Commit 403c18a3 authored by Matt Johnston's avatar Matt Johnston
Browse files

Dropbearkey can now print out pubkey portions

--HG--
extra : convert_revision : 2d897b12ba8710efe0b042b36b1fd31b2469eb15
parent 85748aec
......@@ -10,7 +10,7 @@
# This makefile is quite evil.
ifndef PROGRAMS
PROGRAMS=dropbear dbclient dropbearkey dropbearkey
PROGRAMS=dropbear dbclient dropbearkey dropbearconvert
endif
LTC=libtomcrypt/libtomcrypt.a
......
......@@ -56,8 +56,15 @@
#define MAX_FMT 100
void (*_dropbear_exit)(int exitcode, const char* format, va_list param) = NULL;
void (*_dropbear_log)(int priority, const char* format, va_list param) = NULL;
static void generic_dropbear_exit(int exitcode, const char* format,
va_list param);
static void generic_dropbear_log(int priority, const char* format,
va_list param);
void (*_dropbear_exit)(int exitcode, const char* format, va_list param)
= generic_dropbear_exit;
void (*_dropbear_log)(int priority, const char* format, va_list param)
= generic_dropbear_log;
int usingsyslog = 0; /* set by runopts, but required externally to sessions */
#ifndef DISABLE_SYSLOG
......@@ -88,6 +95,28 @@ void dropbear_exit(const char* format, ...) {
va_end(param);
}
static void generic_dropbear_exit(int exitcode, const char* format,
va_list param) {
char fmtbuf[300];
snprintf(fmtbuf, sizeof(fmtbuf), "Exited: %s", format);
_dropbear_log(LOG_INFO, fmtbuf, param);
exit(exitcode);
}
static void generic_dropbear_log(int priority, const char* format,
va_list param) {
char printbuf[1024];
vsnprintf(printbuf, sizeof(printbuf), format, param);
fprintf(stderr, "%s\n", printbuf);
}
/* this is what can be called to write arbitrary log messages */
void dropbear_log(int priority, const char* format, ...) {
......
......@@ -49,7 +49,7 @@ static void printhelp(char * progname) {
"Example:\n"
"dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear_rsa_host_key\n"
"\n"
"The inputfile and output file can be '-' to specify\n"
"The inputfile and outputfile can be '-' to specify\n"
"standard input or standard output.\n", progname);
}
......
......@@ -54,28 +54,28 @@
static void printhelp(char * progname);
#define BUF_SIZE 2000
#define RSA_SIZE (1024/8) /* 1024 bit */
#define DSS_SIZE (1024/8) /* 1024 bit */
static void buf_writefile(buffer * buf, const char * filename);
static void printpubkey(sign_key * key, int keytype);
static void justprintpub(const char* filename);
/* Print a help message */
static void printhelp(char * progname) {
fprintf(stderr, "Usage: %s -t <type> -f <filename> [-s bits]\n"
"Options are:\n"
"-t type Type of key to generate. One of:\n"
"-t type Type of key to generate. One of:\n"
#ifdef DROPBEAR_RSA
" rsa\n"
" rsa\n"
#endif
#ifdef DROPBEAR_DSS
" dss\n"
" dss\n"
#endif
"-f filename Use filename for the secret key\n"
"-s bits Key size in bits, should be "
"multiple of 8 (optional)\n",
"-f filename Use filename for the secret key\n"
"-s bits Key size in bits, should be a multiple of 8 (optional)\n"
"-y Just print the publickey and fingerprint for the\n private key in <filename>.\n",
progname);
}
......@@ -88,23 +88,24 @@ int main(int argc, char ** argv) {
int i;
char ** next = 0;
sign_key *key;
buffer *buf;
sign_key *key = NULL;
buffer *buf = NULL;
char * filename = NULL;
int keytype = -1;
char * typetext = NULL;
char * sizetext = NULL;
unsigned int bits;
unsigned int keysize;
int printpub = 0;
/* get the commandline options */
for (i = 1; i < argc; i++) {
if (argv[i] == NULL) {
continue; /* Whack */
}
if (next) {
*next = argv[i];
if (*next == NULL) {
fprintf(stderr, "Invalid null argument");
}
next = 0x00;
next = NULL;
continue;
}
......@@ -119,6 +120,9 @@ int main(int argc, char ** argv) {
case 's':
next = &sizetext;
break;
case 'y':
printpub = 1;
break;
case 'h':
