Fix specifying a keysize for key generation, fix key name arguments

--HG-- branch : ecc
2025-04-09 07:06:39 +00:00 · 2013-11-01 00:13:09 +08:00 · 2013-11-01 00:13:09 +08:00 · 082a2dde35
commit 082a2dde35
parent 814ab77538
6 changed files with 70 additions and 34 deletions
--- a/common-runopts.c
+++ b/common-runopts.c
@ -35,7 +35,8 @@ runopts opts; /* GLOBAL */

 /* returns success or failure, and the keytype in *type. If we want
 * to restrict the type, type can contain a type to return */
-int readhostkey(const char * filename, sign_key * hostkey, int *type) {
+int readhostkey(const char * filename, sign_key * hostkey, 
+	enum signkey_type *type) {

 	int ret = DROPBEAR_FAILURE;
 	buffer *buf;
--- a/dropbearkey.c
+++ b/dropbearkey.c
@ -185,7 +185,24 @@ int main(int argc, char ** argv) {
 		exit(EXIT_FAILURE);
 	}

-	keytype = signkey_type_from_name(typetext, strlen(typetext));
+#ifdef DROPBEAR_RSA
+	if (strcmp(typetext, "rsa") == 0)
+	{
+		keytype = DROPBEAR_SIGNKEY_RSA;
+	}
+#endif
+#ifdef DROPBEAR_DSS
+	if (strcmp(typetext, "dss") == 0)
+	{
+		keytype = DROPBEAR_SIGNKEY_DSS;
+	}
+#endif
+#ifdef DROPBEAR_ECDSA
+	if (strcmp(typetext, "ecdsa") == 0)
+	{
+		keytype = DROPBEAR_SIGNKEY_ECDSA_KEYGEN;
+	}
+#endif

 	if (keytype == DROPBEAR_SIGNKEY_NONE) {
 		fprintf(stderr, "Unknown key type '%s'\n", typetext);
@ -221,10 +238,13 @@ int main(int argc, char ** argv) {
 				(void)0; /* quiet, compiler. ecdsa handles checks itself */
        }

+    } else {
+    	/* default key size */
+
        switch (keytype) {
 #ifdef DROPBEAR_RSA
            case DROPBEAR_SIGNKEY_RSA:
-                bits = RSA_DEFAULT_SIZE;
+				bits = RSA_DEFAULT_SIZE;
                break;
 #endif
 #ifdef DROPBEAR_DSS
@ -269,7 +289,7 @@ int main(int argc, char ** argv) {
 			{
 				ecc_key *ecckey = gen_ecdsa_priv_key(bits);
 				keytype = ecdsa_signkey_type(ecckey);
-				*signkey_ecc_key_ptr(key, keytype) = ecckey;
+				*signkey_key_ptr(key, keytype) = ecckey;
 			}
 			break;
 #endif
@ -299,7 +319,7 @@ static void justprintpub(const char* filename) {

 	buffer *buf = NULL;
 	sign_key *key = NULL;
-	int keytype;
+	enum signkey_type keytype;
 	int ret;
 	int err = DROPBEAR_FAILURE;

--- a/keyimport.c
+++ b/keyimport.c
@ -774,7 +774,7 @@ static sign_key *openssh_read(const char *filename, char *passphrase)
 			goto error;
 		}

-		*signkey_ecc_key_ptr(retkey, retkey->type) = ecc;
+		*signkey_key_ptr(retkey, retkey->type) = ecc;
 	}
 #endif // DROPBEAR_ECDSA

--- a/runopts.h
+++ b/runopts.h
@ -56,7 +56,8 @@ typedef struct runopts {

 extern runopts opts;

-int readhostkey(const char * filename, sign_key * hostkey, int *type);
+int readhostkey(const char * filename, sign_key * hostkey, 
+	enum signkey_type *type);
 void load_all_hostkeys();

 typedef struct svr_runopts {
--- a/signkey.c
+++ b/signkey.c
@ -103,26 +103,39 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen)
 	return DROPBEAR_SIGNKEY_NONE;
 }

-#ifdef DROPBEAR_ECDSA
-ecc_key **
-signkey_ecc_key_ptr(sign_key *key, enum signkey_type ecc_type) {
-	switch (ecc_type) {
+/* Returns a pointer to the key part specific to "type" */
+void **
+signkey_key_ptr(sign_key *key, enum signkey_type type) {
+	switch (type) {
+#ifdef DROPBEAR_ECC_256
 		case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
-			return &key->ecckey256;
+			return (void**)&key->ecckey256;
+#endif
+#ifdef DROPBEAR_ECC_384
 		case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
-			return &key->ecckey384;
+			return (void**)&key->ecckey384;
+#endif
+#ifdef DROPBEAR_ECC_521
 		case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
-			return &key->ecckey521;
+			return (void**)&key->ecckey521;
+#endif
+#ifdef DROPBEAR_RSA
+		case DROPBEAR_SIGNKEY_RSA:
+			return (void**)&key->rsakey;
+#endif
+#ifdef DROPBEAR_DSS
+		case DROPBEAR_SIGNKEY_DSS:
+			return (void**)&key->dsskey;
+#endif
 		default:
 			return NULL;
 	}
 }
-#endif

