X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=cmdgen.c;h=80e69b5a7eaf331ef68232626a10009c6f5fbabd;hb=5904545cc18289541702da284b00490cb25a753e;hp=50f99f70183f41c884b4cdcd185bf0e11adf5b32;hpb=9ecfbee08f914001b1dc91937957be6021974e63;p=PuTTY.git

diff --git a/cmdgen.c b/cmdgen.c
index 50f99f70..80e69b5a 100644
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -102,6 +102,16 @@ void modalfatalbox(char *p, ...)
     cleanup_exit(1);
 }
 
+void nonfatal(char *p, ...)
+{
+    va_list ap;
+    fprintf(stderr, "ERROR: ");
+    va_start(ap, p);
+    vfprintf(stderr, p, ap);
+    va_end(ap);
+    fputc('\n', stderr);
+}
+
 /*
  * Stubs to let everything else link sensibly.
  */
@@ -118,10 +128,7 @@ void sk_cleanup(void)
 
 void showversion(void)
 {
-    char *verstr = dupstr(ver);
-    verstr[0] = tolower((unsigned char)verstr[0]);
-    printf("PuTTYgen %s\n", verstr);
-    sfree(verstr);
+    printf("puttygen: %s\n", ver);
 }
 
 void usage(int standalone)
@@ -258,7 +265,7 @@ int main(int argc, char **argv)
 {
     char *infile = NULL;
     Filename *infilename = NULL, *outfilename = NULL;
-    enum { NOKEYGEN, RSA1, RSA2, DSA } keytype = NOKEYGEN;    
+    enum { NOKEYGEN, RSA1, RSA2, DSA, ECDSA } keytype = NOKEYGEN;
     char *outfile = NULL, *outfiletmp = NULL;
     enum { PRIVATE, PUBLIC, PUBLICO, FP, OPENSSH, SSHCOM } outtype = PRIVATE;
     int bits = 2048;
@@ -430,6 +437,8 @@ int main(int argc, char **argv)
 			    keytype = RSA1, sshver = 1;
 			else if (!strcmp(p, "dsa") || !strcmp(p, "dss"))
 			    keytype = DSA, sshver = 2;
+                        else if (!strcmp(p, "ecdsa"))
+                            keytype = ECDSA, sshver = 2;
 			else {
 			    fprintf(stderr,
 				    "puttygen: unknown key type `%s'\n", p);
@@ -490,6 +499,11 @@ int main(int argc, char **argv)
 	}
     }
 
+    if (keytype == ECDSA && (bits != 256 && bits != 384 && bits != 521)) {
+        fprintf(stderr, "puttygen: invalid bits for ECDSA, choose 256, 384 or 521\n");
+        errs = TRUE;
+    }
+
     if (errs)
 	return 1;
 
@@ -656,6 +670,8 @@ int main(int argc, char **argv)
 	tm = ltime();
 	if (keytype == DSA)
 	    strftime(default_comment, 30, "dsa-key-%Y%m%d", &tm);
+        else if (keytype == ECDSA)
+            strftime(default_comment, 30, "ecdsa-key-%Y%m%d", &tm);
 	else
 	    strftime(default_comment, 30, "rsa-key-%Y%m%d", &tm);
 
@@ -667,7 +683,7 @@ int main(int argc, char **argv)
 	    return 1;
 	}
 	random_add_heavynoise(entropy, bits / 8);
-	memset(entropy, 0, bits/8);
+	smemclr(entropy, bits/8);
 	sfree(entropy);
 
 	if (keytype == DSA) {
@@ -677,6 +693,19 @@ int main(int argc, char **argv)
 	    ssh2key->data = dsskey;
 	    ssh2key->alg = &ssh_dss;
 	    ssh1key = NULL;
+        } else if (keytype == ECDSA) {
+            struct ec_key *ec = snew(struct ec_key);
+            ec_generate(ec, bits, progressfn, &prog);
+            ssh2key = snew(struct ssh2_userkey);
+            ssh2key->data = ec;
+            if (bits == 256) {
+                ssh2key->alg = &ssh_ecdsa_nistp256;
+            } else if (bits == 384) {
+                ssh2key->alg = &ssh_ecdsa_nistp384;
+            } else {
+                ssh2key->alg = &ssh_ecdsa_nistp521;
+            }
+            ssh1key = NULL;
 	} else {
 	    struct RSAKey *rsakey = snew(struct RSAKey);
 	    rsa_generate(rsakey, bits, progressfn, &prog);
@@ -766,6 +795,9 @@ int main(int argc, char **argv)
 		}
 		ssh1key->comment = dupstr(origcomment);
 		ssh1key->private_exponent = NULL;
+		ssh1key->p = NULL;
+		ssh1key->q = NULL;
+		ssh1key->iqmp = NULL;
 	    } else {
 		ret = loadrsakey(infilename, ssh1key, passphrase, &error);
 	    }
@@ -779,11 +811,13 @@ int main(int argc, char **argv)
 	    if (!load_encrypted) {
 		ssh2blob = ssh2_userkey_loadpub(infilename, &ssh2alg,
 						&ssh2bloblen, NULL, &error);
-		ssh2algf = find_pubkey_alg(ssh2alg);
-		if (ssh2algf)
-		    bits = ssh2algf->pubkey_bits(ssh2blob, ssh2bloblen);
-		else
-		    bits = -1;
+                if (ssh2blob) {
+                    ssh2algf = find_pubkey_alg(ssh2alg);
+                    if (ssh2algf)
+                        bits = ssh2algf->pubkey_bits(ssh2blob, ssh2bloblen);
+                    else
+                        bits = -1;
+                }
 	    } else {
 		ssh2key = ssh2_load_userkey(infilename, passphrase, &error);
 	    }
@@ -860,7 +894,7 @@ int main(int argc, char **argv)
 		return 1;
 	    }
 	    if (passphrase) {
-		memset(passphrase, 0, strlen(passphrase));
+		smemclr(passphrase, strlen(passphrase));
 		sfree(passphrase);
 	    }
 	    passphrase = dupstr(p->prompts[0]->result);
@@ -1022,6 +1056,8 @@ int main(int argc, char **argv)
       case SSHCOM:
 	assert(sshver == 2);
 	assert(ssh2key);
+	random_ref(); /* both foreign key types require randomness,
+                       * for IV or padding */
 	ret = export_ssh2(outfilename, outtype, ssh2key, passphrase);
 	if (!ret) {
 	    fprintf(stderr, "puttygen: unable to export key\n");
@@ -1035,7 +1071,7 @@ int main(int argc, char **argv)
     }
 
     if (passphrase) {
-	memset(passphrase, 0, strlen(passphrase));
+	smemclr(passphrase, strlen(passphrase));
 	sfree(passphrase);
     }