mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-25 09:12:24 +00:00
4af8a585e7
Some new cert-related stuff wasn't documented in the usage message and/or man page; and the longer-standing "-E fptype" was entirely omitted from the usage message.
1656 lines
58 KiB
C
1656 lines
58 KiB
C
/*
|
|
* cmdgen.c - command-line form of PuTTYgen
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <ctype.h>
|
|
#include <limits.h>
|
|
#include <assert.h>
|
|
#include <time.h>
|
|
#include <errno.h>
|
|
#include <string.h>
|
|
|
|
#include "putty.h"
|
|
#include "ssh.h"
|
|
#include "sshkeygen.h"
|
|
#include "mpint.h"
|
|
|
|
static FILE *progress_fp = NULL;
|
|
static bool linear_progress_phase;
|
|
static unsigned last_progress_col;
|
|
|
|
static ProgressPhase cmdgen_progress_add_linear(
|
|
ProgressReceiver *prog, double c)
|
|
{
|
|
ProgressPhase ph = { .n = 0 };
|
|
return ph;
|
|
}
|
|
|
|
static ProgressPhase cmdgen_progress_add_probabilistic(
|
|
ProgressReceiver *prog, double c, double p)
|
|
{
|
|
ProgressPhase ph = { .n = 1 };
|
|
return ph;
|
|
}
|
|
|
|
static void cmdgen_progress_start_phase(ProgressReceiver *prog,
|
|
ProgressPhase p)
|
|
{
|
|
linear_progress_phase = (p.n == 0);
|
|
last_progress_col = 0;
|
|
}
|
|
static void cmdgen_progress_report(ProgressReceiver *prog, double p)
|
|
{
|
|
unsigned new_col = p * 64 + 0.5;
|
|
for (; last_progress_col < new_col; last_progress_col++)
|
|
fputc('+', progress_fp);
|
|
}
|
|
static void cmdgen_progress_report_attempt(ProgressReceiver *prog)
|
|
{
|
|
if (progress_fp) {
|
|
fputc('+', progress_fp);
|
|
fflush(progress_fp);
|
|
}
|
|
}
|
|
static void cmdgen_progress_report_phase_complete(ProgressReceiver *prog)
|
|
{
|
|
if (linear_progress_phase)
|
|
cmdgen_progress_report(prog, 1.0);
|
|
if (progress_fp) {
|
|
fputc('\n', progress_fp);
|
|
fflush(progress_fp);
|
|
}
|
|
}
|
|
|
|
static const ProgressReceiverVtable cmdgen_progress_vt = {
|
|
.add_linear = cmdgen_progress_add_linear,
|
|
.add_probabilistic = cmdgen_progress_add_probabilistic,
|
|
.ready = null_progress_ready,
|
|
.start_phase = cmdgen_progress_start_phase,
|
|
.report = cmdgen_progress_report,
|
|
.report_attempt = cmdgen_progress_report_attempt,
|
|
.report_phase_complete = cmdgen_progress_report_phase_complete,
|
|
};
|
|
|
|
static ProgressReceiver cmdgen_progress = { .vt = &cmdgen_progress_vt };
|
|
|
|
/*
|
|
* Stubs to let everything else link sensibly.
|
|
*/
|
|
char *x_get_default(const char *key)
|
|
{
|
|
return NULL;
|
|
}
|
|
void sk_cleanup(void)
|
|
{
|
|
}
|
|
|
|
void showversion(void)
|
|
{
|
|
char *buildinfo_text = buildinfo("\n");
|
|
printf("puttygen: %s\n%s\n", ver, buildinfo_text);
|
|
sfree(buildinfo_text);
|
|
}
|
|
|
|
void usage(bool standalone)
|
|
{
|
|
fprintf(standalone ? stderr : stdout,
|
|
"Usage: puttygen ( keyfile | -t type [ -b bits ] )\n"
|
|
" [ -C comment ] [ -P ] [ -q ]\n"
|
|
" [ -o output-keyfile ] [ -O type | -l | -L"
|
|
" | -p ]\n");
|
|
if (standalone)
|
|
fprintf(stderr,
|
|
"Use \"puttygen --help\" for more detail.\n");
|
|
}
|
|
|
|
void help(void)
|
|
{
|
|
/*
|
|
* Help message is an extended version of the usage message. So
|
|
* start with that, plus a version heading.
|
|
*/
|
|
printf("PuTTYgen: key generator and converter for the PuTTY tools\n"
|
|
"%s\n", ver);
|
|
usage(false);
|
|
printf(" -t specify key type when generating:\n"
|
|
" eddsa, ecdsa, rsa, dsa, rsa1 use with -b\n"
|
|
" ed25519, ed448 special cases of eddsa\n"
|
|
" -b specify number of bits when generating key\n"
|
|
" -C change or specify key comment\n"
|
|
" -P change key passphrase\n"
|
|
" -q quiet: do not display progress bar\n"
|
|
" -O specify output type:\n"
|
|
" private output PuTTY private key format\n"
|
|
" private-openssh export OpenSSH private key\n"
|
|
" private-openssh-new export OpenSSH private key "
|
|
"(force new format)\n"
|
|
" private-sshcom export ssh.com private key\n"
|
|
" public RFC 4716 / ssh.com public key\n"
|
|
" public-openssh OpenSSH public key\n"
|
|
" fingerprint output the key fingerprint\n"
|
|
" cert-info print certificate information\n"
|
|
" text output the key components as "
|
|
"'name=0x####'\n"
|
|
" -o specify output file\n"
|
|
" -l equivalent to `-O fingerprint'\n"
|
|
" -L equivalent to `-O public-openssh'\n"
|
|
" -p equivalent to `-O public'\n"
|
|
" --cert-info equivalent to `-O cert-info'\n"
|
|
" --dump equivalent to `-O text'\n"
|
|
" -E fptype specify fingerprint output type:\n"
|
|
" sha256, md5, sha256-cert, md5-cert\n"
|
|
" --certificate file incorporate a certificate into the key\n"
|
|
" --remove-certificate remove any certificate from the key\n"
|
|
" --reencrypt load a key and save it with fresh "
|
|
"encryption\n"
|
|
" --old-passphrase file\n"
|
|
" specify file containing old key passphrase\n"
|
|
" --new-passphrase file\n"
|
|
" specify file containing new key passphrase\n"
|
|
" --random-device device\n"
|
|
" specify device to read entropy from (e.g. /dev/urandom)\n"
|
|
" --primes <type> select prime-generation method:\n"
|
|
" probable conventional probabilistic prime finding\n"
|
|
" proven numbers that have been proven to be prime\n"
|
|
" proven-even also try harder for an even distribution\n"
|
|
" --strong-rsa use \"strong\" primes as RSA key factors\n"
|
|
" --ppk-param <key>=<value>[,<key>=<value>,...]\n"
|
|
" specify parameters when writing PuTTY private key file "
|
|
"format:\n"
|
|
" version PPK format version (min 2, max 3, "
|
|
"default 3)\n"
|
|
" kdf key derivation function (argon2id, "
|
|
"argon2i, argon2d)\n"
|
|
" memory Kbyte of memory to use in passphrase "
|
|
"hash\n"
|
|
" (default 8192)\n"
|
|
" time approx milliseconds to hash for "
|
|
"(default 100)\n"
|
|
" passes number of hash passes to run "
|
|
"(alternative to 'time')\n"
|
|
" parallelism number of parallelisable threads in the "
|
|
"hash function\n"
|
|
" (default 1)\n"
|
|
);
|
|
}
|
|
|
|
static bool move(char *from, char *to)
|
|
{
|
|
int ret;
|
|
|
|
ret = rename(from, to);
|
|
if (ret) {
|
|
/*
|
|
* This OS may require us to remove the original file first.
