summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2010-08-31 22:41:14 +1000
committerDamien Miller <djm@mindrot.org>2010-08-31 22:41:14 +1000
commiteb8b60e320cdade9f4c07e2abacfb92c52e01348 (patch)
tree4e5bc25790566402e5b7ae00cefd2c57e867ef09 /ssh-keygen.c
parentda108ece6843f1268aa36d7c8ed0030dc53acd15 (diff)
- djm@cvs.openbsd.org 2010/08/31 11:54:45
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c] [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c] [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c] [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c] [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h] [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5] [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c40
1 files changed, 36 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 93f598004..448585185 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.199 2010/08/16 04:06:06 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.200 2010/08/31 11:54:45 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -57,6 +57,7 @@
57/* Number of bits in the RSA/DSA key. This value can be set on the command line. */ 57/* Number of bits in the RSA/DSA key. This value can be set on the command line. */
58#define DEFAULT_BITS 2048 58#define DEFAULT_BITS 2048
59#define DEFAULT_BITS_DSA 1024 59#define DEFAULT_BITS_DSA 1024
60#define DEFAULT_BITS_ECDSA 521
60u_int32_t bits = 0; 61u_int32_t bits = 0;
61 62
62/* 63/*
@@ -176,6 +177,10 @@ ask_filename(struct passwd *pw, const char *prompt)
176 case KEY_DSA: 177 case KEY_DSA:
177 name = _PATH_SSH_CLIENT_ID_DSA; 178 name = _PATH_SSH_CLIENT_ID_DSA;
178 break; 179 break;
180 case KEY_ECDSA_CERT:
181 case KEY_ECDSA:
182 name = _PATH_SSH_CLIENT_ID_ECDSA;
183 break;
179 case KEY_RSA_CERT: 184 case KEY_RSA_CERT:
180 case KEY_RSA_CERT_V00: 185 case KEY_RSA_CERT_V00:
181 case KEY_RSA: 186 case KEY_RSA:
@@ -260,6 +265,10 @@ do_convert_to_pkcs8(Key *k)
260 if (!PEM_write_DSA_PUBKEY(stdout, k->dsa)) 265 if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
261 fatal("PEM_write_DSA_PUBKEY failed"); 266 fatal("PEM_write_DSA_PUBKEY failed");
262 break; 267 break;
268 case KEY_ECDSA:
269 if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
270 fatal("PEM_write_EC_PUBKEY failed");
271 break;
263 default: 272 default:
264 fatal("%s: unsupported key type %s", __func__, key_type(k)); 273 fatal("%s: unsupported key type %s", __func__, key_type(k));
265 } 274 }
@@ -280,6 +289,7 @@ do_convert_to_pem(Key *k)
280 fatal("PEM_write_DSAPublicKey failed"); 289 fatal("PEM_write_DSAPublicKey failed");
281 break; 290 break;
282#endif 291#endif
292 /* XXX ECDSA? */
283 default: 293 default:
284 fatal("%s: unsupported key type %s", __func__, key_type(k)); 294 fatal("%s: unsupported key type %s", __func__, key_type(k));
285 } 295 }
@@ -539,6 +549,13 @@ do_convert_from_pkcs8(Key **k, int *private)
539 (*k)->type = KEY_DSA; 549 (*k)->type = KEY_DSA;
540 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey); 550 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
541 break; 551 break;
552 case EVP_PKEY_EC:
553 *k = key_new(KEY_UNSPEC);
554 (*k)->type = KEY_ECDSA;
555 (*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey);
556 (*k)->ecdsa_nid = key_ecdsa_group_to_nid(
557 EC_KEY_get0_group((*k)->ecdsa));
558 break;
542 default: 559 default:
543 fatal("%s: unsupported pubkey type %d", __func__, 560 fatal("%s: unsupported pubkey type %d", __func__,
544 EVP_PKEY_type(pubkey->type)); 561 EVP_PKEY_type(pubkey->type));
@@ -574,6 +591,7 @@ do_convert_from_pem(Key **k, int *private)
574 fclose(fp); 591 fclose(fp);
575 return; 592 return;
576 } 593 }
594 /* XXX ECDSA */
577#endif 595#endif
578 fatal("%s: unrecognised raw private key format", __func__); 596 fatal("%s: unrecognised raw private key format", __func__);
579} 597}
@@ -614,6 +632,10 @@ do_convert_from(struct passwd *pw)
614 ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, 632 ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
615 NULL, 0, NULL, NULL); 633 NULL, 0, NULL, NULL);
616 break; 634 break;
635 case KEY_ECDSA:
636 ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL,
637 NULL, 0, NULL, NULL);
638 break;
617 case KEY_RSA: 639 case KEY_RSA:
618 ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL, 640 ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL,
619 NULL, 0, NULL, NULL); 641 NULL, 0, NULL, NULL);
@@ -1404,7 +1426,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1404 tmp = tilde_expand_filename(argv[i], pw->pw_uid); 1426 tmp = tilde_expand_filename(argv[i], pw->pw_uid);
1405 if ((public = key_load_public(tmp, &comment)) == NULL) 1427 if ((public = key_load_public(tmp, &comment)) == NULL)
1406 fatal("%s: unable to open \"%s\"", __func__, tmp); 1428 fatal("%s: unable to open \"%s\"", __func__, tmp);
1407 if (public->type != KEY_RSA && public->type != KEY_DSA) 1429 if (public->type != KEY_RSA && public->type != KEY_DSA &&
1430 public->type != KEY_ECDSA)
1408 fatal("%s: key \"%s\" type %s cannot be certified", 1431 fatal("%s: key \"%s\" type %s cannot be certified",
1409 __func__, tmp, key_type(public)); 1432 __func__, tmp, key_type(public));
1410 1433
@@ -2086,8 +2109,14 @@ main(int argc, char **argv)
2086 fprintf(stderr, "unknown key type %s\n", key_type_name); 2109 fprintf(stderr, "unknown key type %s\n", key_type_name);
2087 exit(1); 2110 exit(1);
2088 } 2111 }
2089 if (bits == 0) 2112 if (bits == 0) {
2090 bits = (type == KEY_DSA) ? DEFAULT_BITS_DSA : DEFAULT_BITS; 2113 if (type == KEY_DSA)
2114 bits = DEFAULT_BITS_DSA;
2115 else if (type == KEY_ECDSA)
2116 bits = DEFAULT_BITS_ECDSA;
2117 else
2118 bits = DEFAULT_BITS;
2119 }
2091 maxbits = (type == KEY_DSA) ? 2120 maxbits = (type == KEY_DSA) ?
2092 OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; 2121 OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
2093 if (bits > maxbits) { 2122 if (bits > maxbits) {
@@ -2096,6 +2125,9 @@ main(int argc, char **argv)
2096 } 2125 }
2097 if (type == KEY_DSA && bits != 1024) 2126 if (type == KEY_DSA && bits != 1024)
2098 fatal("DSA keys must be 1024 bits"); 2127 fatal("DSA keys must be 1024 bits");
2128 else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(bits) == -1)
2129 fatal("Invalid ECDSA key length - valid lengths are "
2130 "256, 384 or 521 bits");
2099 if (!quiet) 2131 if (!quiet)
2100 printf("Generating public/private %s key pair.\n", key_type_name); 2132 printf("Generating public/private %s key pair.\n", key_type_name);
2101 private = key_generate(type, bits); 2133 private = key_generate(type, bits);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 14:07:33 +0000