| version 1.122.2.2, 2006/02/03 02:53:45 |
version 1.123, 2005/04/05 13:45:31 |
|
|
| #endif |
#endif |
| #include "dns.h" |
#include "dns.h" |
| |
|
| /* Number of bits in the RSA/DSA key. This value can be set on the command line. */ |
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ |
| #define DEFAULT_BITS 2048 |
int bits = 1024; |
| #define DEFAULT_BITS_DSA 1024 |
|
| u_int32_t bits = 0; |
|
| |
|
| /* |
/* |
| * Flag indicating that we just want to change the passphrase. This can be |
* Flag indicating that we just want to change the passphrase. This can be |
|
|
| char hostname[MAXHOSTNAMELEN]; |
char hostname[MAXHOSTNAMELEN]; |
| |
|
| /* moduli.c */ |
/* moduli.c */ |
| int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
int gen_candidates(FILE *, int, int, BIGNUM *); |
| int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); |
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); |
| |
|
| static void |
static void |
|
|
| fprintf(stderr, "WARNING: %s contains unhashed " |
fprintf(stderr, "WARNING: %s contains unhashed " |
| "entries\n", old); |
"entries\n", old); |
| fprintf(stderr, "Delete this file to ensure privacy " |
fprintf(stderr, "Delete this file to ensure privacy " |
| "of hostnames\n"); |
"of hostnames\n"); |
| } |
} |
| } |
} |
| |
|
|
|
| Key *private, *public; |
Key *private, *public; |
| struct passwd *pw; |
struct passwd *pw; |
| struct stat st; |
struct stat st; |
| int opt, type, fd, download = 0; |
int opt, type, fd, download = 0, memory = 0; |
| u_int32_t memory = 0, generator_wanted = 0, trials = 100; |
int generator_wanted = 0, trials = 100; |
| int do_gen_candidates = 0, do_screen_candidates = 0; |
int do_gen_candidates = 0, do_screen_candidates = 0; |
| int log_level = SYSLOG_LEVEL_INFO; |
int log_level = SYSLOG_LEVEL_INFO; |
| BIGNUM *start = NULL; |
BIGNUM *start = NULL; |
| FILE *f; |
FILE *f; |
| const char *errstr; |
|
| |
|
| extern int optind; |
extern int optind; |
| extern char *optarg; |
extern char *optarg; |
| |
|
| /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
|
| sanitise_stdfd(); |
|
| |
|
| SSLeay_add_all_algorithms(); |
SSLeay_add_all_algorithms(); |
| log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); |
log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); |
| |
|
|
|
| "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { |
"degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { |
| switch (opt) { |
switch (opt) { |
| case 'b': |
case 'b': |
| bits = strtonum(optarg, 768, 32768, &errstr); |
bits = atoi(optarg); |
| if (errstr) |
if (bits < 512 || bits > 32768) { |
| fatal("Bits has bad value %s (%s)", |
printf("Bits has bad value.\n"); |
| optarg, errstr); |
exit(1); |
| |
} |
| break; |
break; |
| case 'F': |
case 'F': |
| find_host = 1; |
find_host = 1; |
|
|
| change_comment = 1; |
change_comment = 1; |
| break; |
break; |
| case 'f': |
case 'f': |
| if (strlcpy(identity_file, optarg, sizeof(identity_file)) >= |
strlcpy(identity_file, optarg, sizeof(identity_file)); |
| sizeof(identity_file)) |
|
| fatal("Identity filename too long"); |
|
| have_identity = 1; |
have_identity = 1; |
| break; |
break; |
| case 'g': |
case 'g': |
|
|
| rr_hostname = optarg; |
rr_hostname = optarg; |
| break; |
break; |
| case 'W': |
case 'W': |
| generator_wanted = strtonum(optarg, 1, UINT_MAX, &errstr); |
generator_wanted = atoi(optarg); |
| if (errstr) |
if (generator_wanted < 1) |
| fatal("Desired generator has bad value: %s (%s)", |
fatal("Desired generator has bad value."); |
| optarg, errstr); |
|
| break; |
break; |
| case 'a': |
case 'a': |
| trials = strtonum(optarg, 1, UINT_MAX, &errstr); |
trials = atoi(optarg); |
| if (errstr) |
|
| fatal("Invalid number of trials: %s (%s)", |
|
| optarg, errstr); |
|
| break; |
break; |
| case 'M': |
case 'M': |
| memory = strtonum(optarg, 1, UINT_MAX, &errstr); |
memory = atoi(optarg); |
| if (errstr) { |
|
| fatal("Memory limit is %s: %s", errstr, optarg); |
|
| } |
|
| break; |
break; |
| case 'G': |
case 'G': |
| do_gen_candidates = 1; |
do_gen_candidates = 1; |
| if (strlcpy(out_file, optarg, sizeof(out_file)) >= |
strlcpy(out_file, optarg, sizeof(out_file)); |
| sizeof(out_file)) |
|
| fatal("Output filename too long"); |
|
| break; |
break; |
| case 'T': |
case 'T': |
| do_screen_candidates = 1; |
do_screen_candidates = 1; |
| if (strlcpy(out_file, optarg, sizeof(out_file)) >= |
strlcpy(out_file, optarg, sizeof(out_file)); |
| sizeof(out_file)) |
|
| fatal("Output filename too long"); |
|
| break; |
break; |
| case 'S': |
case 'S': |
| /* XXX - also compare length against bits */ |
/* XXX - also compare length against bits */ |
|
|
| out_file, strerror(errno)); |
out_file, strerror(errno)); |
| return (1); |
return (1); |
| } |
} |
| if (bits == 0) |
|
| bits = DEFAULT_BITS; |
|
| if (gen_candidates(out, memory, bits, start) != 0) |
if (gen_candidates(out, memory, bits, start) != 0) |
| fatal("modulus candidate generation failed"); |
fatal("modulus candidate generation failed\n"); |
| |
|
| return (0); |
return (0); |
| } |
} |
|
|
| out_file, strerror(errno)); |
out_file, strerror(errno)); |
| } |
} |
| if (prime_test(in, out, trials, generator_wanted) != 0) |
if (prime_test(in, out, trials, generator_wanted) != 0) |
| fatal("modulus screening failed"); |
fatal("modulus screening failed\n"); |
| return (0); |
return (0); |
| } |
} |
| |
|
| arc4random_stir(); |
arc4random_stir(); |
| |
|
| if (key_type_name == NULL) |
if (key_type_name == NULL) { |
| key_type_name = "rsa"; |
printf("You must specify a key type (-t).\n"); |
| |
usage(); |
| |
} |
| type = key_type_from_name(key_type_name); |
type = key_type_from_name(key_type_name); |
| if (type == KEY_UNSPEC) { |
if (type == KEY_UNSPEC) { |
| fprintf(stderr, "unknown key type %s\n", key_type_name); |
fprintf(stderr, "unknown key type %s\n", key_type_name); |
| exit(1); |
exit(1); |
| } |
} |
| if (bits == 0) |
|
| bits = (type == KEY_DSA) ? DEFAULT_BITS_DSA : DEFAULT_BITS; |
|
| if (type == KEY_DSA && bits != 1024) |
|
| fatal("DSA keys must be 1024 bits"); |
|
| if (!quiet) |
if (!quiet) |
| printf("Generating public/private %s key pair.\n", key_type_name); |
printf("Generating public/private %s key pair.\n", key_type_name); |
| private = key_generate(type, bits); |
private = key_generate(type, bits); |
|
|
| if (!have_identity) |
if (!have_identity) |
| ask_filename(pw, "Enter file in which to save the key"); |
ask_filename(pw, "Enter file in which to save the key"); |
| |
|
| /* Create ~/.ssh directory if it doesn't already exist. */ |
/* Create ~/.ssh directory if it doesn\'t already exist. */ |
| snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, _PATH_SSH_USER_DIR); |
snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, _PATH_SSH_USER_DIR); |
| if (strstr(identity_file, dotsshdir) != NULL && |
if (strstr(identity_file, dotsshdir) != NULL && |
| stat(dotsshdir, &st) < 0) { |
stat(dotsshdir, &st) < 0) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh