version 1.8, 2011/09/16 15:36:18 |
version 1.8.2.2, 2013/01/16 05:25:59 |
|
|
/* $NetBSD$ */ |
/* $NetBSD$ */ |
/* $OpenBSD: ssh-keygen.c,v 1.210 2011/04/18 00:46:05 djm Exp $ */ |
/* $OpenBSD: ssh-keygen.c,v 1.216 2012/07/06 06:38:03 jmc Exp $ */ |
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
Line 152 char hostname[MAXHOSTNAMELEN]; |
|
Line 152 char hostname[MAXHOSTNAMELEN]; |
|
|
|
/* moduli.c */ |
/* moduli.c */ |
int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); |
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, |
|
unsigned long); |
|
|
static void |
static void |
type_bits_valid(int type, u_int32_t *bitsp) |
type_bits_valid(int type, u_int32_t *bitsp) |
Line 261 do_convert_to_ssh2(struct passwd *pw, Ke |
|
Line 262 do_convert_to_ssh2(struct passwd *pw, Ke |
|
u_char *blob; |
u_char *blob; |
char comment[61]; |
char comment[61]; |
|
|
|
if (k->type == KEY_RSA1) { |
|
fprintf(stderr, "version 1 keys are not supported\n"); |
|
exit(1); |
|
} |
if (key_to_blob(k, &blob, &len) <= 0) { |
if (key_to_blob(k, &blob, &len) <= 0) { |
fprintf(stderr, "key_to_blob failed\n"); |
fprintf(stderr, "key_to_blob failed\n"); |
exit(1); |
exit(1); |
Line 284 __dead static void |
|
Line 289 __dead static void |
|
do_convert_to_pkcs8(Key *k) |
do_convert_to_pkcs8(Key *k) |
{ |
{ |
switch (key_type_plain(k->type)) { |
switch (key_type_plain(k->type)) { |
|
case KEY_RSA1: |
case KEY_RSA: |
case KEY_RSA: |
if (!PEM_write_RSA_PUBKEY(stdout, k->rsa)) |
if (!PEM_write_RSA_PUBKEY(stdout, k->rsa)) |
fatal("PEM_write_RSA_PUBKEY failed"); |
fatal("PEM_write_RSA_PUBKEY failed"); |
Line 306 __dead static void |
|
Line 312 __dead static void |
|
do_convert_to_pem(Key *k) |
do_convert_to_pem(Key *k) |
{ |
{ |
switch (key_type_plain(k->type)) { |
switch (key_type_plain(k->type)) { |
|
case KEY_RSA1: |
case KEY_RSA: |
case KEY_RSA: |
if (!PEM_write_RSAPublicKey(stdout, k->rsa)) |
if (!PEM_write_RSAPublicKey(stdout, k->rsa)) |
fatal("PEM_write_RSAPublicKey failed"); |
fatal("PEM_write_RSAPublicKey failed"); |
Line 339 do_convert_to(struct passwd *pw) |
|
Line 346 do_convert_to(struct passwd *pw) |
|
exit(1); |
exit(1); |
} |
} |
} |
} |
if (k->type == KEY_RSA1) { |
|
fprintf(stderr, "version 1 keys are not supported\n"); |
|
exit(1); |
|
} |
|
|
|
switch (convert_format) { |
switch (convert_format) { |
case FMT_RFC4716: |
case FMT_RFC4716: |
|
|
fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); |
fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); |
fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); |
fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); |
fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); |
fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); |
|
fprintf(stderr, " -J number Screen this number of moduli lines.\n"); |
|
fprintf(stderr, " -j number Start screening moduli at specified line.\n"); |
|
fprintf(stderr, " -K checkpt Write checkpoints to this file.\n"); |
fprintf(stderr, " -L Print the contents of a certificate.\n"); |
fprintf(stderr, " -L Print the contents of a certificate.\n"); |
fprintf(stderr, " -l Show fingerprint of key file.\n"); |
fprintf(stderr, " -l Show fingerprint of key file.\n"); |
fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); |
fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); |
|
|
main(int argc, char **argv) |
main(int argc, char **argv) |