printhelp(argv[0]);
exit(EXIT_SUCCESS);
......@@ -132,17 +136,20 @@ int main(int argc, char ** argv) {
}
}
if (!filename) {
fprintf(stderr, "Must specify a key filename\n");
printhelp(argv[0]);
exit(EXIT_FAILURE);
}
if (printpub) {
justprintpub(filename);
/* Not reached */
}
/* check/parse args */
if (!typetext) {
fprintf(stderr, "Must specify file type, one of:\n"
#ifdef DROPBEAR_RSA
"rsa\n"
#endif
#ifdef DROPBEAR_DSS
"dss\n"
#endif
"\n"
);
fprintf(stderr, "Must specify key type\n");
printhelp(argv[0]);
exit(EXIT_FAILURE);
}
......@@ -190,11 +197,6 @@ int main(int argc, char ** argv) {
}
}
if (!filename) {
fprintf(stderr, "Must specify a key filename\n");
printhelp(argv[0]);
exit(EXIT_FAILURE);
}
fprintf(stderr, "Will output %d bit %s secret key to '%s'\n", keysize*8,
typetext, filename);
......@@ -222,7 +224,7 @@ int main(int argc, char ** argv) {
exit(EXIT_FAILURE);
}
buf = buf_new(BUF_SIZE);
buf = buf_new(MAX_PRIVKEY_SIZE);
buf_put_priv_key(buf, key, keytype);
buf_setpos(buf, 0);
......@@ -230,14 +232,88 @@ int main(int argc, char ** argv) {
buf_burn(buf);
buf_free(buf);
sign_key_free(key);
fprintf(stderr, "Done.\n");
printpubkey(key, keytype);
sign_key_free(key);
return EXIT_SUCCESS;
}
#endif
static void justprintpub(const char* filename) {
buffer *buf = NULL;
sign_key *key = NULL;
int keytype;
int ret;
int err = DROPBEAR_FAILURE;
buf = buf_new(MAX_PRIVKEY_SIZE);
ret = buf_readfile(buf, filename);
if (ret != DROPBEAR_SUCCESS) {
fprintf(stderr, "Failed reading '%s'\n", filename);
goto out;
}
key = new_sign_key();
keytype = DROPBEAR_SIGNKEY_ANY;
buf_setpos(buf, 0);
ret = buf_get_priv_key(buf, key, &keytype);
if (ret == DROPBEAR_FAILURE) {
fprintf(stderr, "Bad key in '%s'\n", filename);
goto out;
}
printpubkey(key, keytype);
err = DROPBEAR_SUCCESS;
out:
buf_burn(buf);
buf_free(buf);
buf = NULL;
sign_key_free(key);
key = NULL;
exit(err);
}
static void printpubkey(sign_key * key, int keytype) {
buffer * buf = NULL;
unsigned char base64key[MAX_PUBKEY_SIZE*2];
unsigned long base64len;
int err;
const char * typestring = NULL;
char *fp = NULL;
int len;
buf = buf_new(MAX_PUBKEY_SIZE);
buf_put_pub_key(buf, key, keytype);
buf_setpos(buf, 4);
len = buf->len - buf->pos;
base64len = sizeof(base64key);
err = base64_encode(buf_getptr(buf, len), len, base64key, &base64len);
if (err != CRYPT_OK) {
fprintf(stderr, "base64 failed");
}
typestring = signkey_name_from_type(keytype, &err);
fp = sign_key_fingerprint(buf_getptr(buf, len), len);
printf("Public key portion is:\n%s %s\nFingerprint: %s\n",
typestring, base64key, fp);
m_free(fp);
buf_free(buf);
}
/* Write a buffer to a file specified, failing if the file exists */
static void buf_writefile(buffer * buf, const char * filename) {
......
......@@ -109,29 +109,16 @@ static sign_key *dropbear_read(const char* filename) {
buffer * buf = NULL;
int len, maxlen;
FILE *fp;
FILE *fp = NULL;
sign_key *ret = NULL;
int type;
buf = buf_new(2000);
/* can't use buf_readfile since we might have "-" as filename */
if (strlen(filename) == 1 && filename[0] == '-') {
fp = stdin;
} else {
fp = fopen(filename, "r");
}
if (!fp) {
buf = buf_new(MAX_PRIVKEY_SIZE);
/* buf_readfile knows about "-" */
if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) {
goto error;
}
do {
maxlen = buf->size - buf->pos;
len = fread(buf_getwriteptr(buf, maxlen), 1, maxlen, fp);
buf_incrwritepos(buf, len);
} while (len != maxlen && len > 0);
fclose(fp);
buf_setpos(buf, 0);
ret = new_sign_key();
......@@ -173,7 +160,7 @@ static int dropbear_write(const char*filename, sign_key * key) {
}
#endif
buf = buf_new(2000);
buf = buf_new(MAX_PRIVKEY_SIZE);
buf_put_priv_key(buf, key, keytype);
if (strlen(filename) == 1 && filename[0] == '-') {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment