return line;
}
+#define DEFAULT_RSADSA_BITS 2048
+
int main(int argc, char **argv)
{
char *infile = NULL;
bits = 256;
break;
default:
- bits = 2048;
+ bits = DEFAULT_RSADSA_BITS;
break;
}
}
fprintf(stderr, "puttygen: cannot generate %s keys shorter than"
" 256 bits\n", (keytype == DSA ? "DSA" : "RSA"));
errs = TRUE;
+ } else if (bits < DEFAULT_RSADSA_BITS) {
+ fprintf(stderr, "puttygen: warning: %s keys shorter than"
+ " %d bits are probably not secure\n",
+ (keytype == DSA ? "DSA" : "RSA"), DEFAULT_RSADSA_BITS);
+ /* but this is just a warning, so proceed anyway */
}
}
} else if (IsDlgButtonChecked(hwnd, IDC_KEYSSH2ED25519)) {
state->keytype = ED25519;
}
+
if ((state->keytype == RSA || state->keytype == DSA) &&
state->key_bits < 256) {
char *message = dupprintf
break;
state->key_bits = DEFAULT_KEY_BITS;
SetDlgItemInt(hwnd, IDC_BITS, DEFAULT_KEY_BITS, FALSE);
- }
+ } else if ((state->keytype == RSA || state->keytype == DSA) &&
+ state->key_bits < DEFAULT_KEY_BITS) {
+ char *message = dupprintf
+ ("Keys shorter than %d bits are not recommended. "
+ "Really generate this key?", DEFAULT_KEY_BITS);
+ int ret = MessageBox(hwnd, message, "PuTTYgen Warning",
+ MB_ICONWARNING | MB_OKCANCEL);
+ sfree(message);
+ if (ret != IDOK)
+ break;
+ }
+
ui_set_state(hwnd, state, 1);
SetDlgItemText(hwnd, IDC_GENERATING, entropy_msg);
state->key_exists = FALSE;