_SIGNKEY_DSS: |
119 if (bits != 1024) { | 138 if (bits != 1024) { |
120 dropbear_exit("DSS keys have a fixed size of 1024 bits\n"); | 139 dropbear_exit("DSS keys have a fixed size of 1024 bits\n"); |
121 exit(EXIT_FAILURE); | 140 exit(EXIT_FAILURE); |
122 } | 141 } |
222 if (strcmp(typetext, "ecdsa") == 0) | 241 if (strcmp(typetext, "ecdsa") == 0) |
223 { | 242 { |
224 keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN; | 243 keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN; |
225 } | 244 } |
226 #endif | 245 #endif |
246 #if DROPBEAR_ED25519 | |
247 if (strcmp(typetext, "ed25519") == 0) | |
248 { | |
249 keytype = DROPBEAR_SIGNKEY_ED25519; | |
250 } | |
251 #endif | |
227 | 252 |
228 if (keytype == DROPBEAR_SIGNKEY_NONE) { | 253 if (keytype == DROPBEAR_SIGNKEY_NONE) { |
229 fprintf(stderr, "Unknown key type '%s'\n", typetext); | 254 fprintf(stderr, "Unknown key type '%s'\n", typetext); |
230 printhelp(argv[0]); | 255 printhelp(argv[0]); |
231 exit(EXIT_FAILURE); | 256 exit(EXIT_FAILURE); |