Mercurial > dropbear
comparison dropbearkey.c @ 1733:d529a52b2f7c coverity coverity
merge coverity from main
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 26 Jun 2020 21:07:34 +0800 |
| parents | 435cfb9ec96e |
| children | be236878efcf |
comparison
equal
deleted
inserted
replaced
| 1643:b59623a64678 | 1733:d529a52b2f7c |
|---|---|
| 41 * mp_int q | 41 * mp_int q |
| 42 * mp_int g | 42 * mp_int g |
| 43 * mp_int y | 43 * mp_int y |
| 44 * mp_int x | 44 * mp_int x |
| 45 * | 45 * |
| 46 * Ed25519: | |
| 47 * string "ssh-ed25519" | |
| 48 * string k (32 bytes) + A (32 bytes) | |
| 49 * | |
| 46 */ | 50 */ |
| 47 #include "includes.h" | 51 #include "includes.h" |
| 48 #include "signkey.h" | 52 #include "signkey.h" |
| 49 #include "buffer.h" | 53 #include "buffer.h" |
| 50 #include "dbutil.h" | 54 #include "dbutil.h" |
| 51 | 55 |
| 52 #include "genrsa.h" | 56 #include "genrsa.h" |
| 53 #include "gendss.h" | 57 #include "gendss.h" |
| 58 #include "gened25519.h" | |
| 54 #include "ecdsa.h" | 59 #include "ecdsa.h" |
| 55 #include "crypto_desc.h" | 60 #include "crypto_desc.h" |
| 56 #include "dbrandom.h" | 61 #include "dbrandom.h" |
| 57 #include "gensignkey.h" | 62 #include "gensignkey.h" |
| 58 | 63 |
| 73 #if DROPBEAR_DSS | 78 #if DROPBEAR_DSS |
| 74 " dss\n" | 79 " dss\n" |
| 75 #endif | 80 #endif |
| 76 #if DROPBEAR_ECDSA | 81 #if DROPBEAR_ECDSA |
| 77 " ecdsa\n" | 82 " ecdsa\n" |
| 83 #endif | |
| 84 #if DROPBEAR_ED25519 | |
| 85 " ed25519\n" | |
| 78 #endif | 86 #endif |
| 79 "-f filename Use filename for the secret key.\n" | 87 "-f filename Use filename for the secret key.\n" |
| 80 " ~/.ssh/id_dropbear is recommended for client keys.\n" | 88 " ~/.ssh/id_dropbear is recommended for client keys.\n" |
| 81 "-s bits Key size in bits, should be a multiple of 8 (optional)\n" | 89 "-s bits Key size in bits, should be a multiple of 8 (optional)\n" |
| 82 #if DROPBEAR_DSS | 90 #if DROPBEAR_DSS |
| 93 #if DROPBEAR_ECC_521 | 101 #if DROPBEAR_ECC_521 |
| 94 "521 " | 102 "521 " |
| 95 #endif | 103 #endif |
| 96 "\n" | 104 "\n" |
| 97 #endif | 105 #endif |
| 106 #if DROPBEAR_ED25519 | |
| 107 " Ed25519 has a fixed size of 256 bits\n" | |
| 108 #endif | |
| 98 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n" | 109 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n" |
| 99 #if DEBUG_TRACE | 110 #if DEBUG_TRACE |
| 100 "-v verbose\n" | 111 "-v verbose\n" |
| 101 #endif | 112 #endif |
| 102 ,progname); | 113 ,progname); |
| 104 | 115 |
| 105 /* fails fatally */ | 116 /* fails fatally */ |
| 106 static void check_signkey_bits(enum signkey_type type, int bits) | 117 static void check_signkey_bits(enum signkey_type type, int bits) |
| 107 { | 118 { |
| 108 switch (type) { | 119 switch (type) { |
| 120 #if DROPBEAR_ED25519 | |
| 121 case DROPBEAR_SIGNKEY_ED25519: | |
| 122 if (bits != 256) { | |
| 123 dropbear_exit("Ed25519 keys have a fixed size of 256 bits\n"); | |
| 124 exit(EXIT_FAILURE); | |
| 125 } | |
| 126 break; | |
| 127 #endif | |
| 109 #if DROPBEAR_RSA | 128 #if DROPBEAR_RSA |
| 110 case DROPBEAR_SIGNKEY_RSA: | 129 case DROPBEAR_SIGNKEY_RSA: |
| 111 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) { | 130 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) { |
| 112 dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a" | 131 dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a" |
| 113 " multiple of 8\n"); | 132 " multiple of 8\n"); |
| 114 } | 133 } |
| 115 break; | 134 break; |
| 116 #endif | 135 #endif |
| 117 #ifdef DROPEAR_DSS | 136 #if DROPEAR_DSS |
| 118 case DROPBEAR_SIGNKEY_DSS: | 137 case DROPBEAR_SIGNKEY_DSS: |
| 119 if (bits != 1024) { | 138 if (bits != 1024) { |
| 120 dropbear_exit("DSS keys have a fixed size of 1024 bits\n"); | 139 dropbear_exit("DSS keys have a fixed size of 1024 bits\n"); |
| 121 exit(EXIT_FAILURE); | 140 exit(EXIT_FAILURE); |
| 122 } | 141 } |
| 222 if (strcmp(typetext, "ecdsa") == 0) | 241 if (strcmp(typetext, "ecdsa") == 0) |
| 223 { | 242 { |
| 224 keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN; | 243 keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN; |
| 225 } | 244 } |
| 226 #endif | 245 #endif |
| 246 #if DROPBEAR_ED25519 | |
| 247 if (strcmp(typetext, "ed25519") == 0) | |
| 248 { | |
| 249 keytype = DROPBEAR_SIGNKEY_ED25519; | |
| 250 } | |
| 251 #endif | |
| 227 | 252 |
| 228 if (keytype == DROPBEAR_SIGNKEY_NONE) { | 253 if (keytype == DROPBEAR_SIGNKEY_NONE) { |
| 229 fprintf(stderr, "Unknown key type '%s'\n", typetext); | 254 fprintf(stderr, "Unknown key type '%s'\n", typetext); |
| 230 printhelp(argv[0]); | 255 printhelp(argv[0]); |
| 231 exit(EXIT_FAILURE); | 256 exit(EXIT_FAILURE); |