| version 1.250, 2014/08/21 01:08:52 |
version 1.251, 2014/12/21 22:27:56 |
|
|
| #include "ssh2.h" |
#include "ssh2.h" |
| #include "atomicio.h" |
#include "atomicio.h" |
| #include "krl.h" |
#include "krl.h" |
| |
#include "digest.h" |
| |
|
| #ifdef ENABLE_PKCS11 |
#ifdef ENABLE_PKCS11 |
| #include "ssh-pkcs11.h" |
#include "ssh-pkcs11.h" |
|
|
| int print_fingerprint = 0; |
int print_fingerprint = 0; |
| int print_bubblebabble = 0; |
int print_bubblebabble = 0; |
| |
|
| |
/* Hash algorithm to use for fingerprints. */ |
| |
int fingerprint_hash = SSH_FP_HASH_DEFAULT; |
| |
|
| /* The identity file name, given on the command line or entered by the user. */ |
/* The identity file name, given on the command line or entered by the user. */ |
| char identity_file[1024]; |
char identity_file[1024]; |
| int have_identity = 0; |
int have_identity = 0; |
|
|
| Key **keys = NULL; |
Key **keys = NULL; |
| int i, nkeys; |
int i, nkeys; |
| enum fp_rep rep; |
enum fp_rep rep; |
| enum fp_type fptype; |
int fptype; |
| char *fp, *ra; |
char *fp, *ra; |
| |
|
| fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; |
fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; |
| rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; |
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
| |
|
| pkcs11_init(0); |
pkcs11_init(0); |
| nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); |
nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); |
|
|
| for (i = 0; i < nkeys; i++) { |
for (i = 0; i < nkeys; i++) { |
| if (print_fingerprint) { |
if (print_fingerprint) { |
| fp = key_fingerprint(keys[i], fptype, rep); |
fp = key_fingerprint(keys[i], fptype, rep); |
| ra = key_fingerprint(keys[i], SSH_FP_MD5, |
ra = key_fingerprint(keys[i], fingerprint_hash, |
| SSH_FP_RANDOMART); |
SSH_FP_RANDOMART); |
| printf("%u %s %s (PKCS11 key)\n", key_size(keys[i]), |
printf("%u %s %s (PKCS11 key)\n", key_size(keys[i]), |
| fp, key_type(keys[i])); |
fp, key_type(keys[i])); |
|
|
| char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra; |
char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra; |
| int i, skip = 0, num = 0, invalid = 1; |
int i, skip = 0, num = 0, invalid = 1; |
| enum fp_rep rep; |
enum fp_rep rep; |
| enum fp_type fptype; |
int fptype; |
| struct stat st; |
struct stat st; |
| |
|
| fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; |
fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; |
| rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; |
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
| |
|
| if (!have_identity) |
if (!have_identity) |
| ask_filename(pw, "Enter file in which the key is"); |
ask_filename(pw, "Enter file in which the key is"); |
| if (stat(identity_file, &st) < 0) { |
if (stat(identity_file, &st) < 0) { |
|
|
| public = key_load_public(identity_file, &comment); |
public = key_load_public(identity_file, &comment); |
| if (public != NULL) { |
if (public != NULL) { |
| fp = key_fingerprint(public, fptype, rep); |
fp = key_fingerprint(public, fptype, rep); |
| ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); |
ra = key_fingerprint(public, fingerprint_hash, |
| |
SSH_FP_RANDOMART); |
| printf("%u %s %s (%s)\n", key_size(public), fp, comment, |
printf("%u %s %s (%s)\n", key_size(public), fp, comment, |
| key_type(public)); |
key_type(public)); |
| if (log_level >= SYSLOG_LEVEL_VERBOSE) |
if (log_level >= SYSLOG_LEVEL_VERBOSE) |
|
|
| } |
} |
| comment = *cp ? cp : comment; |
comment = *cp ? cp : comment; |
| fp = key_fingerprint(public, fptype, rep); |
fp = key_fingerprint(public, fptype, rep); |
| ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); |
ra = key_fingerprint(public, fingerprint_hash, |
| |
SSH_FP_RANDOMART); |
| printf("%u %s %s (%s)\n", key_size(public), fp, |
printf("%u %s %s (%s)\n", key_size(public), fp, |
| comment ? comment : "no comment", key_type(public)); |
comment ? comment : "no comment", key_type(public)); |
| if (log_level >= SYSLOG_LEVEL_VERBOSE) |
if (log_level >= SYSLOG_LEVEL_VERBOSE) |
|
|
| { |
{ |
| if (print_fingerprint) { |
if (print_fingerprint) { |
| enum fp_rep rep; |
enum fp_rep rep; |
| enum fp_type fptype; |
int fptype; |
| char *fp, *ra; |
char *fp, *ra; |
| |
|
| fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; |
fptype = print_bubblebabble ? |
| rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; |
SSH_DIGEST_SHA1 : fingerprint_hash; |
| |
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
| fp = key_fingerprint(public, fptype, rep); |
fp = key_fingerprint(public, fptype, rep); |
| ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART); |
ra = key_fingerprint(public, fingerprint_hash, |
| |
SSH_FP_RANDOMART); |
| printf("%u %s %s (%s)\n", key_size(public), fp, name, |
printf("%u %s %s (%s)\n", key_size(public), fp, name, |
| key_type(public)); |
key_type(public)); |
| if (log_level >= SYSLOG_LEVEL_VERBOSE) |
if (log_level >= SYSLOG_LEVEL_VERBOSE) |
|
|
| fatal("%s is not a certificate", identity_file); |
fatal("%s is not a certificate", identity_file); |
| v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00; |
v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00; |
| |
|
| key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
key_fp = key_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); |
| ca_fp = key_fingerprint(key->cert->signature_key, |
ca_fp = key_fingerprint(key->cert->signature_key, |
| SSH_FP_MD5, SSH_FP_HEX); |
fingerprint_hash, SSH_FP_DEFAULT); |
| |
|
| printf("%s:\n", identity_file); |
printf("%s:\n", identity_file); |
| printf(" Type: %s %s certificate\n", key_ssh_name(key), |
printf(" Type: %s %s certificate\n", key_ssh_name(key), |
|
|
| " ssh-keygen -e [-m key_format] [-f input_keyfile]\n" |
" ssh-keygen -e [-m key_format] [-f input_keyfile]\n" |
| " ssh-keygen -y [-f input_keyfile]\n" |
" ssh-keygen -y [-f input_keyfile]\n" |
| " ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n" |
" ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n" |
| " ssh-keygen -l [-f input_keyfile]\n" |
" ssh-keygen -l [-E fingerprint_hash] [-f input_keyfile]\n" |
| " ssh-keygen -B [-f input_keyfile]\n"); |
" ssh-keygen -B [-f input_keyfile]\n"); |
| #ifdef ENABLE_PKCS11 |
#ifdef ENABLE_PKCS11 |
| fprintf(stderr, |
fprintf(stderr, |
|
|
| exit(1); |
exit(1); |
| } |
} |
| |
|
| /* Remaining characters: EUYdw */ |
/* Remaining characters: UYdw */ |
| while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy" |
while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy" |
| "C:D:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:a:b:f:g:j:m:n:r:s:t:z:")) != -1) { |
"C:D:E:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:" |
| |
"a:b:f:g:j:m:n:r:s:t:z:")) != -1) { |
| switch (opt) { |
switch (opt) { |
| case 'A': |
case 'A': |
| gen_all_hostkeys = 1; |
gen_all_hostkeys = 1; |
|
|
| fatal("Bits has bad value %s (%s)", |
fatal("Bits has bad value %s (%s)", |
| optarg, errstr); |
optarg, errstr); |
| break; |
break; |
| |
case 'E': |
| |
fingerprint_hash = ssh_digest_alg_by_name(optarg); |
| |
if (fingerprint_hash == -1) |
| |
fatal("Invalid hash algorithm \"%s\"", optarg); |
| |
break; |
| case 'F': |
case 'F': |
| find_host = 1; |
find_host = 1; |
| rr_hostname = optarg; |
rr_hostname = optarg; |
|
|
| fclose(f); |
fclose(f); |
| |
|
| if (!quiet) { |
if (!quiet) { |
| char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX); |
char *fp = key_fingerprint(public, fingerprint_hash, |
| char *ra = key_fingerprint(public, SSH_FP_MD5, |
SSH_FP_DEFAULT); |
| |
char *ra = key_fingerprint(public, fingerprint_hash, |
| SSH_FP_RANDOMART); |
SSH_FP_RANDOMART); |
| printf("Your public key has been saved in %s.\n", |
printf("Your public key has been saved in %s.\n", |
| identity_file); |
identity_file); |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh