Warn about short RSA/DSA keys in PuTTYgen.

It's only a warning; Windows PuTTYgen puts it up as a message box, and
will still generate the key if you click yes, and Unix PuTTYgen just
prints the warning and gets on with generation anyway. But it might
help encourage people to move away from 1024-bit keys, if they're
still using them.

diff --git a/cmdgen.c b/cmdgen.c
index 94ce49eaaebc190c37add9b6050fdc9ba1fe1d42..265e5adc1ac9e450927100a6da5a7a2bce7333d5 100644 (file)
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -223,6 +223,8 @@ static char *readpassphrase(const char *filename)
     return line;
 }
 
+#define DEFAULT_RSADSA_BITS 2048
+
 int main(int argc, char **argv)
 {
     char *infile = NULL;
@@ -500,7 +502,7 @@ int main(int argc, char **argv)
             bits = 256;
             break;
           default:
-            bits = 2048;
+            bits = DEFAULT_RSADSA_BITS;
             break;
         }
     }
@@ -520,6 +522,11 @@ int main(int argc, char **argv)
             fprintf(stderr, "puttygen: cannot generate %s keys shorter than"
                     " 256 bits\n", (keytype == DSA ? "DSA" : "RSA"));
             errs = TRUE;
+        } else if (bits < DEFAULT_RSADSA_BITS) {
+            fprintf(stderr, "puttygen: warning: %s keys shorter than"
+                    " %d bits are probably not secure\n",
+                    (keytype == DSA ? "DSA" : "RSA"), DEFAULT_RSADSA_BITS);
+            /* but this is just a warning, so proceed anyway */
         }
     }
 

diff --git a/windows/winpgen.c b/windows/winpgen.c
index c4f3d57f9ca7e82bf016774944bf936e32774468..277c09143134b36a73eec0d19e24ef1f8ca59ade 100644 (file)
--- a/windows/winpgen.c
+++ b/windows/winpgen.c
@@ -1115,6 +1115,7 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
                 } else if (IsDlgButtonChecked(hwnd, IDC_KEYSSH2ED25519)) {
                     state->keytype = ED25519;
                 }
+
                if ((state->keytype == RSA || state->keytype == DSA) &&
                     state->key_bits < 256) {
                     char *message = dupprintf
@@ -1128,7 +1129,18 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
                        break;
                    state->key_bits = DEFAULT_KEY_BITS;
                    SetDlgItemInt(hwnd, IDC_BITS, DEFAULT_KEY_BITS, FALSE);
-               }
+               } else if ((state->keytype == RSA || state->keytype == DSA) &&
+                           state->key_bits < DEFAULT_KEY_BITS) {
+                    char *message = dupprintf
+                        ("Keys shorter than %d bits are not recommended. "
+                         "Really generate this key?", DEFAULT_KEY_BITS);
+                   int ret = MessageBox(hwnd, message, "PuTTYgen Warning",
+                                        MB_ICONWARNING | MB_OKCANCEL);
+                    sfree(message);
+                   if (ret != IDOK)
+                       break;
+                }
+
                ui_set_state(hwnd, state, 1);
                SetDlgItemText(hwnd, IDC_GENERATING, entropy_msg);
                state->key_exists = FALSE;