Mercurial > dropbear

diff gensignkey.c @ 1438:4f8eb331174f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add configuration option for default RSA size. print key size with dropbearkey
author Matt Johnston <matt@ucc.asn.au>
date Sat, 24 Jun 2017 23:32:25 +0800
parents bbc0a0ee3843
children 7402218141d4
line wrap: on
line diff
--- a/gensignkey.c	Sat Jun 24 22:37:14 2017 +0800
+++ b/gensignkey.c	Sat Jun 24 23:32:25 2017 +0800
@@ -7,9 +7,6 @@
 #include "signkey.h"
 #include "dbrandom.h"
 
-#define RSA_DEFAULT_SIZE 2048
-#define DSS_DEFAULT_SIZE 1024
-
 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
 static int buf_writefile(buffer * buf, const char * filename) {
 	int ret = DROPBEAR_FAILURE;
@@ -55,11 +52,12 @@
 	switch (keytype) {
 #if DROPBEAR_RSA
 		case DROPBEAR_SIGNKEY_RSA:
-			return RSA_DEFAULT_SIZE;
+			return DROPBEAR_DEFAULT_RSA_SIZE;
 #endif
 #if DROPBEAR_DSS
 		case DROPBEAR_SIGNKEY_DSS:
-			return DSS_DEFAULT_SIZE;
+			/* DSS for SSH only defines 1024 bits */
+			return 1024;
 #endif
 #if DROPBEAR_ECDSA
 		case DROPBEAR_SIGNKEY_ECDSA_KEYGEN:
@@ -76,6 +74,14 @@
 	}
 }
 
+int signkey_generate_get_bits(enum signkey_type keytype, int bits) {
+	if (bits == 0)
+	{
+		bits = get_default_bits(keytype);
+	}
+	return bits;
+}
+
 /* if skip_exist is set it will silently return if the key file exists */
 int signkey_generate(enum signkey_type keytype, int bits, const char* filename, int skip_exist)
 {
@@ -83,10 +89,7 @@
 	buffer *buf = NULL;
 	char *fn_temp = NULL;
 	int ret = DROPBEAR_FAILURE;
-	if (bits == 0)
-	{
-		bits = get_default_bits(keytype);
-	}
+	bits = signkey_generate_get_bits(keytype, bits);
 
 	/* now we can generate the key */
 	key = new_sign_key();