|
|
*/
|
|
remove(to);
|
|
ret = rename(from, to);
|
|
}
|
|
if (ret) {
|
|
perror("puttygen: cannot move new file on to old one");
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
static char *readpassphrase(const char *filename)
|
|
{
|
|
FILE *fp;
|
|
char *line;
|
|
|
|
fp = fopen(filename, "r");
|
|
if (!fp) {
|
|
fprintf(stderr, "puttygen: cannot open %s: %s\n",
|
|
filename, strerror(errno));
|
|
return NULL;
|
|
}
|
|
line = fgetline(fp);
|
|
if (line)
|
|
line[strcspn(line, "\r\n")] = '\0';
|
|
else if (ferror(fp))
|
|
fprintf(stderr, "puttygen: error reading from %s: %s\n",
|
|
filename, strerror(errno));
|
|
else /* empty file */
|
|
line = dupstr("");
|
|
fclose(fp);
|
|
return line;
|
|
}
|
|
|
|
#define DEFAULT_RSADSA_BITS 2048
|
|
|
|
static void spr_error(SeatPromptResult spr)
|
|
{
|
|
if (spr.kind == SPRK_SW_ABORT) {
|
|
char *err = spr_get_error_message(spr);
|
|
fprintf(stderr, "puttygen: unable to read passphrase: %s", err);
|
|
sfree(err);
|
|
}
|
|
}
|
|
|
|
/* For Unix in particular, but harmless if this main() is reused elsewhere */
|
|
const bool buildinfo_gtk_relevant = false;
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
char *infile = NULL;
|
|
Filename *infilename = NULL, *outfilename = NULL;
|
|
LoadedFile *infile_lf = NULL;
|
|
BinarySource *infile_bs = NULL;
|
|
enum { NOKEYGEN, RSA1, RSA2, DSA, ECDSA, EDDSA } keytype = NOKEYGEN;
|
|
char *outfile = NULL, *outfiletmp = NULL;
|
|
enum { PRIVATE, PUBLIC, PUBLICO, FP, OPENSSH_AUTO,
|
|
OPENSSH_NEW, SSHCOM, TEXT, CERTINFO } outtype = PRIVATE;
|
|
int bits = -1;
|
|
const char *comment = NULL;
|
|
char *origcomment = NULL;
|
|
bool change_passphrase = false, reencrypt = false;
|
|
bool errs = false, nogo = false;
|
|
int intype = SSH_KEYTYPE_UNOPENABLE;
|
|
int sshver = 0;
|
|
ssh2_userkey *ssh2key = NULL;
|
|
RSAKey *ssh1key = NULL;
|
|
strbuf *ssh2blob = NULL;
|
|
char *ssh2alg = NULL;
|
|
char *old_passphrase = NULL, *new_passphrase = NULL;
|
|
bool load_encrypted;
|
|
const char *random_device = NULL;
|
|
char *certfile = NULL;
|
|
bool remove_cert = false;
|
|
int exit_status = 0;
|
|
const PrimeGenerationPolicy *primegen = &primegen_probabilistic;
|
|
bool strong_rsa = false;
|
|
ppk_save_parameters params = ppk_save_default_parameters;
|
|
FingerprintType fptype = SSH_FPTYPE_DEFAULT;
|
|
|
|
if (is_interactive())
|
|
progress_fp = stderr;
|
|
|
|
#define RETURN(status) do { exit_status = (status); goto out; } while (0)
|
|
|
|
/* ------------------------------------------------------------------
|
|
* Parse the command line to figure out what we've been asked to do.
|
|
*/
|
|
|
|
/*
|
|
* If run with no arguments at all, print the usage message and
|
|
* return success.
|
|
*/
|
|
if (argc <= 1) {
|
|
usage(true);
|
|
RETURN(0);
|
|
}
|
|
|
|
/*
|
|
* Parse command line arguments.
|
|
*/
|
|
while (--argc) {
|
|
char *p = *++argv;
|
|
if (p[0] == '-' && p[1]) {
|
|
/*
|
|
* An option.
|
|
*/
|
|
while (p && *++p) {
|
|
char c = *p;
|
|
switch (c) {
|
|
case '-': {
|
|
/*
|
|
* Long option.
|
|
*/
|
|
char *opt, *val;
|
|
opt = p++; /* opt will have _one_ leading - */
|
|
while (*p && *p != '=')
|
|
p++; /* find end of option */
|
|
if (*p == '=') {
|
|
*p++ = '\0';
|
|
val = p;
|
|
} else
|
|
val = NULL;
|
|
|
|
if (!strcmp(opt, "-help")) {
|
|
if (val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects no argument\n", opt);
|
|
} else {
|
|
help();
|
|
nogo = true;
|
|
}
|
|
} else if (!strcmp(opt, "-version")) {
|
|
if (val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects no argument\n", opt);
|
|
} else {
|
|
showversion();
|
|
nogo = true;
|
|
}
|
|
} else if (!strcmp(opt, "-pgpfp")) {
|
|
if (val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects no argument\n", opt);
|
|
} else {
|
|
/* support --pgpfp for consistency */
|
|
pgp_fingerprints();
|
|
nogo = true;
|
|
}
|
|
} else if (!strcmp(opt, "-old-passphrase")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else {
|
|
old_passphrase = readpassphrase(val);
|
|
if (!old_passphrase)
|
|
errs = true;
|
|
}
|
|
} else if (!strcmp(opt, "-new-passphrase")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else {
|
|
new_passphrase = readpassphrase(val);
|
|
if (!new_passphrase)
|
|
errs = true;
|
|
}
|
|
} else if (!strcmp(opt, "-random-device")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else {
|
|
random_device = val;
|
|
}
|
|
} else if (!strcmp(opt, "-dump")) {
|
|
outtype = TEXT;
|
|
} else if (!strcmp(opt, "-cert-info") ||
|
|
!strcmp(opt, "-certinfo") ||
|
|
!strcmp(opt, "-cert_info")) {
|
|
outtype = CERTINFO;
|
|
} else if (!strcmp(opt, "-primes")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else if (!strcmp(val, "probable") ||
|
|
!strcmp(val, "probabilistic")) {
|
|
primegen = &primegen_probabilistic;
|
|
} else if (!strcmp(val, "provable") ||
|
|
!strcmp(val, "proven") ||
|
|
!strcmp(val, "simple") ||
|
|
!strcmp(val, "maurer-simple")) {
|
|
primegen = &primegen_provable_maurer_simple;
|
|
} else if (!strcmp(val, "provable-even") ||
|
|
!strcmp(val, "proven-even") ||
|
|
!strcmp(val, "even") ||
|
|
!strcmp(val, "complex") ||
|
|
!strcmp(val, "maurer-complex")) {
|
|
primegen = &primegen_provable_maurer_complex;
|
|
} else {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: unrecognised prime-"
|
|
"generation mode `%s'\n", val);
|
|
}
|
|
} else if (!strcmp(opt, "-strong-rsa")) {
|
|
strong_rsa = true;
|
|
} else if (!strcmp(opt, "-certificate")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else {
|
|
certfile = val;
|
|
}
|
|
} else if (!strcmp(opt, "-remove-certificate")) {
|
|
remove_cert = true;
|
|
} else if (!strcmp(opt, "-reencrypt")) {
