2 * Dropbear - a SSH2 server
4 * Copyright (c) 2002,2003 Matt Johnston
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
25 /* The format of the keyfiles is basically a raw dump of the buffer. Data types
26 * are specified in the transport draft - string is a 32-bit len then the
27 * non-null-terminated string, mp_int is a 32-bit len then the bignum data.
28 * The actual functions are buf_put_rsa_priv_key() and buf_put_dss_priv_key()
35 * mp_int p (newer versions only)
36 * mp_int q (newer versions only)
55 static void printhelp(char * progname);
57 #define RSA_SIZE (1024/8) /* 1024 bit */
58 #define DSS_SIZE (1024/8) /* 1024 bit */
60 static void buf_writefile(buffer * buf, const char * filename);
61 static void printpubkey(sign_key * key, int keytype);
62 static void justprintpub(const char* filename);
64 /* Print a help message */
65 static void printhelp(char * progname) {
67 fprintf(stderr, "Usage: %s -t <type> -f <filename> [-s bits]\n"
69 "-t type Type of key to generate. One of:\n"
76 "-f filename Use filename for the secret key\n"
77 "-s bits Key size in bits, should be a multiple of 8 (optional)\n"
78 "-y Just print the publickey and fingerprint for the\n private key in <filename>.\n"
85 #if defined(DBMULTI_dropbearkey) || !defined(DROPBEAR_MULTI)
86 #if defined(DBMULTI_dropbearkey) && defined(DROPBEAR_MULTI)
87 int dropbearkey_main(int argc, char ** argv) {
89 int main(int argc, char ** argv) {
96 char * filename = NULL;
98 char * typetext = NULL;
99 char * sizetext = NULL;
101 unsigned int keysize;
104 /* get the commandline options */
105 for (i = 1; i < argc; i++) {
106 if (argv[i] == NULL) {
107 continue; /* Whack */
115 if (argv[i][0] == '-') {
116 switch (argv[i][1]) {
139 fprintf(stderr, "Unknown argument %s\n", argv[i]);
148 fprintf(stderr, "Must specify a key filename\n");
154 justprintpub(filename);
158 /* check/parse args */
160 fprintf(stderr, "Must specify key type\n");
165 if (strlen(typetext) == 3) {
167 if (strncmp(typetext, "rsa", 3) == 0) {
168 keytype = DROPBEAR_SIGNKEY_RSA;
169 TRACE(("type is rsa"))
173 if (strncmp(typetext, "dss", 3) == 0) {
174 keytype = DROPBEAR_SIGNKEY_DSS;
175 TRACE(("type is dss"))
180 fprintf(stderr, "Unknown key type '%s'\n", typetext);
186 if (sscanf(sizetext, "%u", &bits) != 1) {
187 fprintf(stderr, "Bits must be an integer\n");
191 if (bits < 512 || bits > 4096 || (bits % 8 != 0)) {
192 fprintf(stderr, "Bits must satisfy 512 <= bits <= 4096, and be a"
199 if (keytype == DROPBEAR_SIGNKEY_DSS) {
201 } else if (keytype == DROPBEAR_SIGNKEY_RSA) {
204 exit(EXIT_FAILURE); /* not reached */
209 fprintf(stderr, "Will output %d bit %s secret key to '%s'\n", keysize*8,
212 /* don't want the file readable by others */
215 /* now we can generate the key */
216 key = new_sign_key();
218 fprintf(stderr, "Generating key, this may take a while...\n");
221 case DROPBEAR_SIGNKEY_RSA:
222 key->rsakey = gen_rsa_priv_key(keysize); /* 128 bytes = 1024 bit */
226 case DROPBEAR_SIGNKEY_DSS:
227 key->dsskey = gen_dss_priv_key(keysize); /* 128 bytes = 1024 bit */
231 fprintf(stderr, "Internal error, bad key type\n");
235 buf = buf_new(MAX_PRIVKEY_SIZE);
237 buf_put_priv_key(buf, key, keytype);
239 buf_writefile(buf, filename);
244 printpubkey(key, keytype);
252 static void justprintpub(const char* filename) {
255 sign_key *key = NULL;
258 int err = DROPBEAR_FAILURE;
260 buf = buf_new(MAX_PRIVKEY_SIZE);
261 ret = buf_readfile(buf, filename);
263 if (ret != DROPBEAR_SUCCESS) {
264 fprintf(stderr, "Failed reading '%s'\n", filename);
268 key = new_sign_key();
269 keytype = DROPBEAR_SIGNKEY_ANY;
272 ret = buf_get_priv_key(buf, key, &keytype);
273 if (ret == DROPBEAR_FAILURE) {
274 fprintf(stderr, "Bad key in '%s'\n", filename);
278 printpubkey(key, keytype);
280 err = DROPBEAR_SUCCESS;
291 static void printpubkey(sign_key * key, int keytype) {
294 unsigned char base64key[MAX_PUBKEY_SIZE*2];
295 unsigned long base64len;
297 const char * typestring = NULL;
301 buf = buf_new(MAX_PUBKEY_SIZE);
302 buf_put_pub_key(buf, key, keytype);
305 len = buf->len - buf->pos;
307 base64len = sizeof(base64key);
308 err = base64_encode(buf_getptr(buf, len), len, base64key, &base64len);
310 if (err != CRYPT_OK) {
311 fprintf(stderr, "base64 failed");
314 typestring = signkey_name_from_type(keytype, &err);
316 fp = sign_key_fingerprint(buf_getptr(buf, len), len);
318 printf("Public key portion is:\n%s %s\nFingerprint: %s\n",
319 typestring, base64key, fp);
325 /* Write a buffer to a file specified, failing if the file exists */
326 static void buf_writefile(buffer * buf, const char * filename) {
331 fd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
333 fprintf(stderr, "Couldn't create new file %s\n", filename);
339 /* write the file now */
340 while (buf->pos != buf->len) {
341 len = write(fd, buf_getptr(buf, buf->len - buf->pos),
342 buf->len - buf->pos);
343 if (errno == EINTR) {
347 fprintf(stderr, "Failed writing file '%s'\n",filename);
351 buf_incrpos(buf, len);