src/usr.bin/ssh/ssh-keygen.c - diff

Return to ssh-keygen.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-keygen.c between version 1.1 and 1.2

version 1.1, 1999/09/26 20:53:37

version 1.2, 1999/09/28 04:45:37

Line 19

#ifndef HAVE_GETHOSTNAME

#include <sys/utsname.h>

#endif

#include "randoms.h"

#include "rsa.h"

#include "ssh.h"

#include "xmalloc.h"

/* Generated private key. */

RSAPrivateKey private_key;

RSA *private_key;

/* Generated public key. */

RSAPublicKey public_key;

RSA *public_key;

/* Random number generator state. */

RandomState state;

/* Number of bits in the RSA key. This value can be changed on the command

line. */

int bits = 1024;

Line 45

Line 41

on the command line. */

int change_comment = 0;

int quiet = 0;

/* This is set to the identity file name if given on the command line. */

char *identity_file = NULL;

Line 60

Line 58

/* Perform changing a passphrase. The argument is the passwd structure

for the current user. */

void do_change_passphrase(struct passwd *pw)

void

do_change_passphrase(struct passwd *pw)

{

char buf[1024], *comment;

RSAPrivateKey private_key;

char *old_passphrase, *passphrase1, *passphrase2;

struct stat st;

RSA *private_key;

/* Read key file name. */

if (identity_file != NULL)

if (identity_file != NULL) {

{

strncpy(buf, identity_file, sizeof(buf));

buf[sizeof(buf) - 1] = '\0';

}

} else {

else

printf("Enter file in which the key is ($HOME/%s): ", SSH_CLIENT_IDENTITY);

{

fflush(stdout);

printf("Enter file in which the key is ($HOME/%s): ",

if (fgets(buf, sizeof(buf), stdin) == NULL)

SSH_CLIENT_IDENTITY);

exit(1);

fflush(stdout);

if (strchr(buf, '\n'))

if (fgets(buf, sizeof(buf), stdin) == NULL)

*strchr(buf, '\n') = 0;

exit(1);

if (strcmp(buf, "") == 0)

if (strchr(buf, '\n'))

sprintf(buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);

*strchr(buf, '\n') = 0;

}

if (strcmp(buf, "") == 0)

sprintf(buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);

}

/* Check if the file exists. */

if (stat(buf, &st) < 0)

Line 95

Line 90

/* Try to load the public key from the file the verify that it is

readable and of the proper format. */

if (!load_public_key(buf, &public_key, NULL))

public_key = RSA_new();

if (!load_public_key(buf, public_key, NULL))

{

printf("%s is not a valid key file.\n", buf);

exit(1);

}

/* Clear the public key since we are just about to load the whole file. */

rsa_clear_public_key(&public_key);

RSA_free(public_key);

/* Try to load the file with empty passphrase. */

if (!load_private_key(buf, "", &private_key, &comment))

private_key = RSA_new();

{

if (!load_private_key(buf, "", private_key, &comment)) {

/* Read passphrase from the user. */

if (identity_passphrase)

old_passphrase = xstrdup(identity_passphrase);

else

old_passphrase = read_passphrase("Enter old passphrase: ", 1);

/* Try to load using the passphrase. */

if (!load_private_key(buf, old_passphrase, &private_key, &comment))

if (!load_private_key(buf, old_passphrase, private_key, &comment))

{

memset(old_passphrase, 0, strlen(old_passphrase));

xfree(old_passphrase);

printf("Bad passphrase.\n");

exit(1);

}

/* Destroy the passphrase. */

memset(old_passphrase, 0, strlen(old_passphrase));

xfree(old_passphrase);

}

printf("Key has comment '%s'\n", comment);

/* Ask the new passphrase (twice). */

Line 153

Line 149

}

/* Save the file using the new passphrase. */

if (!save_private_key(buf, passphrase1, &private_key, comment, &state))

if (!save_private_key(buf, passphrase1, private_key, comment))

{

printf("Saving the key failed: %s: %s.\n",

buf, strerror(errno));

memset(passphrase1, 0, strlen(passphrase1));

xfree(passphrase1);

rsa_clear_private_key(&private_key);

RSA_free(private_key);

xfree(comment);

exit(1);

}

/* Destroy the passphrase and the copy of the key in memory. */

memset(passphrase1, 0, strlen(passphrase1));

xfree(passphrase1);

rsa_clear_private_key(&private_key);

RSA_free(private_key); /* Destroys contents */

xfree(comment);

printf("Your identification has been saved with the new passphrase.\n");

Line 175

Line 171

/* Change the comment of a private key file. */

void do_change_comment(struct passwd *pw)

void

do_change_comment(struct passwd *pw)

{

char buf[1024], new_comment[1024], *comment;

RSAPrivateKey private_key;

RSA *private_key;

char *passphrase;

struct stat st;

FILE *f;

char *tmpbuf;

/* Read key file name. */

if (identity_file)

Line 211

Line 209

/* Try to load the public key from the file the verify that it is

readable and of the proper format. */

if (!load_public_key(buf, &public_key, NULL))

public_key = RSA_new();

if (!load_public_key(buf, public_key, NULL))

{

printf("%s is not a valid key file.\n", buf);

exit(1);

}

private_key = RSA_new();

/* Try to load the file with empty passphrase. */

if (load_private_key(buf, "", &private_key, &comment))

if (load_private_key(buf, "", private_key, &comment))

passphrase = xstrdup("");

else

{

Line 231

else

passphrase = read_passphrase("Enter passphrase: ", 1);

