void SshKeyGenerator::generateOpenSslPrivateKeyString(const KeyPtr &key) { QList<BigInt> params; QByteArray keyId; const char *label; if (m_type == Rsa) { const QSharedPointer<RSA_PrivateKey> rsaKey = key.dynamicCast<RSA_PrivateKey>(); params << rsaKey->get_n() << rsaKey->get_e() << rsaKey->get_d() << rsaKey->get_p() << rsaKey->get_q(); keyId = SshCapabilities::PubKeyRsa; label = "RSA PRIVATE KEY"; } else { const QSharedPointer<DSA_PrivateKey> dsaKey = key.dynamicCast<DSA_PrivateKey>(); params << dsaKey->group_p() << dsaKey->group_q() << dsaKey->group_g() << dsaKey->get_y() << dsaKey->get_x(); keyId = SshCapabilities::PubKeyDss; label = "DSA PRIVATE KEY"; } DER_Encoder encoder; encoder.start_cons(SEQUENCE).encode(0U); foreach (const BigInt &b, params) encoder.encode(b); encoder.end_cons(); m_privateKey = QByteArray(PEM_Code::encode (encoder.get_contents(), label).c_str()); }
/** * Serialize a Certificate Request message */ std::vector<byte> Certificate_Req::serialize() const { std::vector<byte> buf; std::vector<byte> cert_types; for(size_t i = 0; i != m_cert_key_types.size(); ++i) cert_types.push_back(cert_type_name_to_code(m_cert_key_types[i])); append_tls_length_value(buf, cert_types, 1); if(!m_supported_algos.empty()) buf += Signature_Algorithms(m_supported_algos).serialize(); std::vector<byte> encoded_names; for(size_t i = 0; i != m_names.size(); ++i) { DER_Encoder encoder; encoder.encode(m_names[i]); append_tls_length_value(encoded_names, encoder.get_contents(), 2); } append_tls_length_value(buf, encoded_names, 2); return buf; }
bool SshKeyGenerator::generateOpenSslKeys(const KeyPtr &key) { QList<BigInt> publicParams; QList<BigInt> allParams; QByteArray keyId; if (m_type == Rsa) { const QSharedPointer<RSA_PrivateKey> rsaKey = key.dynamicCast<RSA_PrivateKey>(); publicParams << rsaKey->get_e() << rsaKey->get_n(); allParams << rsaKey->get_n() << rsaKey->get_e() << rsaKey->get_d() << rsaKey->get_p() << rsaKey->get_q(); keyId = SshCapabilities::PubKeyRsa; } else { const QSharedPointer<DSA_PrivateKey> dsaKey = key.dynamicCast<DSA_PrivateKey>(); publicParams << dsaKey->group_p() << dsaKey->group_q() << dsaKey->group_g() << dsaKey->get_y(); allParams << publicParams << dsaKey->get_x(); keyId = SshCapabilities::PubKeyDss; } QByteArray publicKeyBlob = AbstractSshPacket::encodeString(keyId); foreach (const BigInt &b, publicParams) publicKeyBlob += AbstractSshPacket::encodeMpInt(b); publicKeyBlob = publicKeyBlob.toBase64(); const QByteArray id = "QtCreator/" + QDateTime::currentDateTime().toString(Qt::ISODate).toUtf8(); m_publicKey = keyId + ' ' + publicKeyBlob + ' ' + id; DER_Encoder encoder; encoder.start_cons(SEQUENCE).encode (0U); foreach (const BigInt &b, allParams) encoder.encode(b); encoder.end_cons(); const char * const label = m_type == Rsa ? "RSA PRIVATE KEY" : "DSA PRIVATE KEY"; m_privateKey = QByteArray(PEM_Code::encode (encoder.get_contents(), label).c_str()); return true; }
