1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

PuTTYgen: permit and prefer 255 as bit count for ed25519.

In setting up the ECC tests for cmdgen, I noticed that OpenSSH and
PuTTYgen disagree on the bit length to put in a key fingerprint for an
ed25519 key: we think 255, they think 256.

On reflection, I think 255 is more accurate, which is why I bodged
get_fp() in the test suite to ignore that difference when checking our
key fingerprint against OpenSSH's. But having done that, it now seems
silly that if you unnecessarily specify a bit count at ed25519
generation time, cmdgen will insist that it be 256!

255 is now permitted everywhere an ed25519 bit count is input. 256 is
also still allowed for backwards compatibility but 255 is preferred by
the error message if you give any other value.
This commit is contained in:
Simon Tatham 2020-01-14 06:39:32 +00:00
parent df577ab152
commit 187cc8bfcc
3 changed files with 5 additions and 5 deletions

View File

@ -489,7 +489,7 @@ int main(int argc, char **argv)
bits = 384;
break;
case ED25519:
bits = 256;
bits = 255;
break;
default:
bits = DEFAULT_RSADSA_BITS;
@ -502,8 +502,8 @@ int main(int argc, char **argv)
errs = true;
}
if (keytype == ED25519 && (bits != 256)) {
fprintf(stderr, "puttygen: invalid bits for ED25519, choose 256\n");
if (keytype == ED25519 && (bits != 255) && (bits != 256)) {
fprintf(stderr, "puttygen: invalid bits for ED25519, choose 255\n");
errs = true;
}

View File

@ -1549,7 +1549,7 @@ bool ec_ed_alg_and_curve_by_bits(
int bits, const struct ec_curve **curve, const ssh_keyalg **alg)
{
switch (bits) {
case 256: *alg = &ssh_ecdsa_ed25519; break;
case 255: case 256: *alg = &ssh_ecdsa_ed25519; break;
default: return false;
}
*curve = ((struct ecsign_extra *)(*alg)->extra)->curve();

View File

@ -365,7 +365,7 @@ static DWORD WINAPI generate_key_thread(void *param)
ecdsa_generate(params->eckey, params->curve_bits,
progress_update, &prog);
else if (params->keytype == ED25519)
eddsa_generate(params->edkey, 256, progress_update, &prog);
eddsa_generate(params->edkey, 255, progress_update, &prog);
else
rsa_generate(params->key, params->key_bits, progress_update, &prog);