bool ne7ssh_keys::generateRSAKeys (const char* fqdn, const char* privKeyFileName, const char* pubKeyFileName, uint16 keySize) { RSA_PrivateKey *rsaPrivKey; BigInt e, n, d, p, q; BigInt dmp1, dmq1, iqmp; ne7ssh_string pubKeyBlob; FILE *privKeyFile, *pubKeyFile; std::string privKeyEncoded; DER_Encoder encoder; if (keySize > MAX_KEYSIZE) { ne7ssh::errors()->push (-1, "Specified key size: '%i' is larger than allowed maximum.", keySize); return false; } if (keySize < 1024) { ne7ssh::errors()->push (-1, "Key Size: '%i' is too small. Use at least 1024 key size for RSA keys.", keySize); return false; } #if BOTAN_PRE_18 || BOTAN_PRE_15 rsaPrivKey = new RSA_PrivateKey (keySize); #else rsaPrivKey = new RSA_PrivateKey (*ne7ssh::rng, keySize); #endif privKeyFile = fopen (privKeyFileName, "w"); e = rsaPrivKey->get_e(); n = rsaPrivKey->get_n(); d = rsaPrivKey->get_d(); p = rsaPrivKey->get_p(); q = rsaPrivKey->get_q(); dmp1 = d % (p - 1); dmq1 = d % (q - 1); iqmp = inverse_mod (q, p); pubKeyBlob.addString ("ssh-rsa"); pubKeyBlob.addBigInt (e); pubKeyBlob.addBigInt (n); Pipe base64it (new Base64_Encoder); base64it.process_msg(pubKeyBlob.value()); SecureVector<Botan::byte> pubKeyBase64 = base64it.read_all (PIPE_DEFAULT_MESSAGE); pubKeyFile = fopen (pubKeyFileName, "w"); if (!pubKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where public key is stored. Filename: %s", pubKeyFileName); delete rsaPrivKey; return false; } if ((!fwrite ("ssh-rsa ", 8, 1, pubKeyFile)) || (!fwrite (pubKeyBase64.begin(), (size_t) pubKeyBase64.size(), 1, pubKeyFile)) || (!fwrite (" ", 1, 1, pubKeyFile)) || (!fwrite (fqdn, strlen(fqdn), 1, pubKeyFile)) || (!fwrite ("\n", 1, 1, pubKeyFile))) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", pubKeyFileName); delete rsaPrivKey; return false; } fclose (pubKeyFile); #if (BOTAN_PRE_15) encoder.start_sequence(); DER::encode (encoder, 0U); DER::encode (encoder, n); DER::encode (encoder, e); DER::encode (encoder, d); DER::encode (encoder, p); DER::encode (encoder, q); DER::encode (encoder, dmp1); DER::encode (encoder, dmq1); DER::encode (encoder, iqmp); encoder.end_sequence(); privKeyEncoded = PEM_Code::encode (encoder.get_contents(), "RSA PRIVATE KEY"); #else privKeyEncoded = PEM_Code::encode ( DER_Encoder().start_cons (SEQUENCE) .encode(0U) .encode(n) .encode(e) .encode(d) .encode(p) .encode(q) .encode(dmp1) .encode(dmq1) .encode(iqmp) .end_cons() .get_contents(), "RSA PRIVATE KEY"); #endif if (!privKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where the private key is stored. Filename: %s.", privKeyFileName); delete rsaPrivKey; return false; } if (!fwrite (privKeyEncoded.c_str(), privKeyEncoded.length(), 1, privKeyFile)) { ne7ssh::errors()->push (-1, "IO error while writting to file: %s.", privKeyFileName); delete rsaPrivKey; return false; } fclose (privKeyFile); delete rsaPrivKey; return true; }
bool ne7ssh_keys::generateDSAKeys (const char* fqdn, const char* privKeyFileName, const char* pubKeyFileName, uint16 keySize) { DER_Encoder encoder; BigInt p, q, g, y, x; ne7ssh_string pubKeyBlob; FILE *privKeyFile, *pubKeyFile; std::string privKeyEncoded; if (keySize != 1024) { ne7ssh::errors()->push (-1, "DSA keys must be 1024 bits."); return false; } #if BOTAN_PRE_18 || BOTAN_PRE_15 DL_Group dsaGroup (keySize, DL_Group::DSA_Kosherizer); DSA_PrivateKey privDsaKey (dsaGroup); #else DL_Group dsaGroup (*ne7ssh::rng, Botan::DL_Group::DSA_Kosherizer, keySize); DSA_PrivateKey privDsaKey (*ne7ssh::rng, dsaGroup); #endif DSA_PublicKey pubDsaKey = privDsaKey; p = dsaGroup.get_p(); q = dsaGroup.get_q(); g = dsaGroup.get_g(); y = pubDsaKey.get_y(); x = privDsaKey.get_x(); pubKeyBlob.addString ("ssh-dss"); pubKeyBlob.addBigInt (p); pubKeyBlob.addBigInt (q); pubKeyBlob.addBigInt (g); pubKeyBlob.addBigInt (y); Pipe base64it (new Base64_Encoder); base64it.process_msg(pubKeyBlob.value()); SecureVector<Botan::byte> pubKeyBase64 = base64it.read_all (PIPE_DEFAULT_MESSAGE); pubKeyFile = fopen (pubKeyFileName, "w"); if (!pubKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where public key is stored. Filename: %s", pubKeyFileName); return false; } if ((!fwrite ("ssh-dss ", 8, 1, pubKeyFile)) || (!fwrite (pubKeyBase64.begin(), (size_t) pubKeyBase64.size(), 1, pubKeyFile)) || (!fwrite (" ", 1, 1, pubKeyFile)) || (!fwrite (fqdn, strlen(fqdn), 1, pubKeyFile)) || (!fwrite ("\n", 1, 1, pubKeyFile))) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", pubKeyFileName); return false; } fclose (pubKeyFile); #if BOTAN_PRE_15 encoder.start_sequence(); DER::encode (encoder, 0U); DER::encode (encoder, p); DER::encode (encoder, q); DER::encode (encoder, g); DER::encode (encoder, y); DER::encode (encoder, x); encoder.end_sequence(); #else encoder.start_cons(SEQUENCE) .encode (0U) .encode (p) .encode (q) .encode (g) .encode (y) .encode (x) .end_cons(); #endif privKeyEncoded = PEM_Code::encode (encoder.get_contents(), "DSA PRIVATE KEY"); privKeyFile = fopen (privKeyFileName, "w"); if (!privKeyFile) { ne7ssh::errors()->push (-1, "Cannot open file where private key is stored. Filename: %s", privKeyFileName); return false; } if (!fwrite (privKeyEncoded.c_str(), (size_t) privKeyEncoded.length(), 1, privKeyFile)) { ne7ssh::errors()->push (-1, "I/O error while writting to file: %s.", privKeyFileName); return false; } fclose (privKeyFile); // delete dsaGroup; return true; }