/* Try to load using the passphrase. */

if (!load_private_key(buf, passphrase, &private_key, &comment))

if (!load_private_key(buf, passphrase, private_key, &comment))

{

memset(passphrase, 0, strlen(passphrase));

xfree(passphrase);

Line 253

if (!fgets(new_comment, sizeof(new_comment), stdin))

{

memset(passphrase, 0, strlen(passphrase));

rsa_clear_private_key(&private_key);

RSA_free(private_key);

exit(1);

}

Line 263

}

/* Save the file using the new passphrase. */

if (!save_private_key(buf, passphrase, &private_key, new_comment,

if (!save_private_key(buf, passphrase, private_key, new_comment))

&state))

{

printf("Saving the key failed: %s: %s.\n",

buf, strerror(errno));

memset(passphrase, 0, strlen(passphrase));

xfree(passphrase);

rsa_clear_private_key(&private_key);

RSA_free(private_key);

xfree(comment);

exit(1);

}

Line 278

Line 277

/* Destroy the passphrase and the private key in memory. */

memset(passphrase, 0, strlen(passphrase));

xfree(passphrase);

rsa_clear_private_key(&private_key);

RSA_free(private_key);

/* Save the public key in text format in a file with the same name but

.pub appended. */

Line 289

Line 288

printf("Could not save your public key in %s\n", buf);

exit(1);

}

fprintf(f, "%d ", public_key.bits);

fprintf(f, "%d ", BN_num_bits(public_key->n));

mpz_out_str(f, 10, &public_key.e);

tmpbuf = BN_bn2dec(public_key->e);

fprintf(f, " ");

fprintf(f, "%s ", tmpbuf);

mpz_out_str(f, 10, &public_key.n);

free (tmpbuf);

fprintf(f, " %s\n", new_comment);

tmpbuf = BN_bn2dec(public_key->n);

fprintf(f, "%s %s\n", tmpbuf, new_comment);

free (tmpbuf);

fclose(f);

xfree(comment);

Line 304

Line 305

/* Main program for key management. */

int main(int ac, char **av)

int

main(int ac, char **av)

{

char buf[16384], buf2[1024], *passphrase1, *passphrase2;

struct passwd *pw;

char *tmpbuf;

int opt;

struct stat st;

FILE *f;

Line 371

Line 374

identity_comment = optarg;

break;

case 'q':

quiet = 1;

break;

case '?':

default:

printf("ssh-keygen version %s\n", SSH_VERSION);

Line 401

Line 408

/* Initialize random number generator. This may take a while if the

user has no seed file, so display a message to the user. */

printf("Initializing random number generator...\n");

if (!quiet)

sprintf(buf, "%s/%s", pw->pw_dir, SSH_CLIENT_SEEDFILE);

printf("Initializing random number generator...\n");

random_initialize(&state, buf);

arc4random_stir();

/* Save random seed so we don\'t need to do all that time-consuming

if (quiet)

environmental noise collection the next time. */

rsa_set_verbose(0);

random_save(&state, buf);

/* Generate the rsa key pair. */

rsa_generate_key(&private_key, &public_key, &state, bits);

private_key = RSA_new();

public_key = RSA_new();

rsa_generate_key(private_key, public_key, bits);

/* Save the state again, just to remove any fear that the previous state

could be used to recreate the key. (That should not be possible anyway

since the pool is stirred after save and some noise is added.) */

random_save(&state, buf);

ask_file_again:

/* Ask for a file to save the key in. */

Line 504

Line 507

}

/* Save the key with the given passphrase and comment. */

if (!save_private_key(buf, passphrase1, &private_key, buf2, &state))

if (!save_private_key(buf, passphrase1, private_key, buf2))

{

printf("Saving the key failed: %s: %s.\n",

buf, strerror(errno));

Line 517

Line 520

xfree(passphrase1);

/* Clear the private key and the random number generator. */

rsa_clear_private_key(&private_key);

RSA_free(private_key);

random_clear(&state);

arc4random_stir();

printf("Your identification has been saved in %s.\n", buf);

if (!quiet)

printf("Your identification has been saved in %s.\n", buf);

/* Display the public key on the screen. */

printf("Your public key is:\n");

if (!quiet) {

printf("%d ", public_key.bits);

printf("Your public key is:\n");

mpz_out_str(stdout, 10, &public_key.e);

printf("%d ", BN_num_bits(public_key->n));

printf(" ");

tmpbuf = BN_bn2dec(public_key->e);

mpz_out_str(stdout, 10, &public_key.n);

printf("%s ", tmpbuf);

printf(" %s\n", buf2);

free(tmpbuf);

tmpbuf = BN_bn2dec(public_key->n);

printf("%s %s\n", tmpbuf, buf2);

free(tmpbuf);

}

/* Save the public key in text format in a file with the same name but

.pub appended. */

Line 539

Line 547

printf("Could not save your public key in %s\n", buf);

exit(1);

}

fprintf(f, "%d ", public_key.bits);

fprintf(f, "%d ", BN_num_bits(public_key->n));

mpz_out_str(f, 10, &public_key.e);

tmpbuf = BN_bn2dec(public_key->e);

fprintf(f, " ");

fprintf(f, "%s ", tmpbuf);

mpz_out_str(f, 10, &public_key.n);

free(tmpbuf);

fprintf(f, " %s\n", buf2);

tmpbuf = BN_bn2dec(public_key->n);

fprintf(f, "%s %s\n", tmpbuf, buf2);

free(tmpbuf);

fclose(f);

printf("Your public key has been saved in %s\n", buf);

if (!quiet)

printf("Your public key has been saved in %s\n", buf);

exit(0);

}