|
|
reencrypt = true;
|
|
} else if (!strcmp(opt, "-ppk-param") ||
|
|
!strcmp(opt, "-ppk-params")) {
|
|
if (!val && argc > 1)
|
|
--argc, val = *++argv;
|
|
if (!val) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: option `-%s'"
|
|
" expects an argument\n", opt);
|
|
} else {
|
|
char *nextval;
|
|
for (; val; val = nextval) {
|
|
nextval = strchr(val, ',');
|
|
if (nextval)
|
|
*nextval++ = '\0';
|
|
|
|
char *optvalue = strchr(val, '=');
|
|
if (!optvalue) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: PPK parameter "
|
|
"'%s' expected a value\n", val);
|
|
continue;
|
|
}
|
|
*optvalue++ = '\0';
|
|
|
|
/* Non-numeric options */
|
|
if (!strcmp(val, "kdf")) {
|
|
if (!strcmp(optvalue, "Argon2id") ||
|
|
!strcmp(optvalue, "argon2id")) {
|
|
params.argon2_flavour = Argon2id;
|
|
} else if (!strcmp(optvalue, "Argon2i") ||
|
|
!strcmp(optvalue, "argon2i")) {
|
|
params.argon2_flavour = Argon2i;
|
|
} else if (!strcmp(optvalue, "Argon2d") ||
|
|
!strcmp(optvalue, "argon2d")) {
|
|
params.argon2_flavour = Argon2d;
|
|
} else {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: unrecognise"
|
|
"d kdf '%s'\n", optvalue);
|
|
}
|
|
continue;
|
|
}
|
|
|
|
char *end;
|
|
unsigned long n = strtoul(optvalue, &end, 0);
|
|
if (!*optvalue || *end) {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: value '%s' for "
|
|
"PPK parameter '%s': expected a "
|
|
"number\n", optvalue, val);
|
|
continue;
|
|
}
|
|
|
|
if (!strcmp(val, "version")) {
|
|
params.fmt_version = n;
|
|
} else if (!strcmp(val, "memory") ||
|
|
!strcmp(val, "mem")) {
|
|
params.argon2_mem = n;
|
|
} else if (!strcmp(val, "time")) {
|
|
params.argon2_passes_auto = true;
|
|
params.argon2_milliseconds = n;
|
|
} else if (!strcmp(val, "passes")) {
|
|
params.argon2_passes_auto = false;
|
|
params.argon2_passes = n;
|
|
} else if (!strcmp(val, "parallelism") ||
|
|
!strcmp(val, "parallel")) {
|
|
params.argon2_parallelism = n;
|
|
} else {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: unrecognised "
|
|
"PPK parameter '%s'\n", val);
|
|
continue;
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
errs = true;
|
|
fprintf(stderr,
|
|
"puttygen: no such option `-%s'\n", opt);
|
|
}
|
|
p = NULL;
|
|
break;
|
|
}
|
|
case 'h':
|
|
case 'V':
|
|
case 'P':
|
|
case 'l':
|
|
case 'L':
|
|
case 'p':
|
|
case 'q':
|
|
/*
|
|
* Option requiring no parameter.
|
|
*/
|
|
switch (c) {
|
|
case 'h':
|
|
help();
|
|
nogo = true;
|
|
break;
|
|
case 'V':
|
|
showversion();
|
|
nogo = true;
|
|
break;
|
|
case 'P':
|
|
change_passphrase = true;
|
|
break;
|
|
case 'l':
|
|
outtype = FP;
|
|
break;
|
|
case 'L':
|
|
outtype = PUBLICO;
|
|
break;
|
|
case 'p':
|
|
outtype = PUBLIC;
|
|
break;
|
|
case 'q':
|
|
progress_fp = NULL;
|
|
break;
|
|
}
|
|
break;
|
|
case 't':
|
|
case 'b':
|
|
case 'C':
|
|
case 'O':
|
|
case 'o':
|
|
case 'E':
|
|
/*
|
|
* Option requiring parameter.
|
|
*/
|
|
p++;
|
|
if (!*p && argc > 1)
|
|
--argc, p = *++argv;
|
|
else if (!*p) {
|
|
fprintf(stderr, "puttygen: option `-%c' expects a"
|
|
" parameter\n", c);
|
|
errs = true;
|
|
}
|
|
/*
|
|
* Now c is the option and p is the parameter.
|
|
*/
|
|
switch (c) {
|
|
case 't':
|
|
if (!strcmp(p, "rsa") || !strcmp(p, "rsa2"))
|
|
keytype = RSA2, sshver = 2;
|
|
else if (!strcmp(p, "rsa1"))
|
|
keytype = RSA1, sshver = 1;
|
|
else if (!strcmp(p, "dsa") || !strcmp(p, "dss"))
|
|
keytype = DSA, sshver = 2;
|
|
else if (!strcmp(p, "ecdsa"))
|
|
keytype = ECDSA, sshver = 2;
|
|
else if (!strcmp(p, "eddsa"))
|
|
keytype = EDDSA, sshver = 2;
|
|
else if (!strcmp(p, "ed25519"))
|
|
keytype = EDDSA, bits = 255, sshver = 2;
|
|
else if (!strcmp(p, "ed448"))
|
|
keytype = EDDSA, bits = 448, sshver = 2;
|
|
else {
|
|
fprintf(stderr,
|
|
"puttygen: unknown key type `%s'\n", p);
|
|
errs = true;
|
|
}
|
|
break;
|
|
case 'b':
|
|
bits = atoi(p);
|
|
break;
|
|
case 'C':
|
|
comment = p;
|
|
break;
|
|
case 'O':
|
|
if (!strcmp(p, "public"))
|
|
outtype = PUBLIC;
|
|
else if (!strcmp(p, "public-openssh"))
|
|
outtype = PUBLICO;
|
|
else if (!strcmp(p, "private"))
|
|
outtype = PRIVATE;
|
|
else if (!strcmp(p, "fingerprint"))
|
|
outtype = FP;
|
|
else if (!strcmp(p, "private-openssh"))
|
|
outtype = OPENSSH_AUTO, sshver = 2;
|
|
else if (!strcmp(p, "private-openssh-new"))
|
|
outtype = OPENSSH_NEW, sshver = 2;
|
|
else if (!strcmp(p, "private-sshcom"))
|
|
outtype = SSHCOM, sshver = 2;
|
|
else if (!strcmp(p, "text"))
|
|
outtype = TEXT;
|
|
else if (!strcmp(p, "cert-info"))
|
|
outtype = CERTINFO;
|
|
else {
|
|
fprintf(stderr,
|
|
"puttygen: unknown output type `%s'\n", p);
|
|
errs = true;
|
|
}
|
|
break;
|
|
case 'o':
|
|
outfile = p;
|
|
break;
|
|
case 'E':
|
|
if (!strcmp(p, "md5"))
|
|
fptype = SSH_FPTYPE_MD5;
|
|
else if (!strcmp(p, "sha256"))
|
|
fptype = SSH_FPTYPE_SHA256;
|
|
else if (!strcmp(p, "md5-cert"))
|
|
fptype = SSH_FPTYPE_MD5_CERT;
|
|
else if (!strcmp(p, "sha256-cert"))
|
|
fptype = SSH_FPTYPE_SHA256_CERT;
|
|
else {
|
|
fprintf(stderr, "puttygen: unknown fingerprint "
|
|
"type `%s'\n", p);
|
|
errs = true;
|
|
}
|
|
break;
|
|
}
|
|
p = NULL; /* prevent continued processing */
|
|
break;
|
|
default:
|
|
/*
|
|
* Unrecognised option.
|
|
*/
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: no such option `-%c'\n", c);
|
|
break;
|
|
}
|
|
}
|
|
} else {
|
|
/*
|
|
* A non-option argument.
|
|
*/
|
|
if (!infile)
|
|
infile = p;
|
|
else {
|
|
errs = true;
|
|
fprintf(stderr, "puttygen: cannot handle more than one"
|
|
" input file\n");
|
|
}
|
|
}
|
|
}
|
|
|
|
if (bits == -1) {
|
|
/*
|
|
* No explicit key size was specified. Default varies
|
|
* depending on key type.
|
|
*/
|
|
switch (keytype) {
|
|
case ECDSA:
|
|
bits = 384;
|
|
break;
|
|
case EDDSA:
|
|
bits = 255;
|
|
break;
|
|
default:
|
|
bits = DEFAULT_RSADSA_BITS;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (keytype == ECDSA || keytype == EDDSA) {
|
|
const char *name = (keytype == ECDSA ? "ECDSA" : "EdDSA");
|
|
const int *valid_lengths = (keytype == ECDSA ? ec_nist_curve_lengths :
|
|
ec_ed_curve_lengths);
|
|
size_t n_lengths = (keytype == ECDSA ? n_ec_nist_curve_lengths :
|
|
n_ec_ed_curve_lengths);
|
|
bool (*alg_and_curve_by_bits)(int, const struct ec_curve **,
|
|
const ssh_keyalg **) =
|
|
(keytype == ECDSA ? ec_nist_alg_and_curve_by_bits :
|
|
ec_ed_alg_and_curve_by_bits);
|
|
|
|
const struct ec_curve *curve;
|
|
const ssh_keyalg *alg;
|
|
|
|
if (!alg_and_curve_by_bits(bits, &curve, &alg)) {
|
|
fprintf(stderr, "puttygen: invalid bits for %s, choose", name);
|
|
for (size_t i = 0; i < n_lengths; i++)
|
|
fprintf(stderr, "%s%d", (i == 0 ? " " :
|
|
i == n_lengths-1 ? " or " : ", "),
|
|
valid_lengths[i]);
|
|
fputc('\n', stderr);
|
|
errs = true;
|
|
}
|
|
}
|
|
|
|
if (keytype == RSA2 || keytype == RSA1 || keytype == DSA) {
|
|
if (bits < 256) {
|
|
fprintf(stderr, "puttygen: cannot generate %s keys shorter than"
|
|
" 256 bits\n", (keytype == DSA ? "DSA" : "RSA"));
|
|
errs = true;
|
|
} else if (bits < DEFAULT_RSADSA_BITS) {
|
|
fprintf(stderr, "puttygen: warning: %s keys shorter than"
|
|
" %d bits are probably not secure\n",
|
|
(keytype == DSA ? "DSA" : "RSA"), DEFAULT_RSADSA_BITS);
|
|
/* but this is just a warning, so proceed anyway */
|
|
}
|
|
}
|
|
|
|
if (errs)
|
|
RETURN(1);
|
|
|
|
if (nogo)
|
|
RETURN(0);
|
|
|
|
/*
|
|
* If run with at least one argument _but_ not the required
|
|
* ones, print the usage message and return failure.
|
|
*/
|
|
if (!infile && keytype == NOKEYGEN) {
|
|
usage(true);
|
|
RETURN(1);
|
|
}
|
|
|
|
/* ------------------------------------------------------------------
|
|
* Figure out further details of exactly what we're going to do.
|
|
*/
|
|
|
|
/*
|
|
* Bomb out if we've been asked to both load and generate a
|
|
* key.
|
|
*/
|
|
if (keytype != NOKEYGEN && infile) {
|
|
fprintf(stderr, "puttygen: cannot both load and generate a key\n");
|
|
RETURN(1);
|
|
}
|
|
|
|
/*
|
|
* We must save the private part when generating a new key.
|
|
*/
|
|
if (keytype != NOKEYGEN &&
|
|
(outtype != PRIVATE && outtype != OPENSSH_AUTO &&
|
|
outtype != OPENSSH_NEW && outtype != SSHCOM && outtype != TEXT)) {
|
|
fprintf(stderr, "puttygen: this would generate a new key but "
|
|
"discard the private part\n");
|
|
RETURN(1);
|
|
}
|
|
|
|
/*
|
|
* Analyse the type of the input file, in case this affects our
|
|
* course of action.
|
|
*/
|
|
if (infile) {
|
|
const char *load_error;
|
|
|
|
infilename = filename_from_str(infile);
|
|
if (!strcmp(infile, "-"))
|
|
infile_lf = lf_load_keyfile_fp(stdin, &load_error);
|
|
else
|
|
infile_lf = lf_load_keyfile(infilename, &load_error);
|
|
|
|
if (!infile_lf) {
|
|
fprintf(stderr, "puttygen: unable to load file `%s': %s\n",
|
|
infile, load_error);
|
|
RETURN(1);
|
|
}
|
|
|
|
infile_bs = BinarySource_UPCAST(infile_lf);
|
|
intype = key_type_s(infile_bs);
|
|
BinarySource_REWIND(infile_bs);
|
|
|
|
switch (intype) {
|
|
case SSH_KEYTYPE_UNOPENABLE:
|
|
case SSH_KEYTYPE_UNKNOWN:
|
|
fprintf(stderr, "puttygen: unable to load file `%s': %s\n",
|
|
infile, key_type_to_str(intype));
|
|
RETURN(1);
|
|
|
|
case SSH_KEYTYPE_SSH1:
|
|
case SSH_KEYTYPE_SSH1_PUBLIC:
|
|
if (sshver == 2) {
|
|
fprintf(stderr, "puttygen: conversion from SSH-1 to SSH-2 keys"
|
|
" not supported\n");
|
|
RETURN(1);
|
|
}
|
|
sshver = 1;
|
|
break;
|
|
|
|
case SSH_KEYTYPE_SSH2:
|
|
case SSH_KEYTYPE_SSH2_PUBLIC_RFC4716:
|
|
case SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH:
|
|
case SSH_KEYTYPE_OPENSSH_PEM:
|
|
case SSH_KEYTYPE_OPENSSH_NEW:
|
|
case SSH_KEYTYPE_SSHCOM:
|
|
if (sshver == 1) {
|
|
fprintf(stderr, "puttygen: conversion from SSH-2 to SSH-1 keys"
|
|
" not supported\n");
|
|
RETURN(1);
|
|
}
|
|
sshver = 2;
|
|
break;
|
|
|
|
case SSH_KEYTYPE_OPENSSH_AUTO:
|
|
default:
|
|
unreachable("Should never see these types on an input file");
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Determine the default output file, if none is provided.
|
|
*
|
|
* This will usually be equal to stdout, except that if the
|
|
* input and output file formats are the same then the default
|
|
* output is to overwrite the input.
|
|
*
|
|
* Also in this code, we bomb out if the input and output file
|
|
* formats are the same and no other action is performed.
|
|
*/
|
|
if ((intype == SSH_KEYTYPE_SSH1 && outtype == PRIVATE) ||
|
|
(intype == SSH_KEYTYPE_SSH2 && outtype == PRIVATE) ||
|
|
(intype == SSH_KEYTYPE_OPENSSH_PEM && outtype == OPENSSH_AUTO) ||
|
|
(intype == SSH_KEYTYPE_OPENSSH_NEW && outtype == OPENSSH_NEW) ||
|
|
(intype == SSH_KEYTYPE_SSHCOM && outtype == SSHCOM)) {
|
|
if (!outfile) {
|
|
outfile = infile;
|
|
outfiletmp = dupcat(outfile, ".tmp");
|
|
}
|
|
|
|
if (!change_passphrase && !comment && !reencrypt && !certfile &&
|
|
!remove_cert) {
|
|
fprintf(stderr, "puttygen: this command would perform no useful"
|
|
" action\n");
|
|
RETURN(1);
|
|
}
|
|
} else {
|
|
if (!outfile) {
|
|
/*
|
|
* Bomb out rather than automatically choosing to write
|
|
* a private key file to stdout.
|
|
*/
|
|
if (outtype == PRIVATE || outtype == OPENSSH_AUTO ||
|
|
outtype == OPENSSH_NEW || outtype == SSHCOM) {
|
|
fprintf(stderr, "puttygen: need to specify an output file\n");
|
|
RETURN(1);
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Figure out whether we need to load the encrypted part of the
|
|
* key. This will be the case if (a) we need to write out
|
|
* a private key format, (b) the entire input key file is
|
|
* encrypted, or (c) we're outputting TEXT, in which case we
|
|
* want all of the input file including private material if it
|
|
* exists.
|
|
*/
|
|
bool intype_entirely_encrypted =
|
|
intype == SSH_KEYTYPE_OPENSSH_PEM ||
|
|
intype == SSH_KEYTYPE_OPENSSH_NEW ||
|
|
intype == SSH_KEYTYPE_SSHCOM;
|
|
bool intype_has_private =
|
|
!(intype == SSH_KEYTYPE_SSH1_PUBLIC ||
|
|
intype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 ||
|
|
intype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH);
|
|
bool outtype_has_private =
|
|
outtype == PRIVATE || outtype == OPENSSH_AUTO ||
|
|
outtype == OPENSSH_NEW || outtype == SSHCOM;
|
|
if (outtype_has_private || intype_entirely_encrypted ||
|
|
(outtype == TEXT && intype_has_private))
|
|
load_encrypted = true;
|
|
else
|
|
load_encrypted = false;
|
|
|
|
if (load_encrypted && !intype_has_private) {
|
|
fprintf(stderr, "puttygen: cannot perform this action on a "
|
|
"public-key-only input file\n");
|
|
RETURN(1);
|
|
}
|
|
|
|
/*
|
|
* Check consistency properties relating to certificates.
|
|
*/
|
|
if (certfile && !(sshver == 2 && intype_has_private &&
|
|
outtype_has_private && infile)) {
|
|
fprintf(stderr, "puttygen: certificates can only be added to "
|
|
"existing SSH-2 private key files\n");
|
|
RETURN(1);
|
|
}
|
|
if (remove_cert && !(sshver == 2 && infile)) {
|
|
fprintf(stderr, "puttygen: certificates can only be removed from "
|
|
"existing SSH-2 key files\n");
|
|
RETURN(1);
|
|
}
|
|
if (certfile && remove_cert) {
|
|
fprintf(stderr, "puttygen: cannot both add and remove a "
|
|
"certificate\n");
|
|
RETURN(1);
|
|
}
|
|
|
|
/* ------------------------------------------------------------------
|
|
* Now we're ready to actually do some stuff.
|
|
*/
|
|
|
|
/*
|
|
* Either load or generate a key.
|
|
*/
|
|
if (keytype != NOKEYGEN) {
|
|
char *entropy;
|
|
char default_comment[80];
|
|
struct tm tm;
|
|
|
|
tm = ltime();
|
|
if (keytype == DSA)
|
|
strftime(default_comment, 30, "dsa-key-%Y%m%d", &tm);
|
|
else if (keytype == ECDSA)
|
|
strftime(default_comment, 30, "ecdsa-key-%Y%m%d", &tm);
|
|
else if (keytype == EDDSA && bits == 255)
|
|
strftime(default_comment, 30, "ed25519-key-%Y%m%d", &tm);
|
|
else if (keytype == EDDSA)
|
|
strftime(default_comment, 30, "eddsa-key-%Y%m%d", &tm);
|
|
else
|
|
strftime(default_comment, 30, "rsa-key-%Y%m%d", &tm);
|
|
|
|
entropy = get_random_data(bits / 8, random_device);
|
|
if (!entropy) {
|
|
fprintf(stderr, "puttygen: failed to collect entropy, "
|
|
"could not generate key\n");
|
|
RETURN(1);
|
|
}
|
|
random_setup_special();
|
|
random_reseed(make_ptrlen(entropy, bits / 8));
|
|
smemclr(entropy, bits/8);
|
|
sfree(entropy);
|
|
|
|
PrimeGenerationContext *pgc = primegen_new_context(primegen);
|
|
|
|
if (keytype == DSA) {
|
|
struct dsa_key *dsakey = snew(struct dsa_key);
|
|
dsa_generate(dsakey, bits, pgc, &cmdgen_progress);
|
|
ssh2key = snew(ssh2_userkey);
|
|
ssh2key->key = &dsakey->sshk;
|
|
ssh1key = NULL;
|
|
} else if (keytype == ECDSA) {
|
|
struct ecdsa_key *ek = snew(struct ecdsa_key);
|
|
ecdsa_generate(ek, bits);
|
|
ssh2key = snew(ssh2_userkey);
|
|
ssh2key->key = &ek->sshk;
|
|
ssh1key = NULL;
|
|
} else if (keytype == EDDSA) {
|
|
struct eddsa_key *ek = snew(struct eddsa_key);
|
|
eddsa_generate(ek, bits);
|
|
ssh2key = snew(ssh2_userkey);
|
|
ssh2key->key = &ek->sshk;
|
|
ssh1key = NULL;
|
|
} else {
|
|
RSAKey *rsakey = snew(RSAKey);
|
|
rsa_generate(rsakey, bits, strong_rsa, pgc, &cmdgen_progress);
|
|
rsakey->comment = NULL;
|
|
if (keytype == RSA1) {
|
|
ssh1key = rsakey;
|
|
} else {
|
|
ssh2key = snew(ssh2_userkey);
|
|
ssh2key->key = &rsakey->sshk;
|
|
}
|
|
}
|
|
|
|
primegen_free_context(pgc);
|
|
|
|
if (ssh2key)
|
|
ssh2key->comment = dupstr(default_comment);
|
|
if (ssh1key)
|
|
ssh1key->comment = dupstr(default_comment);
|
|
|
|
} else {
|
|
const char *error = NULL;
|
|
bool encrypted;
|
|
|
|
assert(infile != NULL);
|
|
|
|
sfree(origcomment);
|
|
origcomment = NULL;
|
|
|
|
/*
|
|
* Find out whether the input key is encrypted.
|
|
*/
|
|
if (intype == SSH_KEYTYPE_SSH1)
|
|
encrypted = rsa1_encrypted_s(infile_bs, &origcomment);
|
|
else if (intype == SSH_KEYTYPE_SSH2)
|
|
encrypted = ppk_encrypted_s(infile_bs, &origcomment);
|
|
else
|
|
encrypted = import_encrypted_s(infilename, infile_bs,
|
|
intype, &origcomment);
|
|
BinarySource_REWIND(infile_bs);
|
|
|
|
/*
|
|
* If so, ask for a passphrase.
|
|
*/
|
|
if (encrypted && load_encrypted) {
|
|
if (!old_passphrase) {
|
|
prompts_t *p = new_prompts();
|
|
SeatPromptResult spr;
|
|
p->to_server = false;
|
|
p->from_server = false;
|
|
p->name = dupstr("SSH key passphrase");
|
|
add_prompt(p, dupstr("Enter passphrase to load key: "), false);
|
|
spr = console_get_userpass_input(p);
|
|
assert(spr.kind != SPRK_INCOMPLETE);
|
|
if (spr_is_abort(spr)) {
|
|
free_prompts(p);
|
|
spr_error(spr);
|
|
RETURN(1);
|
|
} else {
|
|
old_passphrase = prompt_get_result(p->prompts[0]);
|
|
free_prompts(p);
|
|
}
|
|
}
|
|
} else {
|
|
old_passphrase = NULL;
|
|
}
|
|
|
|
switch (intype) {
|
|
int ret;
|
|
|
|
case SSH_KEYTYPE_SSH1:
|
|
case SSH_KEYTYPE_SSH1_PUBLIC:
|
|
ssh1key = snew(RSAKey);
|
|
memset(ssh1key, 0, sizeof(RSAKey));
|
|
if (!load_encrypted) {
|
|
strbuf *blob;
|
|
BinarySource src[1];
|
|
|
|
sfree(origcomment);
|
|
origcomment = NULL;
|
|
|
|
blob = strbuf_new();
|
|
|
|
ret = rsa1_loadpub_s(infile_bs, BinarySink_UPCAST(blob),
|
|
&origcomment, &error);
|
|
BinarySource_BARE_INIT(src, blob->u, blob->len);
|
|
get_rsa_ssh1_pub(src, ssh1key, RSA_SSH1_EXPONENT_FIRST);
|
|
strbuf_free(blob);
|
|
|
|
ssh1key->comment = dupstr(origcomment);
|
|
ssh1key->private_exponent = NULL;
|
|
ssh1key->p = NULL;
|
|
ssh1key->q = NULL;
|
|
ssh1key->iqmp = NULL;
|
|
} else {
|
|
ret = rsa1_load_s(infile_bs, ssh1key, old_passphrase, &error);
|
|
}
|
|
BinarySource_REWIND(infile_bs);
|
|
if (ret > 0)
|
|
error = NULL;
|
|
else if (!error)
|
|
error = "unknown error";
|
|
break;
|
|
|
|
case SSH_KEYTYPE_SSH2:
|
|
case SSH_KEYTYPE_SSH2_PUBLIC_RFC4716:
|
|
case SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH:
|
|
if (!load_encrypted) {
|
|
sfree(origcomment);
|
|
origcomment = NULL;
|
|
ssh2blob = strbuf_new();
|
|
if (ppk_loadpub_s(infile_bs, &ssh2alg,
|
|
BinarySink_UPCAST(ssh2blob),
|
|
&origcomment, &error)) {
|
|
const ssh_keyalg *alg = find_pubkey_alg(ssh2alg);
|
|
if (alg)
|
|
bits = ssh_key_public_bits(
|
|
alg, ptrlen_from_strbuf(ssh2blob));
|
|
else
|
|
bits = -1;
|
|
} else {
|
|
strbuf_free(ssh2blob);
|
|
ssh2blob = NULL;
|
|
}
|
|
sfree(ssh2alg);
|
|
} else {
|
|
ssh2key = ppk_load_s(infile_bs, old_passphrase, &error);
|
|
}
|
|
BinarySource_REWIND(infile_bs);
|
|
if ((ssh2key && ssh2key != SSH2_WRONG_PASSPHRASE) || ssh2blob)
|
|
error = NULL;
|
|
else if (!error) {
|
|
if (ssh2key == SSH2_WRONG_PASSPHRASE)
|
|
error = "wrong passphrase";
|
|
else
|
|
error = "unknown error";
|
|
}
|
|
break;
|
|
|
|
case SSH_KEYTYPE_OPENSSH_PEM:
|
|
case SSH_KEYTYPE_OPENSSH_NEW:
|
|
case SSH_KEYTYPE_SSHCOM:
|
|
ssh2key = import_ssh2_s(infile_bs, intype, old_passphrase, &error);
|
|
if (ssh2key) {
|
|
if (ssh2key != SSH2_WRONG_PASSPHRASE)
|
|
error = NULL;
|
|
else
|
|
error = "wrong passphrase";
|
|
} else if (!error)
|
|
error = "unknown error";
|
|
break;
|
|
|
|
default:
|
|
unreachable("bad input key type");
|
|
}
|
|
|
|
if (error) {
|
|
fprintf(stderr, "puttygen: error loading `%s': %s\n",
|
|
infile, error);
|
|
RETURN(1);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Change the comment if asked to.
|
|
*/
|
|
if (comment) {
|
|
if (sshver == 1) {
|
|
assert(ssh1key);
|
|
sfree(ssh1key->comment);
|
|
ssh1key->comment = dupstr(comment);
|
|
} else {
|
|
assert(ssh2key);
|
|
sfree(ssh2key->comment);
|
|
ssh2key->comment = dupstr(comment);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Swap out the public key for a different one, if asked to.
|
|
*/
|
|
if (certfile) {
|
|
Filename *certfilename = filename_from_str(certfile);
|
|
LoadedFile *certfile_lf;
|
|
const char *error = NULL;
|
|
|
|
if (!strcmp(certfile, "-"))
|
|
certfile_lf = lf_load_keyfile_fp(stdin, &error);
|
|
else
|
|
certfile_lf = lf_load_keyfile(certfilename, &error);
|
|
|
|
filename_free(certfilename);
|
|
|
|
if (!certfile_lf) {
|
|
fprintf(stderr, "puttygen: unable to load certificate file `%s': "
|
|
"%s\n", certfile, error);
|
|
RETURN(1);
|
|
}
|
|
|
|
char *algname = NULL;
|
|
char *comment = NULL;
|
|
strbuf *pub = strbuf_new();
|
|
if (!ppk_loadpub_s(BinarySource_UPCAST(certfile_lf), &algname,
|
|
BinarySink_UPCAST(pub), &comment, &error)) {
|
|
fprintf(stderr, "puttygen: unable to load certificate file `%s': "
|
|
"%s\n", certfile, error);
|
|
strbuf_free(pub);
|
|
sfree(algname);
|
|
sfree(comment);
|
|
lf_free(certfile_lf);
|
|
RETURN(1);
|
|
}
|
|
|
|
lf_free(certfile_lf);
|
|
sfree(comment);
|
|
|
|
const ssh_keyalg *alg = find_pubkey_alg(algname);
|
|
if (!alg) {
|
|
fprintf(stderr, "puttygen: certificate file `%s' has unsupported "
|
|
"algorithm name `%s'\n", certfile, algname);
|
|
strbuf_free(pub);
|
|
sfree(algname);
|
|
RETURN(1);
|
|
}
|
|
|
|
sfree(algname);
|
|
|
|
/* Check the two public keys match apart from certificates */
|
|
strbuf *old_basepub = strbuf_new();
|
|
ssh_key_public_blob(ssh_key_base_key(ssh2key->key),
|
|
BinarySink_UPCAST(old_basepub));
|
|
|
|
ssh_key *new_pubkey = ssh_key_new_pub(alg, ptrlen_from_strbuf(pub));
|
|
strbuf *new_basepub = strbuf_new();
|
|
ssh_key_public_blob(ssh_key_base_key(new_pubkey),
|
|
BinarySink_UPCAST(new_basepub));
|
|
ssh_key_free(new_pubkey);
|
|
|
|
bool match = ptrlen_eq_ptrlen(ptrlen_from_strbuf(old_basepub),
|
|
ptrlen_from_strbuf(new_basepub));
|
|
strbuf_free(old_basepub);
|
|
strbuf_free(new_basepub);
|
|
|
|
if (!match) {
|
|
fprintf(stderr, "puttygen: certificate in `%s' does not match "
|
|
"public key in `%s'\n", certfile, infile);
|
|
strbuf_free(pub);
|
|
RETURN(1);
|
|
}
|
|
|
|
strbuf *priv = strbuf_new_nm();
|
|
ssh_key_private_blob(ssh2key->key, BinarySink_UPCAST(priv));
|
|
ssh_key *newkey = ssh_key_new_priv(
|
|
alg, ptrlen_from_strbuf(pub), ptrlen_from_strbuf(priv));
|
|
strbuf_free(pub);
|
|
strbuf_free(priv);
|
|
|
|
if (!newkey) {
|
|
fprintf(stderr, "puttygen: unable to combine certificate in `%s' "
|
|
"with private key\n", certfile);
|
|
RETURN(1);
|
|
}
|
|
|
|
ssh_key_free(ssh2key->key);
|
|
ssh2key->key = newkey;
|
|
} else if (remove_cert) {
|
|
/*
|
|
* Removing a certificate can be meaningfully done to a pure
|
|
* public key blob, as well as a full key pair.
|
|
*/
|
|
if (ssh2key) {
|
|
ssh_key *newkey = ssh_key_clone(ssh_key_base_key(ssh2key->key));
|
|
ssh_key_free(ssh2key->key);
|
|
ssh2key->key = newkey;
|
|
} else if (ssh2blob) {
|
|
ptrlen algname = pubkey_blob_to_alg_name(
|
|
ptrlen_from_strbuf(ssh2blob));
|
|
|
|
const ssh_keyalg *alg = find_pubkey_alg_len(algname);
|
|
|
|
if (!alg) {
|
|
fprintf(stderr, "puttygen: input file `%s' has unsupported "
|
|
"algorithm name `%.*s'\n", infile,
|
|
PTRLEN_PRINTF(algname));
|
|
RETURN(1);
|
|
}
|
|
|
|
ssh_key *tmpkey = ssh_key_new_pub(
|
|
alg, ptrlen_from_strbuf(ssh2blob));
|
|
strbuf_clear(ssh2blob);
|
|
ssh_key_public_blob(ssh_key_base_key(tmpkey),
|
|
BinarySink_UPCAST(ssh2blob));
|
|
ssh_key_free(tmpkey);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Unless we're changing the passphrase, the old one (if any) is a
|
|
* reasonable default.
|
|
*/
|
|
if (!change_passphrase && old_passphrase && !new_passphrase)
|
|
new_passphrase = dupstr(old_passphrase);
|
|
|
|
/*
|
|
* Prompt for a new passphrase if we have been asked to, or if
|
|
* we have just generated a key.
|
|
*
|
|
* In the latter case, an exception is if we're producing text
|
|
* output, because that output format doesn't support encryption
|
|
* in any case.
|
|
*/
|
|
if (!new_passphrase && (change_passphrase ||
|
|
(keytype != NOKEYGEN && outtype != TEXT))) {
|
|
prompts_t *p = new_prompts();
|
|
SeatPromptResult spr;
|
|
|
|
p->to_server = false;
|
|
p->from_server = false;
|
|
p->name = dupstr("New SSH key passphrase");
|
|
add_prompt(p, dupstr("Enter passphrase to save key: "), false);
|
|
add_prompt(p, dupstr("Re-enter passphrase to verify: "), false);
|
|
spr = console_get_userpass_input(p);
|
|
assert(spr.kind != SPRK_INCOMPLETE);
|
|
if (spr_is_abort(spr)) {
|
|
free_prompts(p);
|
|
spr_error(spr);
|
|
RETURN(1);
|
|
} else {
|
|
if (strcmp(prompt_get_result_ref(p->prompts[0]),
|
|
prompt_get_result_ref(p->prompts[1]))) {
|
|
free_prompts(p);
|
|
fprintf(stderr, "puttygen: passphrases do not match\n");
|
|
RETURN(1);
|
|
}
|
|
new_passphrase = prompt_get_result(p->prompts[0]);
|
|
free_prompts(p);
|
|
}
|
|
}
|
|
if (new_passphrase && !*new_passphrase) {
|
|
sfree(new_passphrase);
|
|
new_passphrase = NULL;
|
|
}
|
|
|
|
/*
|
|
* Write output.
|
|
*
|
|
* (In the case where outfile and outfiletmp are both NULL,
|
|
* there is no semantic reason to initialise outfilename at
|
|
* all; but we have to write _something_ to it or some compiler
|
|
* will probably complain that it might be used uninitialised.)
|
|
*/
|
|
if (outfiletmp)
|
|
outfilename = filename_from_str(outfiletmp);
|
|
else
|
|
outfilename = filename_from_str(outfile ? outfile : "");
|
|
|
|
switch (outtype) {
|
|
bool ret;
|
|
int real_outtype;
|
|
|
|
case PRIVATE:
|
|
random_ref(); /* we'll need a few random bytes in the save file */
|
|
if (sshver == 1) {
|
|
assert(ssh1key);
|
|
ret = rsa1_save_f(outfilename, ssh1key, new_passphrase);
|
|
if (!ret) {
|
|
fprintf(stderr, "puttygen: unable to save SSH-1 private key\n");
|
|
RETURN(1);
|
|
}
|
|
} else {
|
|
assert(ssh2key);
|
|
ret = ppk_save_f(outfilename, ssh2key, new_passphrase, ¶ms);
|
|
if (!ret) {
|
|
fprintf(stderr, "puttygen: unable to save SSH-2 private key\n");
|
|
RETURN(1);
|
|
}
|
|
}
|
|
if (outfiletmp) {
|
|
if (!move(outfiletmp, outfile))
|
|
RETURN(1); /* rename failed */
|
|
}
|
|
break;
|
|
|
|
case PUBLIC:
|
|
case PUBLICO: {
|
|
FILE *fp;
|
|
|
|
if (outfile) {
|
|
fp = f_open(outfilename, "w", false);
|
|
if (!fp) {
|
|
fprintf(stderr, "unable to open output file\n");
|
|
exit(1);
|
|
}
|
|
} else {
|
|
fp = stdout;
|
|
}
|
|
|
|
if (sshver == 1) {
|
|
ssh1_write_pubkey(fp, ssh1key);
|
|
} else {
|
|
if (!ssh2blob) {
|
|
assert(ssh2key);
|
|
ssh2blob = strbuf_new();
|
|
ssh_key_public_blob(ssh2key->key, BinarySink_UPCAST(ssh2blob));
|
|
}
|
|
|
|
ssh2_write_pubkey(fp, ssh2key ? ssh2key->comment : origcomment,
|
|
ssh2blob->s, ssh2blob->len,
|
|
(outtype == PUBLIC ?
|
|
SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 :
|
|
SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH));
|
|
}
|
|
|
|
if (outfile)
|
|
fclose(fp);
|
|
|
|
break;
|
|
}
|
|
|
|
case FP: {
|
|
FILE *fp;
|
|
char *fingerprint;
|
|
|
|
if (sshver == 1) {
|
|
assert(ssh1key);
|
|
fingerprint = rsa_ssh1_fingerprint(ssh1key);
|
|
} else {
|
|
if (ssh2key) {
|
|
fingerprint = ssh2_fingerprint(ssh2key->key, fptype);
|
|
} else {
|
|
assert(ssh2blob);
|
|
fingerprint = ssh2_fingerprint_blob(
|
|
ptrlen_from_strbuf(ssh2blob), fptype);
|
|
}
|
|
}
|
|
|
|
if (outfile) {
|
|
fp = f_open(outfilename, "w", false);
|
|
if (!fp) {
|
|
fprintf(stderr, "unable to open output file\n");
|
|
exit(1);
|
|
}
|
|
} else {
|
|
fp = stdout;
|
|
}
|
|
fprintf(fp, "%s\n", fingerprint);
|
|
if (outfile)
|
|
fclose(fp);
|
|
|
|
sfree(fingerprint);
|
|
break;
|
|
}
|
|
|
|
case OPENSSH_AUTO:
|
|
case OPENSSH_NEW:
|
|
case SSHCOM:
|
|
assert(sshver == 2);
|
|
assert(ssh2key);
|
|
random_ref(); /* both foreign key types require randomness,
|
|
* for IV or padding */
|
|
switch (outtype) {
|
|
case OPENSSH_AUTO:
|
|
real_outtype = SSH_KEYTYPE_OPENSSH_AUTO;
|
|
break;
|
|
case OPENSSH_NEW:
|
|
real_outtype = SSH_KEYTYPE_OPENSSH_NEW;
|
|
break;
|
|
case SSHCOM:
|
|
real_outtype = SSH_KEYTYPE_SSHCOM;
|
|
break;
|
|
default:
|
|
unreachable("control flow goof");
|
|
}
|
|
ret = export_ssh2(outfilename, real_outtype, ssh2key, new_passphrase);
|
|
if (!ret) {
|
|
fprintf(stderr, "puttygen: unable to export key\n");
|
|
RETURN(1);
|
|
}
|
|
if (outfiletmp) {
|
|
if (!move(outfiletmp, outfile))
|
|
RETURN(1); /* rename failed */
|
|
}
|
|
break;
|
|
|
|
case TEXT: {
|
|
key_components *kc;
|
|
if (sshver == 1) {
|
|
assert(ssh1key);
|
|
kc = rsa_components(ssh1key);
|
|
} else {
|
|
if (ssh2key) {
|
|
kc = ssh_key_components(ssh2key->key);
|
|
} else {
|
|
assert(ssh2blob);
|
|
|
|
ptrlen algname = pubkey_blob_to_alg_name(
|
|
ptrlen_from_strbuf(ssh2blob));
|
|
const ssh_keyalg *alg = find_pubkey_alg_len(algname);
|
|
if (!alg) {
|
|
fprintf(stderr, "puttygen: cannot extract key components "
|
|
"from public key of unknown type '%.*s'\n",
|
|
PTRLEN_PRINTF(algname));
|
|
RETURN(1);
|
|
}
|
|
ssh_key *sk = ssh_key_new_pub(
|
|
alg, ptrlen_from_strbuf(ssh2blob));
|
|
if (!sk) {
|
|
fprintf(stderr, "puttygen: unable to decode public key\n");
|
|
RETURN(1);
|
|
}
|
|
kc = ssh_key_components(sk);
|
|
ssh_key_free(sk);
|
|
}
|
|
}
|
|
|
|
FILE *fp;
|
|
if (outfile) {
|
|
fp = f_open(outfilename, "w", false);
|
|
if (!fp) {
|
|
fprintf(stderr, "unable to open output file\n");
|
|
exit(1);
|
|
}
|
|
} else {
|
|
fp = stdout;
|
|
}
|
|
|
|
for (size_t i = 0; i < kc->ncomponents; i++) {
|
|
key_component *comp = &kc->components[i];
|
|
fprintf(fp, "%s=", comp->name);
|
|
switch (comp->type) {
|
|
case KCT_MPINT: {
|
|
char *hex = mp_get_hex(comp->mp);
|
|
fprintf(fp, "0x%s\n", hex);
|
|
smemclr(hex, strlen(hex));
|
|
sfree(hex);
|
|
break;
|
|
}
|
|
case KCT_TEXT:
|
|
fputs("\"", fp);
|
|
write_c_string_literal(fp, ptrlen_from_strbuf(comp->str));
|
|
fputs("\"\n", fp);
|
|
break;
|
|
case KCT_BINARY: {
|
|
/*
|
|
* Display format for binary key components is to show
|
|
* them as base64, with a wrapper so that the actual
|
|
* printed string is along the lines of
|
|
* 'b64("aGVsbG8sIHdvcmxkCg==")'.
|
|
*
|
|
* That's a compromise between not being too verbose
|
|
* for a human reader, and still being reasonably
|
|
* friendly to people pasting the output of this
|
|
* 'puttygen --dump' option into Python code (which
|
|
* the format is designed to permit in general).
|
|
*
|
|
* Python users pasting a dump containing one of these
|
|
* will have to define a function 'b64' in advance
|
|
* which takes a string, which you can do most easily
|
|
* using this import statement, as seen in
|
|
* cryptsuite.py:
|
|
*
|
|
* from base64 import b64decode as b64
|
|
*/
|
|
fputs("b64(\"", fp);
|
|
char b64[4];
|
|
for (size_t j = 0; j < comp->str->len; j += 3) {
|
|
size_t len = comp->str->len - j;
|
|
if (len > 3) len = 3;
|
|
base64_encode_atom(comp->str->u + j, len, b64);
|
|
fwrite(b64, 1, 4, fp);
|
|
}
|
|
fputs("\")\n", fp);
|
|
break;
|
|
}
|
|
default:
|
|
unreachable("bad key component type");
|
|
}
|
|
}
|
|
|
|
if (outfile)
|
|
fclose(fp);
|
|
key_components_free(kc);
|
|
break;
|
|
}
|
|
|
|
case CERTINFO: {
|
|
if (sshver == 1) {
|
|
fprintf(stderr, "puttygen: SSH-1 keys cannot contain "
|
|
"certificates\n");
|
|
RETURN(1);
|
|
}
|
|
|
|
const ssh_keyalg *alg;
|
|
ssh_key *sk;
|
|
bool sk_allocated = false;
|
|
|
|
if (ssh2key) {
|
|
sk = ssh2key->key;
|
|
alg = ssh_key_alg(sk);
|
|
} else {
|
|
assert(ssh2blob);
|
|
ptrlen algname = pubkey_blob_to_alg_name(
|
|
ptrlen_from_strbuf(ssh2blob));
|
|
alg = find_pubkey_alg_len(algname);
|
|
if (!alg) {
|
|
fprintf(stderr, "puttygen: cannot extract certificate info "
|
|
"from public key of unknown type '%.*s'\n",
|
|
PTRLEN_PRINTF(algname));
|
|
RETURN(1);
|
|
}
|
|
sk = ssh_key_new_pub(alg, ptrlen_from_strbuf(ssh2blob));
|
|
if (!sk) {
|
|
fprintf(stderr, "puttygen: unable to decode public key\n");
|
|
RETURN(1);
|
|
}
|
|
sk_allocated = true;
|
|
}
|
|
|
|
if (!alg->is_certificate) {
|
|
fprintf(stderr, "puttygen: key is not a certificate\n");
|
|
} else {
|
|
SeatDialogText *text = ssh_key_cert_info(sk);
|
|
|
|
FILE *fp;
|
|
if (outfile) {
|
|
fp = f_open(outfilename, "w", false);
|
|
if (!fp) {
|
|
fprintf(stderr, "unable to open output file\n");
|
|
exit(1);
|
|
}
|
|
} else {
|
|
fp = stdout;
|
|
}
|
|
|
|
for (SeatDialogTextItem *item = text->items,
|
|
*end = item+text->nitems; item < end; item++) {
|
|
switch (item->type) {
|
|
case SDT_MORE_INFO_KEY:
|
|
fprintf(fp, "%s", item->text);
|
|
break;
|
|
case SDT_MORE_INFO_VALUE_SHORT:
|
|
fprintf(fp, ": %s\n", item->text);
|
|
break;
|
|
case SDT_MORE_INFO_VALUE_BLOB:
|
|
fprintf(fp, ":\n%s\n", item->text);
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (outfile)
|
|
fclose(fp);
|
|
|
|
seat_dialog_text_free(text);
|
|
}
|
|
|
|
if (sk_allocated)
|
|
ssh_key_free(sk);
|
|
break;
|
|
}
|
|
}
|
|
|
|
out:
|
|
|
|
#undef RETURN
|
|
|
|
if (old_passphrase) {
|
|
smemclr(old_passphrase, strlen(old_passphrase));
|
|
sfree(old_passphrase);
|
|
}
|
|
if (new_passphrase) {
|
|
smemclr(new_passphrase, strlen(new_passphrase));
|
|
sfree(new_passphrase);
|
|
}
|
|
|
|
if (ssh1key) {
|
|
freersakey(ssh1key);
|
|
sfree(ssh1key);
|
|
}
|
|
if (ssh2key && ssh2key != SSH2_WRONG_PASSPHRASE) {
|
|
sfree(ssh2key->comment);
|
|
if (ssh2key->key)
|
|
ssh_key_free(ssh2key->key);
|
|
sfree(ssh2key);
|
|
}
|
|
if (ssh2blob)
|
|
strbuf_free(ssh2blob);
|
|
sfree(origcomment);
|
|
if (infilename)
|
|
filename_free(infilename);
|
|
if (infile_lf)
|
|
lf_free(infile_lf);
|
|
if (outfilename)
|
|
filename_free(outfilename);
|
|
sfree(outfiletmp);
|
|
|
|
return exit_status;
|
|
}
|