| version 1.245, 2014/04/28 03:09:18 |
version 1.246, 2014/04/29 18:01:49 |
|
|
| fprintf(stderr, "key bits exceeds maximum %d\n", maxbits); |
fprintf(stderr, "key bits exceeds maximum %d\n", maxbits); |
| exit(1); |
exit(1); |
| } |
} |
| |
#ifdef WITH_OPENSSL |
| if (type == KEY_DSA && *bitsp != 1024) |
if (type == KEY_DSA && *bitsp != 1024) |
| fatal("DSA keys must be 1024 bits"); |
fatal("DSA keys must be 1024 bits"); |
| else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) |
else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) |
|
|
| else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1) |
else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1) |
| fatal("Invalid ECDSA key length - valid lengths are " |
fatal("Invalid ECDSA key length - valid lengths are " |
| "256, 384 or 521 bits"); |
"256, 384 or 521 bits"); |
| |
#endif |
| } |
} |
| |
|
| static void |
static void |
|
|
| #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" |
#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" |
| #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb |
#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb |
| |
|
| |
#ifdef WITH_OPENSSL |
| static void |
static void |
| do_convert_to_ssh2(struct passwd *pw, Key *k) |
do_convert_to_ssh2(struct passwd *pw, Key *k) |
| { |
{ |
|
|
| key_free(k); |
key_free(k); |
| exit(0); |
exit(0); |
| } |
} |
| |
#endif |
| |
|
| static void |
static void |
| do_print_public(struct passwd *pw) |
do_print_public(struct passwd *pw) |
|
|
| } |
} |
| } |
} |
| |
|
| |
#ifdef ENABLE_PKCS11 |
| pkcs11_init(1); |
pkcs11_init(1); |
| |
#endif |
| tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); |
tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); |
| if (pkcs11provider != NULL) { |
if (pkcs11provider != NULL) { |
| if ((ca = load_pkcs11_key(tmp)) == NULL) |
if ((ca = load_pkcs11_key(tmp)) == NULL) |
|
|
| key_free(public); |
key_free(public); |
| free(out); |
free(out); |
| } |
} |
| |
#ifdef ENABLE_PKCS11 |
| pkcs11_terminate(); |
pkcs11_terminate(); |
| |
#endif |
| exit(0); |
exit(0); |
| } |
} |
| |
|
|
|
| exit(0); |
exit(0); |
| } |
} |
| |
|
| |
#ifdef WITH_OPENSSL |
| static void |
static void |
| load_krl(const char *path, struct ssh_krl **krlp) |
load_krl(const char *path, struct ssh_krl **krlp) |
| { |
{ |
|
|
| ssh_krl_free(krl); |
ssh_krl_free(krl); |
| exit(ret); |
exit(ret); |
| } |
} |
| |
#endif |
| |
|
| static void |
static void |
| usage(void) |
usage(void) |
|
|
| printf("Cannot use -l with -H or -R.\n"); |
printf("Cannot use -l with -H or -R.\n"); |
| usage(); |
usage(); |
| } |
} |
| |
#ifdef WITH_OPENSSL |
| if (gen_krl) { |
if (gen_krl) { |
| do_gen_krl(pw, update_krl, argc, argv); |
do_gen_krl(pw, update_krl, argc, argv); |
| return (0); |
return (0); |
|
|
| do_check_krl(pw, argc, argv); |
do_check_krl(pw, argc, argv); |
| return (0); |
return (0); |
| } |
} |
| |
#endif |
| if (ca_key_path != NULL) { |
if (ca_key_path != NULL) { |
| if (cert_key_id == NULL) |
if (cert_key_id == NULL) |
| fatal("Must specify key id (-I) when certifying"); |
fatal("Must specify key id (-I) when certifying"); |
|
|
| do_change_passphrase(pw); |
do_change_passphrase(pw); |
| if (change_comment) |
if (change_comment) |
| do_change_comment(pw); |
do_change_comment(pw); |
| |
#ifdef WITH_OPENSSL |
| if (convert_to) |
if (convert_to) |
| do_convert_to(pw); |
do_convert_to(pw); |
| if (convert_from) |
if (convert_from) |
| do_convert_from(pw); |
do_convert_from(pw); |
| |
#endif |
| if (print_public) |
if (print_public) |
| do_print_public(pw); |
do_print_public(pw); |
| if (rr_hostname != NULL) { |
if (rr_hostname != NULL) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh