*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.118 2004/12/23 17:38:07 markus Exp $");
#include <openssl/evp.h>
#include <openssl/pem.h>
#include "bufaux.h"
#include "pathnames.h"
#include "log.h"
-#include "readpass.h"
-#include "moduli.h"
+#include "misc.h"
#ifdef SMARTCARD
#include "scard.h"
#endif
-#ifdef DNS
#include "dns.h"
-#endif
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
int bits = 1024;
char *key_type_name = NULL;
/* argv0 */
-#ifdef HAVE___PROGNAME
extern char *__progname;
-#else
-char *__progname;
-#endif
char hostname[MAXHOSTNAMELEN];
+/* moduli.c */
+int gen_candidates(FILE *, int, int, BIGNUM *);
+int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
+
static void
ask_filename(struct passwd *pw, const char *prompt)
{
static void
buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
{
- int bits = buffer_get_int(b);
- int bytes = (bits + 7) / 8;
+ u_int bignum_bits = buffer_get_int(b);
+ u_int bytes = (bignum_bits + 7) / 8;
if (buffer_len(b) < bytes)
fatal("buffer_get_bignum_bits: input buffer too small: "
} else if (strstr(type, "rsa")) {
ktype = KEY_RSA;
} else {
+ buffer_free(&b);
xfree(type);
return NULL;
}
exit(0);
}
-#ifdef DNS
/*
* Print the SSHFP RR.
*/
static void
-do_print_resource_record(struct passwd *pw, char *hostname)
+do_print_resource_record(struct passwd *pw, char *hname)
{
Key *public;
char *comment = NULL;
}
public = key_load_public(identity_file, &comment);
if (public != NULL) {
- export_dns_rr(hostname, public, stdout, print_generic);
+ export_dns_rr(hname, public, stdout, print_generic);
key_free(public);
xfree(comment);
exit(0);
printf("failed to read v2 public key from %s.\n", identity_file);
exit(1);
}
-#endif /* DNS */
/*
* Change the comment of a private key file.
fprintf(stderr, " -C comment Provide new comment.\n");
fprintf(stderr, " -N phrase Provide new passphrase.\n");
fprintf(stderr, " -P phrase Provide old passphrase.\n");
-#ifdef DNS
fprintf(stderr, " -r hostname Print DNS resource record.\n");
-#endif /* DNS */
#ifdef SMARTCARD
fprintf(stderr, " -D reader Download public key from smartcard.\n");
fprintf(stderr, " -U reader Upload private key to smartcard.\n");
main(int ac, char **av)
{
char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
- char out_file[PATH_MAX], *reader_id = NULL;
+ char out_file[MAXPATHLEN], *reader_id = NULL;
char *resource_record_hostname = NULL;
Key *private, *public;
struct passwd *pw;
int opt, type, fd, download = 0, memory = 0;
int generator_wanted = 0, trials = 100;
int do_gen_candidates = 0, do_screen_candidates = 0;
+ int log_level = SYSLOG_LEVEL_INFO;
BIGNUM *start = NULL;
FILE *f;
}
while ((opt = getopt(ac, av,
- "degiqpclBRxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
+ "degiqpclBRvxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
switch (opt) {
case 'b':
bits = atoi(optarg);
case 'U':
reader_id = optarg;
break;
+ case 'v':
+ if (log_level == SYSLOG_LEVEL_INFO)
+ log_level = SYSLOG_LEVEL_DEBUG1;
+ else {
+ if (log_level >= SYSLOG_LEVEL_DEBUG1 &&
+ log_level < SYSLOG_LEVEL_DEBUG3)
+ log_level++;
+ }
+ break;
case 'r':
resource_record_hostname = optarg;
break;
break;
case 'a':
trials = atoi(optarg);
- if (trials < TRIAL_MINIMUM) {
- fatal("Minimum primality trials is %d",
- TRIAL_MINIMUM);
- }
break;
case 'M':
memory = atoi(optarg);
- if (memory != 0 &&
- (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
- fatal("Invalid memory amount (min %ld, max %ld)",
- LARGE_MINIMUM, LARGE_MAXIMUM);
- }
break;
case 'G':
do_gen_candidates = 1;
usage();
}
}
+
+ /* reinit */
+ log_init(av[0], log_level, SYSLOG_FACILITY_USER, 1);
+
if (optind < ac) {
printf("Too many arguments.\n");
usage();
if (print_public)
do_print_public(pw);
if (resource_record_hostname != NULL) {
-#ifdef DNS
do_print_resource_record(pw, resource_record_hostname);
-#else /* DNS */
- fatal("no DNS support.");
-#endif /* DNS */
}
if (reader_id != NULL) {
#ifdef SMARTCARD
if (do_gen_candidates) {
FILE *out = fopen(out_file, "w");
-
+
if (out == NULL) {
error("Couldn't open modulus candidate file \"%s\": %s",
out_file, strerror(errno));
if (have_identity && strcmp(identity_file, "-") != 0) {
if ((in = fopen(identity_file, "r")) == NULL) {
fatal("Couldn't open modulus candidate "
- "file \"%s\": %s", identity_file,
+ "file \"%s\": %s", identity_file,
strerror(errno));
}
} else