cleanup_exit(1);
}
+void nonfatal(char *p, ...)
+{
+ va_list ap;
+ fprintf(stderr, "ERROR: ");
+ va_start(ap, p);
+ vfprintf(stderr, p, ap);
+ va_end(ap);
+ fputc('\n', stderr);
+}
+
/*
* Stubs to let everything else link sensibly.
*/
void showversion(void)
{
- char *verstr = dupstr(ver);
- verstr[0] = tolower((unsigned char)verstr[0]);
- printf("PuTTYgen %s\n", verstr);
- sfree(verstr);
+ printf("puttygen: %s\n", ver);
}
void usage(int standalone)
{
char *infile = NULL;
Filename *infilename = NULL, *outfilename = NULL;
- enum { NOKEYGEN, RSA1, RSA2, DSA } keytype = NOKEYGEN;
+ enum { NOKEYGEN, RSA1, RSA2, DSA, ECDSA } keytype = NOKEYGEN;
char *outfile = NULL, *outfiletmp = NULL;
enum { PRIVATE, PUBLIC, PUBLICO, FP, OPENSSH, SSHCOM } outtype = PRIVATE;
int bits = 2048;
keytype = RSA1, sshver = 1;
else if (!strcmp(p, "dsa") || !strcmp(p, "dss"))
keytype = DSA, sshver = 2;
+ else if (!strcmp(p, "ecdsa"))
+ keytype = ECDSA, sshver = 2;
else {
fprintf(stderr,
"puttygen: unknown key type `%s'\n", p);
}
}
+ if (keytype == ECDSA && (bits != 256 && bits != 384 && bits != 521)) {
+ fprintf(stderr, "puttygen: invalid bits for ECDSA, choose 256, 384 or 521\n");
+ errs = TRUE;
+ }
+
if (errs)
return 1;
tm = ltime();
if (keytype == DSA)
strftime(default_comment, 30, "dsa-key-%Y%m%d", &tm);
+ else if (keytype == ECDSA)
+ strftime(default_comment, 30, "ecdsa-key-%Y%m%d", &tm);
else
strftime(default_comment, 30, "rsa-key-%Y%m%d", &tm);
return 1;
}
random_add_heavynoise(entropy, bits / 8);
- memset(entropy, 0, bits/8);
+ smemclr(entropy, bits/8);
sfree(entropy);
if (keytype == DSA) {
ssh2key->data = dsskey;
ssh2key->alg = &ssh_dss;
ssh1key = NULL;
+ } else if (keytype == ECDSA) {
+ struct ec_key *ec = snew(struct ec_key);
+ ec_generate(ec, bits, progressfn, &prog);
+ ssh2key = snew(struct ssh2_userkey);
+ ssh2key->data = ec;
+ if (bits == 256) {
+ ssh2key->alg = &ssh_ecdsa_nistp256;
+ } else if (bits == 384) {
+ ssh2key->alg = &ssh_ecdsa_nistp384;
+ } else {
+ ssh2key->alg = &ssh_ecdsa_nistp521;
+ }
+ ssh1key = NULL;
} else {
struct RSAKey *rsakey = snew(struct RSAKey);
rsa_generate(rsakey, bits, progressfn, &prog);
}
ssh1key->comment = dupstr(origcomment);
ssh1key->private_exponent = NULL;
+ ssh1key->p = NULL;
+ ssh1key->q = NULL;
+ ssh1key->iqmp = NULL;
} else {
ret = loadrsakey(infilename, ssh1key, passphrase, &error);
}
if (!load_encrypted) {
ssh2blob = ssh2_userkey_loadpub(infilename, &ssh2alg,
&ssh2bloblen, NULL, &error);
- ssh2algf = find_pubkey_alg(ssh2alg);
- if (ssh2algf)
- bits = ssh2algf->pubkey_bits(ssh2blob, ssh2bloblen);
- else
- bits = -1;
+ if (ssh2blob) {
+ ssh2algf = find_pubkey_alg(ssh2alg);
+ if (ssh2algf)
+ bits = ssh2algf->pubkey_bits(ssh2blob, ssh2bloblen);
+ else
+ bits = -1;
+ }
} else {
ssh2key = ssh2_load_userkey(infilename, passphrase, &error);
}
return 1;
}
if (passphrase) {
- memset(passphrase, 0, strlen(passphrase));
+ smemclr(passphrase, strlen(passphrase));
sfree(passphrase);
}
passphrase = dupstr(p->prompts[0]->result);
case SSHCOM:
assert(sshver == 2);
assert(ssh2key);
+ random_ref(); /* both foreign key types require randomness,
+ * for IV or padding */
ret = export_ssh2(outfilename, outtype, ssh2key, passphrase);
if (!ret) {
fprintf(stderr, "puttygen: unable to export key\n");
}
if (passphrase) {
- memset(passphrase, 0, strlen(passphrase));
+ smemclr(passphrase, strlen(passphrase));
sfree(passphrase);
}