From 403c18a30092921f008d55a6d22995c854bce0f3 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sat, 14 Aug 2004 17:35:28 +0000 Subject: Dropbearkey can now print out pubkey portions --HG-- extra : convert_revision : 2d897b12ba8710efe0b042b36b1fd31b2469eb15 --- Makefile.in | 2 +- dbutil.c | 33 ++++++++++++- dropbearconvert.c | 2 +- dropbearkey.c | 138 ++++++++++++++++++++++++++++++++++++++++++------------ keyimport.c | 23 ++------- 5 files changed, 145 insertions(+), 53 deletions(-) diff --git a/Makefile.in b/Makefile.in index 761a3c9..b3e5658 100644 --- a/Makefile.in +++ b/Makefile.in @@ -10,7 +10,7 @@ # This makefile is quite evil. ifndef PROGRAMS - PROGRAMS=dropbear dbclient dropbearkey dropbearkey + PROGRAMS=dropbear dbclient dropbearkey dropbearconvert endif LTC=libtomcrypt/libtomcrypt.a diff --git a/dbutil.c b/dbutil.c index 30b5708..d8ecad5 100644 --- a/dbutil.c +++ b/dbutil.c @@ -56,8 +56,15 @@ #define MAX_FMT 100 -void (*_dropbear_exit)(int exitcode, const char* format, va_list param) = NULL; -void (*_dropbear_log)(int priority, const char* format, va_list param) = NULL; +static void generic_dropbear_exit(int exitcode, const char* format, + va_list param); +static void generic_dropbear_log(int priority, const char* format, + va_list param); + +void (*_dropbear_exit)(int exitcode, const char* format, va_list param) + = generic_dropbear_exit; +void (*_dropbear_log)(int priority, const char* format, va_list param) + = generic_dropbear_log; int usingsyslog = 0; /* set by runopts, but required externally to sessions */ #ifndef DISABLE_SYSLOG @@ -88,6 +95,28 @@ void dropbear_exit(const char* format, ...) { va_end(param); } +static void generic_dropbear_exit(int exitcode, const char* format, + va_list param) { + + char fmtbuf[300]; + + snprintf(fmtbuf, sizeof(fmtbuf), "Exited: %s", format); + + _dropbear_log(LOG_INFO, fmtbuf, param); + + exit(exitcode); +} + +static void generic_dropbear_log(int priority, const char* format, + va_list param) { + + char printbuf[1024]; + + vsnprintf(printbuf, sizeof(printbuf), format, param); + + fprintf(stderr, "%s\n", printbuf); + +} /* this is what can be called to write arbitrary log messages */ void dropbear_log(int priority, const char* format, ...) { diff --git a/dropbearconvert.c b/dropbearconvert.c index 3ceccff..e0d4baf 100644 --- a/dropbearconvert.c +++ b/dropbearconvert.c @@ -49,7 +49,7 @@ static void printhelp(char * progname) { "Example:\n" "dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear_rsa_host_key\n" "\n" - "The inputfile and output file can be '-' to specify\n" + "The inputfile and outputfile can be '-' to specify\n" "standard input or standard output.\n", progname); } diff --git a/dropbearkey.c b/dropbearkey.c index 5d4475b..6a10eab 100644 --- a/dropbearkey.c +++ b/dropbearkey.c @@ -54,28 +54,28 @@ static void printhelp(char * progname); -#define BUF_SIZE 2000 - #define RSA_SIZE (1024/8) /* 1024 bit */ #define DSS_SIZE (1024/8) /* 1024 bit */ static void buf_writefile(buffer * buf, const char * filename); +static void printpubkey(sign_key * key, int keytype); +static void justprintpub(const char* filename); /* Print a help message */ static void printhelp(char * progname) { fprintf(stderr, "Usage: %s -t -f [-s bits]\n" "Options are:\n" - "-t type Type of key to generate. One of:\n" + "-t type Type of key to generate. One of:\n" #ifdef DROPBEAR_RSA - " rsa\n" + " rsa\n" #endif #ifdef DROPBEAR_DSS - " dss\n" + " dss\n" #endif - "-f filename Use filename for the secret key\n" - "-s bits Key size in bits, should be " - "multiple of 8 (optional)\n", + "-f filename Use filename for the secret key\n" + "-s bits Key size in bits, should be a multiple of 8 (optional)\n" + "-y Just print the publickey and fingerprint for the\n private key in .\n", progname); } @@ -88,23 +88,24 @@ int main(int argc, char ** argv) { int i; char ** next = 0; - sign_key *key; - buffer *buf; + sign_key *key = NULL; + buffer *buf = NULL; char * filename = NULL; int keytype = -1; char * typetext = NULL; char * sizetext = NULL; unsigned int bits; unsigned int keysize; + int printpub = 0; /* get the commandline options */ for (i = 1; i < argc; i++) { + if (argv[i] == NULL) { + continue; /* Whack */ + } if (next) { *next = argv[i]; - if (*next == NULL) { - fprintf(stderr, "Invalid null argument"); - } - next = 0x00; + next = NULL; continue; } @@ -119,6 +120,9 @@ int main(int argc, char ** argv) { case 's': next = &sizetext; break; + case 'y': + printpub = 1; + break; case 'h': printhelp(argv[0]); exit(EXIT_SUCCESS); @@ -132,17 +136,20 @@ int main(int argc, char ** argv) { } } + if (!filename) { + fprintf(stderr, "Must specify a key filename\n"); + printhelp(argv[0]); + exit(EXIT_FAILURE); + } + + if (printpub) { + justprintpub(filename); + /* Not reached */ + } + /* check/parse args */ if (!typetext) { - fprintf(stderr, "Must specify file type, one of:\n" -#ifdef DROPBEAR_RSA - "rsa\n" -#endif -#ifdef DROPBEAR_DSS - "dss\n" -#endif - "\n" - ); + fprintf(stderr, "Must specify key type\n"); printhelp(argv[0]); exit(EXIT_FAILURE); } @@ -190,11 +197,6 @@ int main(int argc, char ** argv) { } } - if (!filename) { - fprintf(stderr, "Must specify a key filename\n"); - printhelp(argv[0]); - exit(EXIT_FAILURE); - } fprintf(stderr, "Will output %d bit %s secret key to '%s'\n", keysize*8, typetext, filename); @@ -222,7 +224,7 @@ int main(int argc, char ** argv) { exit(EXIT_FAILURE); } - buf = buf_new(BUF_SIZE); + buf = buf_new(MAX_PRIVKEY_SIZE); buf_put_priv_key(buf, key, keytype); buf_setpos(buf, 0); @@ -230,14 +232,88 @@ int main(int argc, char ** argv) { buf_burn(buf); buf_free(buf); - sign_key_free(key); - fprintf(stderr, "Done.\n"); + printpubkey(key, keytype); + + sign_key_free(key); return EXIT_SUCCESS; } #endif +static void justprintpub(const char* filename) { + + buffer *buf = NULL; + sign_key *key = NULL; + int keytype; + int ret; + int err = DROPBEAR_FAILURE; + + buf = buf_new(MAX_PRIVKEY_SIZE); + ret = buf_readfile(buf, filename); + + if (ret != DROPBEAR_SUCCESS) { + fprintf(stderr, "Failed reading '%s'\n", filename); + goto out; + } + + key = new_sign_key(); + keytype = DROPBEAR_SIGNKEY_ANY; + + buf_setpos(buf, 0); + ret = buf_get_priv_key(buf, key, &keytype); + if (ret == DROPBEAR_FAILURE) { + fprintf(stderr, "Bad key in '%s'\n", filename); + goto out; + } + + printpubkey(key, keytype); + + err = DROPBEAR_SUCCESS; + +out: + buf_burn(buf); + buf_free(buf); + buf = NULL; + sign_key_free(key); + key = NULL; + exit(err); +} + +static void printpubkey(sign_key * key, int keytype) { + + buffer * buf = NULL; + unsigned char base64key[MAX_PUBKEY_SIZE*2]; + unsigned long base64len; + int err; + const char * typestring = NULL; + char *fp = NULL; + int len; + + buf = buf_new(MAX_PUBKEY_SIZE); + buf_put_pub_key(buf, key, keytype); + buf_setpos(buf, 4); + + len = buf->len - buf->pos; + + base64len = sizeof(base64key); + err = base64_encode(buf_getptr(buf, len), len, base64key, &base64len); + + if (err != CRYPT_OK) { + fprintf(stderr, "base64 failed"); + } + + typestring = signkey_name_from_type(keytype, &err); + + fp = sign_key_fingerprint(buf_getptr(buf, len), len); + + printf("Public key portion is:\n%s %s\nFingerprint: %s\n", + typestring, base64key, fp); + + m_free(fp); + buf_free(buf); +} + /* Write a buffer to a file specified, failing if the file exists */ static void buf_writefile(buffer * buf, const char * filename) { diff --git a/keyimport.c b/keyimport.c index 34fac2f..32018b1 100644 --- a/keyimport.c +++ b/keyimport.c @@ -109,29 +109,16 @@ static sign_key *dropbear_read(const char* filename) { buffer * buf = NULL; int len, maxlen; - FILE *fp; + FILE *fp = NULL; sign_key *ret = NULL; int type; - buf = buf_new(2000); - /* can't use buf_readfile since we might have "-" as filename */ - if (strlen(filename) == 1 && filename[0] == '-') { - fp = stdin; - } else { - fp = fopen(filename, "r"); - } - if (!fp) { + buf = buf_new(MAX_PRIVKEY_SIZE); + /* buf_readfile knows about "-" */ + if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) { goto error; } - do { - maxlen = buf->size - buf->pos; - len = fread(buf_getwriteptr(buf, maxlen), 1, maxlen, fp); - buf_incrwritepos(buf, len); - } while (len != maxlen && len > 0); - - fclose(fp); - buf_setpos(buf, 0); ret = new_sign_key(); @@ -173,7 +160,7 @@ static int dropbear_write(const char*filename, sign_key * key) { } #endif - buf = buf_new(2000); + buf = buf_new(MAX_PRIVKEY_SIZE); buf_put_priv_key(buf, key, keytype); if (strlen(filename) == 1 && filename[0] == '-') { -- cgit v1.2.3