mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-25 01:02:24 +00:00
PuTTYgen: permit and prefer 255 as bit count for ed25519.
In setting up the ECC tests for cmdgen, I noticed that OpenSSH and PuTTYgen disagree on the bit length to put in a key fingerprint for an ed25519 key: we think 255, they think 256. On reflection, I think 255 is more accurate, which is why I bodged get_fp() in the test suite to ignore that difference when checking our key fingerprint against OpenSSH's. But having done that, it now seems silly that if you unnecessarily specify a bit count at ed25519 generation time, cmdgen will insist that it be 256! 255 is now permitted everywhere an ed25519 bit count is input. 256 is also still allowed for backwards compatibility but 255 is preferred by the error message if you give any other value.
This commit is contained in:
parent
df577ab152
commit
187cc8bfcc
6
cmdgen.c
6
cmdgen.c
@ -489,7 +489,7 @@ int main(int argc, char **argv)
|
||||
bits = 384;
|
||||
break;
|
||||
case ED25519:
|
||||
bits = 256;
|
||||
bits = 255;
|
||||
break;
|
||||
default:
|
||||
bits = DEFAULT_RSADSA_BITS;
|
||||
@ -502,8 +502,8 @@ int main(int argc, char **argv)
|
||||
errs = true;
|
||||
}
|
||||
|
||||
if (keytype == ED25519 && (bits != 256)) {
|
||||
fprintf(stderr, "puttygen: invalid bits for ED25519, choose 256\n");
|
||||
if (keytype == ED25519 && (bits != 255) && (bits != 256)) {
|
||||
fprintf(stderr, "puttygen: invalid bits for ED25519, choose 255\n");
|
||||
errs = true;
|
||||
}
|
||||
|
||||
|
2
sshecc.c
2
sshecc.c
@ -1549,7 +1549,7 @@ bool ec_ed_alg_and_curve_by_bits(
|
||||
int bits, const struct ec_curve **curve, const ssh_keyalg **alg)
|
||||
{
|
||||
switch (bits) {
|
||||
case 256: *alg = &ssh_ecdsa_ed25519; break;
|
||||
case 255: case 256: *alg = &ssh_ecdsa_ed25519; break;
|
||||
default: return false;
|
||||
}
|
||||
*curve = ((struct ecsign_extra *)(*alg)->extra)->curve();
|
||||
|
@ -365,7 +365,7 @@ static DWORD WINAPI generate_key_thread(void *param)
|
||||
ecdsa_generate(params->eckey, params->curve_bits,
|
||||
progress_update, &prog);
|
||||
else if (params->keytype == ED25519)
|
||||
eddsa_generate(params->edkey, 256, progress_update, &prog);
|
||||
eddsa_generate(params->edkey, 255, progress_update, &prog);
|
||||
else
|
||||
rsa_generate(params->key, params->key_bits, progress_update, &prog);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user