{ |
{ |
char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; |
char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; |
|
char *checkpoint = NULL; |
char out_file[MAXPATHLEN], *rr_hostname = NULL; |
char out_file[MAXPATHLEN], *rr_hostname = NULL; |
Key *private, *public; |
Key *private, *public; |
struct passwd *pw; |
struct passwd *pw; |
Line 1916 main(int argc, char **argv) |
|
Line 1923 main(int argc, char **argv) |
|
u_int32_t memory = 0, generator_wanted = 0, trials = 100; |
u_int32_t memory = 0, generator_wanted = 0, trials = 100; |
int do_gen_candidates = 0, do_screen_candidates = 0; |
int do_gen_candidates = 0, do_screen_candidates = 0; |
int gen_all_hostkeys = 0; |
int gen_all_hostkeys = 0; |
|
unsigned long start_lineno = 0, lines_to_process = 0; |
BIGNUM *start = NULL; |
BIGNUM *start = NULL; |
FILE *f; |
FILE *f; |
const char *errstr; |
const char *errstr; |
Line 1940 main(int argc, char **argv) |
|
Line 1948 main(int argc, char **argv) |
|
exit(1); |
exit(1); |
} |
} |
|
|
while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:P:m:N:n:" |
while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:J:j:K:P:" |
"O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) { |
"m:N:n:O:C:r:g:R:T:G:M:S:s:a:V:W:z")) != -1) { |
switch (opt) { |
switch (opt) { |
case 'A': |
case 'A': |
gen_all_hostkeys = 1; |
gen_all_hostkeys = 1; |
Line 1962 main(int argc, char **argv) |
|
Line 1970 main(int argc, char **argv) |
|
case 'I': |
case 'I': |
cert_key_id = optarg; |
cert_key_id = optarg; |
break; |
break; |
|
case 'J': |
|
lines_to_process = strtoul(optarg, NULL, 10); |
|
break; |
|
case 'j': |
|
start_lineno = strtoul(optarg, NULL, 10); |
|
break; |
case 'R': |
case 'R': |
delete_host = 1; |
delete_host = 1; |
rr_hostname = optarg; |
rr_hostname = optarg; |
Line 2091 main(int argc, char **argv) |
|
Line 2105 main(int argc, char **argv) |
|
sizeof(out_file)) |
sizeof(out_file)) |
fatal("Output filename too long"); |
fatal("Output filename too long"); |
break; |
break; |
|
case 'K': |
|
if (strlen(optarg) >= MAXPATHLEN) |
|
fatal("Checkpoint filename too long"); |
|
checkpoint = xstrdup(optarg); |
|
break; |
case 'S': |
case 'S': |
/* XXX - also compare length against bits */ |
/* XXX - also compare length against bits */ |
if (BN_hex2bn(&start, optarg) == 0) |
if (BN_hex2bn(&start, optarg) == 0) |
Line 2171 main(int argc, char **argv) |
|
Line 2190 main(int argc, char **argv) |
|
_PATH_HOST_RSA_KEY_FILE, rr_hostname); |
_PATH_HOST_RSA_KEY_FILE, rr_hostname); |
n += do_print_resource_record(pw, |
n += do_print_resource_record(pw, |
_PATH_HOST_DSA_KEY_FILE, rr_hostname); |
_PATH_HOST_DSA_KEY_FILE, rr_hostname); |
|
n += do_print_resource_record(pw, |
|
_PATH_HOST_ECDSA_KEY_FILE, rr_hostname); |
|
|
if (n == 0) |
if (n == 0) |
fatal("no keys found."); |
fatal("no keys found."); |
Line 2213 main(int argc, char **argv) |
|
Line 2234 main(int argc, char **argv) |
|
fatal("Couldn't open moduli file \"%s\": %s", |
fatal("Couldn't open moduli file \"%s\": %s", |
out_file, strerror(errno)); |
out_file, strerror(errno)); |
} |
} |
if (prime_test(in, out, trials, generator_wanted) != 0) |
if (prime_test(in, out, trials, generator_wanted, checkpoint, |
|
start_lineno, lines_to_process) != 0) |
fatal("modulus screening failed"); |
fatal("modulus screening failed"); |
return (0); |
return (0); |
} |
} |