 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail.
 * type should be set by the caller to specify the type to read, and
 * on return is set to the type read (useful when type = _ANY) */
-int buf_get_pub_key(buffer *buf, sign_key *key, int *type) {
+int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) {

 	unsigned char* ident;
 	unsigned int len;
@ -169,7 +182,7 @@ int buf_get_pub_key(buffer *buf, sign_key *key, int *type) {
 #endif
 #ifdef DROPBEAR_ECDSA
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, keytype);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, keytype);
 		if (eck) {
 			if (*eck) {
 				ecc_free(*eck);
@ -192,7 +205,7 @@ int buf_get_pub_key(buffer *buf, sign_key *key, int *type) {
 /* returns DROPBEAR_SUCCESS on success, DROPBEAR_FAILURE on fail.
 * type should be set by the caller to specify the type to read, and
 * on return is set to the type read (useful when type = _ANY) */
-int buf_get_priv_key(buffer *buf, sign_key *key, int *type) {
+int buf_get_priv_key(buffer *buf, sign_key *key, enum signkey_type *type) {

 	unsigned char* ident;
 	unsigned int len;
@ -237,7 +250,7 @@ int buf_get_priv_key(buffer *buf, sign_key *key, int *type) {
 #endif
 #ifdef DROPBEAR_ECDSA
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, keytype);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, keytype);
 		if (eck) {
 			if (*eck) {
 				ecc_free(*eck);
@ -258,7 +271,7 @@ int buf_get_priv_key(buffer *buf, sign_key *key, int *type) {
 }

 /* type is either DROPBEAR_SIGNKEY_DSS or DROPBEAR_SIGNKEY_RSA */
-void buf_put_pub_key(buffer* buf, sign_key *key, int type) {
+void buf_put_pub_key(buffer* buf, sign_key *key, enum signkey_type type) {

 	buffer *pubkeys;

@ -276,8 +289,11 @@ void buf_put_pub_key(buffer* buf, sign_key *key, int type) {
 	}
 #endif
 #ifdef DROPBEAR_ECDSA
+	if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256
+		|| type == DROPBEAR_SIGNKEY_ECDSA_NISTP384
+		|| type == DROPBEAR_SIGNKEY_ECDSA_NISTP521)
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, type);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type);
 		if (eck) {
 			buf_put_ecdsa_pub_key(pubkeys, *eck);
 		}
@ -293,7 +309,7 @@ void buf_put_pub_key(buffer* buf, sign_key *key, int type) {
 }

 /* type is either DROPBEAR_SIGNKEY_DSS or DROPBEAR_SIGNKEY_RSA */
-void buf_put_priv_key(buffer* buf, sign_key *key, int type) {
+void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type) {

 	TRACE(("enter buf_put_priv_key"))
 	TRACE(("type is %d", type))
@ -314,7 +330,7 @@ void buf_put_priv_key(buffer* buf, sign_key *key, int type) {
 #endif
 #ifdef DROPBEAR_ECDSA
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, type);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type);
 		if (eck) {
 			buf_put_ecdsa_priv_key(buf, *eck);
 			TRACE(("leave buf_put_priv_key: ecdsa done"))
@ -452,7 +468,7 @@ char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen) {
 #endif
 }

-void buf_put_sign(buffer* buf, sign_key *key, int type, 
+void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, 
 	buffer *data_buf) {
 	buffer *sigblob;
 	sigblob = buf_new(MAX_PUBKEY_SIZE);
@ -469,7 +485,7 @@ void buf_put_sign(buffer* buf, sign_key *key, int type,
 #endif
 #ifdef DROPBEAR_ECDSA
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, type);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type);
 		if (eck) {
 			buf_put_ecdsa_sign(sigblob, *eck, data_buf);
 		}
@ -520,7 +536,7 @@ int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
 #endif
 #ifdef DROPBEAR_ECDSA
 	{
-		ecc_key **eck = signkey_ecc_key_ptr(key, type);
+		ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type);
 		if (eck) {
 			return buf_ecdsa_verify(buf, *eck, data_buf);
 		}
--- a/signkey.h
+++ b/signkey.h
@ -85,12 +85,12 @@ typedef struct SIGN_key sign_key;
 sign_key * new_sign_key();
 const char* signkey_name_from_type(enum signkey_type type, unsigned int *namelen);
 enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen);
-int buf_get_pub_key(buffer *buf, sign_key *key, int *type);
-int buf_get_priv_key(buffer* buf, sign_key *key, int *type);
-void buf_put_pub_key(buffer* buf, sign_key *key, int type);
-void buf_put_priv_key(buffer* buf, sign_key *key, int type);
+int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type);
+int buf_get_priv_key(buffer* buf, sign_key *key, enum signkey_type *type);
+void buf_put_pub_key(buffer* buf, sign_key *key, enum signkey_type type);
+void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type);
 void sign_key_free(sign_key *key);
-void buf_put_sign(buffer* buf, sign_key *key, int type, buffer *data_buf);
+void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, buffer *data_buf);
 #ifdef DROPBEAR_SIGNKEY_VERIFY
 int buf_verify(buffer * buf, sign_key *key, buffer *data_buf);
 char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen);
@ -99,8 +99,6 @@ int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
 					const unsigned char* algoname, unsigned int algolen, 
 					buffer * line, char ** fingerprint);

-#ifdef DROPBEAR_ECDSA
-ecc_key ** signkey_ecc_key_ptr(sign_key *key, enum signkey_type ecc_type);
-#endif
+void** signkey_key_ptr(sign_key *key, enum signkey_type type);

 #endif /* _SIGNKEY_H_ */