void SshKeyGenerator::generateOpenSslPrivateKeyString(const KeyPtr &key) { QList<BigInt> params; const char *label = ""; switch (m_type) { case Rsa: { const QSharedPointer<RSA_PrivateKey> rsaKey = key.dynamicCast<RSA_PrivateKey>(); params << rsaKey->get_n() << rsaKey->get_e() << rsaKey->get_d() << rsaKey->get_p() << rsaKey->get_q(); const BigInt dmp1 = rsaKey->get_d() % (rsaKey->get_p() - 1); const BigInt dmq1 = rsaKey->get_d() % (rsaKey->get_q() - 1); const BigInt iqmp = inverse_mod(rsaKey->get_q(), rsaKey->get_p()); params << dmp1 << dmq1 << iqmp; label = "RSA PRIVATE KEY"; break; } case Dsa: { const QSharedPointer<DSA_PrivateKey> dsaKey = key.dynamicCast<DSA_PrivateKey>(); params << dsaKey->group_p() << dsaKey->group_q() << dsaKey->group_g() << dsaKey->get_y() << dsaKey->get_x(); label = "DSA PRIVATE KEY"; break; } case Ecdsa: params << key.dynamicCast<ECDSA_PrivateKey>()->private_value(); label = "EC PRIVATE KEY"; break; } DER_Encoder encoder; encoder.start_cons(SEQUENCE).encode(size_t(0)); foreach (const BigInt &b, params) encoder.encode(b); encoder.end_cons(); m_privateKey = QByteArray(PEM_Code::encode (encoder.get_contents(), label).c_str()); }
bool ne7ssh_keys::generateRSAKeys (const char* fqdn, const char* privKeyFileName, const char* pubKeyFileName, uint16 keySize) { RSA_PrivateKey *rsaPrivKey; BigInt e, n, d, p, q; BigInt dmp1, dmq1, iqmp; ne7ssh_string pubKeyBlob; FILE *privKeyFile, *pubKeyFile; std::string privKeyEncoded; DER_Encoder encoder; if (keySize > MAX_KEYSIZE) { ne7ssh::errors()->push (-1, "Specified key size: '%i' is larger than allowed maximum.", keySize); return false; } if (keySize < 1024) { ne7ssh::errors()->push (-1, "Key Size: '%i' is too small. Use at least 1024 key size for RSA keys.", keySize); return false; } #if BOTAN_PRE_18 || BOTAN_PRE_15 rsaPrivKey = new RSA_PrivateKey (keySize); #else rsaPrivKey = new RSA_PrivateKey (*ne7ssh::rng, keySize); #endif privKeyFile = fopen (privKeyFileName, "w"); e = rsaPrivKey->get_e(); n = rsaPrivKey->get_n(); d = rsaPrivKey->get_d(); p = rsaPrivKey->get_p(); q = rsaPrivKey->get_q(); dmp1 = d % (p - 1); dmq1 = d % (q - 1); iqmp = inverse_mod (q, p); pubKeyBlob.addString ("ssh-rsa"); pubKeyBlob.addBigInt (e); pubKeyBlob.addBigInt (n); Pipe base64it (new Base64_Encoder); base64it.process_msg(pubKeyBlob.value()); SecureVector<Botan::byte> pubKeyBase64 = base64it.read_all (PIPE_DEFAULT_MESSAGE); pubKeyFile = fopen (pubKeyFileName, "w"); if (!pubKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where public key is stored. Filename: %s", pubKeyFileName); delete rsaPrivKey; return false; } if ((!fwrite ("ssh-rsa ", 8, 1, pubKeyFile)) || (!fwrite (pubKeyBase64.begin(), (size_t) pubKeyBase64.size(), 1, pubKeyFile)) || (!fwrite (" ", 1, 1, pubKeyFile)) || (!fwrite (fqdn, strlen(fqdn), 1, pubKeyFile)) || (!fwrite ("\n", 1, 1, pubKeyFile))) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", pubKeyFileName); delete rsaPrivKey; return false; } fclose (pubKeyFile); #if (BOTAN_PRE_15) encoder.start_sequence(); DER::encode (encoder, 0U); DER::encode (encoder, n); DER::encode (encoder, e); DER::encode (encoder, d); DER::encode (encoder, p); DER::encode (encoder, q); DER::encode (encoder, dmp1); DER::encode (encoder, dmq1); DER::encode (encoder, iqmp); encoder.end_sequence(); privKeyEncoded = PEM_Code::encode (encoder.get_contents(), "RSA PRIVATE KEY"); #else privKeyEncoded = PEM_Code::encode ( DER_Encoder().start_cons (SEQUENCE) .encode(0U) .encode(n) .encode(e) .encode(d) .encode(p) .encode(q) .encode(dmp1) .encode(dmq1) .encode(iqmp) .end_cons() .get_contents(), "RSA PRIVATE KEY"); #endif if (!privKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where the private key is stored. Filename: %s.", privKeyFileName); delete rsaPrivKey; return false; } if (!fwrite (privKeyEncoded.c_str(), privKeyEncoded.length(), 1, privKeyFile)) { ne7ssh::errors()->push (-1, "IO error while writting to file: %s.", privKeyFileName); delete rsaPrivKey; return false; } fclose (privKeyFile); delete rsaPrivKey; return true; }
bool ne7ssh_keys::generateDSAKeys (const char* fqdn, const char* privKeyFileName, const char* pubKeyFileName, uint16 keySize) { DER_Encoder encoder; BigInt p, q, g, y, x; ne7ssh_string pubKeyBlob; FILE *privKeyFile, *pubKeyFile; std::string privKeyEncoded; if (keySize != 1024) { ne7ssh::errors()->push (-1, "DSA keys must be 1024 bits."); return false; } #if BOTAN_PRE_18 || BOTAN_PRE_15 DL_Group dsaGroup (keySize, DL_Group::DSA_Kosherizer); DSA_PrivateKey privDsaKey (dsaGroup); #else DL_Group dsaGroup (*ne7ssh::rng, Botan::DL_Group::DSA_Kosherizer, keySize); DSA_PrivateKey privDsaKey (*ne7ssh::rng, dsaGroup); #endif DSA_PublicKey pubDsaKey = privDsaKey; p = dsaGroup.get_p(); q = dsaGroup.get_q(); g = dsaGroup.get_g(); y = pubDsaKey.get_y(); x = privDsaKey.get_x(); pubKeyBlob.addString ("ssh-dss"); pubKeyBlob.addBigInt (p); pubKeyBlob.addBigInt (q); pubKeyBlob.addBigInt (g); pubKeyBlob.addBigInt (y); Pipe base64it (new Base64_Encoder); base64it.process_msg(pubKeyBlob.value()); SecureVector<Botan::byte> pubKeyBase64 = base64it.read_all (PIPE_DEFAULT_MESSAGE); pubKeyFile = fopen (pubKeyFileName, "w"); if (!pubKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where public key is stored. Filename: %s", pubKeyFileName); return false; } if ((!fwrite ("ssh-dss ", 8, 1, pubKeyFile)) || (!fwrite (pubKeyBase64.begin(), (size_t) pubKeyBase64.size(), 1, pubKeyFile)) || (!fwrite (" ", 1, 1, pubKeyFile)) || (!fwrite (fqdn, strlen(fqdn), 1, pubKeyFile)) || (!fwrite ("\n", 1, 1, pubKeyFile))) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", pubKeyFileName); return false; } fclose (pubKeyFile); #if BOTAN_PRE_15 encoder.start_sequence(); DER::encode (encoder, 0U); DER::encode (encoder, p); DER::encode (encoder, q); DER::encode (encoder, g); DER::encode (encoder, y); DER::encode (encoder, x); encoder.end_sequence(); #else encoder.start_cons(SEQUENCE) .encode (0U) .encode (p) .encode (q) .encode (g) .encode (y) .encode (x) .end_cons(); #endif privKeyEncoded = PEM_Code::encode (encoder.get_contents(), "DSA PRIVATE KEY"); privKeyFile = fopen (privKeyFileName, "w"); if (!privKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where private key is stored. Filename: %s", privKeyFileName); return false; } if (!fwrite (privKeyEncoded.c_str(), (size_t) privKeyEncoded.length(), 1, privKeyFile)) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", privKeyFileName); return false; } fclose (privKeyFile); // delete dsaGroup; return true; }