pki: ssh_pki_generate
for both gcrypt and openssl
Этот коммит содержится в:
родитель
21d68112b8
Коммит
e38f2f933b
@ -456,6 +456,8 @@ LIBSSH_API enum ssh_keytypes_e ssh_key_type_from_name(const char *name);
|
||||
LIBSSH_API int ssh_key_is_public(const ssh_key k);
|
||||
LIBSSH_API int ssh_key_is_private(const ssh_key k);
|
||||
|
||||
LIBSSH_API int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
|
||||
ssh_key *pkey);
|
||||
LIBSSH_API int ssh_pki_import_privkey_base64(const char *b64_key,
|
||||
const char *passphrase,
|
||||
ssh_auth_callback auth_fn,
|
||||
|
@ -34,6 +34,8 @@ void _ssh_pki_log(const char *function,
|
||||
|
||||
/* SSH Key Functions */
|
||||
ssh_key pki_key_dup(const ssh_key key, int demote);
|
||||
int pki_key_generate_rsa(ssh_key key, int parameter);
|
||||
int pki_key_generate_dss(ssh_key key, int parameter);
|
||||
|
||||
/* SSH Private Key Functions */
|
||||
enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey);
|
||||
|
43
src/pki.c
43
src/pki.c
@ -789,6 +789,49 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
|
||||
return rc;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Generates a keypair.
|
||||
* @param[in] type Type of key to create
|
||||
* @param[in] parameter Parameter to the creation of key:
|
||||
* rsa : length of the key in bits (e.g. 1024, 2048, 4096)
|
||||
* dsa : length of the key in bits (e.g. 1024, 2048, 3072)
|
||||
* ecdsa : not implemented
|
||||
* @param[out] pkey A pointer to store the private key. You need to free the
|
||||
* memory.
|
||||
* @return SSH_OK on success, SSH_ERROR on error.
|
||||
* @warning Generating a key pair may take some time.
|
||||
*/
|
||||
|
||||
int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
|
||||
ssh_key *pkey){
|
||||
int rc;
|
||||
ssh_key key = ssh_key_new();
|
||||
switch(type){
|
||||
case SSH_KEYTYPE_RSA:
|
||||
case SSH_KEYTYPE_RSA1:
|
||||
rc = pki_key_generate_rsa(key, parameter);
|
||||
if(rc == SSH_ERROR)
|
||||
goto error;
|
||||
break;
|
||||
case SSH_KEYTYPE_DSS:
|
||||
rc = pki_key_generate_dss(key, parameter);
|
||||
if(rc == SSH_ERROR)
|
||||
goto error;
|
||||
break;
|
||||
case SSH_KEYTYPE_ECDSA:
|
||||
case SSH_KEYTYPE_UNKNOWN:
|
||||
goto error;
|
||||
}
|
||||
key->type = type;
|
||||
key->type_c = ssh_key_type_to_char(type);
|
||||
key->flags = SSH_KEY_FLAG_PRIVATE | SSH_KEY_FLAG_PUBLIC;
|
||||
*pkey = key;
|
||||
return SSH_OK;
|
||||
error:
|
||||
ssh_key_free(key);
|
||||
return SSH_ERROR;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Create a public key from a private key.
|
||||
*
|
||||
|
@ -244,6 +244,29 @@ fail:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int pki_key_generate_rsa(ssh_key key, int parameter){
|
||||
key->rsa = RSA_generate_key(parameter, 65537, NULL, NULL);
|
||||
if(key->rsa == NULL)
|
||||
return SSH_ERROR;
|
||||
return SSH_OK;
|
||||
}
|
||||
|
||||
int pki_key_generate_dss(ssh_key key, int parameter){
|
||||
int rc;
|
||||
key->dsa = DSA_generate_parameters(parameter, NULL, 0, NULL, NULL,
|
||||
NULL, NULL);
|
||||
if(key->dsa == NULL){
|
||||
return SSH_ERROR;
|
||||
}
|
||||
rc = DSA_generate_key(key->dsa);
|
||||
if (rc != 1){
|
||||
DSA_free(key->dsa);
|
||||
key->dsa=NULL;
|
||||
return SSH_ERROR;
|
||||
}
|
||||
return SSH_OK;
|
||||
}
|
||||
|
||||
ssh_key pki_private_key_from_base64(const char *b64_key,
|
||||
const char *passphrase,
|
||||
ssh_auth_callback auth_fn,
|
||||
|
@ -966,6 +966,33 @@ fail:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static int pki_key_generate(ssh_key key, int parameter, const char *type_s, int type){
|
||||
gcry_sexp_t parms;
|
||||
int rc;
|
||||
rc = gcry_sexp_build(&parms,
|
||||
NULL,
|
||||
"(genkey(%s(nbits %d)(transient-key)))",
|
||||
type_s,
|
||||
parameter);
|
||||
if (rc != 0)
|
||||
return SSH_ERROR;
|
||||
if(type == SSH_KEYTYPE_RSA)
|
||||
rc = gcry_pk_genkey(&key->rsa, parms);
|
||||
else
|
||||
rc = gcry_pk_genkey(&key->dsa, parms);
|
||||
gcry_sexp_release(parms);
|
||||
if (rc != 0)
|
||||
return SSH_ERROR;
|
||||
return SSH_OK;
|
||||
}
|
||||
|
||||
int pki_key_generate_rsa(ssh_key key, int parameter){
|
||||
return pki_key_generate(key, parameter, "rsa", SSH_KEYTYPE_RSA);
|
||||
}
|
||||
int pki_key_generate_dss(ssh_key key, int parameter){
|
||||
return pki_key_generate(key, parameter, "dsa", SSH_KEYTYPE_DSS);
|
||||
}
|
||||
|
||||
ssh_string pki_publickey_to_blob(const ssh_key key)
|
||||
{
|
||||
ssh_buffer buffer;
|
||||
|
Загрузка…
Ссылка в новой задаче
Block a user